Friday, July 24, 2009

Apriva Certifiies WAY Systems way5000

Apriva certifies WAY Systems mobile POS terminal

Scottsdale, Ariz., July, 2009 -- Apriva, the leading secure wireless solutions provider, announced today the certification of WAY Systems’ way5000 device. Combined with Apriva’s Intelligent Gateway services, the way5000 enables merchants to process credit and PIN-based debit transactions securely from virtually any location. Apriva also provides a number of value-added services including online reporting, order processing and comprehensive customer management. The way5000 is immediately available to all Apriva resellers on all certified credit payment processors in addition to debit processors.

“WAY Systems is a valued partner and we are excited to offer their newest device to our reseller base,” commented Bill Clark, General Manager for Apriva Secure Payments Division. “The new full featured way5000 is an excellent addition to our product portfolio.”

“We are very happy to continue our strategic business alliance with Apriva by certifying our first multi application wireless device, the way5000. WAY Systems has built a reputation of bringing better solutions to our customers," commented Tim McWeeney, WAY Systems’ Vice President of North American Sales. “By combining the new way5000 and the Apriva Intelligent Gateway that’s exactly what we offer. A Better Solution!”

The way5000 PCI PED approved credit and debit device is a new generation of WAY Systems’ small, portable, wireless transaction processing terminals. The way5000 integrates technologies that open an endless number of possibilities. This low cost terminal is programmable, runs multiple applications and can download new applications or update over-the-air (OTA).

About Apriva:

Founded in 1999, Apriva is the leading secure wireless solution provider integrating the hardware, software and network infrastructure required to develop and deploy high-performance, high-reliability solutions in the Point of Sale (POS) and Secure Mobile Messaging markets. Apriva offers end-to-end solutions for Point of Sale that make it easy and cost-effective to develop, deploy and maintain highly secure and reliable business critical mobile applications. Visit for more information.

About WAY Systems, Inc.

WAY Systems has designed, developed, tested and delivered end-to-end payment solutions for mobile merchants all over the world. Our products and services are designed to meet the payment transaction needs of mobile merchants and exceed industry security standards. We empower merchants to conduct business any time, anywhere, and increase their revenue by accepting credit and pin-based debit cards. WAY’s innovative mobile POS devices and dedication to service make us the ideal partner for you to conduct transactions without boundaries. Users of WAY Terminals are invited to explore the limitless possibilities of commerce and perform Transactions without boundaries. WAY Systems is the exclusive licensee of Accessor™ from Fractal Commerce Inc. a patented terminal technology application for pocketsize mobile merchant point of sale devices.

Source: Company press release. 

Reblog this post [with Zemanta]

Browser Flaws Nullify EV SSL

Researchers uncover flaw in handling of EV SSL by popular browsers

New York, July, 2009 -- Intrepidus Group, a leading provider of information security services and software, today announced research that shows new short comings in browser designs that allow an attacker to silently "Man-In-The-Middle" (MITM) Extended Validation (EV) SSL-protected websites. Users of sites that appear to be secure through the "glow" of their green badge, have been found to be at risk of malicious attacks.

Research conducted by Mike Zusman, principal consultant at Intrepidus Group, and independent security researcher Alex Sotirov shows that a common web browser design flaw can be exploited to compromise SSL encrypted data, even when the user sees the green badge of EV SSL. The researchers have devised a new attack, called SSL Rebinding, which exploits this flaw to sniff sensitive data as it leaves the browser. Zusman and Sotirov have also demonstrated that the same flaw can be leveraged to launch browser cache poisoning attacks against EV SSL protected web sites. Both attacks can cause significant exposure and silently expose "encrypted" sessions protected by an EV SSL certificate.

-- SSL Rebinding is an attack against an SSL involving a rogue MITM server which uses a combination of SSL certificates to manipulate client behavior and bypass security mechanisms.

-- EV Cache Poisoning is a persistent attack, where cached content of an EV SSL protected web site can be poisoned without the victim consciously browsing the site.

"Verifying the 'green glow' of EV SSL in the browser has often been pitched as the silver bullet to thwarting phishing attacks," said Rohyt Belani, CEO of Intrepidus Group. "Our research shows that the green glow can be misleading and provide a false sense of security. Employees and customers should be provided a holistic perspective on phishing to best train them to be resilient to this ever-growing threat."

Zusman and Sotirov will present the details of their research findings during the Back Hat USA 2009 Briefings & Training conference. Intrepidus Group has also enhanced its PhishMe solution to empower individuals to identify these attacks and protect themselves from cybercrime exposure.

