29 US Banks Receive Mobile Banking “Report Card” From ABI Research

Mobile Money Research Service | Mobile Banking: US Banks Report Card
NEW YORK - September 10, 2009	Contact: Christine Gallen Contact PR www.abiresearch.com
It has been two years since mobile banking was introduced in the United States, and analysts at ABI Research believe it is time to assess its progress, with a focus on the user-friendliness (or otherwise) of the services on offer. The firm has published a mobile banking “report card” which assesses 29 banks on the discoverability and accessibility of their mobile banking services. Senior analyst Mark Beccue says, “People are asking ‘Is mobile banking taking off in the US?’ For that to happen, two things are required: the services must be easy to find, and accessible to a broad range of consumers . So the ‘grades’ in this report card are not about subscriber numbers or any other measure of success, but about how consumer-friendly the banks’ offerings are.” The results are as follows:                           A — Exceptional: BB&T, Eastern Bank, Fifth Third Bank, Northeast Bank,    USAA, Wells Fargo                         B+    Very Good: Bank of America, Chase                         B — Good: Capital One, US Bank, Huntington Bank                         C — Average: America First, Bancorp South, Citibank, PNC, Wachovia                         D — Below Average: Carolina First, 1st Bank, IBC Bank, Mercantile Bank, Regions, SunTrust, Synovus                         F — Failing: M&T, Provident Bank                         No mobile banking offering: Citizens Bank, Comerica, HSBC, KeyBank Of 29 banks examined, 17 are the nation’s largest retail banks. The remaining dozen banks are a sampling of other community and regional banks. Summarizing the results, Beccue says, “We have two observations/recommendations. First, mobile banking’s reach in the US isn’t as good as it could be. If banks want mobile banking to be ubiquitous and available to as many consumers as possible, they’ll have to promote text messaging in particular as the method of choice. Secondly, if you’re in the retail banking business and you don’t have a link – or at least a list of your mobile banking services – on your website’s homepage, then you’re undermining your whole effort. Discoverability is critically important.” “Mobile Banking: US Banks Report Card” evaluates and grades 29 US banks on the reach, breadth of services offered, security, and discoverability of their mobile banking operations, resulting in a report card which shows the leaders and laggards of mobile banking in the US. It forms part of the firm’s Mobile Money Research Service. ABI Research provides in-depth analysis and quantitative forecasting of emerging trends in global connectivity. From offices in North America, Europe and Asia, ABI Research’s worldwide team of experts advise thousands of decision makers through 25 research and advisory services. Est. 1990. For more information visit www.abiresearch.com, or call +1.516.624.2500.

Society of Payment Security Professionals Announcment

SOURCE: Society of Payment Security Professionals

The Society of Payment Security Professionals Announces New CPISM/A Training Dates and a New Industry Certification

As Membership Grows So Do Offerings



Payment Security Professionals



PARK CITY, UT--(PIN Payments Blog- September 11, 2009) - The Society of Payment Security Professionals (SPSP) announced today that due to high demand Certified Payment-Card Industry Security Manager (CPISM) and Certified Payment-Card Industry Security Auditor (CPISA) training courses will be held once each quarter. Courses were booked to capacity the past two quarters and the numbers are anticipated to remain the same for the upcoming course scheduled for November 10-13th, 2009 in Dallas, TX.



In addition to increasing the frequency of public CPISM/A courses, the SPSP also announced that it will be unveiling a new certification in 2010. Like the CPISM/A certifications, the new certification, Certified Payment-Card Industry Privacy (CPISP), will be created by the Society of Payment Security Professionals (SPSP) with the collaboration of industry and educational experts. CPISP will focus on privacy and regulatory information within the Payments Industry as it applies to PCI DSS.



Privacy and regulatory expert, Dr. Heather Mark, has said "We have received an overwhelming amount of interest from people in the Payment Card Industry wanting to increase their knowledge regarding privacy and regulation. This new certification will educate participants on these issues and help identify them as experts in the industry."



