Wednesday, November 25, 2009

Wells Fargo Offers Online Banking Tips for Fraud Prevention to Keep Holidays Happy

SAN FRANCISCO--(BUSINESS WIRE)--To kick off the holiday shopping season, Wells Fargo (NYSE: WFC) is offering tips to help consumers shop safely, whether in person or online.

Before I share it, let me explain the reason for doing so in the first place.  Instead of providing myriad tips on how to protect your sensitive data, there's only one that works.  Don't Type ANYTHING you want to keep private into a box on ANY website.

“We want to remind shoppers that there are ways to protect themselves,” said Lisa H. Robinson, senior vice president, Wells Fargo Internet Services Group.  Editor's Note:  Yes there are.  But you won't find a bullet-proof solution from the recommendations below.  I'm not singling out Wells Fargo.  I'm talking Username: Password: here...

“Traditionally, the day after Thanksgiving is one of the busiest shopping days of the year and marks the kick-off of the holiday season.” Customers braving the crowds to shop over the Thanksgiving holiday should remember these tips before heading out the door:

  • Take the paperless route with online banking: The 2009 Identity Fraud Survey Report from Javelin Strategy & Research shows that some thieves still do it the old-fashioned way—by stealing bank or credit card statements from the mailbox. Reduce your risk of stolen mail by picking up mail promptly and switching to online statements.

  • Monitor your activity: Financial institutions such as Wells Fargo use sophisticated systems to track purchasing and transaction habits so irregularities can be flagged. Register for email or mobile alerts so you can stay informed.

According to Forrester Research Inc.'s independent report, “US Online Holiday Retail Forecast, 2009,” analysts expect online retail sales to reach $44.7 billion during the months of November and December 2009, an eight percent increase over 2008. If you’re logging on to shop, keep these tips on hand:

  • Protect your computer from malware: Crooks are getting smarter with phishing and malware scams. Make sure your computer has the most up to date virus prevention and don’t download any attachment or plug-in without ensuring it is from an authorized site. When making purchases, be sure the website address starts with “https://...” The “s” helps ensure that your information will be passed along in a secure manner.

    Well that's easier said than done.  Based on recent reports that  "50% of American's don't even know what phishing is" telling them to protect their computer from malware,  which, by the way, should be named Mal-every-ware...because it a tall order.  Especially since some online banking trojans, such as Zeus, evade detection from even the most up-to-date anti-virus programs.  Why not simply "ELIMINATE" the threat of Phishing ENTIRELY.  Swipe, Encrypt, Transmit and there's nothing to phish phor. 

    Oh...and that last part about Https?  It should be  htt"bs" because SSL is flawed...(see related articles below)  (or Google SSL Flawed)

  • Don’t believe in offers that seem to good to be true* No one wants to be cynical during the holidays, but if something seems too good to be true, it probably is. Watch out for email scams or suspicious messages and report any that may pose to be from your financial institution and report those that try to look like your financial institution to your bank or credit card company.

    *Unless you see one that says:  Open an online banking account with Wells Fargo and we'll provide you with a FREE HomeATM PCI 2.x Certified PIN Pad so you can sign on to your online banking session the same trusted way you access cash at an ATM...cause I guarantee the bad guys wouldn't want to send you something that will hurt their ability to steal your hard-earned money.

  • Be careful what you share: Unless you initiated the interaction, do not provide sensitive financial information over the Internet or phone, including Social Security numbers, passwords, personal identification numbers (PINs) or account numbers.

  • Editor's Note:  That's weird.  In order to open a Wells Fargo online banking account you have to "TYPE IN" your "sensitive financial information" into a browser.  (including your Social Security number AND your Card Number)  See Screen Shot below of Wells Fargo online banking log-in page.  To be fair, they did say "unless you "initiate" the interaction...although hundreds of security experts would disagree.  What if it was a phishing attack that incorporated a cloned website?  What if your PC had an online banking trojan.  Here's my holiday tip.  Never Type...anything sensitive into the browser space.

