MasterCard Inc. saw U.S. debit card purchase volume rise 3.4% from year-earlier levels to $82 billion in the second quarter, and debit purchase transactions rose 11.3% to 2.11 billion. But U.S. credit purchase volumes fell 15.5% to $120 billion on 1.5 billion transactions, off 5.8%. Total worldwide transactions processed grew 7.9% to 5.63 billion...
Visa Inc. processed 10.3 billion transactions in its third fiscal 2009 quarter ended June 30, up 8.4% from 9.47 billion a year earlier. But most of the operating data Visa released Wednesday with its latest earnings report were for the quarter ended March 31, and they showed a 9.7% decline in U.S. credit payments volume and 3.9% decline in credit transactions from the year-earlier quarter. U.S. debit volumes, however, rose 4.7% and transactions increased 10.3%.
MERCHANT RISK COUNCIL ADDS NEW BOARD MEMBERS Leaders from Accertify, GlobalCollect, Linden Lab and Microsoft Join MRC Board
(Seattle, WA—July 31, 2009) The Merchant Risk Council (MRC), a merchant-led trade association focused on electronic commerce risk and payments globally, today announced the results of their 2009-2010 board elections. New MRC Board Director: Mike Duffy – President and CEO, Chase Paymentech
Re-Elected MRC Board Directors: Tom Sullivan – Sr. Director, Global Payments & Risk, Expedia, Inc. Gerry Sweeney – Global Head, e-Commerce & Authentication, Visa, Inc. New MRC Board Advisors: Gary Doernhoefer – Co-Founder and General Counsel, Accertify, Inc. Floris de Kort – Chief Commercial Officer, GlobalCollect James Pierson – Trust and Safety Program Manager, Linden Lab Ronda Sifford – CSAT Risk Management Group Manager, Microsoft Re-Elected MRC Board Advisors: Al Boddorf – Director, Global Financial Services, Dell, Inc. Jerett Sauer – Director Loss Prevention, Gap Inc. Direct Tom Keithley – Vice President of Credit Policy, PayPal Mike Petitti – Chief Marketing Officer, Trustwave
Tom Sullivan has been re-elected as MRC Board Chair. Pete Pouridis, Vice President, Loss Prevention, Neiman Marcus Group Services has been re-elected as Board Secretary. Joining the MRC officers is new Board Treasurer, Karl Hebert, Director, Global e-Commerce Product Management, Wal-Mart.
“We are very proud to announce our new board,” said Tom Donlea, MRC Executive Director. “The electronic payment professionals who serve on our board represent the brightest minds in our industry. This group will prove invaluable in driving towards and achieving the vision, mission and strategic goals of the MRC.”
Outgoing MRC Board members include: Tim Laudenbach, Credit Risk Manager, BestBuy.com; David Gee, Director of Finance & Administration, Blizzard Entertainment; Ori Eisen, Founder, Chairman and Chief Innovation Officer, 41st Parameter; and Jon Karl, Vice President of Business Development & Founder, iovation.
“Tim, David, Ori and Jon have been instrumental figures in the evolution of the Merchant Risk Council,” said Tom Sullivan, MRC Board Chair. “Their commitment, energy and expertise have been vital in educating our membership on the advancements and progression of electronic payment fraud prevention.”
Full 2009-2010 Merchant Risk Council Board Roster MRC Directors:
Chair, Tom Sullivan – Sr. Director, Global Payments & Risk, Expedia, Inc.
The MRC Board will next convene at the Merchant Risk Council’s Semi-Annual Platinum Meeting in San Jose, CA, September 30-October 1, 2009.
About the Merchant Risk Council
The Merchant Risk Council (MRC) is a merchant-led trade association focused on electronic commerce risk and payments globally. The MRC leads industry networking, education and advocacy programs to make electronic commerce more efficient, safe and profitable.
Today, with the power of its member-base, the MRC is the leading trade association for managing payments, preventing online fraud and promoting secure e-Commerce. The MRC is dedicated to working with e-Commerce and multi-channel merchants, payment processors, credit card issuers, credit card companies, alternative payment providers, risk management experts, and law enforcement to make the Internet a safer and more profitable place to do business.
Does the picture on the left look familiar? Cause I've used it a dozen times in a dozen posts. In fact, most recently, about two posts ago. The article below is justifies it's use once again. And this is only the tip of the iceberg. Smartphones use browsers. Browsers are not safe. Financial transactions need to be done outside the browser space. It's the typing. Researchers at Black Hat exposed a major vulnerability in the iPhone which would allow a hacker to send an SMS message and completely take over not only your iPhone but everybody in your contacts lists phones as well.
iPhone vulnerable to hacker attacks, experts say
Flaws can be exploited to take complete control over an iPhone (and other smart phones)
LAS VEGAS - Security experts have uncovered flaws in Apple Inc.'s iPhone that they said hackers can exploit to take control of the popular device, using the tactic for identity theft and other crimes.
IPhone users needed to be warned that their devices are not secure and Apple should try to repair the vulnerability as soon as possible, they said at the Black Hat conference in Las Vegas, one of the world's top forums for exchanging information on computer security threats.
"It's scary. I don't want people taking over my iPhone," Charlie Miller, a security analyst with consulting firm Independent Security Evaluators, said in an interview.
Miller and Collin Mulliner, a Ph.D. student at the Technical University of Berlin, also discovered a method for hacking the iPhone that lets hackers easily knock a victim's iPhone off a carrier's network.
It prevents users from making calls, accessing the Internet and exchanging text messages, they added.