"In response to the large amount of inquires we receive about privacy and regulatory issues, an article focusing on these issues has been and will continue appearing in Secure Payments Magazine," says Dr. Mark. The next third quarter issue of Secure Payments is scheduled to be released on October 1st, 2009. This issue includes a product guide and several articles focusing on emerging technologies as well as Dr. Mark's regulatory column.

For more information about the SPSP, any of the certifications offered, or Secure Payments Magazine please visit www.securepaymentsmag.com, www.paymentsecuritypros.com or contact info@paymentsecuritypros.com.

About the Society of Payment Security Professionals



The Society of Payment Security Professionals' objective is to provide individuals and organizations involved in payment security with an online community to share information, and access education and certification opportunities. Society members come from a variety of businesses including card brands, merchants, acquirers, ISOs, and more. Though their organizations may vary, they all share one purpose: to protect sensitive customer data using the most current, viable technologies and processes. The SPSP is managed by The Aegenis Group.





Media Contact:

Tracie Byron

Email Contact

435-615-6711

Society of Payment Security Professionals

Director of Business Development

Never Forget!

Finovate 2009 - Today is the Last Call for Early Bird Registration

Finovate 2009 - Last Call for Early Bird Registration!

Finovate will return to New York City on Tuesday, September 29 to showcase the best new financial and banking technology innovations from established leading companies and hot young startups. Handpicked from hundreds, the companies get a mere 7 minutes on stage to demo (no powerpoint allowed) their latest and greatest.





Early bird registration closes Friday, Sept. 11th - so if you're interested in attending and saving some money in the process, be sure to register ASAP!   It's a great event and HomeATM was honored to be handpicked from the hundreds of companies during Finovate Startup09 last April.  Below is our 7 minute (no powerpoint allowed) demo on our P2P "real-time" 2FA 3DES DUKPT E2EE PCI Certified 2.x Money Transfer Application.





http://finovate.com/startup09vid/homeatm.html

New iPhone Anti-Phishing Feature Fails Researchers discover iPhone OS 3.1's anti-phishing feature is not working properly



Sep 10, 2009 | 03:46 PM By Kelly Jackson Higgins

DarkReading



The new Apple iPhone OS 3.1 software comes with a new anti-phishing feature for the Mobile Safari browser, but researchers say the filter doesn't work.



"I've not been able to get it to block anything," says Michael Sutton, vice president of research at Zscaler, who has been testing the mobile browser's security feature against several phishing sites identified on PhishTank. While Apple's Safari for the desktop blocks many of the sites, the iPhone's mobile version didn't block any that he tested.



Continue Reading

Related articles by Zemanta

• iPhone 3.1's anti-phishing: not better than nothing? (macworld.com)


• Watered Down Phishing Protection In IPhone OS 3.1? (mobile.slashdot.org)

Placecast Announces Study on mCommerce Usage

San Francisco, (PIN Payments News Blog) -- Today 1020 Placecast announced the beginning of a six-part series exposing the realities of America's consumer and what they really want to use their mobile device for when it comes to shopping, mobile advertising, mobile marketing, coupons and location-based services.



The Alert Shopper is an online series that is located at http://blog.placecast.net/, featuring both first-person and third-party research in conjunction with Harris Interactive on consumer shopping habits and interest around the use of mobile devices and alerts when shopping.  With all of the hype surrounding emerging mobile content and mobile advertising, Placecast sought out to talk to America's consumer, face-to-face and captured quite a bit of insightful feedback on what people want and don't want.



Over the next few months, the Alert Shopper blog will feature unique insights into the mobile usage patterns of today's American consumers, quantitative survey research from Harris Interactive as well as a broad range of retail shopping trends. You'll meet Joni, a 46-year-old mother who talks to us about her dependence on her cell phone and her tactics of savvy shopping and brand-loyalty. Then you'll meet Joseph, a 31-year-old early adopter, who discusses exactly how he looks for sales and what retailers like Levi's can do to improve his experience.



These real consumer profiles are supplemented with quantitative survey research from Harris Interactive, focused on gauging interest levels in different types of mobile marketing, as well as a broad range of retail categories.