    • Editor's Note:  OR...simply tell your bank that you want a PCI 2.x Certified PIN Entry Device so YOU can Swipe your card information instead of the bad guys doing it.  Sure it will cost your bank money, but it will save them more.  Unlike the hundreds of "useless banking promotions" you see now and which cost the bank more than what giving away our device would.  So tell your bank to "bite the bullet" and provide a "bullet proof" solution for online banking security.  Call it HAAS.  (Hardware As A Service)

“Education and awareness are important tools to make sure this really is the most festive time of the year,” said Teddy De Rivera, executive vice president, Wells Fargo Internet Services Group. “Whether customers are shopping online or off, keep the following steps in mind to make sure accounts stay problem-free.”

  • Check your list twice: Review your account activity regularly, especially during big shopping trips. Enroll in mobile banking to check your balance and transactions while on the go, or check your purchase activity online as soon as you get home. Sign up for transaction alerts on your debit or credit card which will notify you of transactions over your threshold.

  • Be aware of your surroundings: Cover the pin pad when you enter your pin number. Do not repeat sensitive financial information where it could be overheard.

  • Ensure you're protected in case of loss or theft: Wells Fargo guarantees that its customers will be covered for 100% of the funds in their Wells Fargo account in the unlikely event that someone you haven’t authorized removes those funds through Wells Fargo Online® or Wells Fargo Business Online®. Customers are responsible for protecting their password and account information and for providing prompt notification of an unauthorized transaction. Customers can visit for how the guarantee works.

  • Ensure your cards are covered: Wells Fargo cardholders are also protected by the built-in WellsProtect® program, which provides zero liability if a card is ever used without the customer’s permission when promptly reported.

  • Know your credit report: Review your credit report at least once a year, looking for suspicious or unauthorized transactions. You can get a free credit report once a year from each of the three major credit bureaus at the AnnualCreditReport web site.

Wells Fargo’s Fraud Information Center ( located on Wells Fargo’s public web site provides fraud prevention tips for all shoppers to learn about fraud and take action to ensure that the New Year starts off right by taking some simple precautions.

Wells Fargo maintains multiple layers of security to protect customers, their accounts and their information. Wells Fargo's layered approach to online security extends beyond a unique username and password, 128-bit encryption for online banking, bill pay, a powerful firewall, technology updates, and continuous surveillance. Wells Fargo uses a combination of front-end and back-end controls (, and continuously evolves its security activities in response to the changing environment as well as customer needs.

About Wells Fargo & Company

Wells Fargo & Company is a diversified financial services company with $1.2 trillion in assets, providing banking, insurance, investments, mortgage and consumer finance through more than 10,000 stores and 12,000 ATMs and the Internet ( across North America and internationally.

Reblog this post [with Zemanta]

Citibank China Opens Hi-Tech Banking Branch in Shanghai

Citibank, N.A.Image via Wikipedia

Shanghai, November 25, 2009 – Citibank (China) Co. Ltd. (“Citibank China”) opened a new high-technology sub-branch in Xintiandi, Shanghai today designed to provide a unique customer service experience among banks in China. The sub-branch was opened at a ceremony attended by Mr. Jonathan Larsen, Citi’s Head of Consumer Banking & Global Cards, Asia Pacific, Mr. Andrew Au, Chief Executive Officer of Citi China, and Mr. Anand Selva, Country Business Manager of Consumer Group, Citibank China

Mr. Jonathan Larsen said, “The opening of this high-technology sub-branch in Shanghai marks a new era for retail banking in China. We believe it will provide Citibank customers with a superior banking experience, and its opening reflects our intent to be the most innovative, customer-focused international bank in China.”

Mr. Andrew Au said, “Citi is committed to continued investment in our network around China, and this includes deepening our presence in the cities in which we already operate. We are delighted to be opening this world-class sub-branch which is helping to redefine how banks interact with customers in China.”

The Citibank Xintiandi sub-branch has been designed to cater to the changing needs and lifestyles of Citibank customers. Key attributes of the new sub-branch include:
  • Wi-Fi enabled – the sub-branch is first Citibank outlet to be fully Wi-Fi enabled, allowing customers to go online while inside the outlet using their mobile devices (laptop, cell phone, PDA, etc).

  • Internet kiosks – dedicated and state-of-the-art complimentary kiosks are available for customers to browse the Internet.

