11% of US Adult's Use Twitter - Pew

According to a recent report from thePew Internet & American Life Project, some 11 percent of the U.S.adult population had used Twitteror similar micro-blog personal update services by December 2008.

This represents a 22-percent, one-month leap in usage from November 2008.

If you'd like to follow this blog on Twitter,
click below:

"Overall, Twitter users engage with news and own technology at thesame rates
as other Internet users, but the ways in which they use thetechnology -- to communicate, gather and share information -- revealstheir affinity for mobile, untethered and social
opportunities forinteraction," the Pew project said in a release.

Alook at the demographic profile
of Twitter users as a whole reveals
some additional details about who uses Twitter and how they communicateand consume information.

As noted above, Twitter users areoverwhelmingly young. However, unlike the majority of otherapplications with a similarly large percentage of youth...

Twitter use isnot dominated by the youngest of young adults.  Indeed, the median ageof a Twitter user is 31.

In comparison, the median age of a MySpaceuser is 27, Facebook user is 26 and LinkedIn user is 40.⁷

Twitterusers are slightly more racially and ethnically diverse than is thefull U.S. population, most likely because they are younger – andyounger Americans are a more ethnically and racially diverse group thanis the full population.

Twitter users are also slightlymore likely
to live in urban areas, with 35% of Twitter users living inurban areas (compared to 29% of all internet users) and just 9% ofTwitterers and status updaters living in rural areas, compared to 17%of internet users.

"Twitter and similar services have been most avidly embraced byyoung adults," Pew said. "Nearly one in five (19%) of online adultsages 18 and 24 have ever used Twitter and its ilk, as have 20% ofonline adults 25 to 34. Use of these services drops off steadily afterage 35 with 10% of 35 to 44 year-olds and 5% of 45 to 54 year-oldsusing Twitter. The decline is even more stark among older Internetusers; 4% of 55-64 year-olds and 2% of those 65 and older use Twitter."

To view the report, click any of the links below:

The iChart above was created by Practical E-Commerce

Twitter and status updating

by Amanda Lenhart, Susannah Fox

Browse Sections

• Twitter users are mobile, less tethered by technology
• Younger internet users lead the way in using Twitter and similar services.
• Portrait of a Twitter user
• Twitter users are more mobile in their communication and consumption of information.

Related articles

• Pew Internet: Twitter and status updating (tsurch.com)
• Study: Twitter users are mobile, urban, and engaged online (textually.org)
• Twitter: 11% (battellemedia.com)
• Twitter & the Pew Internet Project 2009 (weblogs.elearning.ubc.ca)
• Twitter is for Losers! (agentgenius.com)
• Twitter Demographics (socialmediatoday.com)
• 1 in 10 Adults Has Microblogged - on Twitter or Elsewhere (marketingvox.com)

Heartland Annual Report Shows Breach Effects

Digital Transaction News

Breach-Related Woes Continue to Pile up for Beleaguered Heartland

The breach-related troubles just keep piling on for merchant acquirer Heartland Payment Systems Inc., according to the acquirer’s annual report filed on Monday with the U.S. Securities and Exchange Commission. In the filing, Heartland revealed the data breach it sustained last year is under investigation not only by the U.S. Department of Justice, the SEC, the Federal Trade Commission, and the Office of the Comptroller of the Currency, but also by the Federal Financial Institutions Examination Council, attorneys general of several states, including Louisiana, the Canadian Privacy Commission, and other government officials.

Negative publicity from the breach, which Heartland disclosed Jan. 20, also could cause an increase in merchant attrition, according to Heartland’s filing. During 2008, 2007, and 2006, Heartland experienced average annual attrition of 17.3%, 12.6% and 11.1%, respectively. Major causes of attrition included business closures, transfers of merchants’ accounts to competitors, account closures initiated by Heartland due to heightened credit risks, or contract breaches by merchants.

Continue Reading at Digital Transactions

Related articles

• Hacker behind credit card chaos at U.S. firm (nationalpost.com)
• Heartland Being Thoroughly Investigated (pindebit.blogspot.com)

StoreFront BackTalk on Duplicate Debit Debacle

Duplicate Debit Debacle Hits Best Buy, Macys. Who’s Next?

Written by Evan Schuman and Fred J. Aun
March 18th, 2009

Following a December glitch at Macys that saw 8,000 customers double- and tripled charged for debit transactions comes word of an eerily similar triple charge glitch at Best Buy this month.

In both cases, the retailers initially painted the problems as isolated incidents. In both cases, the retailers thought initial debit card swipes didn’t work and asked the customer to try again, sometimes twice more. And in both cases, the banks removed money from the consumer’s bank account equivalent to two and three times the price of the product.

Could these be coincidences? Might they indeed be isolated debit card incidents? Absolutely. But this also might be an initial heads up that the debit card system relied on by major retailers today has inherent flaws. What happened, with both Macys and Best Buy, with software specifically designed to look for and prevent these kinds of multiple identical charges? What about the systems at the card processors and the banks?

The most frightening part about debit card transactions today is that they subject retailers to a debit double whammy. Debit transactions are exponentially more delicate—and more prone to glitching—than their credit card counterparts. At the same time, an error with a debit transaction can deliver an order of magnitude more damage, potentially cleaning out a customer’s bank account and causing them to unknowingly bounce checks to everyone they’re trying to pay. Few IT glitches have the potential to get a loyal customer in trouble with the police, but debit card glitches have that distinction.

