Tuesday, September 15, 2009

PowerPoint Know-Knows (No-No's)

I saw this on the Going Web 2.0 blog and thought it was funny enough to share...then again, as readers of this blog already know...I have a warped sense of humor...

BAI Banking Strategies :: Webcast

Only days left to register for this COMPLIMENTARY event.

Join FICO Corporation as they outline best practices, new ideas and approaches to help retain your best customers while mitigating risk and operation costs. In addition, they’ll also discuss the new regulatory changes, protecting against fraud, and alternatives for generating fee income.

Managing a Proactive, Strategic and Adaptive Deposit Portfolio

Wednesday, September 23, 2009

1:00 p.m. – 2:00 p.m. CDT



Learn these deposit benefits:

  • Consistent customer treatment based on risk to all points of contact

  • Reliable, documentable and defensible regulatory compliance

  • Improved retention, deposit growth and customer profitability

  • Improved revenue retention and waiver reduction

Register now.
BAI is pleased to bring you information from Solutions Providers about financial services industry products and services. BAI does not endorse any specific products or services.

Please click here to forward to a colleague

BAI Home | Contact Us

This e-mail was sent by: BAI

115 S. LaSalle, Suite 3300 Chicago, IL, 60603-3801, USA

BAI is the financial services industry's partner for breakthrough information and intelligence needed to innovate and stay relevant in an evolving marketplace. For more than 80 years, we have focused on advancing the industry by offering unbiased education and research. Our offerings are as diverse as the industry, and include premier events such as BAI Retail Delivery Conference & Expo, ground-breaking research and performance metrics, professional learning and development programs, and in-depth editorial coverage through BAI Banking Strategies. Learn more at www.BAI.org.

BAI is Bank Administration Institute and BAI Center.

Reblog this post [with Zemanta]

Social Network Sonico.com is Making Friends with Payment Service Provider GlobalCollect

Amsterdam, The Netherlands, Sept. 15, 2009 -PIN Payments News Blog- The popular Latin American social networking platform www.sonico.com offers its over 40 million registered users a safe and fun environment to connect and stay in touch with real-life friends, colleagues, and family. The partnership with GlobalCollect enables Sonico to process international online credit card payments via Visa, MasterCard, and American Express for its premium subscription services. Future plans entail expanding the range of payment methods to include local and alternative options.

Both companies had already established a fruitful business relationship indirectly in 2006, when GlobalCollect started processing online payments for Clon Communications - Sonico's sister company - an online retailer of various prepaid cards. Based on Clon’s positive history with GlobalCollect – Clon’s international online transactions have quadrupled since then - Sonico decided to partner with GlobalCollect as well for its online payment needs.

Gustavo Victorica, CFO of Sonico, said: “We chose GlobalCollect on the basis of its comprehensive portfolio of payment methods. This, plus its single-interface payment platform supporting multi-currency online payment transactions will help us boost conversion rates.”

Jan Manten, CEO of GlobalCollect, continued: “We welcome the opportunity to service Sonico.com, a popular and rapidly growing social network in Latin America. We believe that this region holds tremendous growth opportunities for all sorts of e-commerce activities in general, which is why we have decided to open a local office in Buenos Aires in the very near future.”

About Sonico.com Inc.

Founded in July 2007, Sonico is the social network of Latin America that organizes people’s life online. Developed with a strong emphasis in user legitimacy, privacy and personalization, it has been widely adopted across Latin America. This social communication platform has over 40 million registered users and allows individuals, organizations and brands to interact in a useful and entertaining way. Located in Buenos Aires and with a team of over 80 people, Sonico was elected by Business Week as the 5th tech startup with the highest global growth potential. Sonico closed its first round of capitalization of USD 4.3 million in May 2008.

About GlobalCollect

GlobalCollect is the world's premier Payment Service Provider of local e-payment solutions for international Customer Not-Present (CNP) channels such as internet, mail and telephone orders, and specialized in a wide range of industries such as travel, ticketing, telecommunications, retail, publishing, portals, online gaming, and digital content. While most providers limit their services to a technical link with payment acquirers, GlobalCollect is a full service partner consulting clients on how to increase transaction volumes, expand distribution channels, and reduce costs by streamlining back office processes. Through a single-interface online payment platform, we offer access to an unrivalled portfolio of local and international payment methods in over 200 countries, including all major credit and debit cards, direct debits, bank transfers, real-time bank transfers, eWallets, cash at outlets, prepaid methods, checks, and invoices. www.globalcollect.com

Source: Company press release.

Reblog this post [with Zemanta]

Bottomline: Deutsche Bank is Our Partner

Portsmouth, N.H. and Hong Kong, Sept. 14, 2009 -PIN Payments News Blog- Bottomline Technologies (NASDAQ: EPAY), a leading provider of collaborative payment, invoice and document automation solutions, today at Sibos 2009 announced a partnership with Deutsche Bank to serve as the technology provider for the bank’s new Web-based outsourced check generation initiative.

Designed for Deutsche Bank’s financial institution clients, this hosted offering leverages Bottomline’s WebSeries®

platform to provide a comprehensive solution for requesting, approving and printing checks and remittance information locally, across multiple currencies and in a format to clear locally in the beneficiary’s country, hence minimizing fees and clearing times. This is the latest engagement between Deutsche Bank and Bottomline focused on increasing payment efficiency, and will allow Deutsche Bank clients to accelerate payment cycle times.