  • Touch screens – a number of interactive touch screens are available that enable customers to easily view at their own leisure Citibank’s latest product and service offerings, latest news relating to Citibank, and a range of other information at the touch of a finger.

  • Live interactive video phones – customers seeking additional expert opinion in relation to a particular financial need have the ability to consult with Citibank China specialists at another location on a real time basis using video phones.

  • Wallboard screens and Tablet PCs – wall board screens ensure an uncluttered working environment and a more interactive customer service experience allowing customers to see everything their personal banker sees. In addition, wireless tablet computers provide added convenience, mobility and flexibility during customer interactions.

  • Interactive multimedia – High resolution LCD TV integrated media contents of CBN news, latest Citibank product & service posters and text lively updated via centralized media content management system.

  • Soft phones – the sub-branch uses wireless phones for all staff while providing complimentary use of mobile phones for its customers.

The new sub-branch will also be Citibank’s first retail outlet in China to be submitted for LEED (Leadership in Energy and Environmental Design) certification. LEED is an internationally recognized green building certification system, providing third-party verification that a building was designed and built using strategies aimed at improving performance across all the metrics that matter most: energy savings, water efficiency, CO2 emissions reduction, improved indoor environmental quality, and stewardship of resources and sensitivity to their impacts.

Environmentally-friendly aspects of Citibank’s Xintiandi sub-branch include:

  • Materials: all carpet at the sub-branch is LEED certified and recycled wooden material has been used for interior finish.

  • Water efficiency: water efficiency equipment has been installed to reduce water consumption at the sub-branch.

  • Fresh Air: an additional fresh air system has been installed to improve indoor air quality.

  • Lighting efficiency: through a 15% reduction in lighting power density and using energy efficiency bulbs, power consumption relating to lighting is expected to fall by 40%.

  • Equipment: more than 80% of the equipment used at the sub-branch meets or exceeds the Energy Star standard.

The new Xintiandi outlet is a full service one, providing foreign currency and RMB products and services. Like all other Citibank retail outlets in China, the new outlet offers both Citibank and Citigold services. Customers using the Citibank service, which requires a minimum balance of RMB80,000, will be provided with a choice of a comprehensive range of services to manage their wealth. Services provided include savings, deposits and investment products (including Premium Accounts, Structured Investment Accounts and QDII products); ATM/debit cards; mortgage loans in multiple currencies; insurance products designed to protect, grow and transfer wealth; unsecured personal loans and remittance services. Customers can also conduct their banking at their convenience through the multiple electronic channels such as online banking, mobile banking, 24x7 phone banking and fax banking.

The outlet also features a Citigold Service Center, designed to provide leading wealth management services. The Citigold offering, which requires a minimum balance of RMB500,000, is distinguished by factors that include:
  • Dedicated relationship managers supported by a team of product specialists

  • Personalized banking products and services

  • Access to award winning global research, market outlook, latest financial developments and dedicated information channels

  • Unique proprietary tools such as Citigold Financial Needs Analysis

  • Membership rewards and privileges

  • Citigold customers also benefit from Citi’s global presence with worldwide Citigold VIP recognition, courtesy access to world wide Citigold centers, overseas account opening referral, overseas emergency cash up to USD10,000, overseas Citigold preferential FX rate and fee charge, worldwide toll-free home connection service hotline and Citigold International SOS Healthcare Services, etc.

The Xintiandi outlet houses 12 retail banking professionals including Citigold Relationship Managers and Personal Bankers, trained and certified to provide premium banking services. It is located at Unit F, No. 222, Ma Dang Road, Xintiandi, Shanghai.

Citibank’s high technology sub-branch comes shortly after the launch of its new mobile banking capability in China. The new service, known as Citi Mobile, is the first to be offered by an international bank in China, and allows customers to access online banking services using their mobile phone anytime, anywhere.

100,000 Cards Being Replaced After Car Park Hack in Auckland

More than 100,000 credit cards are being replaced as a result of thieves hacking into payment machines at the Downtown carpark in central Auckland.   Auckland IT consultant Steven Ellis yesterday said service desk staff at ASB Bank told him that his new credit card was one of more than 100,000 Mastercard and Visa cards banks were replacing because of the scam.