Continue Reading at StoreFront BackTalk

Related articles

• Macy's reports overcharging customers (money.cnn.com)
• If You Shopped at Macy's, Check Your Statement! (gothamist.com)
• E-vidence of Paradigm Shift...MasterCard Focusing on Debit Business (pindebit.blogspot.com)

HomeATM Receives First Ever Internet PCI 2.0 PED Certification

Recent Rash of Breaches Heightens Need for "Secure" Internet PIN Transactions

HomeATM ePayment Solutions, a leadingprovider of secure hardware and software solutions, today announced theirnewest product, Safe-T-PIN™, has been Payments Card Industry (PCI)PIN Entry Device (PED) 2.0 certified.

The Safe-T-PIN point of sale device,manufactured by HomeATM, is the first ever Internet PED to achieve suchcertification.  Safe-T-PIN™ providessafer and more secure two factor authentication for e-commerce transactions andsecure log-in. 

The pocket-sized Safe-T-PIN™ is a ready to use USB “plug and play” device, thatrequires no user software installation and works with any operating system orbrowser.  The device provides users with the added convenience ofswiping their cards versus keying in their numbers (Swipe Don’t Type™), and will work with any bank,card processor, and currency.

The significance of this product is that the end to end security ofconsumer financial transactions on the web is now assured through the use of standard financial industryand military grade encryption combined with dual authentication, and is now availableand affordable for consumers worldwide.

HomeATM’s mission from it’s inception was to design,build and deliver an affordable POS device thatbrought End-to-End-Encrypted (E2EE) security and thus lower fees tomerchants and consumers alike. 

The Safe-T-PIN™ also allows authorized secure person-to-person (P2P) moneytransfers in real-time.  “We are proud of our engineering teamand extremely excited to provide a cost-effective solutionto those who can least afford fraud and risk,” said Ken Mages, CEO.

"The Safe-T-PIN™ exponentiallyreduces the likelihood of a breach and provides the dual authenticationsolution that e-tailers and money remittance companies have been seeking inorder to fill the current fraud/security void in secure transactions on theweb.  HomeATMis already in advanced discussions with several Fortune 100 companies and thiscertification will certainly result in expediting those talks.”

AboutHomeATM

HomeATM owns a global patent for secure Internet PIN basedtransactions.  Leveraging our E2EE PCI 2.0 PED certifiedsolution, a merchant or remitter can move funds from their bank account oropen loop/closed loop payment card in real-time.  Utilizing HomeATM’spatented solution with a bank issued debit or credit card alleviates theburden for merchants to address fraud issues as HomeATMleverages the issuing bank’s KYC/AML (Know Your Customer/Anti-Money Laundering)protocols.  No other payment solution serves P2P,Business-to-Consumer (B2C) Business-to-Business (B2B), and Mobile Payments withthe speed, security and cost-effectiveness of HomeATM.  HomeATM isEMV ready and already enjoys strategic relationships with Microsoft,Cardinal Commerce and UATP

For further information please visit: www.HomeATM.netor www.HomeATMblog.com or contact Mitchell Cobrin, COO mcobrin@HomeATM.net or514-207-5000

---

Related articles

• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Ten Commandments of Web Payments (pindebit.blogspot.com)
• HomeATM Featured in American Banker (pindebit.blogspot.com)
• PIN on PED vs. PIN on the Web (pindebit.blogspot.com)
• IBM Agrees with HomeATM...Hardware Required (pindebit.blogspot.com)
• Acculynk Most Closely Mimics Grocery Store Experience? (pindebit.blogspot.com)
• Signature Debit Wrestles Fraud, Get's PIN'd (pindebit.blogspot.com)
• HomeATM Prevents Cloned Bank Site Threat! (pindebit.blogspot.com)
• HomeATM PCI PED 2.0 Certification Imminent (pindebit.blogspot.com)

ATM's At Risk...HomeATM's Not...

ATMs At Risk

Targeted attack on ATMs raises the bar -- as well as concerns -- about security of cash machines

By Kelly Jackson Higgins  DarkReading

Cracking automatic teller machines isn't new: ATMs have been rigged with sniffers, spoofed with cloned cards created from successful phishing attacks, and even physically blasted open by explosives. But a new, sophisticated attack that inserted information-stealing malware on ATM machines has raised the bar on just what determined criminals can and will do to steal banking information and money.

The latest ATM hack came to light yesterday after Sophos revealed its discovery of a Trojan that had been specially crafted to steal information from users of Diebold ATM machines. Diebold in January had issued a security update for its Windows-based Opteva ATMs, some of which it said had been physically broken into and infiltrated with the Trojan software in Russia.

"We immediately notified our customers globally of the malware risk and sent a precautionary software update," a Diebold spokesperson says. "We were made aware of the isolated incident in Russia in the January time frame. The criminal gained physical access to the ATMs at site locations, and the malware was installed by someone with high-tech knowledge and expertise. "

The attackers (those dogs) were well-versed in the software internals of the ATM machines. "It's fascinating that the hackers went to this extent...they [knew] the API calls and understood how the cash machine works," says Graham Cluley, senior technology consultant at Sophos. "We haven't seen that before.

"This is not something the average hacker on the street would have access to," he adds. "They need physical access to the ATM -- they need to have someone on the inside or involved with the manufacture of these devices to gain access and install the software. "

HomeATM doesn't use software.  It's Plug and Play.  In order to gain access, a fraudster would have to break-in to a user's home...but it's tamper-proof, so that wouldn't do them any good either.  So, I think it's "safe" to say that,  well...HomeATM's are NOT at risk.