“We are pleased to partner with Bottomline in this important initiative for Deutsche Bank,” said Maurice Cleaves, Head of Product Management Europe, Global Transaction Banking at Deutsche Bank. “The introduction of our onsite check printing solution will provide our clients with new opportunities to expand their reach and enable them to more readily respond to the changing payment needs of their corporate customers.”

To get to market quickly with a high-volume domestic and international payments capability, banks and financial institutions around the world rely on Bottomline’s award-winning WebSeries Global Cash Management platform. A single platform for managing payments and providing real-time cash management reporting, WebSeries delivers the security, reliability and rich functionality necessary to deliver the products and user experience required to strengthen customer relationships and develop new markets.

“We’re excited to have the opportunity to expand our existing relationship with Deutsche Bank by providing the technology foundation for this important new client solution,” said Rob Eberle, President and CEO of Bottomline Technologies. “Our relationship with Deutsche Bank reflects our commitment as an organization to enabling customers to achieve success and our ability to become a trusted partner to the world’s largest banks and financial institutions.”

Calculate the Savings

To help raise awareness of the environmental benefits achieved by transitioning from paper to electronic processing, Bottomline has posted a green savings calculator on its Web site at: www.bottomline.com/cash_management_goes_green/ .

About Bottomline Technologies

Bottomline Technologies (NASDAQ: EPAY) provides collaborative payment, invoice and document automation solutions to corporations, financial institutions and banks around the world. The company’s solutions are used to streamline, automate and manage processes involving payments, global cash management, transactional documents and invoice approval. Organizations trust these solutions to meet their needs for cost reduction, competitive differentiation and optimization of working capital. Headquartered in the United States, Bottomline also maintains offices in Europe and Asia-Pacific. For more information, visit www.bottomline.com .

Source: Company press release. 

Reblog this post [with Zemanta]

Complete Testimony of Robert O. Carr Before Senate Committee

In the previous post I said save your $19.95 on the transcript from the Senate Hearing with Bob O. Carr and provided a couple quotes. 

Here is the whole Bob Carr transcript (and others) from the hearing:

Cyber Attacks: Protecting Industry Against Growing Threats

Monday, September 14, 2009 10:00 AM Dirksen Senate Office Building, room 342  [view archive webcast]

Member Statements


Statement of Robert Carr - Chairman and CEO Heartland Payment Systems, Before the Senate Committee on Homeland Security and Government Affairs on September 14, 2009

Good morning Chairman Lieberman, Ranking Member Collins, and Members of the Committee. My name is Robert O. Carr, and I am the Chairman and Chief Executive Officer of Heartland Payment Systems, Inc.

Let me begin by thanking the Committee for this opportunity to appear today to share our lessons learned and the steps we have taken and what more can and should be done to better protect our customers and the public from criminal hackers.

Our primary business is to provide bank card payment processing services to merchants. This involves facilitating the exchange of information and funds between merchants and cardholders’ issuing financial institutions, providing end-to-end electronic payment processing services to merchants, including clearing and settlement, merchant accounting, and support and risk management.

When a consumer’s card is swiped at one of our merchants, we forward the authorization request through Visa or MasterCard to the issuing bank, and then send their approval back to the merchant, allowing the purchase to be
made. In the following days we will receive payment from the issuer and pass it on to the merchant, and provide statements and accounting to the merchant. It is important to note that in the course of our payment processing business we do not receive cardholder social security numbers, addresses or unencrypted PIN data.

We were founded in 1997, and have since grown to represent over 3,100 employees, with over 1,200 W-2 salespeople across the nation. As of December 31, 2008, we provided our bank card payment processing services to approximately 230,000 merchants. Our total bank card processing volume for 2008 was almost $67 billion.

On January 20, 2009, we announced the discovery of a criminal breach of our payment systems environment. This attack involved malicious software that appears to have allowed criminal access to in-transit payment card data while it was being processed by Heartland during the transaction authorization process. This data is not required to be encrypted while in transit under current payment card industry guidelines.

We were pleased to hear the recent news about law enforcement’s efforts to investigate and prosecute the individuals who make up the criminal syndicate that law enforcement believes is responsible for the Heartland breach and others like it. Albert Gonzalez, the alleged mastermind of attacks on TJX and other retailers including Barnes Noble, Office Max, and Dave & Buster, has pled guilty to charges in a 19-count indictment that includes conspiracy, wire fraud, and aggravated identity theft charges. Mr. Gonzalez is also accused of having hacked into our system, as well as that of Hannaford Brothers, ATMs stationed in 7-11s and two other national retailers. It is reported that he was part of a team with eastern European criminals who have attacked a variety of U.S. companies.

We appreciate the efforts federal law enforcement are making to help stop these attacks and to bring these criminals to justice. 

This has been a difficult (I'm sure he meant "humbling") experience for me and the company. We have taken a financial charge of approximately $32 million just in the first six months of this year on forensics, legal work, and other related efforts.