Last night, Bankers' Association chief executive Sarah Mehrtens said everyone who used a credit card or debit card at the Auckland City Council-owned carpark would have it replaced.  She said she did not know how many people were affected.

ASB, Westpac Bank - which is investigating the fraud - Mastercard and Visa are refusing to reveal the scale of the problem.

Continue Reading

Tony Wai's card details were used fraudulently to buy goods worth $900 in Arizona. Photo / Richard Robinson

Tony Wai's card details were used fraudulently

to buy goods worth $900 in Arizona.

Photo / Richard Robinson
Reblog this post [with Zemanta]

Payments Fraud Reduction Key Driver for Adoption

Smart Card Alliance: News and Information
Smart Card Alliance Study on EMV/Chip in Brazil and Mexico Finds that Payments Fraud Reduction is Top Driver for Adoption

Organizations to host webinar to discuss findings

November 25, 2009

Reducing payments fraud is the top driver for issuers and acquirers to adopt EMV/chip in Brazil and Mexico, according to a new study from the Smart Card Alliance Latin America (SCALA), produced in participation with Visa Inc., available for sale today. Other important findings: respondents are also driven to adopt EMV/chip cards in order to position themselves as innovators and technology leaders, and they all expect to have 100 percent of their credit and debit card portfolios migrated to EMV/chip within one to five years. 

SCALA and Visa commissioned First Annapolis Consulting to survey issuers and acquirers in Brazil and Mexico on the current state of EMV migration and the long-term growth of the EMV market. The resulting report, “EMV Migration Study and Market Analysis on Mexico and Brazil,” is available for purchase by both Smart Card Alliance members and non-members by visiting 

The organizations will host English, Portuguese and Spanish language webinars on the study findings.  The English language webinar will take place on December 1st at at 11:00 A.M. eastern standard time, while the Portuguese and Spanish webinars will take place on December 8th at 11:00 A.M. eastern standard time and 12:00 P.M. eastern standard time, respectively.  Registration for the webinars is available at


“With the global payments industry migrating to chip technology for credit and debit cards, it’s important to understand the drivers and best practices for implementation. Mexico and Brazil are ideal markets to study, as they are well on their way to full migration,” said Edgar Betts, associate director, Smart Card Alliance Latin America. “The number of respondents that said fraud reduction is the main driver for adoption was overwhelming; almost all survey respondents claim a marked reduction in overall fraud rates, particularly with domestic counterfeit fraud. We also found it exciting that the respondents see contactless, loyalty programs, and multiple applications as a natural evolution for the cards.”

In addition to the detailed review of the adoption drivers, the report also reviews implementation considerations, migration strategies, business impact and evolution for Brazilian and Mexican issuers and acquirers. The study forecasts the size of the EMV/chip market in Brazil and Mexico through 2015, including chip cards, point-of-sale terminals and transactions.

“Visa has been spearheading the migration to EMV/chip worldwide as a solution to prevent fraud, especially card skimming, but also as a great platform for added services,” said Jurgen Wassmann, head of emerging products and channels for Visa Latin America and the Caribbean. “In the markets where issuers, acquirers, merchants, brand networks, industry groups and the government collaborate, EMV/chip adoption efforts have accelerated the fastest.”

The study reports results from surveys and interviews with 13 issuers and acquirers in Mexico and Brazil, which captured perspectives from a wide variety of organizations that had direct experience with implementing EMV/chip cards. The study addresses these questions and more:

  • What were the key factors influencing the adoption of EMV/chip cards and EMV-compliant merchant terminals for issuers and acquirers in Mexico and Brazil?

  • What challenges were encountered during the EMV/chip migration process?

  • How are organizations leveraging EMV/chip technology to improve performance, introduce new products and services, and capture new market opportunities?

  • What is the "next wave" in the evolution of the EMV market?

  • What is the business impact of EMV/chip adoption for issuers and acquirers?

    What is the EMV/chip market size in Mexico and Brazil through 2015?