It's unclear just how the attackers got such inside access to the machines, but security experts say it represents a whole new attack vector for bank machines, and that this incident may be only scratching the surface. "There could be many other ATMs under this type of malicious and hidden Trojan," says Kim Singletary, director of OEM and compliance solutions for Solidcore Systems.

In its security update to ATM machine customers, Diebold said the attackers had been caught and that an investigation was under way. Once the bad guys obtained access to the internals of the ATM machines, they were able to implant the malware and intercept sensitive data, the company says. The risk of such an attack increases when the Windows administrative password is compromised or if the built-in firewall is disabled, for instance.

Continue DarkReading

homeatm, atm's,

Semi Annual Guide on eCommerce Alternative Payments

The Fraud Practice Releases their Semi Annual Guide on eCommerce Alternative Payments

RED BANK, N.J. --(Business Wire)-- Alternative payments represent only a fraction of e-commerce total sales today but according to Javelin Strategy and Research, an independent consultancy focused solely on the financial services and payment industries, about 1/3 of all online retail transactions ($268 billion) are predicted to be alternative payments by 2013. The explosive growth of alternative payments can be attributed to consumer and regional preferences. In these economic times, it is now more critical than ever that e-merchants understand and offer payment choices based on consumer and regional preferences.

When considering alternative payment options, more often than not, merchants are limiting their discussion to ACH, PayPal, Amazon and Google Checkout. In fact, there are a number of payment options and a rapidly growing number of service providers offering them. The Fraud Practice's Guide to Alternate Payments identifies 8 categories of alternative payment solutions with over 100 service providers offering their services globally. The categories include credit card payments, ACH & bank payments, payment aggregators, credit-term providers, cash alternative providers, advertising/promotional providers, mobile payment providers and invoicing payment providers.

Not all alternative payment options will produce the same results. Determining the right alternative payment options for your company means evaluating payment options based on regional support, consumer preference, customer base and return on investment (ROI).

Regional Support: There is no one payment option that is equally effective in all regions worldwide. Credit cards are accepted worldwide but while they have dominated the US and Western European eCommerce markets, they have not shown the same dominance in emerging markets such as Africa, South America, Asia and Eastern Europe. In Germany credit cards are present and used, but they are not the preferred payment method.

In these markets a merchant needs to support other payment options otherwise they will be limiting their potential customer base to only a small fraction of the overall population.

Customer Base: The best alternative payment option has little value if the supported customer base isn't large enough to warrant the effort to integrate and support it. Evaluating a customer base should be done on two levels, potential and current. Consider China, 93% of the 1.3 billion person population has access to direct debit while according to China Daily there were just over 100 million credit cards in circulation in China as of June 2008.

Return on Investment (ROI): The reasons why a merchant may implement alternative payments vary from access to markets, cost reduction, easier supportability to consumer preference. In a majority of cases, merchants are able to show a favorable ROI on integrating alternative payments in a timeframe that is more tactical than strategic. This is primarily attributed to increased sales from new consumer populations, lower costs than traditional credit cards and better fraud protection.

The Fraud Practice has created the Guide to Alternate Payments (http://www.fraudpractice.com/altpay.html) to help merchants, service providers and financial institutions make more informed decisions on which alternative payment solutions and providers they should be considering. A Guide to Alternative Payments is a prepared research document, 60 pages in length, intended for organizations looking to gain an understanding on eCommerce alternative payment options. The Guide also includes easy-to-understand reference tables on regional service providers (over 100 service providers), preferences and capabilities. Readers should expect to gain: An introduction to the types of solution options available and the service providers that offer them An in-depth understanding of the market dynamics, vertical market preferences, regional preferences and reasons to implement these services A discussion on emerging markets where alternative payments are flourishing A general introduction to the capabilities and services provided by the major players in each of the 8 solution option groups Merchants may also consult The Fraud Library, which contains valuable information for merchants seeking information on fraud prevention techniques and eCommerce payments.

About The Fraud Practice The Fraud Practice (http://www.fraudpractice.com) is a privately held US LLC based in Red Bank, New Jersey. The Fraud Practice provides consulting services on eCommerce payments, fraud prevention and credit granting. Businesses throughout the world rely on The Fraud Practice to help them build and manage their fraud and risk prevention strategies. Utilizing best practices and leveraging key partnerships, our team of industry and technical experts offer customers a single source for learning how to design, deploy, review and integrate fraud prevention practices in their business processes and solutions.

David Montague is the founder and President of The Fraud Practice and has spent the last fourteen years working in the eCommerce space, and is well respected for his business knowledge and thought leadership. His background includes an in-depth application of innovative solutions for preventing business to business and business to consumer e-commerce fraud. Prior to founding The Fraud Practice he held positions as the Director of Risk Solutions at CyberSource Inc. and National Principal at IBM Global Services.

HomeATM, The Fraud Practice, Alternative Payments,

Related articles

• Cardinal and CyberSource Team Up (pindebit.blogspot.com)
• Annual E-Commerce Fraud Survey Results (pindebit.blogspot.com)

Card Not Present Fraud up 13%...HomeATM Can Help!

Official 2008 cardfraud figures show chip and PIN continuing to drive fraudsters onlineor to those cards not yet reliant on PIN protection to authorisepayments.

ITPro.com By Miya Knights, 19 Mar 2009 at 14:07

Themain driver for growth in card fraud is on those transactions withoutchip and PIN protection, the main UK payment industry body, Apacs said today, as it released its fraud figures for 2008.

Card-not-present (CNP) fraud losses increased by 13 per cent overthe last year to now account for 54 per cent of all card fraud losses.This also amounts of a rise in CNP fraud of 243 per cent between 2001to 2008. 

