Friday, July 31, 2009

MasterCard/Visa See Debit Grow but"Credit Declined"

MasterCard Inc. saw U.S. debit card purchase volume rise 3.4% from year-earlier levels to $82 billion in the second quarter, and debit purchase transactions rose 11.3% to 2.11 billion. But U.S. credit purchase volumes fell 15.5% to $120 billion on 1.5 billion transactions, off 5.8%. Total worldwide transactions processed grew 7.9% to 5.63 billion...

Visa Inc. processed 10.3 billion transactions in its third fiscal 2009 quarter ended June 30, up 8.4% from 9.47 billion a year earlier. But most of the operating data Visa released Wednesday with its latest earnings report were for the quarter ended March 31, and they showed a 9.7% decline in U.S. credit payments volume and 3.9% decline in credit transactions from the year-earlier quarter. U.S. debit volumes, however, rose 4.7% and transactions increased 10.3%.

Reblog this post [with Zemanta]

Merchant Risk Council Adds New Board Members


Leaders from Accertify, GlobalCollect, Linden Lab and Microsoft Join MRC Board

(Seattle, WA—July 31, 2009) The Merchant Risk Council (MRC), a merchant-led trade association focused on electronic commerce risk and payments globally, today announced the results of their 2009-2010 board elections.

New MRC Board Director:
Mike Duffy – President and CEO, Chase Paymentech

Re-Elected MRC Board Directors:
Tom Sullivan – Sr. Director, Global Payments & Risk, Expedia, Inc.
Gerry Sweeney – Global Head, e-Commerce & Authentication, Visa, Inc.

New MRC Board Advisors:

Gary Doernhoefer – Co-Founder and General Counsel, Accertify, Inc.
Floris de Kort – Chief Commercial Officer, GlobalCollect
James Pierson – Trust and Safety Program Manager, Linden Lab
Ronda Sifford – CSAT Risk Management Group Manager, Microsoft

Re-Elected MRC Board Advisors:
Al Boddorf – Director, Global Financial Services, Dell, Inc.
Jerett Sauer – Director Loss Prevention, Gap Inc. Direct
Tom Keithley – Vice President of Credit Policy, PayPal
Mike Petitti – Chief Marketing Officer, Trustwave

Tom Sullivan has been re-elected as MRC Board Chair. Pete Pouridis, Vice President, Loss Prevention, Neiman Marcus Group Services has been re-elected as Board Secretary. Joining the MRC officers is new Board Treasurer, Karl Hebert, Director, Global e-Commerce Product Management, Wal-Mart.

“We are very proud to announce our new board,” said Tom Donlea, MRC Executive Director. “The electronic payment professionals who serve on our board represent the brightest minds in our industry. This group will prove invaluable in driving towards and achieving the vision, mission and strategic goals of the MRC.”

Outgoing MRC Board members include: Tim Laudenbach, Credit Risk Manager,; David Gee, Director of Finance & Administration, Blizzard Entertainment; Ori Eisen, Founder, Chairman and Chief Innovation Officer, 41st Parameter; and Jon Karl, Vice President of Business Development & Founder, iovation.

“Tim, David, Ori and Jon have been instrumental figures in the evolution of the Merchant Risk Council,” said Tom Sullivan, MRC Board Chair. “Their commitment, energy and expertise have been vital in educating our membership on the advancements and progression of electronic payment fraud prevention.”

Full 2009-2010 Merchant Risk Council Board Roster

MRC Directors:
  • Chair, Tom Sullivan – Sr. Director, Global Payments & Risk, Expedia, Inc.
  • Secretary, Pete Pouridis – Vice President, Loss Prevention, Neiman Marcus Group Services
  • William Lambson – Director, Global Commerce Payments and Risk, Adobe Systems, Inc.
  • Dave Moriarty – Director of Data Mining, Apple
  • Mike Duffy – CEO, Chase Paymentech
  • Perry Dembner – Vice President, Marketing, CyberSource Corporation
  • Brad Craig – Director of Risk Management, Discover Network
  • Gerry Sweeney – Global Head, e-Commerce & Authentication, Visa, Inc.
  • Dave Sessions – Vice President, Strategy and Business Development, Wal-Mart Global e-Commerce
MRC Advisors:
  • Gary Doernhoefer – Co-Founder and General Counsel, Accertify, Inc.
  • Al Boddorf – Director, Global Financial Services, Dell, Inc.
  • Jerett Sauer – Director Loss Prevention, Gap Inc. Direct
  • Floris de Kort – Vice President of Business Development, GlobalCollect
  • James Pierson – Trust and Safety Program Manager, Linden Lab
  • Ronda Sifford – CSAT Risk Management Group Manager, Microsoft
  • Tom Keithley – Vice President of Credit Policy, PayPal
  • Mike Petitti – Chief Marketing Officer, Trustwave
MRC Board Consultants:

The MRC Board will next convene at the Merchant Risk Council’s Semi-Annual Platinum Meeting in San Jose, CA, September 30-October 1, 2009.

