Saturday, December 19, 2009

Quote of the Day

According to a new report from Gartner:

Computerworld - Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.

In Germany, those OTPs are typically called TANs (for 'transaction authentication numbers'). Some banks even dispatch such TANs to the user's mobile phone via SMS, in which case they are called mTANs (for 'mobile TANs').

Millions of online banking customers in Europe use a hardware device to authenticate themselves.. Most of these hardware devices use OTP's, which "are no longer enough to protect online banking transactions" So there you have it.

There are a whole lot of devices that need replacing...

  • Todos uses OTP's

  • RSA uses OTP's

  • Vasco uses OTP's

  • Barclays PIN Sentry uses OTP's

  • the list goes on...

The EMV Version of HomeATM's PCI 2.x Certified PIN Entry Device would allow the online banking customer to insert their smart card into the EMV reader and Enter their PIN to authenticate the user. (existing cards, PINs and bank rails) It would also enable a "real-time" P2P Money Transfer offering and of course, secure eCommerce as it's never been secured before...

Barclays PIN Sentry is a One Time Password (OTP) Generating Device
Here's an interesting read From "Ranting About Barclays on Two Levels"

"I answered the first question "do you have your PINSentry through the post yet?" with a satisfied 'yes', and was then told to put my card into the slot and enter my pin, and enter the resulting 8-digit code into the website. That's it. No "here's a number, enter it into your device, encrypt it with your pin and enter the signed version back into the website", nothing.

So effectively, the PINSentry is just one of those time-based OTP token devices
, only with a little bit of extra security in the way of a card slot and a PIN.

And the device itself authenticates PIN numbers too... my initial glee at having a device that can be used to quickly brute-force peoples' PINs was only marginally dented by the discovery that it has the ability to lock cards if you enter the PIN three times, because I now have a superb device for locking the cards of people I don't like."

Reblog this post [with Zemanta]

Coinstar Money Transfer Signs an Agreement with Pocztowy Bank

BELLEVUE, Wash.--Payments Industry News--Coinstar Money Transfer Ltd., a subsidiary of Coinstar, Inc. (NASDAQ: CSTR), announced an agreement to offer money transfer services in all Pocztowy Bank (Postal Bank) locations. Postal Bank is the largest banking network in Poland, one of the top five recipient countries in the world. With this agreement, Coinstar Money Transfer becomes a key player in the Polish market and a new competitive money transfer service for the Polish Diaspora.

“We are very excited about this cooperation: Poland is among the top five recipient countries in the world and the flow of money to Poland in 2008 reached $11 billion,” said Mohit Davar, CEO of Coinstar Money Transfer Ltd. “This cooperation marks a milestone for our business development this year and in particular for Poland. The agreement with Postal Bank to provide their extensive nationwide network of 5,400 locations will enable our customers to receive cash within minutes all over the country and will give Coinstar the opportunity to serve its objective of providing safe and reliable money transfer services to the Polish Diaspora worldwide.”

Alfonso Grassopoulos, Regional Director of Coinstar Money Transfer for Italy, Greece, Cyprus, Switzerland and Poland continued, “This agreement gives us the opportunity to work with a large and experienced organization like the Postal Bank, to provide Coinstar Money Transfer services to millions of Polish people living and working in Italy, UK, USA and other countries. There is a significant flow of remittances going to the rural areas of Poland, now finally accessible through this crucial cooperation. Within this unstable financial environment, consumers are even more interested in value for money, reliable and secure services, which Coinstar Money Transfer strategically offers in the most important send markets for Poland and its Diaspora, mainly because of its direct and aggressive distribution model”.

"We look forward to adding Coinstar Money Transfer to our money transfer product portfolio and offer more convenience to our current and new customers" said Mr. Tomasz Bogus, President of Bank Pocztowy. "We are pleased to work with Coinstar Money Transfer in the remittance business. Money Transfer is a very important service in Poland for all the families expecting money from abroad and it is our pleasure and responsibility to offer consumers greater choice, convenience and high quality of service. “

About Coinstar Money Transfer Ltd.

Coinstar Money Transfer Ltd., a subsidiary of Coinstar Inc., provides an easy to use, reliable and cost effective way to send money around the world. Our services are specially suited for individuals away from home who need to send money to their family and friends or to manage their personal finances. Coinstar Money Transfer Ltd. has become one of the leading money transfer providers, with over 45,000 locations and operates in 140 countries worldwide. For more information, visit

About Coinstar, Inc.