The Alert Shopper will cover trends as they relate to multi-location retail outlets like Target, Walmart, Kroger, Safeway, Best Buy, Kohl's, Home Depot, Walgreens, Lowes, CVS, Sears, SuperValu, Rite Aid, Macy's, Publix, JC Penney, GAP, Meijer, Staples, Toys 'R' Us, Office Depot, Nordstrom, Whole Foods, Menards, Dillard's, Giant Eagle, Auto Zone, PetSmart, Neiman Marcus, The Shack, Sheetz, Starbucks, and Dick's -- to restaurants like Sonic, Applebee's, Chili's Olive Garden, Red Lobster, Friday's, Burger King, McDonald's, Jack in the Box, KFC, Taco Bell, Pizza Hut, Subway, Wendy's, Outback, Arby's, Chick-Fil-A, Quiznos and The Cheesecake Factory .



Also the series will take at look at specialty stores such as REI, American Eagle, Pottery Barn, Williams Sonoma, Crate & Barrel, Children's Place, Brooks Brothers, Coach and Chanel. "It's our hope that The Alert Shopper will pioneer research in retail as it relates to understanding the role of the mobile device," states 1020 Placecast CEO Alistair Goodman



The first installment of the Alert Shopper can be found here:

New installments will appear monthly on the site:  (http://blog.placecast.net/)  To sign up for alerts on new installments, follow the series by adding @placecast on Twitter.



About 1020 Placecast, Inc.

1020, Inc. is the developer and owner of Placecast Media, the first location-based platform specifically designed to use digital marketing on the web and mobile to drive consumers into physical environments. 1020's groundbreaking Placecast service recently earned the company the OnMedia Top 100 Award, given to game-changing companies in the marketing, branding, advertising, and PR industries. Current partners include NAVTEQ and Alcatel-Lucent, and current advertisers include Microsoft Windows Mobile, FedExOffice, Avis and Budget Rental Cars and Hyatt Hotels. 1020 is funded by Voyager Capital and Onset Ventures.



For more information about Placecast, visit www.placecast.net .



Source: Company press release.

Dynamic Duo(poly) Needs to be Challenged for SEPA Ration

10 September 2009 - 10:26

New schemes vital to Sepa for cards success - ECB's Tumpel-Gugerell

MasterCard and Visa need to be challenged by at least one new scheme if Sepa (Single euro payments area) for cards is to succeed, according to ECB executive board member Gertrude Tumpel-Gugerell.

In a speech at the EFMA conference on cards and payments, Tumpel-Gugerell says a single market for cards is the "missing piece in the Sepa puzzle" and warns Europe needs to overcome the "current stagnation".



Citing research from the ECB and De Nederlandsche Bank, she says a new Europe-wide card scheme could provide a "decisive impetus" to solving interoperability and overcoming fragmentation in the market, benefiting customers and merchants.



There are currently three scheme initiatives and Tumpel-Gugerell has called on those involved to "get down to business now"...



Continue Reading at Finextra 



Related:

Monnet Talks...Will it Walk the Walk? | PIN Debit Payments Blog

Aug 13, 2009

MasterCard Inc. and Visa Europe could face competition in the coming years from new European-centered payment card networks such as Payfair and Monnet. Belgian retailer Colruyt Group is planning to begin testing the Payfair debit card ...

PIN Debit Payments Blog: Monnet Could Challenge V/MC with ...

Jul 10, 2009

I would suspect that Monnetwould be based on the Chip and PIN system, which is more secure than what Visa and MasterCard have been pushing with their signature debit. I have long said that signature debit should be scrapped in it's

Test in the Works for European Card Cardline Global | Tuesday ...

Jul 14, 2009

Several major French and German banking companies are said to be backing the Monnet debit card, and said last week that they expect to create a company then that would focus on building a payments network. See "Is Monnet Painting Visa into a corner?

http://pindebit.blogspot.com/

Happy Birthday ATM! Does Life Begin at 40?

09/09/09 was more than just a calendrical anomaly...



It was more than "A Day in the Life"



It was also the ATM's 40th birthday!



Wired put together the graphic on the left.  Here's a snippet from their posting:



"September 9 is the 40th birthday of the automated teller machine in the US. To celebrate the invention that spews twenties at two in the morning, we're spitting out some numbers of our own."