For more information on “EMV Migration Study and Market Analysis on Mexico and Brazil” and webinar from SCALA and Visa, please visit

About the Smart Card Alliance Latin America (SCALA)

The primary mission of the Smart Card Alliance Latin American chapter is in line with the overall goal of the Alliance: to stimulate the understanding, adoption, use and widespread application of smart cards.  The Alliance plans to use specific projects such as bilingual education programs, market research, advocacy, industry relations and open forums to keep Latin American chapter organization members connected to industry leaders and innovative thought.

About the Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology. 

Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought.  The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America.  For more information please visit

About Visa Inc.

Visa Inc. operates the world's largest retail electronic payments network providing processing services and payment product platforms. This includes consumer credit, debit, prepaid and commercial payments, which are offered under the Visa, Visa Electron, Interlink and PLUS brands. Visa enjoys unsurpassed acceptance around the world, and Visa/PLUS is one of the world's largest global ATM networks, offering cash access in local currency in more than 200 countries and territories. For more information, visit

About First Annapolis

First Annapolis is a management consulting firm focused on the financial services industry, with specialties in merchant acquiring, electronic commerce, credit card issuing, commercial card and  private label card programs, and mortgage banking.  With over 50 professionals, First Annapolis specializes in advising clients on strategic and tactical matters across all major payment products and services including credit cards, deposit access products, and commercial payment vehicles. First Annapolis brings an unparalleled level of expertise in traditional and emerging payment market segments.  For more information, visit


Contact: Deb Montner, Montner & Associates, 203-226-9290,

Reblog this post [with Zemanta]

2009 Computer Crime and Security Survey Out Next Week

CSI's Annual Crime and Security Survey will be released December 1st in conjunction with this Webcast. 

Respondents reported significant jumps in the incidences of:

Financial fraud:  19.5 percent, over 12 percent last year (avg: $450,000)

Malware Infection:  64.3 percent, over 50 percent last year;

Denials of Service:  29.2 percent, over 21 percent last year,

Password Sniffing: 17.3 percent, over 9 percent last year); and

Web site Defacement: 13.5 percent, over 6 percent last year.

CSI Computer Crime & Security Survey Webcast

Date: Tuesday, December 1, 2009

Time: 11AM PT/ 2PM ET

Duration: 60-minutes

The CSI Computer Crime & Security Survey is the world's most widely quoted research on computer crime. This webcast, moderated by CSI Director Robert Richardson, will feature survey project leader and CSI senior editor Sara Peters, who will discuss the findings of the 2009 Survey and what they mean.  

Peters will discuss the incidence of unauthorized access, attack sources and types, the financial impact on organizations and actions taken. She will also discuss the economic decisions organizations make regarding computer security, and the way they manage the risk associated with security breaches. The presentation will also present some findings from the premium version of the survey report, generally only available to CSI members.

Featured Speakers

Sara Peters, Senior Editor, CSI

Senior Editor Sara Peters joined the Computer Security Institute in 2005, taking on a security beat that includes both policy issues (like Web vulnerability disclosure legislation and the compliance in the cloud) and technological issues like virtualization and browser security). Additionally, Sara founded the CSI Working Group on Web Security Research Law and authored the group’s inaugural report.

Prior to her work in information security, she served as associate director of communications at Princeton University's School of Engineering and Applied Science, writing and editing their quarterly magazine. She began her reporting career in a small newspaper chain after graduating from Rutgers University with a B.A. degree in journalism.

Robert Richardson, Director, CSI

Robert Richardson has served as Director at CSI since 2003, having worked IT in various capacities for twenty years. He's given keynote presentations on three continents, often speaking about the CSI Computer Crime and Security Survey.

Prior to CSI, Richardson served as Senior Editor of CMP's Communications Convergence magazine for two years and has contributed to magazines and Web publications such as Ziff-Davis Internet Computing, BYTE, Network Magazine, and Small Business Computing. Based outside Philadelphia, he occasionally serves as an adjunct teacher of computer science at Swarthmore College.

VeriSign to Present at Two Tech Conferences

SOURCE: VeriSign, Inc.