Editor's Note: In addition to providing e-consumers with the ability to transact in a dually-authenticated manner, (What they have/Card, What they Know/PIN) HomeATM also reduces fraud by transforming CNP transactions into Card Present (CP) transactions.  The end result?  CP transactions cost less to process, PIN costs less to process. Why?  Because they are MORE SECURE!.  How Secure?  PCI 2.0 PED secure!

But Apacs said this reflected the growing popularity of shoppingonline, which relies on CNP payments, and providing a lucrativealternative to criminals forced to look for alternatives with theadoption of chip and PIN.

It added that tackling CNP fraud was an industry priority, as itcontinues to encourage cardholder and retailer take-up of secure onlinepayment systems that help prevent online shopping fraud, such asMasterCard SecureCode and Verified by Visa.

Overall, card fraud losses total £609.9 million, online bankingfraud losses £52.5 million and cheque fraud losses £41.9 million.

Online banking fraud losses grew 132 per cent on 2007 levels, duemainly to an increase in phishing, Apacs said. At the same time, onlinebanking customers without sufficient security protection areincreasingly being targeted by malware attacks.

Continue Reading at ITPro.com

Related articles

• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Pago Report 2008 - E-Commerce Payments (pindebit.blogspot.com)
• Dubai: Credit Card Fraud Doubles in Last Year (pindebit.blogspot.com)
• Visa, MasterCard Issue New Breach Warning (wired.com)

HomeATM "Officially" PCI PED 2.0 Certified

Here I sit at the 2009 Data Security Summit and Bob Russo, General Manager for the Payments Card Industry Security Standards Council is speaking.  While he's speaking, I get notified that HomeATM's SafeTPIN Personal Swiping Device has been officially PCI PED 2.0 Certified.  Coincidence?  I think not.  Try many, many man hours of hard work by the engineering department at HomeATM.  But, still...it's kind of cool that as I listen to him speak about the imporatance of PCI, we get our certification.  We agree Bob!

HomeATM is proud and honored to forever own the distinction as beingthe very first Online PIN Debit Solution to be PCI 2.0 certified.    More on this later...want to get back to Bob Russo's presentation. 

Irony abounds...at the 2009 Security Summit as we certified as reaching the summit of security. 


Click the picture on the left to enlarge or visit the PCI Security Standards Website at:


https://www.pcisecuritystandards.org/security_standards/ped/pedapprovallist.html?mn=&dv=&pv=3https://www.pcisecuritystandards.org/security_standards/ped/pedapprovallist.html?mn=&dv=&pv=3

Related articles by Zemanta

• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Shoppers Choice Runs Acculynk PaySecure (tm) PIN Debit Transaction (pindebit.blogspot.com)
• Acculynk Most Closely Mimics Grocery Store Experience? (pindebit.blogspot.com)
• Heartland reveal massive credit card scam (vnunet.com)
• Contactless and "Clueless" How Convenient... (pindebit.blogspot.com)
• More on PCI and Tiers 1, 2 and 3 (pindebit.blogspot.com)
• Acculynk Accel/Exchange Announce PIN Debit Pilot (pindebit.blogspot.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)

Dutch Biometric Initiative Cracked

Dutch payment by fingerprint initiative stopped

Dutch supermarket chain Albert Heijn has decided not to follow up on a trial with payment via fingerprint. The trial was conducted in an Albert Heijn branch in the town of Breukelen, near Amsterdam, where 580 participants were able to pay for their daily groceries using their finger print instead of cash or debit cards.

The trial, which lasted 6 months, was the first of its kind in the Netherlands, where more than half of all supermarket transactions are completed using a debit card. During the first weeks of the trial, experts already pointed out a number of security issues arising from the use of the fingerprint payment method. A security expert managed to pay using someone else’s finger print.

Albert Heijn has currently decided not to follow up on the trial, citing ‘security issues and vulnerability to fraud’. The participants however were enthusiastic about the payment method and applauded the fact that they could complete their purchases without needing their debit cards, cash or loyalty cards.

Researcher cracks fingerprint payment system

Security expert beats supermarket chain's payment system with fingerprint made out of rubber

Tom Sanders (IDG News Service)  Have your say!

Within weeks after its introduction , a security researcher has cracked the Tip2Pay fingerprint payment system for Dutch supermarket chain Albert Heijn. The researcher succeeded at paying for groceries by using a copied fingerprint.

The Tip2Pay system allows consumers to pay for their groceries through a fingerprint reader. Albert Heijn is the largest chain of grocery stores in the Netherlands and the namesake of Ahold, a global supermarket group with stores in Europe and the US that had annual sales of US$70.4 billion in fiscal 2006.

Security researcher Ton van der Putte, a retired employee for ATOS Origin who specializes in biometric security, successfully crafted a copy of a fingerprint out of rubber that was accepted by the Tip2Pay system. Staff members for the grocery store failed to detect the fraud. The method is easy to copy: typically a fingerprint left on a glass suffices to create a usable copy.

The hack hardly comes as a surprise. Security experts at the time of launch cautioned that the technology used by the store was insecure.  Albert Heijn, however, didn't seem too worried. The store in public comments has brushed away any security concerns.

Van der Putte has a long track record in biometric security. Since 1990 he has undertaken several experiments demonstrating that secure authentication through fingerprints requires additional security measures.

The Chaos Computer Club in 2004 also demonstrated that a stand-alone fingerprint can be easily copied. The club wrote a how-to guide with instructions on how to create a copy. Also, a system similar to the technology deployed by Albert Heijn was hacked last year in Germany.