The two showed how they can disconnect an iPhone from the cellular network by sending it a single, maliciously crafted text message — a message the victim never sees. The messages exploit bugs in the way iPhones handle certain messages and are used to crash parts of the software.
1. The major issue is a security flaw involving SMS. Specifically, thehack can control an iPhone remotely, including your iPhone’s camera, Safari, and more. It can even send messages to friends in your address book, which is where this hack becomes scariest. 2. The hack works by sending you code in an SMS message (or a seriesof messages) that crashes your iPhone. After that, your iPhone istheirs to use. 3. The offending text would come in the form of a single square character. If you get the square character, turn off your phone IMMEDIATELY. 4. You only have to receive the message to get hacked; you don’t even have to do anything with the text message. 5. The flaw was discovered by noted security expert Charlie Miller, who has hacked everything from MacBook Airs to Second Life, and partner Collin Mullinger. 6. The attack was presented publicly at the Black Hat conference.The duo decided to do this after Apple gave them no response back inJuly, when they provided Apple with information on the security flaw.The goal is to bring attention to the flaw (which they are clearlygetting). 7. According to Reuters, now that the vulnerability is exposed, hackers could build software that mounts this SMS attack within the next two weeks. 8. Apparently Google Android, Windows Mobile phones, and Palm Presare vulnerable to similar hacks. The team demonstrated the attack on anAndroid phone and a Windows Mobile phone.- Mashable.com
They even said it's possible to remotely control an iPhone by sending 500 messages to a single victim's phone. Those messages contain the necessary commands for the attack and would get executed automatically by exploiting a weakness in the way the iPhone's memory responds to that volume of traffic.
Miller said messaging attacks are so attractive, and are going to become more common, because the underlying technology is a core phone feature that can't be turned off.
"It's such a powerful attack vector," Miller said. "All I need to know is your phone number. As long as their phone's on, I can send this and their phone's going to do something with this. ... It's always on, it's always there, the user doesn't have to do anything — it's the perfect attack vector."
They said the information they presented at Black Hat will give criminals enough information to develop software to break into iPhones within about two weeks.
Fraud hits historic high at $3b Published: Friday | July 31, 2009 Avia Collinder, Business Reporter
Detective Carl Berry of the Organized Crime Unit of the Jamaica Constabulary Force shows merchants and employees a fake credit card that was seized by the police, at a National Commercial Bank 'Merchant Fraud Seminar' in Kingston. To curtail its losses from credit card scams, NCB has partnered with the police on a series of seminars.
Corporate earnings lost to fraud hit $665 million for the first half of this year, prompting the police fraud squad to warn company managers and individuals to be more vigilant in the supervision of employees and pre-paying for goods and services.
But that outcome annu-alised is a more than a two-fold improvement, coming off a spectacular year for crooks in 2008 when monies lost to fraudulent activity passed the J$3 billion mark for the first time in Jamaica's history.
Experts predict more mobile Trojan slip-ups on the way
As news that the Symbian Foundation has admitted it needs better safeguards to prevent malicious apps finding their way onto mobiles,
Fortify Software predicts this problem is going to get worse for mobile phone manufacturers and their operating system developers.
"The problem with mobile phones is that their processing capacity is increasing at a near-exponential rate, with some of the latest smartphones the technological equivalent of the PCs seen in the early part of this decade," said Richard Kirk, director of the application vulnerability specialist.
"And whilst the power of the average smartphone has soared on the last few years, the behind-the-scenes technology and security assurance practices required to prevent any security loopholes in the operating system and/or applications is not as up to speed as it is on the desktop/laptop platforms," he added.
Because of this, hackers and malware developers are now turning their attentions to the microcomputer many of us have in our pockets - the smartphone.
Editor's Note: And the rush to bring a mobile payment platform that is "convenient" and "easy to use" will be a gold mine to hackers. A goldmine I say!
Authorities in New York have arrested four people accused of stealing $422,000 by exploiting a regulation requiring banks to reimburse the accounts of customers who claim their ATM cards have been used without their permission.
The four defendants - Lam Dang, Eric Manganelli, John Tluczek and Marzena Tluczek - are charged with making false claims totalling more than $700,000, to more than 20 banks, including HSBC, Wachovia and Chase.
In each case, the defendants opened accounts and padded them with large deposits over the course of several months before draining them again, with withdrawals of $500 to $1000 per day, say prosecutors.
Once the accounts were empty, the scammers would contact the bank and say their ATM cards had been stolen or lost and that the withdrawals were unauthorized. After the banks reimbursed the "stolen" money, the defendants would close the accounts, according to the indictment.
The four are accused of exploiting regulation E of the federal Electronic Fund Transfer Act, which requires banks to reimburse victims within 10 days of reporting the fraud.
Bank data-stealing Trojan infects hundreds of thousands of PCs - researcher
A "tremendous" amount of financial data has been stolen by a Trojan that has infected hundreds of thousands of corporate and personal PCs, according to information security specialist SecureWorks.
Clampi, also known as Ligats, Ilomo or Rscan, has spread across Microsoft networks in a "worm-like fashion" and is "one of the largest and most professional thieving operations on the Internet" says Joe Stewart, director of malware research at SecureWorks' counter threat unit.
Once it has infected a PC, the Trojan monitors Web sessions to see if one of 4500 targeted sites are visited. If a victim uses one of these sites - which include those of banks, credit card companies, stock brokerages and insurance firms - it captures sensitive information such as usernames, passwords and PINs.