摘要: 随着免密支付在电商交易中的广泛应用，其在提升支付效率的同时也引发了授权不明、账户盗刷、平台责任界定不清、维权途径单一等法律问题。本文聚焦于第三方支付平台在免密支付中的安全保障义务，从约定义务与法定义务两方面分析其义务来源，包括风险告知义务、身份验证义务、交易监控义务、信息保护义务及纠纷处理义务等具体内容。针对当前存在的授权不明、责任不清、消费者知情权弱化等问题，提出应从明确平台责任边界、强化技术安全措施、完善法律法规与监管机制三个层面构建“法律–技术–监管”协同治理路径，以实现支付效率与交易安全的平衡，推动免密支付行业在法治轨道上健康有序发展。

Abstract: While the widespread adoption of password-free payment in e-commerce transactions enhances payment efficiency, it has also triggered legal issues such as ambiguous authorization, account theft, unclear definition of platform liability, and limited recourse channels for users. This paper focuses on the security safeguard obligations of third-party payment platforms in password-free payments. It analyzes the sources of these obligations from both contractual and statutory perspectives, encompassing specific duties such as risk notification, identity verification, transaction monitoring, information protection, and dispute resolution. In response to existing problems including unclear authorization, ill-defined responsibilities, and the weakening of consumers’ right to informed consent, the paper proposes a synergistic governance approach integrating “law-technology-regulation”. This is to be achieved by clarifying the boundaries of platform liability, strengthening technical security measures, and improving the legal framework and regulatory mechanisms. The ultimate aim is to strike a balance between payment efficiency and transaction security, thereby fostering the healthy and orderly development of the password-free payment industry within a legal framework.