Black Hat USA 2009 Briefings & Training Presentation

Mike Zusman and Alexander Sotirov will be sharing details of this new research on EV SSL Attacks during the Back Hat USA 2009 Briefings & Training conference at Caesar's Palace in Las Vegas, Nev. Their session will be held on "Day 2," July 30, 2009 in the "//random" track from 3:15 to 4:30 p.m.

About PhishMe

PhishMe is a software-as-a-service (SaaS) solution designed to help prevent damage, theft and loss caused by targeted (spear) phishing attacks. PhishMe facilitates and automates the execution of mock phishing exercises against employees, provides clear and accurate reporting on user behavior, and most importantly provides instant, targeted employee training. This method of delivering training materials is recommended by SANS and found to be most effective by researchers at Carnegie Mellon University.

About Intrepidus

Intrepidus Group ( ) is a leading provider of information security consulting services and software solutions. With offices in New York City and the Washington, DC metro area, the company offers innovative solutions to help clients build employee awareness around common information security issues. Intrepidus Group's consultants also conduct hands-on assessments of critical applications, networks and products to uncover vulnerabilities, and provide strategic and tactical recommendations to address identified issues. is a registered trademark of Intrepidus Group. All other product and company names herein are or may be trademarks of their respective owners.

Source: Company press release. 

Reblog this post [with Zemanta]

Sacramento Selects Bank Up's Remittance Processing Solution

Sacramento selects Bank Up's remittance processing solution

San Ramon, Calif., July 24, 2009 -- The City of Sacramento, capital of the State of California, has selected the outsourced remittance/lockbox solution of Bank Up Corporation, a growing payments processing solution provider to financial institutions and state and local governments, to process payments for its Revenue Division and Police Department.

The Bank Up solution will provide Sacramento with a remittance processing service from its Northern California ASP. The services provided by Bank Up will reduce the Revenue Division and Police Department’s workload since the payments will not be manually processed by City staff. Bank Up’s services will include item processing and image capture, an integrated image archive accessed through the Company’s secure, encrypted Web portal, on-site training for the City’s staff and daily electronic image cash letter deposits to the City’s bank account with Bank of America. This should further reduce work required by the City of Sacramento staff and will insure timely deposits of funds to the Bank. Bank Up will also provide a daily upload to the Revenue Division’s RevenueCollector payment database and the Police Department’s Cry Wolf Alarms and Renewal accounting systems.

Walker Black, Senior Management Analyst for the City of Sacramento Department of Finance stated, “Bank Up’s technical solutions, products and services met the City of Sacramento’s remittance processing needs and requirements. Based on extensive analysis of the City’s remittance processing needs and requirements along with Bank Up’s experience, technical expertise and cost, our staff recommended that Bank Up be awarded the City’s initial remittance processing contract for City invoices. Bank Up demonstrated a strong commitment to customer service in addition to being the cost effective bidder to the City’s RFP”.

“Timely and accurate processing of government payments is critical to maximize cash flow, especially when local governments in California are under tremendous pressure to contain costs,” said Michael Santimauro, CEO of Bank Up Corporation. “Our solutions are available to assist state and local governments improve operational efficiencies and contain escalating costs of payments processing”. Bank Up also provides a Disaster Recovery solution for the State of California’s Treasurer’s Office for item processing.

Bank Up’s remittance lockbox solution is scalable and comprehensive, providing various processing alternatives based on the workload requirements and operational resources available to financial institution and government customers. The solution can either be totally outsourced to the Bank Up ASP, provided through a financial institution in order to provide a solution for their various lockbox customers or installed as an in-house solution tailored to fit the requirements for a specific customer. The solution provided by Bank Up also enables a customer to blend the best of in-house and outsourced processing. In all cases, Bank Up provides its customers with everything required to process remittance payments including the technology, equipment, documentation, training, front-line technical support and system access. In all cases, Bank Up serves as the single point of contact for the support of its customers.

About Bank Up Corporation

Bank Up Corporation is a growing provider of technology solutions and services to financial institutions and government agencies. Bank Up solutions include item and remittance processing solutions, business continuity services, remote corporate capture processing, hosted data back-up and business continuity consulting. Founded in 1989, Bank Up works with more than 70 customers across the country. Headquartered in San Ramon, Calif., the company also has offices in El Monte, CA. Bank Up is SAS 70 Level 2 certified.

For more information, call 925-27..., or visit .
Bank Up Media Contacts
Michael V. Santimauro, Office: 925-277-3904, Mobile: 415-235-4630, msantimaur0@bank-up.comCzarina Chung, MutMut Media: 415-356-4000, Mobile: 415-601-3106,
Source: Company press release.
Reblog this post [with Zemanta]

Disqus for ePayment News