BioXS, a firm specializing in biometric security, cautions that Albert Heijn's system was poorly designed.

The company worries that the failed experiment will wrongfully damage public trust in biometrics.

A spokesperson for Albert Heijn argues that the hack doesn't demonstrate a genuine security threat, because a registered user of the payment system voluntarily provided his fingerprint to the hacker. The company argues that therefore the hack compares to cloning an ATM (automated teller machine) card.

A company spokesperson told Webwereld, an IDG affiliate, that customers at no time will be at risk. The system has a daily spending limit and will compensate consumers if fraud is detected. Tip2Pay for now is run as a test. Albert Heijn expects to deploy additional security measures in case of a large-scale roll-out.

pay by touch, biometric, Albert Heijn, Fingerprint, Fingerscan

Related articles

• BioPay Launches Prepaid Debit Card Program (pindebit.blogspot.com)
• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Dubai: Credit Card Fraud Doubles in Last Year (pindebit.blogspot.com)
• HomeATM Blog Included in "Best of the Best" by Alltop (pindebit.blogspot.com)

Over 3 Billion P2P Transactions Occurred in 2008 - TowerGroup

TowerGroup: Noncash Person-to-Person Market Reaches $1.1 Trillion in 2008, Driven by Check Payments

Analyst Urges Financial Institutions to Leverage Existing Tools to Convert Declining Check Volume to Electronic Payments

Highlights from Report:

• TowerGroup estimates the gross dollar volume (GDV) of the US noncash
  person-to-person (P2P) market in 2008 was $1.1 trillion, composed of
  over 3 billion transactions.
• 
  In 2008, checks represented over $1.013 trillion of the noncash P2P
  payments in the United States and cost financial institutions what
  TowerGroup estimates to be $255 million to process.
• 
  TowerGroup classifies P2P payments into five categories: repayment,
  account-to-account (A2A), family support, informal purchases, and
  informal services.
• 
  Spurred by the continued consolidation of financial service
  institutions (FSIs) and the establishment of new bank holding
  companies, A2A transfer volume will reach a projected $127 billion in
  2012, TowerGroup believes.
• 
  The P2P solutions available to financial institutions range from
  cobranding partnerships to private-labeled third-party solutions across
  multiple delivery channels and payment networks.
• 
  Financial institutions have the tools available to successfully target
  the P2P market and convert existing check volume to electronic
  alternatives.
  
  Editor's Note:  HomeATM is the "only" company in the world that can facilitate 3DES DUKPT Secure P2P payments in "real-time" at a fraction of the cost of methodologies currently being utilized.
  

NEEDHAM, Mass.--(BUSINESS WIRE)--New research from TowerGroup finds that the gross dollar volume (GDV) of the U.S. noncash person-to-person (P2P) market in 2008 was $1.1 trillion. Checks are in decline, but they remain the most significant payment method, amounting to over $1 trillion of the noncash P2P payments volume.

Defined by TowerGroup as a consumer-initiated transfer of funds to another consumer using multiple channels and payment methods, P2P payment methods1 have evolved over the past few years with the advent of the Internet and mobile devices. These payment channels are continuing to grow, as financial institutions look to offer alternative new methods to transfer payments using online fund-transfer modules and mobile platforms. P2P is becoming an essential ingredient for financial institutions as they look to attract a new audience that is interested in on-the-go solutions that are lower in processing cost and greater in functionality.

Despite the availability of these new payment methods, consumers continue to use checks, which represent a net loss to banks on an item basis. TowerGroup estimates that P2P check volume is declining at 10 percent year to year. More important, it is costing an estimated $255 million to process these transactions.

“Banks are losing money hand over fist as they absorb the processing costs associated with every check transaction,” said Jennifer Roth, research director in the Global Payments service at TowerGroup. “The advent of the Internet and mobile devices are driving financial institutions to innovate and adopt new, more cost-effective and convenient means for their customers to transfer and process payments. However, in order to garner additional P2P market share and convert checks to electronic alternatives, financial institutions must create simple, low-cost, and convenient alternatives with flexible funds accessibility.”

TowerGroup expects 2009 to be a crucial year for financial institutions to incorporate P2P solutions so as to retain customers and acquire new ones. To keep a competitive edge, institutions must expand the reach of their business beyond a branch footprint using solutions and options available today. These options range from cobranding partnerships with alternative payment delivery providers such as PayPal and Obopay to private-labeled third-party solutions across multiple delivery channels and payment networks.

Additional highlights of the research include:

• Over 3 billion P2P transactions occurred in 2008.
• In 2008, checks represented over $1.013 trillion of the noncash P2P payments in the United States and cost financial institutions what TowerGroup estimates as $255 million to process.
• Spurred by the continued consolidation of financial service institutions (FSIs) and the establishment of new bank holding companies, TowerGroup believes, account-to-account (A2A) transfer volume will reach a projected $127 billion in 2012.

The TowerGroup Research Note titled “Noncash P2P Payments: Checks in Decline Still Rule the Roost,” is available to qualified members of the press for review. To request a copy of or to arrange an interview with Ms. Roth, please contact Erica Chase at 212-704-44693 or erica.chase@edelman.com.

About TowerGroup: TowerGroup is the leading research and advisory services firm focused exclusively on the financial services industry. A respected source for trusted information and advice, TowerGroup brings many of the world’s leading financial institutions, technology companies, and professional services firms a deeper understanding of the business and technology issues impacting their organizations. Headquartered near Boston in Needham, Massachusetts, and with offices in North America and Europe, TowerGroup serves a global client base. Visit www.towergroup.com for more information.

