Tuesday, December 9, 2008

Merchant Risk Council 2009 e-Commerce Conference

Merchant Risk Council Unveils Agenda for 2009 e-Commerce Conference

(Seattle, WA—December 9, 2008) The Merchant Risk Council (MRC) is pleased to announce the agenda for its 7th Annual e-Commerce Payments and Risk Conference at the Wynn Las Vegas Resort on March 10-12, 2009. The conference unites the world’s top multi-channel and Internet merchants, alternative payment providers, credit card companies, risk management providers, law enforcement agencies and various consultants and educators.

The primary themes of the 2009 conference are: Fighting New Patterns of Fraud and Cybercrime; Emerging Risk Management Trends; and Global Online Payment Strategies.

“We have assembled an all-star group of speakers and the most comprehensive agenda in addressing the pressing concerns for online merchants,” said MRC Board Chairman, Tom Sullivan, Expedia, Inc. “This conference lineup expands well beyond the traditional topics of fraud and lost revenue.” Sullivan adds, “As the issues of global electronic commerce are becoming more complex, the MRC Annual Conference is evolving to address these emerging issues.”

The general conference, sponsored by Chase Paymentech, contains 26 unique sessions, including:

  • - A Community-based Approach to Fraud Management
  • - Criminal Diversification: A Look at the Emerging Strategies of Cybercrime
  • - Geolocation as a Risk Management Tool
  • - Global Risk Management Trends and Solutions
  • - Internet Bank Payments Coming of Age
  • - Managing Risk to Maximize Revenue
  • - Optimizing Automation to Increase Fraud Team Productivity
  • - Payments as a Business Strategy
  • - PCI Security Standards Council
  • - Understanding the Dynamics of Chinese and Asian Markets
  • - The Value of Social Media: Becoming the Conversation Architects
  • - A Window into Fraud: Visualizing Evolving and Emerging Patterns

Travelocity.com founder Terry Jones will be delivering the opening keynote speech focusing on the business of innovation. Terry will share his unique perspectives on how companies can cultivate new ideals, as well as nurture the organizational structures, funding policies and team members required for success.

The conference’s closing keynote will be delivered by Dateline NBC correspondent Chris Hansen. The award-winning investigative reporter and host of the long-running ‘To Catch a Predator’ series will share his findings on the rapidly maturing underworld of cybercrime.

For the full conference agenda, registration or exhibition information, please visit the MRC website at www.merchantriskcouncil.org.

About the Merchant Risk Council

The Merchant Risk Council (MRC) is a merchant-led trade association focused on electronic commerce risk and payments globally. The MRC leads industry networking, education and advocacy programs to make electronic commerce more efficient, safe and profitable.

Today, with over 7,500 members, the MRC is the leading trade association for managing payments, preventing online fraud and promoting secure e-Commerce. The MRC is dedicated to working with e-Commerce and multi-channel merchants, credit card issuers, credit card companies, risk management providers, and law enforcement to make the Internet a safer and more profitable place to do business.

The MRC Board of Directors and Advisors includes: Expedia, Inc., Adobe Systems, Inc., Neiman Marcus Direct, Apple, BestBuy.com, Bill Me Later, Blizzard Entertainment, Chase Paymentech, CyberSource Corporation, Dell, Inc., Discover Network, 41st Parameter, Gap, Inc. Direct, iovation, Microsoft, Trustwave, and Visa, Inc.

The MRC is headquartered in Seattle, Washington.

# # #
Reblog this post [with Zemanta]

Payments, Software and PCI

Digital Transaction News posted an interesting article regarding Payment Application data-security standard or PA-DSS and it's affect on software vendors in the payments industry.   Sure, it can cost a lot to get PCI certified, but money is secondary, the primary focus is on the security of the application.   It will be interesting to watch the effect PA-DSS has on the payments industry over the course of the next 7 months...

"The steady march toward more secure payment-processing software is likely to force many—possibly thousands—of small software vendors out of the market of serving merchants and card processors. These vendors will find it too expensive to upgrade their existing point-of-sale and related applications to meet specifications set forth in the new Payment Application data-security standard, or PA-DSS, according David Taylor, founder of the Stamford, Conn.-based PCI Knowledge Base consulting firm.