Editor's Note:  Yeah...really difficult.  Did you tell  either Sen. Lieberman or Sen. Collins that you also "have taken" out $11 million PLUS from the time the breach happened and the time it was reported.  (see graphic on right)  Oh, by the way...if you think I am pickiing on Bob O. because I personally don't like him,  you are right, but I swear that it is not my fault...
It's more his fault than mine.  I owe my disdain to the fact that I personally met him.  (several times over the course of a 3 day period back in St.  Louis in 1997. ) He was starting a new company with Heartland Bank and looking for ISO's/Reps.  If there's one thing I personally dislike, it's someone with an ego bigger than their brain.  People like that never listen...they are always yapping about how great they either are or are gonna be.  Believe me when I tell you that this guy can make T.O. sound humble.  Maybe he's changed since them, no matter...first impressions are lasting as they say.  Anway, back to "his testimony"

Unfortunately, the company is involved in inquiries, investigations (Editor's Note:  In fact, I'm pretty sure that Bob O. himself is under investigation by the DoJ for what the graphic above depicts) and litigation, so I cannot address in more detail the specifics of the intrusion. But I now know that this industry needs to, and can, do more to be better protected against the ever more sophisticated methods used by these cyber criminals, and I want to provide this Committee with some additional information about what Heartland is working on to try and prevent such intrusions in the future.

Let me note two key areas where Heartland is hard at work to address industry deficiencies.

First, industry and government can be better coordinated. The Financial Services Information Sharing and Analysis Center or FS-ISAC has been a great resource to a broad range of financial services companies facing this threat but I realized that we could benefit from greater focus on the payment processing industry. In order to address the needs of payment processors, we recently formed, within the FS-ISAC, the Payments Processing Information Sharing Council (PPISC), a forum for sharing information about fraud, threats, vulnerabilities and risk mitigation practices.

At the PPISC, I shared with the payment industry members the malware which we discovered had been used to victimize Heartland. I did this once I learned that criminals were using this malware to attack our industry. I believe that by sharing this with others, including our industry competitors, we can better respond to very organized attackers.

Second, as reflected in the indictments of Mr. Gonzalez, a modus operandi frequently used by these attackers is to attempt to steal payment card data while it is being transferred in the clear - meaning it was not encrypted at the time. It is clear to me that we can address this vulnerability, and our internal technology team is continuing the development of a possible solution we call E3 - end-to-end encryption. I believe it is critical we implement this new technology, not just at Heartland, but industry-wide. We at Heartland believe we are taking the necessary steps to do so.

Heartland is working to deploy E3 to render data unreadable to outsiders from the point of card swipe. We plan to use special point-of-sale terminals, with Tamper Resistant Security Modules, TRSMs, to protect cryptographic secrets. We also plan to use special tools in our processing network, Hardware Security Modules, to protect the cryptography associated with the card data.

Our goal is to completely remove payment account numbers of credit and debit cards and magnetic stripe data such as expiration date, service codes, and other data, so that it is never accessible in a usable format in the merchant and processor systems.

We are taking the necessary steps to implement this E3 solution, and I want to let the Committee know where our efforts stand.

We are working with various suppliers on the technology to make E3 a reality and more ubiquitous. We are hopeful that these efforts will minimize the costs to merchants while not inconveniencing cardholders and yield a payment processing system that is more secure. We are seeking partners who will not use encryption as an opportunity to profit at our expense or that of our merchant customers.

We believe this potential solution needs to be implemented on an industry-wide basis. We have been working with the Accredited Standards Committee X9 (ASC-X9), to seek adoption of a new standard to protect card holder data in the electronic payments industry so all users can benefit from it. Ultimately, the Payment Card

Industry Security Council must approve this standard and we are hopeful that it will do so soon.

Once the standards are established, we will need the card brands and other financial institutions to cooperate and to be willing to implement on their side the encryption system our merchants are willing to use. We have been meeting with the card brands and the issuers and we hope we will be able to make progress on adoption by the card brands. However, without the cooperation of all of the card brands, the encrypted data would have to be decrypted --and thereby rendered less secure, prior to transmission to the card brands and their issuing banks. I am hopeful that each of the card brands will ultimately accept encrypted transactions from Heartland and other processors.

We are working on these solutions, both technological and cooperative, because I don’t want any one else in our industry or our customers or their customers - the consumers - to fall victim to cyber criminals. The attacks we face in this country potentially can have substantial consequences but we can learn from our experience and, while we cannot eliminate the risk, we can make cyber theft more difficult. I look forward to continuing to work to beat these criminals and appreciate your help as we continue this battle.

I welcome any questions Members of the Committee may have about my testimony today.

*** As the CEO of a publicly traded company I note that several of the statements in this testimony and that may be made in response to questions relate to events that are expected to occur in the future. The actual outcome of the future events I discuss is subject to risks and therefore, it is possible that the actual outcome of these future events may turn out to be different than the projected outcomes described.

Reblog this post [with Zemanta]

Heartland Gets Beat Up at U.S. Senate Hearing

Heartland on Defense at U.S. Senate Hearing

Eric Chabrow writes on BankInfoSecurity.com:

The ranking member of the Senate Homeland Security and Governmental Affairs Committee told the chief executive of Heartland Payment Systems that she was "astonished" a breach the company's information system lasted for nearly 1½ years without being detected.

At a panel hearing Monday on protecting industry against growing cyber threats, Sen. Susan Collins, R.-Maine, asked Heartland CEO Robert Carr to explain how this delay happened. Carr responded that a breach is usually detected when the processing payer is notified of fraudulent use of cards, and that didn't occur until the end of 2008.