1 TowerGroup classifies P2P payments into five categories: repayment, account-to-account (A2A), family support, informal purchases, and informal services.

Contacts

Edelman for TowerGroup
Erica Chase, 212-704-4469
erica.chase@edelman.com
Permalink: http://www.businesswire.com/news/google/20090318005266/en

Related articles

• Banks Must Wake up to Payments Challenge (pindebit.blogspot.com)
• HomeATM Added To FinovateStartup09 Lineup (pindebit.blogspot.com)

Tomorrow - The 2009 Data Security Summit

Earlier this afternoon I arrived in Park City, Utah and, along with HomeATM Chairman and CEO, Ken Mages, met the good folks at ProPay.   

Tomorrow morning I will be attending the 2009 Data Security Summit, hosted by ProPay. 

Look for periodic posts during the day, bringing you highlights from the event.

Speakers include:

Bob Russo, General Manager of the PCI Security Standards Council

Chris Mark, Founder and CEO of Aegenis and founder of the Society of Secure Payments Professionals, and others.


Other speakers include John Verdeschi - MasterCard, Michael Dortch and Dr. Heather Mark.

Also, HomeATM expects to announce tomorrow that our SafeTPIN device has been officially designated as a PCI PED 2.0 certified hardware device. 

HomeATM is proud and honored to forever own the distinction as being the very first Online PIN Debit Solution to be PCI 2.0 certified.    

Kudo's to the engineerinig department at HomeATM.  Quite an achievement. 

Related articles

• Hacked! Is Visa Next? (pindebit.blogspot.com)
• PIN on PED vs. PIN on the Web  
• Acculynk?  Where's the PIN Offset...My PVV?
  
• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Shoppers Choice Runs Acculynk PaySecure (tm) PIN Debit Transaction (pindebit.blogspot.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)
• Taking a swipe at the debit card competition (thestar.com)
• Reminder: ProPay's 2009 Data Security Summit (pindebit.blogspot.com)

HomeATM PCI PED 2.0 Certification Imminent

Just received notification from Witham Labs that HomeATM's "Safe"T"PIN (the "T" stands for "Transaction") should officially receive PCI 2.0 PED certification from PCI. 

Here's the notification from Witham Labs. 

Hello Ben, Susan, and Kenneth,

We've been tracking the approval status of the report, and recieved this from PCI this morning in response to our request about the status:

"Barring any last minute holdups by the PED group, HomeATM should clear the report cycle tomorrow."

I will continue to keep you informed of the status.

Best regards,

--

Andrew Jamieson
Technical Manager
Witham Laboratories
1/842 High Street
Kew East
Victoria 3102
Australia

*Download the Q4 2008 Witham newsletter from* http://www.withamlabs.com/component/content/article/224.html

 More about PED Evaluations from Witham Labs

Security & Compliance - PIN Entry Device Evaluations

Witham Laboratories specialises in the independent security evaluation of all security aspects of payment devices - particularly PIN Entry Devices and those providing cryptographic services. 

We are accredited to evaluate devices against international standards such as those of the Payment Card Industry (PCI), as well as local standards of varying regions, such as those of the Australian Payments Clearing Association (APCA).

Our clients actively seek us from around the world for our flexibility, innovation and expertise:

• Our evaluations cover both physical and logical security
• Evaluations can be performed to a customer specified level or against industry standards
• Many of our clients take advantage of our ability to produce reports for multiple payment schemes, minimising the cost and time involved
• We are at the leading edge for knowledge of current best practice and evolving industry requirements

PCI PIN Entry Device requirements

A presentation detaiing the PCI PED testing and evaluation process can be downloaded here. 
Alldevices that accept MasterCard, Visa, JCB, Discover, or AmericanExpress PINs must be evaluated by a PCI approved laboratory. WithamLaboratories is the only organisation in the Asia-Pacific region accredited by the PCI to test PIN Entry Devices (PEDs), among only eight in the world.

WithamLaboratories can perform full evaluations on any device, and provideguidance to assist in the understanding of the PCI criteria, which canoften be daunting. PCI currently have standards for the evaluation of POS PIN Entry Devices (POS PED), and Encrypting PIN Pads (EPP). New standards for Unattended Payment Terminals (UPT) and Hardware Security Modules (HSM) are under consideration.

Our clients find our knowledge on how the PCI criteria apply to their individual products invaluable. As an independent laboratory, we are not permitted to assist in the design of a product, but we offer a pre-evaluation service to begin assisting clients as early as possible in their projects.

Experience has shown that a pre-evaluation helps to avoid problems early in the design of a product, saving time and money further down the track. Many devices are not compliant with the PCI standard when submitted for the first evaluation.

Westrongly recommend that additional time is factored into projects toallow for additional evaluations, and that the cost of a secondevaluation is considered when comparing prices.

APCA requirements for PIN Entry Devices

All PIN Entry Devices for the Australian market must be evaluated by an APCA approved laboratory. Witham Laboratories is the only APCA accredited laboratory in the Asia-Pacific region.

As we are Australian based, we have close ties to APCA and can provide important insightinto the requirements and processes involved in gaining accreditation.The APCA requirements are provided in Standards Australia's AS 2805.14, which is similar to ISO13491, from the International Organization of Standardization.
Currently,APCA recognises the evaluation of POS PIN Entry Devices (POS PED),Automatic Teller Machines (ATM), Hardware Security Modules (HSM), andEncrypting PIN Pads. We are the only laboratory with experience inevaluating all of these devices to APCA requirements.

