Saturday, April 25, 2009

SafeTPIN Side Effects

Here's yet "another" reason why banks should utilize HomeATM's SafeTPIN for authentication. 

SafeTPIN securely authenticates the user by allowing them to swipe their bank issued card and enter their bank issued PIN.  No data other than the information contained on the magnetic stripe is collected so the privacy issue being discussed below is moot.  End result? 

Fraud elimination, consumer privacy protection AND it enables the online banking customer to securely pay bills, transfer money and conduct safe eCommerce transactions, all with 2FA, 3DES end to end encryption and DUKPT key management. 


CAUTION: If your financial institution employs a "Username:/Password" style authentication,
side effects from using our 2FA (two factor authentication) PCI 2.0 certified SafeTPIN PED may include: enhanced image for the bank, elimination of the threat of a cloned website, DNS attacks, malicious code, malware, keylogging, click jacking, worms and zombies.  Be aware that Cloned cards won't work in our SafeTPIN and phishing attacks are useless.  Pregnable transactions should not use SafeTPIN.  Please consult with your technician!      

Device identification in online banking is privacy threat, expert says | Security - CNET News

SAN FRANCISCO--A widely used technology to authenticate users when they log in for online banking may help reduce fraud, but it does so at the expense of consumer privacy, a civil liberties attorney said during a panel at the RSA security conference on Thursday.


When logging into bank Web sites, users are typically asked for their user name and password. But that's not all that is happening. Behind the scenes, the server is taking measures to identify the device being used in an attempt to verify that the person logging in is the person whose account is being accessed under the assumption that most people use the same computer for banking.

Wachovia, which recently merged with Wells Fargo, tags the consumer's computer with a unique identifier, said Chris Mathes, an information technology specialist in online customer protection at the bank.

The technology not only can be used to allow legitimate customers into Web sites, but also to block computers that have been targeted as "bad actors," said Todd Inskeep, a senior vice president for the Center for the Future of Banking at Bank of America.

Even though none of the information gathered during a log-in is personally identifiable, the bank shouldn't have to collect regular data on when, how often and from where a consumer accesses a bank account, said Jennifer Granick of the Electronic Frontier Foundation. Such information can be compiled with other more sensitive information to create profiles and cross referenced to learn more about consumers, she said.

For instance, the bank could learn who a consumer's roommate is if the same computer is used regularly to access different accounts, Granick said. Consumers also could be deemed suspicious for breaking with their patterns on deposits or withdrawals or the information could be sold to advertisers, she added.

Continue Reading at CNET





Reblog this post [with Zemanta]

RSA Conference Keynotes Available

RSA 2009 Webcasts grid
Choose a keynote speaker below. Click "View Interactive Webcast" to see the version with slides and video,
or click "View Video Only" if you only wish to view the video. The webcast version requires Flash Player 9 and
a broadband connection for optimum playback performance.
MINIMUM REQUIREMENTS
RECOMMENDATIONS FOR BEST PERFORMANCE

TUESDAY, APRIL 21
Opening Ceremony
RSA® Conference 2009
Duration: 7 Minutes
View Interactive Webcast
View Video Only
Art Coviello
Executive Vice President, EMC Corporation
and President, RSA, The Security Division of EMC Corporation
Duration: 33 Minutes
View Interactive Webcast
View Video Only
Enrique T. Salem
Chief Operating Officer
Symantec Corporation
Duration: 35 Minutes
View Interactive Webcast
View Video Only
Scott Charney
Corporate Vice President
Trustworthy Computing (TwC), Microsoft Corporation
Duration: 33 Minutes
View Interactive Webcast
View Video Only
Panel Discussion
Chief Scientist and Director
The Cryptographers Panel
Duration: 50 Minutes
View Interactive Webcast
View Video Only
Lieutenant General Keith B. Alexander
Director of the National Security Agency (NSA)
and Chief of the Central Security Service (CSS)
Duration: 30 Minutes
View Interactive Webcast
View Video Only

WEDNESDAY, APRIL 22
Melissa E. Hathaway
Acting Senior Director for Cyberspace
National Security and Homeland Security Councils
Duration: 20 Minutes
View Interactive Webcast
View Video Only
Panel Discussion
Information Governance Goes to Court
Duration: 50 Minutes
View Interactive Webcast
View Video Only
John Chambers
Chairman and CEO
Cisco Systems, Inc.
Duration: 33 Minutes
View Interactive Webcast
View Video Only
Dave DeWalt
Chief Executive Officer and President
McAfee, Inc.
Duration: 29 Minutes
View Interactive Webcast
View Video Only
Brian Smith, Ph.D.
Chief Technology Officer
TippingPoint
Duration: 30 Minutes
View Interactive Webcast
View Video Only
James Bamford
Author
The Shadow Factory: The Ultra-Secret NSA, from 9/11 to the Eavesdropping on America
Duration: 47 Minutes
View Interactive Webcast
View Video Only

THURSDAY, APRIL 23
Brian J. Truskowski
General Manager
Internet Security Systems (ISS), IBM Global Technology Services (GTS)
Duration: 31 Minutes
View Interactive Webcast
View Video Only
Philippe Courtot
Chairman and CEO
Qualys, Inc.
Duration: 33 Minutes
View Interactive Webcast
View Video Only
Dave Hansen
Corporate Senior Vice President and General Manager
Security Management Business Unit, CA, Inc.
Duration: 25 Minutes
View Interactive Webcast
View Video Only

FRIDAY, APRIL 24
Herbert Thompson, Ph.D.
Chief Security Strategist
People Security
Duration: 40 Minutes
View Interactive Webcast
View Video Only
Jamie Hyneman & Adam Savage
Hosts
MythBusters
Duration: 40 Minutes
View Interactive Webcast
View Video Only



MINIMUM REQUIREMENTS
Adobe Flash Player 8+ to view "Interactive Webcasts" Get Flash Player Get Windows Media Player
Windows Media Player 9+ to view "Video Only"
PC: Windows 2000+, Internet Explorer 5.5+, Firefox 1.5+
MAC: OSX+, Safari, Firefox 1.5+
RECOMMENDATIONS FOR BEST PERFORMANCE
Broadband internet connection, Adobe Flash Player 8+


Reblog this post [with Zemanta]

Credit is Out...Debit is In: MasterCard

CONSUMERS are increasingly shunning credit cards and using debit cards instead to pay for purchases as they err on the side of financial responsibility due to the economic slowdown, MasterCard Australia says.

The credit card company's executive vice-president for Australasia, Eddie Grobler, said after an address at the American Chamber of Commerce in Australia on Wednesday that the company was noticing a change in the way consumers chose to pay for items. Unlike a credit card, where the user goes into debt after a purchase, debit cards can operate only if there are sufficient funds in the card account to finance a purchase.

"There is a slowdown in credit card usage but we've also witnessed an increase in usage of our debit card products," Mr Grobler said.

Editor's Note:  HomeATM processes credit cards as "card present" transactions and debit cards as "card present" PIN based transactions, so regardless of what the consumer wants to use, we can provide eTailers with lower interchange rates via our PCI 2.0 Certified SafeTPIN device.  Card Present Transactions in a Card Not Present World!

"It seems to me the consumer is more comfortable to access [their] own funds now."

Continue Reading at BusinessDay




, , , ,

Disqus for ePayment News