"Isn't there software in the systems to detect such a breach?" Collins asked.

"There is, and the cyber criminals are very good at masking themselves," Carr replied. "To be able to scan systems to determine what the malware is, you have to understand something about the attack vector, and you need to know something about the malware to find it. All of us in the industry go through annual assessments, but the bad guys are working together to get around all those assessment."

Carr told the panel Heartland is taking two major steps to prevent this type of breach to reoccur. Working through the Financial Services Information Sharing and Analysis Center, Heartland and other payment processors established Payments Processing Information Sharing, a forum for sharing information about fraud, threats, vulnerabilities and risk mitigation practices.

More here.

Want to Read the Transcript? 

Report title: PROTECTING AGAINST CYBER ATTACKS- Statement of Robert Carr Chairman and CEO Heartland Payment Systems from CQ Transcriptions  1442 word report published Sep 14, 2009

Price $19.95 available for immediate download HTML

Let me save you $19.95.  Here's a couple quotes I was able to locate from various articles:

Statement of Robert Carr Chairman and CEO Heartland Payment Systems Committee on Senate Homeland Security and Governmental Affairs September 14, 2009...

"Good morning Chairman Lieberman, Ranking Member Collins, and Members of the Committee....
Quote 1:  "I now know that this industry needs to, and can, do more to better protect it against the ever-more-sophisticated methods used by these cybercriminals," Carr told the Senate Homeland Security and Governmental Affairs Committee. "I believe it is critical to implement new technology, not just at Heartland, but industrywide." The purpose of the committee hearing was, in part, to determine whether new legislation is needed to fight cybercrime."

Quote 2: "We are working on these solutions, both technological and cooperative, because I don't want anyone else in our industry, or our customers, or their customers ... to fall victim to these cybercriminals," he said.

Quote 3: "Explain to me how a breach of that magnitude could go undetected for so long."

Quote 4: "Card holders were not reporting major breaches, Carr answered. "The way breaches are normally detected is that fraudulent uses of cards are determined," he said. "There was no hint of fraudulent use of cards that came to our attention until toward the end of 2008."

Reblog this post [with Zemanta]

Elavon Buys Carolina First Bank's Processing Portfolio

Atlanta and Greenville, S.C., Sept. 15, 2009 –– Elavon, a wholly owned subsidiary of U.S. Bancorp (NYSE: USB) and a leading global payments provider, has acquired the merchant processing portfolio of Carolina First Bank, the banking subsidiary of The South Financial Group (NASDAQ: TSFG) that operates as Carolina First Bank in the Carolinas and Mercantile Bank in Florida. Offering industry-leading technology and customer support, Elavon will provide its flexible payment processing solutions to Carolina First Bank’s merchant customers. In addition, under the terms of the 10 year alliance agreement, Elavon will receive new merchant services referrals marketed through the Bank’s 177 banking offices in South Carolina, North Carolina, and Florida.

“Carolina First has a tradition of delivering high-value solutions to its loyal client base,” said Stuart C. Harvey, Jr., CEO of Elavon. “Elavon’s technology, scale and customer service will help insure that Carolina First keeps its more than 20-year service tradition strong for its merchant customers.”

“Merchant processing is an important product offering for our small business and commercial customers,” said Chris Gompper, Executive Vice President – Director of Bank Strategy and Business Segment Performance for The South Financial Group. “Our relationship with Elavon, a company solely focused on merchant services, will enable us to continue delivering robust solutions to our merchant customers with competitive pricing and top quality service delivery.”

Customers of Carolina First and Mercantile will benefit from Elavon’s expanded merchant service offerings including debit and credit card processing, a comprehensive PCI Compliance Program, a choice of point-of-sale devices and software, advanced e-commerce products, gift card solutions, electronic check services, and enhanced reporting and industry-leading customer service.

About Elavon: Elavon’s Global Acquiring Solutions organization is a part of U.S. Bancorp. Elavon provides end-to-end payment processing services to more than one million merchants in the United States, Europe, Canada and Puerto Rico. Elavon has solutions to meet the needs of merchants in specialized markets including small business, retail, hospitality/T&E, health care, education and the public sector. Visit Elavon online at www.elavon.com.

About TSFG: The South Financial Group is a bank holding company focused on serving small businesses, middle market companies, and retail customers in the Carolinas and Florida. At June 30, 2009, it had approximately $12.6 billion in total assets and 177 branch offices. TSFG operates Carolina First Bank, which conducts banking operations in North Carolina and South Carolina (as Carolina First Bank), in Florida (as Mercantile Bank), and on the Internet (as Bank CaroLine). At June 30, 2009, approximately 46% of TSFG's total customer deposits were in South Carolina, 42% were in Florida, and 12% were in North Carolina. Investor information is available at www.thesouthgroup.com .

Source: Company press release.
Reblog this post [with Zemanta]

Did Google Glitch Put a Damper on AltPay?

A Google Checkout Glitch Raises Doubts About Alternative Payments

(September 15, 2009) Digital Transactions News: Google Inc. has apparently fixed a weeks-old problem with its Google Checkout online-payments system that prevented merchants from processing recurring transactions, such as subscription fees. While Google says the little-publicized glitch affected only a small number of merchants, other observers say this and outages experienced by other alternative payment services—such as PayPal Inc.—raise questions about their reliability in comparison to traditional card processors.