Witham Laboratories is the premium provider of evaluations in the Asia-Pacific region:

• We can conduct multiple evaluations at a discounted price for clients who want to gain both PCI and APCAapproval, saving both time and money. Devices that will acceptMasterCard, Visa, or JCB PINs in Australia will need APCA and PCIcertification
• The APCA requirements contain several subtle differences to those of PCI, and our clients have found that our detailed understanding of these differences has greatly assisted them when bringing products into the Australian market

The evaluation process

Once supplied with a minimum level of samples and supporting documentation, our evaluations are conducted as quickly and efficientlyas possible - typically 4 weeks for a full report. A full APCAevaluation will take about 4 weeks as well. Once the report iscompleted, we seek client's approval before sending it to APCA foraccreditation. This can take 2-4 weeks.

We happily provide valuable feedbackto our clients throughout evaluations, maintaining close contact andoffering as much advice and guidance as possible. Our advice hasassisted a number of manufacturers to quickly bring their products intocompliance with the new PCI requirements.

Related articles

• Signature Debit Wrestles Fraud, Get's PIN'd (pindebit.blogspot.com)
• On to the Next Breach... (pindebit.blogspot.com)
• Reminder: ProPay's 2009 Data Security Summit (pindebit.blogspot.com)
• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)

Man Tries to Needle ATM User into Giving up PIN

Woman Attacked By Man With Needle At ATM
SALEM, N.H. (WBZ)

The Bank of America ATM in Salem, New Hampshire where the woman was attacked March 12.

Police are looking for a man who terrified a woman by trying to rob her at an ATM while armed with a hypodermic needle.

It happened Thursday night at a Bank of America kiosk on Route 28 in Salem, New Hampshire near the Methuen border.   A 35-year-old woman went to the ATM around 7:30 p.m. and a man snuck up and grabbed her from behind.

She told police he held the needle to her neck and demanded money.  When she told him she had nothing he ran off.

Officers from Salem and Methuen and search dogs were called in, but they found nothing.  Police are having a difficult time in their investigation because the video surveillance system at the ATM was broken at the time of the attack.

The woman was not seriously hurt.  She described her attacker as a young white man in his mid 20's, about six-feet tall, with freckles and facial hair.  He was wearing an olive pullover sweatshirt and black gloves.

Anyone with information should call Salem Police at (603) 893-1911.

Airlines Tackle $1.4 Billion Online Fraud Challenge

Profit protection is key in tough economic environment; Business airlines see lowest fraud losses

MOUNTAIN VIEW, Calif. - March 16, 2009

New survey findings released today show airlines worldwide lost over $1.4 billion to online fraudsters in 2008, about 1.3% of worldwide airlines' online revenue. The data comes from a new independent Airline Online Fraud Survey commissioned by CyberSource Corporation [NASDAQ: CYBS] in association with Airline Information LLC and completed January, 2009.

Airlines are on the front line of the battle against online fraud--33% of the industry's revenues derive from eCommerce, three times the proportion of sales transacted online by non-travel companies--so efficient management of the problem is of critical concern to the airlines.

Editor's Note:  HomeATM is in discussions with all the major airlines, as a PIN Debit solution would provide not only a more secure dually authenticated e-transaction, but would also reduce their Interchange Fees.  Remember, by SwipePIN your card, it becomes a "card present" transaction.  In addition our device provides a true PIN Debit solution, therefore, chargebacks are virtually eliminated and Interchange is reduced further.  

According to survey data, the ways airlines manage fraud vary significantly by airline category. In 2008, business-class airlines, with higher-priced tickets to protect, typically embraced profit protection measures, whereas low-cost carriers tended to focus on revenue capture. On average, business airlines used the most fraud detection tools (6.5 tools per business-class airline), had the highest rate of manual review (47%), and rejected more bookings due to suspicion of fraud (3.6%). Conversely, low-cost carriers used the least number of automated screening tools (4.9 tools per low-cost carrier), were less likely to manually review bookings (13%), and rejected fewer bookings due to suspicion of fraud (2%). The result of these differing strategies is that in 2008 business airlines lost 1.1% of their revenues to fraud and low-cost carriers, by contrast, lost 1.6%.

"The good news is that solutions exist," said Christopher Staab, Managing Partner of Airline Information, an airline industry organization. "Improving the efficiency of fraud management is one of the quickest cost-cutting moves airlines have at their disposal." Fraud management tactics vary widely by region.

North American-based companies relied far more heavily on detection tools, employing an average of 7.5 tools vs. a European average of 5.4--the overall world average is 5.8. North American airlines manually reviewed only 3% of their bookings whereas Middle Eastern-based airlines manually reviewed 81%.

European and Asia Pacific-based airlines manually reviewed 22% and 49% of their bookings respectively. According to Dr. Akif Khan, CyberSource Head of Client and Technical Services in the UK, "These findings highlight the need for airlines to adopt a more automated, holistic approach to fraud management--from initial screening through booking review and disposition. Improving the accuracy of automated screening is key. In doing so, they can reduce overhead costs associated with manual review, as well as improve revenue capture and lower fraud loss. With the right tools, airlines can realize these benefits in a matter of weeks--not years." To see the full survey -- for journalists: please call or email any of the contacts listed below. For all others: please visit http://forms.cybersource.com/forms/airlinefraudpr

The Airline Online Fraud Survey was commissioned by CyberSource Corporation. The data was compiled in an online survey conducted by Mindwave Research in the U.S., and additional phone follow-ups were conducted by Vanson Bourne Ltd. in the U.K. The surveys were fielded December 1, 2008 through January 16, 2009 and yielded 99 qualified and complete responses. Incentive to respondents included a summary of the research.