From: Wired.com



Interesting!  Yes?

Is PCI DSS a Safe Investment?

By Robert Vamosi, Javelin Strategy & Research



Should merchants continue to invest in Payment Card Industry Data Security Standards (PCI DSS) in a down economy? Yes.



The losses—not just in fines and litigation, but also reputational damage—associated with the consequences of a data breach are astronomical when compared with the annual burden of maintaining compliance. PCI is an excellent baseline for cardholder security, but should PCI be made law? On this, there is plenty of room for debate...



Continue Reading at Bank Systems and Technology

Related articles by Zemanta

• MasterCard beefs up security requirements (computerworld.com)


• Mercator Advisory Group Publishes End-to-End Encryption Report (paymentsnews.com)

Trustwave Acquires VERICEPT

Data Loss Prevention Technology to be Integrated into Trustwave's Security and Compliance Suite

Chicago, Sept. 10, 2009 -(PIN Payments News Blog) – Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, has acquired Vericept, a leading provider of data loss prevention (DLP) and intellectual property protection solutions. The terms of the deal are confidential.



Data loss prevention solutions are most often used to monitor business processes in support of compliance mandates, to protect brand and reputation by enforcing customer data privacy and to defend strategic information and intellectual property against inadvertent and malicious loss. Leading organizations across multiple industries including financial services, healthcare, aerospace and defense, manufacturing, technology, education and retail utilize DLP solutions. With DLP, advanced content inspection is performed on data in use (e.g., endpoints), data in motion (e.g., network) and data at rest (e.g., data storage) to help detect and prevent the unauthorized use and transmission of confidential information. DLP is also used to demonstrate compliance across multiple standards and regulations, such as the PCI DSS and HIPAA, as part of a system of control over information.

The core of Vericept’s DLP solution is its patented Content Analysis Engine, which analyzes content against policy, helps detect and classify structured and unstructured content, as well as, text extraction of any file type. This patented detection and classification technology extends to data-in-motion to address Web 2.0 threats by identifying the use of applications such as blogs, social networking sites and Webmail to accurately identify and control sensitive data. Once data is classified, it can be managed consistently according to policy from the moment it is created.



Specifically, Vericept’s leading DLP solutions help address multiple requirements of the Payment Card Industry Data Security Standard (PCI DSS) version 1.2. PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, which has been endorsed by all the major card brands – Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Using DLP technology, businesses can meet the following seven of the 12 requirements, further strengthening Trustwave’s position as a leading provider of PCI DSS services and solutions:

• Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
  
  


• Requirement 3: Protect stored cardholder data
  
  


• Requirement 4: Encrypt transmission of cardholder data across open, public networks
  
  


• Requirement 6: Develop and maintain secure systems and applications
  
  


• Requirement 8: Assign a unique ID to each person with computer access
  
  


• Requirement 9: Restrict physical access to cardholder data
  
  


• Requirement 10: Monitor all access to network resources and cardholder data
  
  

“We’re very excited to offer our customers a leading DLP solution that can manage sensitive data, scale to meet expanding business requirements and maintain high performance as business continues in real time,” says Robert J. McCullen, chairman and CEO of Trustwave. “Vericept’s DLP technology complements our current portfolio of security solutions offered to our global customer base.”



“The 451 Group believes concerns about data security and leak prevention are central to both regulatory compliance and network security,” says Paul Roberts, senior analyst for enterprise security at The 451 Group. “Trustwave’s acquisition of Vericept will allow it to marry Vericept’s expertise in inspecting data flows to and from the endpoint and on the network with Trustwave’s broad portfolio of managed security products and compliance offerings.”



Vericept’s DLP solutions help customers streamline and demonstrate compliance. With pre-defined compliance categories that specifically address standards such as PCI DSS, HIPAA and GLBA, Vericept’s patented DLP classification technology precisely monitors data to ensure compliance with company policy.



“We’ve developed a leading DLP technology for scanning and detecting sensitive information and mitigating risk based on policy requirements. Our DLP solutions ensure that a business’ sensitive data or competitive intelligence is not lost or leaked, compliance is enforced and brand equity is protected,” says Dave Parkinson, former CEO of Vericept, who will become Trustwave’s general manager of security services.



About TrustwaveTrustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today’s challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com .

Related articles by PINCEPT

• PCI SSC Seeks Input on Security Standards (information-security-resources.com)

PULSE and TRIONIS Sign Long-Term European ATM Acceptance Agreement

Houston and Brussels, Belgium -PIN Payments News Blog— PULSE, the Discover Financial Services business unit responsible for expanding global cash access for the company, has signed a long-term ATM acquiring agreement with TRIONIS, a European interbank processing network. TRIONIS is jointly owned by retail banks from nine European countries, the European Savings Banks Group and First Data.

Under terms of the agreement, when fully implemented, more than 74,000 TRIONIS ATMs across Europe will be able to process ATM transactions for Diners Club International® and Discover® cards.



“Since acquiring Diners Club, one of Discover’s priorities has been to strengthen global acceptance,” said Dave Schneider, PULSE president. “Our agreement with TRIONIS is a significant multi-country acquirer agreement to further European acceptance of Diners Club and Discover cards and an important step in helping reach that goal.”



The service went live in several countries on July 1, with acceptance of Diners Club cards at the ATMs of banks in Austria, Switzerland, Portugal, Spain, Luxembourg and Belgium. Discover cards are expected to be accepted at TRIONIS European ATMs beginning in October 2009.



“TRIONIS is pleased to be able to facilitate broader card acceptance at European cash access machines,” said Ernst Verbeek, TRIONIS managing director. “Acceptance of Diners Club and Discover cards will allow us to serve more cardmembers, while giving ATM operators access to additional ATM transactions.”



About PULSE



PULSE is one of the leading U.S. ATM/debit networks, currently serving more than 4,500 banks, credit unions and savings institutions across the United States. PULSE is owned by Discover Financial Services (NYSE: DFS). The network links cardholders with more than 289,000 ATMs, as well as POS terminals at retail locations in the U.S. The company is also a valued resource for industry research related to electronic payments and is committed to providing its participants with education on evolving products, services and trends in the payments industry. For more information, visit www.pulsenetwork.com .



About TRIONIS



TRIONIS offers the issuers of 165 million cards access to cash at more than 74,000 ATMs across Europe. TRIONIS provides processing services to its users for switching POS and ATM card payment transactions on EUFISERV and all other payment card brands. TRIONIS is a Brussels-based company owned by retail banks from nine European countries, the European Savings Banks Group and First Data. Its mission is to develop, maintain and operate international payment services for the financial industry. More on www.trionis.com .



Source: Company press release.

Related articles by Zemanta

• INTERAC(R) and PULSE(R) collaborate to provide cash access in Canada for Diners Club, Discover and PULSE cardholders (newswire.ca)


• Walmart: No More Paycheck Here's Your Pre-Paid Debit Card [Unbanked] (consumerist.com)


• Overdraft fees revisited (blogs.reuters.com)

InnerCircle for Powerful Women in Banking

New Professional Network for Women in Banking

US Banker  |  September 2009

The editors of American Banker and its sister publication US Banker are proud to announce the launch of a professional peer-networking site for senior-level and aspiring women in banking and financial services.

The new network — called the Inner Circle — is designed to extend the dynamic community that has developed around the 25 Most Powerful Women in Banking event program and rankings. Its goal is to identify, support, and connect top-performing women in financial services.



The Inner Circle will include blogs, discussions, and online events on topics of interest to the community. It will also serve as an up-to-the-minute one-stop shop for information about the 25MPWIB rankings and program.



Please visit www.25mpwib.com/InnerCircle to find out more.

Lack of Online Banking Security Causing Customer Churn - Gartner

Financial fraud affects consumer bank behavior, Gartner Finds - (PDF)

By Marcia Savage, Features Editor, Information Security magazine

A new report released by Gartner Inc. Wednesday shows the impact of data breaches and financial fraud on consumers' behavior, including their banking activity. About 7.5% of U.S. adults lost money due to some type of financial fraud, mostly due to data breaches, according to a survey of 5,000 Americans conducted by the research firm last September.