The fix for Google Checkout apparently went live Tuesday morning, according to an online forum hosted by the payment service. The forum displays posts from merchants reporting the issue dating back to Aug. 17. In response to questions from Digital Transactions News, a Google spokesperson would not disclose how many merchants were affected by the outage. “I can say it’s a small number,” she says in an e-mail message.

Continue Reading at DTN

Reblog this post [with Zemanta]

Jack Henry Reports Record Remote Deposit Capture Transactions

Monett, Mo., Sept. 15, 2009 -- Jack Henry & Associates, Inc. (NASDAQ:JKHY), a leading provider of integrated technology solutions and data processing services for financial institutions, announced today that its Remote Deposit Capture (RDC) solution continues to set new transaction volume records. RDC is a Web-based electronic payment processing platform that enables businesses to make remote deposits by scanning the checks they receive as payment and converting them into electronic transactions that are processed through the ACH or Check 21 image exchange networks.

Jack Henry & Associates sells its RDC solution to financial institutions and other businesses outside the financial services industry that in turn offer it to their merchant and business customers. This sophisticated RDC solution now supports more than 22,000 merchants and 85,000 merchant locations. RDC is an enterprise-wide solution for Jack Henry & Associates that is sold to the core bank clients supported by Jack Henry Banking(TM), to the core credit union clients supported by Symitar(TM), and to financial institutions outside the company's core client bases and to other diverse businesses by its ProfitStars division.

After a record-setting July, during which more than 11,350,000 RDC transactions were processed, volumes continued to increase and another monthly record was set in August with more than 11,685,000 RDC transactions processed. The collective transactions processed during this two-month period represent in excess of $18 billion.

An all-time daily record was also set on August 3, 2009 when approximately 875,000 transactions were processed, representing in excess of $800 million in collective transaction amounts and approximately 100,000 more transactions than the previous daily record.

Bill Phillips, group president for ProfitStars' Enterprise Payment Solutions (EPS) group, said, "RDC is evolving into a service financial institutions must offer to successfully compete for and retain lucrative commercial customers. This high-demand service generates tangible benefits for our financial institution clients including the ability to expand their reach beyond their traditional markets, enhance their competitive position and customer convenience, increase revenue, and improve operating efficiencies. This convenience-driven service also generates an important benefit for businesses that are concerned about cash flow in the challenging economic environment since RDC expedites funds availability and reduces routine business expenses."

According to David Foss, president of ProfitStars, "We believe the record-setting transaction volumes demonstrate the growing demand for remote deposit capture and the growing acceptance of electronic transactions among diverse merchants and businesses. We also believe that this success is a testament to the sophistication of our transaction processing platform and the hard work and commitment of our EPS group. We are excited about the significant transaction volume increases we are seeing and about the adoption rate among merchants. During the past 18 months, the number of merchants using our RDC solution has more than doubled from approximately 11,000 to more than 22,000. There is tremendous momentum behind our RDC solution which we plan to maintain with aggressive and targeted sales efforts, and by ensuring our RDC solution continues to deploy leading-edge payment processing technology and is backed by distinct service levels."

As a natural complement to its Remote Deposit Capture solution, Jack Henry & Associates also offers Dep@sit(TM), a micro business capture solution that enables small businesses and individuals to deposit small numbers of checks remotely using off-the-shelf home flatbed scanners.

About ProfitStars

ProfitStars, a division of Jack Henry & Associates, Inc., provides best-of-breed solutions that improve the performance of financial institutions of all asset sizes and charters, and diverse corporate entities. These solutions facilitate revenue and growth, risk mitigation and control, and cost control and complement virtually any core information processing platform. Additional information is available at http://www.profitstars.com/ .

About Jack Henry & Associates

Jack Henry & Associates, Inc. is a leading provider of computer systems and ATM/debit card/ACH transaction processing services primarily for financial services organizations. Its technology solutions serve more than 9,800 customers nationwide, and are marketed and supported through three primary brands. Jack Henry Banking supports banks ranging from de novo to mid-tier institutions with information and transaction processing solutions. Symitar is the leading provider of information and transaction processing solutions for credit unions of all sizes. ProfitStars provides highly specialized products and services that enable financial institutions of every asset size and charter, and diverse corporate entities to mitigate and control risks, optimize revenue and growth opportunities, and contain costs. Additional information is available at www.jackhenry.com .

Source: Company press release.

Reblog this post [with Zemanta]

Verifone Forms "Global Security Solutions Business Unit"

San Jose, Calif., Sept. 15, 2009 -- VeriFone Holdings, Inc. (NYSE: PAY) today announced today the formation of its Global Security Solutions Business Unit, focused on delivering innovative security solutions, including VeriShield Protect end-to-end encryption, to protect cardholder data throughout merchant and processor systems.

The business will focus on sales, consulting and implementation of VeriShield Protect and VeriShield Retain, as well as future initiatives aimed at helping retailers and processors protect consumer data and reducing the complexities and costs of PCI compliance. Jeff Wakefield, formerly vice president of marketing for VeriFone's Integrated Systems business, was named general manager and vice president of the new business unit.

"To effectively protect cardholder data against current and future threats, complete security solutions must span both merchant and processor systems,"

said VeriFone CEO Doug Bergeron. "The global focus of this business unit will insure that all our customers are able to take advantage of these solutions throughout their entire operations."