Taylor held a Webinar on Wednesday about the impact of PA-DSS on vendors, merchants, and the payments market in general. PA-DSS is the name of Visa Inc.’s former Payment Application Best Practices (PABP), a set of guidelines for protecting data that flow through software in POS terminals and other card-processing settings. The PCI Security Standards Council adopted PABP in October, renaming the guidelines PA-DSS and applying them to the other major card networks—MasterCard Inc., Discover Financial Services, American Express Co., and JCB. The Wakefield, Mass.-based PCI Council administers the Payment Card Industry data-security standard, or PCI, the overarching set of rules for securing credit and debit card data.

Merchant acquirers must ensure by July 1, 2010 that their merchants and third-party processors are using only applications that meet PA-DSS pecifications. That deadline is one reason vendors are furiously developing new applications or trying to fortify existing versions."  
continue reading at Digital Transaction News

Reblog this post [with Zemanta]

CheckFree Not HackFree 2

Digging Deeper Into the CheckFree Attack
Last week I featured an article from Brian Krebs of the Washington Post regarding Fiserv's CheckFree website being hacked or at the very least "webjacked".   "CheckFree Not HackFree!"

Yesterday, Mr. Krebs took a closer look  at the attack which experts are saying will become "more common" in 2009,   Here's a snippet...

The hijacking of the nation's largest e-bill payment system this week offers a glimpse of an attack that experts say is likely to become more common in 2009.

Atlanta based CheckFree acknowledged Wednesday that hackers had, for several hours, redirected visitors to its customer login page to a Web site in Ukraine that tried to install password-stealing software.

While this attack garnered few headlines, there are clues that suggest it may have affected a large number of people. CheckFree claims that more than 24 million people use its services. Avivah Litan, a fraud analyst with Gartner Inc., said CheckFree controls between 70 to 80 percent of the U.S. online bill pay market. Among the 330 kinds of bills consumers can pay through CheckFree are military credit accounts, utility bills, insurance payments, mortgage and loan payments.  (continue reading)

Reblog this post [with Zemanta]

Top 10 Risks to Banks in 2009

In an article written by Linda McGlasson, the Managing Editor of Bank Info Security, she takes a look at the 10 Greatest Risks to Banks in 2009. 
1. ATM Network Fraud

According to Paul Kocher, president and chief scientist of Cryptography Research Institute, the number one area that institutions will see fraud growing over the next year is in ATM networks.

"When the criminal gets access to magnetic stripe data and associated PIN values, they are then able to create cards, and basically then it's a license to print money," Kocher explains.

Another problem for institutions is that their ability to perform risk management is significantly less on an ATM network than online transactions. "This is because the ATM delivers the goods to the consumer immediately to them, which is exactly what the fraudsters want -- the cash, rather than a large ticket item they have to then fence or resell," he concludes.

Kocher predicts that until U.S. financial institutions and credit card companies roll out either a contact or contactless-based smart card infrastructure, there won't be a great reduction in the amount of fraud being perpetrated against U.S. consumers. "Once they decide to do this, it will cause a great reduction in the amount of fraud, because we've seen it happen in Europe," says Kocher.  (continue reading

Here's the rest of the top five according to BIS:

2. Check Fraud
3. Laser-Guided Precision Strikes
4. Phishing
5. Check Image Fraud

Reblog this post [with Zemanta]

Post CyberMonday Posts 9% Increase

Holiday E-Commerce Season Sales Finally Match Last Year as Two Workdays This Past Week Each Surpass $800 Million in Online Spending
Sales Since Cyber Monday Up 9 Percent Versus Year Ago

RESTON, Va., comScore (Nasdaq: SCOR), a leader in measuring the digital world, today reported its tracking of holiday season retail e-commerce spending for the first 35 days of the November - December 2008 holiday season. For the holiday season through December 5, $14.92 billion has been spent online, essentially the same level compared to the corresponding days last year.

For the five days beginning with December 1 (Cyber Monday), the kick-off to the heaviest part of the online shopping season, sales totaled $3.74 billion, up 9 percent versus year ago. Two individual days in the past week achieved more than $800 million in online spending: Monday, December 1 ("Cyber Monday") with $846 million, and Tuesday, December 2 with $823 million.