Of the respondents, 14% said they were victims of credit card fraud and 7% said a thief used their debit or ATM card to make purchases or withdraw cash. Six percent said they were victims of new account fraud, where a thief opened an account in their name, while 5 % said a criminal stole money out of their existing checking or savings account and 4 % said a thief forged checks on their account.

Compared to the average consumer, nearly twice as many people who lost money to fraud changed their shopping, payment and e-commerce behavior, according to Avivah Litan, vice president and distinguished analyst at Gartner.

"We all read about the data breaches. This survey certainly proves they're having an impact in terms of spooking customers," Litan said.

Victims of electronic checking and/or savings account transfer fraud were almost five times more likely to change banks due to security concerns, compared to the average consumer, according to the report.

"From a bank point of view, this is really causing customer churn," she said. "It's costing them customers."

Consumer security concerns have a big impact on online banking, she said, with 20% of survey respondents worried about security, saying they stopped or won't start transferring money between accounts. The percentage doubled among fraud victims. While only 6% of the consumers surveyed said they changed banks due to security concerns, the number jumps to 28% among checking/savings account transfer fraud victims, according to the report.

Thirty-five percent of survey participants said security was an important factor in their decision to bank online or do more business with their bank online, but security isn't as important to consumers as bank fees and customer service, the Gartner survey showed.

Security, however, becomes much more important for consumers who have been victims of a financial account takeover, according to the report. Litan advised financial institutions that have implemented strong security to publicize that fact to their customers to gain their confidence. They should also engage customers to participate in security; an example would be to sign up for a service that alerts them to suspect transactions, she said.

"There's a lot of value in (banks) advertising your security," Litan said. Right now, banks aren't using security as a customer retention tool, she added.

Related articles by Zemanta

• Online Banking's Innate Security Flaws (information-security-resources.com)
• 3DES, DUKPT & E2EE Explained (information-security-resources.com)
• Anti-Phishing with Two Factor Authentication (information-security-resources.com)

How Big of a Problem is SQL Injection?

From NetSecurity.org:



Exactly how big of a problem is SQL injection? Can you provide a rough picture to our readers not familiar with the issue?

SQL injection is a HUGE problem.



It is both fairly common, as well as having the potential to be a huge risk to a business either directly or indirectly.



A good example of the risk of SQL Injection is the recent revelation that SQL injection was a key part in a number of the recent large credit card data breaches - Heartland, Hannaford, TJX and others.



In these cases, SQL injection was used in order to get further into an organization and do something else, however in a lot of cases SQL injection can be serious enough all on its own.



I've seen examples such as a small US bank that had over 5,000 mortgage applications stolen from an application via SQL Injection, and hence all of the information needed to steal all of those people's identities.



For those not familiar with SQL injection, it occurs when unvalidated user input is included within Structured Query Language (SQL) statements that are dynamically assembled within the application. For example, say the application is assembling a query for product information with a “productid” variable supplied by the user with a query something like this:



string query = "SELECT * from products WHERE productid =" + productid

Read in it's entirety at NetSecurity.org

Heartland Breach Update on Class Action Lawsuits

Heartland Update: Judge to Hear Motions to Dismiss Class Action Suits

Attorney: Discovery is "the Biggest Battlefield"

September 9, 2009 - Linda McGlasson, Managing Editor

Preliminary legal hearings have begun in the class action suit against Heartland Payment Systems, the U.S.-based payments processor that was breached in 2008 



More than 30 financial institutions from 22 states have joined the lawsuit against Heartland, which is the largest data breach on record, with a reported 130 million credit and debit cards stolen.



One of the lawyers representing the financial institutions, Richard Coffman of Beaumont, TX, describes the case management conference in late August as a "very good one" for the banks.



A preliminary case management hearing was held on August 24 in Houston's Southern District Court of Texas, before Judge Lee H. Rosenthal, who set the dates for future hearings in the case,



There are two class action suits -- one on the consumer side and the second on behalf of the financial institutions affected by the massive breach. Earlier in June, a Multidistrict Litigation (MDL) panel decided the suits would be held in Houston....