Wakefield has 30 years of experience in senior marketing and general manager roles for retail system and payment solutions companies. He currently serves as a VeriFone representative on the PCI Security Standards Council Board of Advisors and has chaired the SPVA's Security Threat Analysis and Intelligence Working Group.

About VeriFone Holdings, Inc. (www.verifone.com )

VeriFone Holdings, Inc. ("VeriFone") (NYSE: PAY) is the global leader in secure electronic payment solutions. VeriFone provides expertise, solutions and services that add value to the point of sale with merchant-operated, consumer-facing and self-service payment systems for the financial, retail, hospitality, petroleum, government and healthcare vertical markets.

VeriFone solutions are designed to meet the needs of merchants, processors and acquirers in developed and emerging economies worldwide.

Source: Company press release.

Purchasing Cards for University Systems Being Pushed

P-cards to Provide Many Benefits throughout University System

From Commerical Payments International: 

University System of Ohio has selected J.P. Morgan to provide purchasing card services for member institutions. The five-year agreement will help improve cash management, streamline procurement processes, and eliminate costs associated with expensive manual paper-based processes. The agreement is another step in the continued effort to create and improve efficiencies within the University System of Ohio as outlined in the 10-year Strategic Plan for Higher Education.

Both organizations estimate the benefits from the agreement to be very significant. The agreement leverages the group purchasing power of all 14 Ohio public universities and 23 community colleges. Currently, members spend some US$250 million a year using purchasing cards. By adding more universities and colleges to a single purchasing card program, and working with J.P. Morgan to expand the number of vendors that accept card purchases, the University System of Ohio will greatly reduce the time and costs associated with managing high-volume, low-dollar purchases. Studies show that using purchasing cards can save schools an average of US$110 per transaction and reduce procure-to-pay time by six days.

Continue Reading at CPI

Reblog this post [with Zemanta]

RATP Selects Gemalto for Online FrenchTransit Program

RATP Selects Gemalto for Online Top Up of Navigo Passes

Pilot program « Mon e-guichet » launched for public transportation in the Ile-de-France region

Amsterdam, September 15, 2009 – Gemalto, the world leader in digital security, today announced it has been selected by Paris transport company RATP to supply card readers enabling top up of Navigo passes online with « Mon e-guichet » service.

As part of the pilot program, users connect the Gemalto PC Twin Reader to their PC and buy tickets from home - in one click. Gemalto is working alongside RATP to manage the purchase and delivery of PC Twin Readers to end users through its Internet-based sales tool. A preliminary RATP six-month pilot program is now underway in the Ile-de-France region.

Simple, convenient and fast, the « Mon e-guichet » service offers commuters in Ile-de-France greater comfort and a considerable time saving. Users log on to an RATP web portal and to order their reader, they are redirected to a dedicated Gemalto website, which takes care of all the logistics involved in the order. As soon as users receive their reader, they can top up their Navigo pass from their own PC, from home and whenever they want. To test the pilot solution, users have been chosen among the RATP customers who have indicated they are interested in receiving promotional offers.

"We have chosen Gemalto for their highly reliable online sales system,” commented Philippe Martin, RATP Deputy general director - stations, services and sales. “The successful wide-scale deployment of smart cards readers in the UK has demonstrated Gemalto’s ability to provide high-quality logistics services. Its recognized experience in this area was a determining factor in our decision.”

“We are very proud to be able to offer commuters in Ile-de-France a fast and convenient solution for topping up their travelcards whenever they like, from the comfort of their own homes,” added Philippe Cambriel, executive vice president of Gemalto’s Secure Transactions Business Unit. “PC Twin Reader affords them great use comfort, which will simplify their daily lives.”

Gemalto is involved in many ticketing solutions throughout the world and has already supplied more than 120 million contactless travelcards. It has worked on projects for the following countries: Belgium, Brazil, Chile, China, France, Italy, Malaysia, Mexico, the Netherlands, Portugal, the United Kingdom and the United States.

About Gemalto

Gemalto (Euronext NL 0000400653 GTO) is the world leader in digital security with 2008 annual revenues of €1.68 billion, and 10,000 employees operating out of 75 offices, research and service centers in 40 countries.

Gemalto is at the heart of our evolving digital society. The freedom to communicate, travel, shop, bank, entertain, and work—anytime, anywhere—has become an integral part of what people want and expect, in ways that are convenient, enjoyable and secure.

Gemalto delivers on the growing demands of billions of people worldwide for mobile connectivity, identity and data protection, credit card safety, health and transportation services, e-government and national security. We do this by supplying to governments, wireless operators, banks and enterprises a wide range of secure personal devices, such as subscriber identification modules (SIM), Universal Identity Circuit Cards (UICC) in mobile phones, smart banking cards, smart card access badges, electronic passports, and USB tokens for online identity protection. To complete the solution we also provide software, systems and services to help our customers achieve their goals.

As the use of Gemalto’s software and secure devices increases with the number of people interacting in the digital and wireless world, the company is poised to thrive over the coming years. For more information please visit www.gemalto.com.

Reblog this post [with Zemanta]

Monnet Should Be Ready for 2010 Launch

Visa and MasterCard might have a new member of their dynamic duo sooner rather than later...or will Monnet paid Visa and MasterCard into a corner?