For more details,  including figures and top performing retail categories click here.

Reblog this post [with Zemanta]

Parsing Data in Transit - Trustwave Warning

Trustwave announces the release of its updated forensics white paper, which examines 443 cases of cardholder data compromise investigated by Trustwave since 2001.  In the seven years Trustwave has been conducting credit card compromise investigations, it’s found businesses have made progress in protecting cardholder data, due to the very prescriptive and holistic Payment Card Industry Data Security Standard (PCI DSS). While fewer and fewer compromise investigations by Trustwave find the storage of cardholder data, theft of credit card data continues to make headlines every week.

This white paper outlines a new technique –parsing data in transit— that Trustwave has found during its investigations of credit card compromise. 

What’s most unsettling about this trend is that a merchant can use a payment application or Point-of-Sale (POS) terminal that is compliant with the Payment Application Data Security Standard (PA-DSS) or Visa’s Payment Application Best Practice (PABP) but if they are not 100% compliant with the PCI DSS, they can still fall victim to this technique.

Additionally, Trustwave has found that smaller merchants continue to make up the largest group of merchants that get compromised. Most of these smaller merchants don’t have an in-house IT staff and therefore rely on third parties to make sure they’re compliant. These third parties often don’t have skilled security experts that can confidently and accurately secure a merchant environment to be in compliance with the PCI DSS. While these smaller merchants don’t make the media headlines, they compromise nearly 99% of all global merchants.

For more information about the white paper, go to https://www.trustwave.com/whitePapers.php .

Source: Company press release.

Reblog this post [with Zemanta]

Credit Card Rewards...and Service

Aite Group, LLC Report #200812082

A new report from Aite Group, LLC provides insight into the demographics and attitudes of consumers who choose credit cards based on rewards programs, and sheds light on the other factors that drive consumers to select one card over another. It also outlines ways in which card issuers can best compete for the use of their card above others in rewards card users' wallets.

According to Visa, rewards cards now account for more than half of all credit cards, and, even more importantly, roughly eight of every 10 dollars spent on a credit card. Consumers rank rewards as the number two reason for applying for a specific card, behind no annual fees and ahead of low interest rates, according to Aite Group's January 2008 survey of 422 cardholders. As the number of cards in a consumer's wallet grows, so does the importance of rewards programs in influencing the cardholder's choice of cards; consumers don't stop using their other cards after getting a new rewards card. Among the ways to increase the use of a specific rewards card, issuers should consider expanding the range of goods and services that earn premium rewards.

"It is clear that most rewards cardholders possess multiple rewards cards," says Ron Shevlin, senior analyst with Aite Group and author of this report. "As issuers look to one-up each other with ever-expanding rewards, Aite Group believes that there's an opportunity for issuers to differentiate themselves by creating a rewards hub that enables cardholders to aggregate and integrate programs."

This 14-page Impact Note contains 15 figures. Clients of Aite Group's Retail Banking service can download the report by clicking on the icon to the right.

Reblog this post [with Zemanta]

Italian eCommerce Grows 20%

According to the recent survey of eCommerce Observatory B2c Netcomm – School of Management at the Politecnico di Milano Italian e-commerce has grown this year by 20%, which should surpass earnings of 6 billion euros by the end of the year. The main profit comes from tourism, clothing with its famous brand names such as Armani, Valentino, Gucci, Prada and others. Sale of food and wines has also brought some income.

Overall, though, e-commerce in Italy makes up less than 1% of all sales, much lower than other countries that register 3–10%. The data on what products are sold also highlights a big contradiction: though in traditional channels for products (wine & food, products for the home, electronics, music, and books) present about 80% of all acquisitions, on-line they don’t even reach 30%, with food products and household items making up barely 1% of on-line sales. It is a trend that is very different from that of other countries, where the rate of on-line food and wine sales vary from 7-14%. Without counting, however, the fact that they already begin with higher absolute numbers, in respect to great Britain, which is the European country that is most familiar with this mode of commerce, Italy has less than a quarter of the users, and with an average spending of 900 euros per person, less than one third of that spent by British citizens, reports WineNews.

Disqus for ePayment News