About CyberSource
CyberSource Corporation is a leading provider of electronic payment and risk management solutions. CyberSource solutions enable electronic payment processing for Web, call center, and POS environments. CyberSource also offers industry leading risk management solutions for merchants accepting card-not-present transactions. CyberSource Professional Services designs, integrates, and optimizes commerce transaction processing systems.

Approximately 253,000 businesses use CyberSource solutions, including half the companies comprising the Dow Jones Industrial Average. The company is headquartered in Mountain View, California, and has sales and service offices in Japan, the United Kingdom, and other locations in the United States including Bellevue, Washington and American Fork, Utah.

For more information on CyberSource please visit www.cybersource.com or email info@cybersource.com. For more information on Authorize.Net small business solutions, please visit www.authorize.net or email sales@authorize.net.

Editorial Contact:
Bruce Frymire
CyberSource Corporation
650.965.6042
bfrymire@cybersource.com

© 2008 CyberSource Corporation. All rights reserved. CyberSource is a registered trademark in the U.S. and other countries. Authorize.Net is a registered trademark in the U.S. All other brands and product names are trademarks or registered trademarks of their respective companies.

Related articles by Zemanta

• Cardinal and CyberSource Team Up (pindebit.blogspot.com)
• Chart - 2000-2008 Online Fraud Losses (pindebit.blogspot.com)
• Annual E-Commerce Fraud Survey Results (pindebit.blogspot.com)

TMG Rolls Out Fraud and Risk Analysis Service for Credit Unions

Des Moines, Iowa, Mar. 17, 2009 -- In an effort to help creditunions better manage credit and debit card fraud, TMG (The MembersGroup) is today rolling out its customizable Fraud & Risk Analysisprogram.

Using a custom process developed by TMG’sfraud department, TMG fraud experts analyze 12 months of a creditunion’s fraud cases to pinpoint exactly where fraud is originating.After the analysis is complete, TMG’s fraud experts recommend and helpimplement new fraud strategies to minimize future risk.

Betatesting the analysis program with Vermont State Employees Credit Unionin 2008, TMG’s newly implemented strategies stopped an estimated$20,000 in potential fraud loss for the Montpelier-based credit union.

“Thesavings potential of TMG’s new program is enormous,” said VictoriaBoudreault, Vermont State Employees’ Deposit Operations Manager.“Losses from fraud are only one area of savings, as this program alsoprotects interchange income, customer service demands, and mostimportantly, our reputation among cardholders.

Accordingto TMG Cards Risk Senior Manager Karen Postma, ideal clients of theFraud & Risk Analysis program are credit unions with a card basegreater than 15,000 that also have the flexibility to modify theirfraud strategies.

“It’s important to TMG that ourcredit union clients be able to modify their existing strategies in away that is completely transparent to members,” said Postma. “We areskilled in our ability to carve out exactly the strategies that willdecrease fraud without sacrificing interchange income or disruptingmember cardholder experience.”

TMG predicts atypical program will take between six and seven weeks to complete andrecommends an annual analysis to stay on top of trends and minimizeexposure to risk.

As an added bonus, clients ofTMG’s Fraud & Risk Analysis program receive a TMG-developeddecision matrix that guides credit unions through the decision makingprocess while experiencing a compromise.

About Vermont State Employees Credit Union

TheVermont State Employees Credit Union is a not-for-profit financialcooperative that offers a full range of affordable financial productsand services to its member-owners. People eligible to join the creditunion include anyone who lives or works in Vermont’s Addison,Caledonia, Chittenden, Lamoille, Orange, Rutland or Washingtoncounties, along with Vermont's state employees and their families. Formore information about VSECU, visit www.vsecu.com .

About TMG

Ownedby the Iowa Credit Union League, TMG is a financial servicesorganization dedicated to providing innovative customized solutions tocredit unions and financial institutions across North America. TMG’score products include credit, debit, ATM and prepaid solutions, as wellas online reporting, item processing, ACH, ALM and printing services.TMG’s prepaid card products are branded ATIRA. For more information,visit www.TheMembersGroup.com .

Source: Company press release. 

Related articles

• The Basics of Debit and Credit Cards Explained (bargaineering.com)
• Dubai: Credit Card Fraud Doubles in Last Year (pindebit.blogspot.com)
• Banks Must Wake up to Payments Challenge (pindebit.blogspot.com)

Pay(Me Later)Pal

EBay Set to Merge PayPal and Bill Me Later Systems

American Banker | By Daniel Wolfe

EBay Inc. hopes that combining the risk management strengths of its PayPal Inc. unit with new features designed to attract new types of users will help it become a global leader in online payments.

The San Jose e-commerce company shared its plans for PayPal during an analyst presentation Wednesday, including details on how it will incorporate Bill Me Later Inc., the instant credit provider it purchased in November, and an open development platform it expects to roll out this year.

John Donahoe, eBay's president and chief executive, described online payments as a winner-take-all market and said he expects PayPal to become one of the top global brands, in contrast to the online retail market, where he expects his company's auction service to be one merchant among many.

Continue Reading at:

Bank Technology News

Related articles by Zemanta

• EBay's Income Dropped 31% as Traffic Declined (nytimes.com)
• What's It Going to Take to Fix eBay? (gigaom.com)
• Why eBay Should Consider Breaking Itself Up (gigaom.com)
• eBay sees profit and revenue drop (news.bbc.co.uk)
• EBay's Big Plans for PayPal (businessweek.com)