As I stated in an earlier post, Monnet is a project designed to provide European's with a independent debit system to that of Visa and MasterCard.
  Deustche Bank and the European Central Bank created Monnet, an alternative pan-European Debit System  to challenge the dynamic duopoly known as Visa and MasterCard.

Fact: Europe has already converted to Chip and PIN, and because the US has not yet made the shift, Europe is seeing an enormous increase in "Card Not Present" fraud.|

One of the underlying reasons for that "enormous increase" is that Visa and MasterCard push the less secure "signature debit" over the more secure "online (PIN) debit"   Signature Debit requires only the Primary Account Number...thereby opening a door for fraudsters to clone European Cards and use them in "Card Not Present" environments, i.e. "the web."

Keep in mind that HomeATM closes that door tight, by eliminating "card not present" transactions entirely...with the only PCI 2.x Certified 2FA 3DES E2EE PIN Entry Device in two hemispheres.  (Type = CNP     Swipe = Card Present)

Think about it.  Even if the US were to switch over to Chip and PIN, it would not address the problems we are having with web-based transactions.  What would?  Swiping the card and converting the transaction into a "card present" one.  Of course it doesn't hurt that HomeATM already has an EMV ready PIN Entry Device which would read the integrated chip on smart cards and provide PIN Entry.  

Either way, until online shoppers are instructed to "swipe" vs. "type" all the solutions provided by all the solution providers in the world won't address eCommerce transactions.  You must capture the data on the magnetic stripe or on the integrated chip/smart card.  You cannot do that when you type.  All that does is create a card not present environment...and card not present transactions create card not present fraud.   

Retail based solutions, such as Chip and PIN, Contactless TAP and GO, RFID, NFC etc are not designed for use on the web.   All the aforementioned solutions require that the card be present.  Tap what and go?  The card.  Chip and PIN requires a Chip and PIN "card" Reader.  NFC requires an RFID enabled "card." 

What does the web require?  Typing your number into a box.  Try walking into a store and writing a credit/debit card number onto a piece of paper and handing it to the clerk saying this is all  I have.  It works on the web right?  Because in effect, this is what online shoppers are doing every day.   

Anyway...back to Monnet:  

I just read that
Monnet – the planned pan-European debit network that aims to challenge Visa and MasterCard – is set to be completed in November of 2009. 

Bernard Dutreuil, The head of systems and the means of payment unit at the French Banking Federation (FBR), told delegates at a cards and payments conference held by the European Financial Management and Marketing Association (EFMA) that Monnet should be ready for launch from 2010.

As reported earlier on the PIN Payments News Blog (see related posts below) a number of French and German banks are involved in the Monnet project, including Deutsche Bank, Deutsche Postbank, Commerzbank, WestLB, Banque Populaire, Caisse d'Epargne, La Banque Postale and Société Générale.

From  Lafferty Cards Insider:  (subscription link provided below)

"According to Dutreuil, Monnet is the ‘right answer’ for Europe and allows banks and payment players to fully embrace the Single Euro Payments Area (SEPA): “The international card schemes are quite profitable and we need to end reliance on them. To stay independent, we need an alternative to the existing profit-oriented international card schemes.”

Other Pan-European cards schemes, such as the Euro Alliance of Payment Schemes (EAPS) and PayFair, also aim to compete against the dominance of Visa and MasterCard.

EAPS chairman Ugo Bechis said the best way to build a new European scheme is to build on the ones that exist already. While there may be a single European payments scheme in the future, Bechis said that in the next three to five years, it would be more logical to build on and extend the capabilities of the current domestic schemes.

During his presentation at the EFMA conference, Dominique Buysschaert, the CEO of PayFair, stressed that the technical infrastructure for the PayFair scheme is ready and discussions are well underway with market participants in Germany and France. PayFair is scheduled to be piloted in Belgium in October.

Buysschaert also rejected suggestions that PayFair is a retailer-led scheme. “We have a neutral position”, he said."

Related Posts:

Aug 13, 2009
MasterCard Inc. and Visa Europe could face competition in the coming years from new European-centered payment card networks such as Payfair and Monnet. Belgian retailer Colruyt Group is planning to begin testing the Payfair debit card ...

Jul 10, 2009
I would suspect that Monnet would be based on the Chip and PIN system, which is more secure than what Visa and MasterCard have been pushing with their signature debit. I have long said that signature debit should be scrapped in it's ...

Jul 14, 2009
Several major French and German banking companies are said to be backing the Monnet debit card, and said last week that they expect to create a company then that would focus on building a payments network. See "Is Monnet Painting Visa into a Corner?

Reblog this post [with Zemanta]

World Bank Report: Financial Infrastructure: Building Access Through Transparent and Stable Financial Systems

According to the International Finance Corporation (IFC) World Bank's new report shows that emerging markets have vast potential for financial services...

A new report from IFC and the World Bank shows by focusing on building and reforming credit reporting, collateral registries, and payment and securities systems, more than half the population in emerging markets could have access to financial services within 10 years and enjoy financial transaction cost reductions of nearly 80 per cent, said an IFC statement

More from the IFC Website:

"Financial institutions process payments, check a potential borrower’s past experiences with credit and evaluate the suitability of a security interested to be used for a loan. Consumers pay bills, buy houses, and save for retirement – all of these formal financial transactions rely on a foundation of institutions, information, technologies, and rules and standards which enable financial intermediation.