About the Merchant Risk Council
The Merchant Risk Council (MRC) is a merchant-led trade association focused on electronic commerce risk and payments globally.  The MRC leads industry networking, education and advocacy programs to make electronic commerce more efficient, safe and profitable.
Today, with the power of its member-base, the MRC is the leading trade association for managing payments, preventing online fraud and promoting secure e-Commerce.  The MRC is dedicated to working with e-Commerce and multi-channel merchants, payment processors, credit card issuers, credit card companies, alternative payment providers, risk management experts, and law enforcement to make the Internet a safer and more profitable place to do business.
The MRC is headquartered in Seattle, Washington.
Jordan Rubin
Communications and Membership Manager
206.364.2789 office | 206.367.1115 fax

Reblog this post [with Zemanta]

In Two Weeks Your iPhone Will Be Hacked

Does the picture on the left look familiar?  Cause I've used it a dozen times in a dozen posts.  In fact,  most recently, about two posts ago.  The article below is justifies it's use once again.  And this is only the tip of the iceberg.  Smartphones use browsers.  Browsers are not safe.  Financial transactions need to be done outside the browser space.  It's the typing.  Researchers at Black Hat exposed a major vulnerability in the iPhone which would allow a hacker to send an SMS message and completely take over not only your iPhone but everybody in your contacts lists phones as well.   

iPhone vulnerable to hacker attacks, experts say

Flaws can be exploited to take complete control over an iPhone (and other smart phones)

LAS VEGAS - Security experts have uncovered flaws in Apple Inc.'s iPhone that they said hackers can exploit to take control of the popular device, using the tactic for identity theft and other crimes.

IPhone users needed to be warned that their devices are not secure and Apple should try to repair the vulnerability as soon as possible, they said at the Black Hat conference in Las Vegas, one of the world's top forums for exchanging information on computer security threats.

"It's scary. I don't want people taking over my iPhone," Charlie Miller, a security analyst with consulting firm Independent Security Evaluators, said in an interview.

Miller and Collin Mulliner, a Ph.D. student at the Technical University of Berlin, also discovered a method for hacking the iPhone that lets hackers easily knock a victim's iPhone off a carrier's network.

It prevents users from making calls, accessing the Internet and exchanging text messages, they added.

The two showed how they can disconnect an iPhone from the cellular network by sending it a single, maliciously crafted text message — a message the victim never sees. The messages exploit bugs in the way iPhones handle certain messages and are used to crash parts of the software.

1. The major issue is a security flaw involving SMS. Specifically, thehack can control an iPhone remotely, including your iPhone’s camera, Safari, and more. It can even send messages to friends in your address book, which is where this hack becomes scariest.
2. The hack works by sending you code in an SMS message (or a seriesof messages) that crashes your iPhone. After that, your iPhone istheirs to use.
3. The offending text would come in the form of a single square character. If you get the square character, turn off your phone IMMEDIATELY.
4. You only have to receive the message to get hacked; you don’t even have to do anything with the text message.
5. The flaw was discovered by noted security expert Charlie Miller, who has hacked everything from MacBook Airs to Second Life, and partner Collin Mullinger.
6. The attack was presented publicly at the Black Hat conference.The duo decided to do this after Apple gave them no response back inJuly, when they provided Apple with information on the security flaw.The goal is to bring attention to the flaw (which they are clearlygetting).
7. According to Reuters, now that the vulnerability is exposed, hackers could build software that mounts this SMS attack within the next two weeks.
8. Apparently Google Android, Windows Mobile phones, and Palm Presare vulnerable to similar hacks. The team demonstrated the attack on anAndroid phone and a Windows Mobile phone.-

They even said it's possible to remotely control an iPhone by sending 500 messages to a single victim's phone. Those messages contain the necessary commands for the attack and would get executed automatically by exploiting a weakness in the way the iPhone's memory responds to that volume of traffic.

Miller said messaging attacks are so attractive, and are going to become more common, because the underlying technology is a core phone feature that can't be turned off.

"It's such a powerful attack vector," Miller said. "All I need to know is your phone number. As long as their phone's on, I can send this and their phone's going to do something with this. ... It's always on, it's always there, the user doesn't have to do anything — it's the perfect attack vector."