Coinstar, Inc. (NASDAQ: CSTR) is a leading provider of automated retail solutions offering convenient products and services that make life easier for consumers and drive incremental traffic and revenue for its retailers. The company’s core automated retail businesses are self-service coin counting and self-service DVD rental. Other Coinstar products and services include e-payment products – such as gift cards, prepaid debit cards and other prepaid products – and money transfer services. The company’s products and services can be found at more than 90,000 points of presence including supermarkets, drug stores, mass merchants, financial institutions, convenience stores, restaurants, and money transfer agents. For more information, visit

About Bank Pocztowy

Established in 1990 in Bydgoszcz. There are two shareholders of the Bank Code: Post of Poland (Polish Post), that owns 75% of shares (minus one share) and PKO Polish Bank SA (25% plus one share). Both of them are institutions enjoying the public trust having the largest distribution network and access to the most modern banking activities. Uniqueness of the offer of the Postal Bank consists largely in the wide access to the services rendered, found in post offices all over the country. Postal Bank offers a wide range of services, such as Savings and Settlement Accounts, payments and cash withdrawals, deposit accounts or bank loans. They have developed various distribution channels which provide our customers with free access to the accrued resources. The network, consisting of nearly 5,400 posts, is the largest in the country. Postal Bank is a modern universal bank offering customer-friendly and lucid financial services, which are available at the post offices and in the network of the Bank's branch offices across Poland. For more information, visit

First Two Banks Go Live with CashEdge's POPmoney(TM) Person-to-Person Payments Service

Five More Financial Institutions Preparing to Launch POPmoney in Early 2010

NEW YORK, /PIN Payments News Blog/ -- CashEdge, Inc. (, the leading provider of Intelligent Money Movement(TM) services, announced today that two top U.S. banks are the first in the nation to launch POPmoney(TM), its groundbreaking new email and mobile person-to-person (P2P) payments service offered through banks. Five additional financial institutions have signed on to launch the service in early 2010, demonstrating strong momentum for the innovative new P2P payments service.

POPmoney is the first email and mobile person-to-person payments service for financial institutions that allows bank customers to send an electronic payment directly from their online or mobile banking service, by simply using the recipient's email address, mobile phone number or bank account information. Likewise, the recipient of the payment can receive the funds directly into his or her account at any bank through online banking, if the bank offers POPmoney, or at POPmoney includes support for text messaging, WAP and downloadable mobile applications, enabling financial institutions to extend their P2P functionality to mobile phones.

"The launch of POPmoney by the first two banks is a very exciting and important milestone for CashEdge and for the payments industry overall," said Sanjeev Dheer, CEO and President, CashEdge Inc. "Consumers have been demanding online and mobile payment options that are simple and secure, and we strongly believe that banks are the best provider of these services. These two banks are the first of many who will offer POPmoney to their customers in the next year, ushering in a new era in P2P payments."

Consumers can visit to view the current list of participating banks. Customers of participating banks can access POPmoney through their bank's online banking or at

POPmoney leverages the proven reliability, security and robustness of CashEdge's money movement platform, used by most of the nation's largest banks, which in 2008 processed nearly $50 billion in online funds transfers for bank customers. For current CashEdge clients, POPmoney is a simple upgrade of their existing TransferNow service.

Consumers can learn more about POPmoney by visiting

About CashEdge

CashEdge is the leader in Intelligent Money Movement(TM) services providing innovative payment solutions to financial institutions for their retail and small business banking customers. CashEdge's services include mobile and online person-to-person (P2P) payments and small business payments. CashEdge currently serves hundreds of leading financial institutions, including seven of the ten largest banks in the country.

CashEdge's industry leading products include POPmoney(TM) for person-to-person payments; OpenNow®/FundNow® for new account opening and funding; TransferNow® for Consumers, which includes Me-to-Me Transfers and Third Party Transfers; and TransferNow® for Small Businesses, which includes Invoicing, Me-to-Me Transfers, Employee Payments and Vendor Payments. All CashEdge products are supported by industry-leading risk management capabilities that leverage proprietary technology to help financial institutions mitigate risk and decrease fraud exposure.

The Company is headquartered in New York with offices in Silicon Valley and India. For more information, visit

SOURCE CashEdge, Inc.

Disqus for ePayment News