Nov 24, 2009 16:15 ET

VeriSign to Present at the Credit Suisse Annual Technology Conference and the Barclays Capital Global Technology Conference

MOUNTAIN VIEW, CA--(Marketwire - November 24, 2009) - VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services, announced that Mark McLaughlin, president and chief executive officer, will speak at the Credit Suisse 2009 Annual Technology Conference in Phoenix on Tuesday, December 1 at 9:00 a.m. (MST). Additionally, Brian Robins, chief financial officer, will speak at the Barclays Capital 2009 Global Technology Conference in San Francisco on Tuesday, December 8 at 4:30 p.m. (PST). During the presentations, recent company performance and business initiatives will be discussed. Both presentations will be available via live webcast at Replays of both webcasts will also be available at after the events for a limited period of time.

About VeriSign

VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at

Nobody Knows About This

By Diane Bartz and Jim Finkle via Reuters

Cyber breaches are a closely kept secret

WASHINGTON (Reuters) - Cybercriminals regularly breach computer security systems, stealing millions of dollars and credit card numbers in cases that companies keep secret, said the FBI's top Internet crimes investigator on Tuesday.

For every break-in like the highly publicized attacks against TJX Co (TJX.N) and Heartland Payment (HPY.N), where hacker rings stole millions of credit card numbers, there are many more that never make the news.

"Of the thousands of cases that we've investigated, the public knows about a handful," said Shawn Henry, assistant director for the Federal Bureau of Investigation's Cyber Division. "There are million-dollar cases that nobody knows about."

Companies that are victims of cybercrime are reluctant to come forward out of fear the publicity will hurt their reputations, scare away customers and hurt profits. Sometimes they don't report the crimes to the FBI at all. In other cases they wait so long that it is tough to track down evidence.

"Keeping your head in the sand on filing a report means that the bad guys are out there hitting the next guy, and the next guy after that," Henry said.

He said the cybercrime problem has gotten bigger over the past three years because hackers have changed their attack methods as companies have tightened up security.

"It's absolutely gotten bigger, yes, absolutely," he said.

That is because the Internet is rapidly growing as a tool for commerce. As it does, consumers and companies alike are exposing valuable data such as business plans, credit card numbers, banking information and Social Security numbers.

"There are hundreds of billions of dollars that traverse the Internet," he said.


Cybercriminals are now looking beyond large companies, which in the past 10 years have bolstered security on their networks using products from software companies including Symantec Corp (SYMC.O), McAfee Inc (MFE.N) and Trend Micro Inc (4704.T). Cisco Systems Inc (CSCO.O), International Business Machines Corp (IBM.N) and Websense Inc (WBSN.O) also sell products to protect computer networks.

Instead criminals are attacking small and medium-sized companies that don't have the inclination, money or expertise to prevent cybercrime.

They also target corporate executives and other wealthy public figures who it is relatively easy to pursue using public records. The FBI pursues such cases, though they are rarely made public.

On November 4, the FBI warned of major fraud cases involving the theft of online banking credentials belonging to small and medium-sized businesses, local governments and school districts.

In this case, as in others, people hired through work-at-home schemes were used to move the money overseas.

A similar approach was used in a scheme that defrauded the Royal Bank of Scotland's (RBS.L) RBS WorldPay of more than $9 million. A group, which included people from Estonia, Russia and Moldova, has been indicted for compromising the data encryption used by RBS WorldPay, one of the leading payment processing businesses globally.

The ring was accused of hacking data for payroll debit cards, which enable employees to withdraw their salaries from automated teller machines. More than $9 million was withdrawn in less than 12 hours from more than 2,100 ATMs around the world, the Justice Department has said.

Henry said that it was relatively inexpensive to pull together a cybercrime organization.

Some groups consist of a core of just about a dozen people -- including strategists, hackers and programmers -- who can get started with a budget of a few thousand dollars to set themselves up with computers and broadband access.

When they are ready to launch an attack, they might hire hundreds more people who help them launder the money. Known as "money mules," these people are often found through "work-at-home" schemes, where they are hired to cash checks for a few thousand dollars, keep a percentage and send the rest back to the core group.

"I think that there are people who are ignorant completely and others who have their head in the sand," said Henry.

Editor's Note:  I respectfully agree!

Reblog this post [with Zemanta]

Disqus for ePayment News