They said the information they presented at Black Hat will give criminals enough information to develop software to break into iPhones within about two weeks. 

Continue Reading

Reblog this post [with Zemanta]

Jamaica Fraud Tops $3 Billion Dollars

Jamaica Gleaner News - Fraud hits historic high at $3b - Business - Friday | July 31, 2009
Fraud hits historic high at $3b
Published: Friday | July 31, 2009
Avia Collinder, Business Reporter

Detective Carl Berry of the Organized Crime Unit of the Jamaica Constabulary Force shows merchants and employees a fake credit card that was seized by the police, at a National Commercial Bank 'Merchant Fraud Seminar' in Kingston. To curtail its losses from credit card scams, NCB has partnered with the police on a series of seminars.

Corporate earnings lost to fraud hit $665 million for the first half of this year, prompting the police fraud squad to warn company managers and individuals to be more vigilant in the supervision of employees and pre-paying for goods and services.

But that outcome annu-alised is a more than a two-fold improvement, coming off a spectacular year for crooks in 2008 when monies lost to fraudulent activity passed the J$3 billion mark for the first time in Jamaica's history.

Continue Reading Mawn

Reblog this post [with Zemanta]

Think This is Safe? Think Differently!

Experts predict more mobile Trojan slip-ups on the way
As news that the Symbian Foundation has admitted it needs better safeguards to prevent malicious apps finding their way onto mobiles,

Fortify Software predicts this problem is going to get worse for mobile phone manufacturers and their operating system developers.

"The problem with mobile phones is that their processing capacity is increasing at a near-exponential rate, with some of the latest smartphones the technological equivalent of the PCs seen in the early part of this decade," said Richard Kirk, director of the application vulnerability specialist.

"And whilst the power of the average smartphone has soared on the last few years, the behind-the-scenes technology and security assurance practices required to prevent any security loopholes in the operating system and/or applications is not as up to speed as it is on the desktop/laptop platforms," he added.

Because of this, hackers and malware developers are now turning their attentions to the microcomputer many of us have in our pockets - the smartphone.

Editor's Note:  And the rush to bring a mobile payment platform that is "convenient" and "easy to use" will be a gold mine to hackers. 
A goldmine I say!

Reblog this post [with Zemanta]

4 Arrested in $422,000 ATM Scam

DSCF0593Gang charged in $422,000 ATM scam

Authorities in New York have arrested four people accused of stealing $422,000 by exploiting a regulation requiring banks to reimburse the accounts of customers who claim their ATM cards have been used without their permission.

The four defendants - Lam Dang, Eric Manganelli, John Tluczek and Marzena Tluczek - are charged with making false claims totalling more than $700,000, to more than 20 banks, including HSBC, Wachovia and Chase.

In each case, the defendants opened accounts and padded them with large deposits over the course of several months before draining them again, with withdrawals of $500 to $1000 per day, say prosecutors.

Once the accounts were empty, the scammers would contact the bank and say their ATM cards had been stolen or lost and that the withdrawals were unauthorized. After the banks reimbursed the "stolen" money, the defendants would close the accounts, according to the indictment.

The four are accused of exploiting regulation E of the federal Electronic Fund Transfer Act, which requires banks to reimburse victims within 10 days of reporting the fraud. 

Continue Reading at Finextra

Reblog this post [with Zemanta]

More on Clampi...It's the Big One!

"The best strategy to defend against Clampi is to use separate machines for Web surfingand funds transfer" 

"We weren't all thatworried about Storm, and we weren't all that worried about Conficker, This one you need to worry about." 

- Joe Stewart, one of the world's foremost authorities on botnets and targeted attacks.

Finextra: Bank data-stealing Trojan infects hundreds of thousands of PCs - researcher
Bank data-stealing Trojan infects hundreds of thousands of PCs - researcher

A "tremendous" amount of financial data has been stolen by a Trojan that has infected hundreds of thousands of corporate and personal PCs, according to information security specialist SecureWorks.

Clampi, also known as Ligats, Ilomo or Rscan, has spread across Microsoft networks in a "worm-like fashion" and is "one of the largest and most professional thieving operations on the Internet" says Joe Stewart, director of malware research at SecureWorks' counter threat unit.
Once it has infected a PC, the Trojan monitors Web sessions to see if one of 4500 targeted sites are visited. If a victim uses one of these sites - which include those of banks, credit card companies, stock brokerages and insurance firms - it captures sensitive information such as usernames, passwords and PINs.

Continue Reading at Finextra

Reblog this post [with Zemanta]

Disqus for ePayment News