These underlying systems of financial infrastructure are analyzed in a new report "Financial Infrastructure: Building Access Through Transparent and Stable Financial Systems" drawing on efforts of the World Bank Group in payment and securities settlement systems, remittances, credit reporting, and secured transactions and collateral registries, with recommendations for reform to make the system more efficient and reliable reducing costs and increasing access to financial services."  (Figure 3 from their report)

  • Financial infrastructure touches at least every 5th person in emerging markets. Today, credit bureaus cover 390 million people, remittances over 700 million and payment systems 1 billion. In financial terms, bureaus support nearly $800 billion worth of credit and the value of remittances reached $328 billion in 2008.

  • Efficient financial infrastructure allows for cost reductions of up to 75% or more in transactions costs for credit evaluations, collaterizing loans, remittances and payments.

  • Improvements in financial infrastructure have the potential to enable access to financial services for half the population in emerging markets in the next 10 years.

Reblog this post [with Zemanta]

EastNets Announces Real Time Fraud Solution at SIBOS

HONG KONG--SIBOS 2009 -- PIN Payments News Blog-- EastNets (www.eastnets.com),a leading global provider of  compliance and payments solutions and services 
for financial institutions and corporates, announced the introductionof its new fraud solution delivering real time fraudrevention and management to meet the growing
threat of online, ATM, wire and credit card fraud. The new anti-fraud offering, en.SafeWatch Fraud, is part of EastNets` comprehensive enterprise compliance
management framework, offering financial institutions a single integrated environment to improve risk protection, meet global regulatory requirements, and
streamline operational efficiencies to increase profitability.

"The requirements to provide faster payments and seamless STP, while improving the speed and convenience of customer services, can introduce new vulnerabilities and risks to financial institutions, including fraud. Accurate real-time prevention and risk assessment are vital to help financial institutions identify fraudulent activity and block transactions to immediately protect against fraud losses," said Hazem Mulhim, CEO of EastNets. "We are pleased to be introducing a new fraud solution that complements our anti-money laundering solutions used today by over 350 customers. EastNets` combined portfolio of solutions can now help our customers and financial institutions benefit from an integrated enterprise compliance and risk environment."

"Convergence toward a unified framework for both compliance and fraud systems, by combining processes and technologies, creates an opportunity for financial institutions to benefit from improved risk control, reduced complexity and a more cost-effective enterprise risk and compliance environment," said Neil Katkov, Senior Vice President of Celent's Asia Research Group. "With EastNets` proven experience and significant global customer base for its real time watchlist filtering and anti-money laundering solutions, the addition of a fraud offering takes EastNets to the next level to help financial institutions effectively manage risk and compliance across their enterprise." EastNets` en.SafeWatch Fraud solution provides real time SWIFT-ready fraud prevention and management, monitoring multiple sources across multiple channels and regions. en.SafeWatch Fraud, prevents online, ATM, wire and credit card fraud, and is seamlessly integrated with EastNets` top ranking anti-money laundering solutions (AML) for real time watchlist and sanctions filtering, and suspicious activity monitoring and detection. EastNets` enterprise compliance management framework, encompassing its anti-fraud and AML solutions, also includes Know Your Customer (KYC) controls, robust case management, regulatory and management reporting, risk assessment and scoring, and enables financial institutions to aggregate data and processes across fraud and AML silos. Over 1,000 clients in 120 countries work with EastNets solutions to improve risk protection, streamline operational efficiencies, and meet global regulatory demands. As with EastNets` watchlist filtering and customer profiling solutions, the new fraud solution offers multiple data source connectors to easily adapt to a financial institution`s specific business processes including:

  • SWIFT Alliance Connector

Delivers seamless integration with your existing SWIFT environment through

attaining a "SWIFT Ready Application" label from SWIFT; ensures real time fraud

monitoring of both incoming and outgoing SWIFT messages and immediately prevents

the emission of suspicious messages into the SWIFT Network.
  • File Connector

Scans transactions stored in data / transaction files irrespective of their size

and formats. It ensures quick and powerful scanning by offering optimizations

like parallel scanning, which allows multiple scan processes and batch checking.

The flexible configuration of this connector allows en.SafeWatch Fraud to work

with almost any file format imaginable.
  • MQ-Series

Provides transaction screening facilities to MQ-compatible external systems,

such as core banking or middleware applications. This module uses IBM MQ-Series

middleware to enable communication between the external system and the

en.SafeWatch Server.
  • Web Services

Provides transaction screening facilities by means of Web Services to integrate

and communicate with external systems, such as core banking or middleware

About EastNets

EastNets is a leading provider of global compliance and payment solutions and
services with over 1,000 customers in 120 countries. Founded in 1984, EastNets
has over 25 years of experience serving financial institutions, corporates and
government agencies around the globe. EastNets provides anti-money laundering,
payment and transaction management solutions, and SWIFT plug-ins to add value to
SWIFT connectivity to improve risk protection, transparency, and cost savings.
Through its outsourced fully-hosted Service Bureau, EastNets provides SWIFT
connectivity and add-on services for over 200 financial institutions. For more
information, please visit www.eastnets.com.

Alison Holland, 508-287-4939

Reblog this post [with Zemanta]

Disqus for ePayment News