Continue Reading at Bank Info Security

Related articles by Zemanta

• Alleged data breach kingpin had plenty of help (computerworld.com)


• Justice indicts three for alleged role in U.S.'s largest financial info heist (scientificamerican.com)


• Hackers Indicted For Stealing 130 Million Credit Card Numbers [Security] (consumerist.com)

Top Malware Threats Over the Last 20 Years

PandaLabs has issued a ranking of the most insidious malware threats that have surfaced in the past 20 years.  Here is their list:



Friday 13 or Jerusalem

Created in Israel in 1988 and first reported in Jerusalem, this supposedly commemorated the 40th anniversary of Israel. Whenever the date was Friday 13, it would delete all programs run on an infected computer.



Barrotes

The first well-known Spanish virus appeared in 1993. Once on the computer, it would remain hidden until January 5, when it would activate displaying just a series of bars on the monitor.



Cascade or Falling Letters

Created in Germany in 1997, this virus would make the letters on the screen fall in a cascade whenever it infected a computer.



CIH or Chernobyl

This virus was produced in Taiwan in 1998, and took just one week to propagate and infect thousands of computers.



Melissa

First appeared on March 26, 1999 in the USA. This ultra-smart malicious code used social engineering to spread, with a message that read "Here is that document you asked for. . . don't show anyone else ;-)"



ILoveYou or Loveletter

So famous, it hardly needs introduction. This romantic virus emerged from the Philippines in 2000. With the subject 'ILoveYou' it infected millions of computers around the world and even hit organizations like the Pentagon.



Klez

Created in 2001 in Germany, it only infected computers on the 13th of odd months.



Nimda

The name is basically 'admin' spelled backwards, as it was able to create administrator privileges on infected computers. It originated in China on September 18, 2001.



SQLSlammer

This was another major headache for companies. It first appeared on January 25, 2003, and affected more than half a million servers in just a few days.



Blaster

This virus, created in the USA on August 11, 2003, contained a message in its code: "I just want to say love you, San!!" (We still don't know who 'San' is), and "Billy gates, why do you make this possible? Stop making money and fix your software".



Sobig

This German virus was famous in the summer of 2003. The F variant was the most damaging, it attacked on August 19 of the same year and generated more than 1 million copies of itself.



Bagle

This emerged on January 18, 2004, and has been one of the most prolific viruses with respect to the number of variants.



Netsky

This worm also came from Germany in 2004 and exploited vulnerabilities in Internet Explorer. Its creator was also responsible for the notorious Sasser virus.



Conficker

Last on the list and most recent, it appeared in November 2008. Oddly enough, if your keyboard is configured in Ukrainian, it won't affect you...

Related articles by Zemanta

• Security vendor: Snow Leopard malware defense 'very basic' (infoworld.com)


• Experts waiting for worm to turn (thestar.com)


• How To Get Rid Of A Trojan Horse Virus That Won't Go Away (makeuseof.com)


• Future of Cyber Security: Hackers Have Grown Up (wired.com)


• Searching Jessica Biel Is Hazardous To Your Computer's Health (socialitelife.celebuzz.com)

Put your Phishing Saviness to the Test with the SonicWALL Phishing and Spam IQ Quiz.   I think we would all be more "savvy" if we stopped "typing" altogether.  The purpose of phishing is to obtain information.  The way phish pholk obtain that information is by tricking consumers into "typing" their information into a box on a cloned, counterfeit, etc. website.  If people didn't type...phish pholk couldn't swipe.  That simple. 



We need to get more pholks on board the Don't Type, Swipe Train. 



But, until then, 43% of even the smartest pholks get phooled by phishing attacks...

From SonicWalls Website:  

 

Chances are that in the past week you've received an e-mail in your inbox that pretends to be from your bank, e-commerce vendor, or other on-line site.



Hopefully you've realized that many times this e-mail is fake - a phishing or spam e-mail. The sender (phisher) of these fake e-mails wants you to click on the link in the e-mail and go to a phishing Web site - which will look just like the Web site of the company being phished. Once on the phishers Web site they hope to obtain your account, financial, credit and even identity information. Of course not every e-mail you receive is a phish. In fact you should expect your bank or e-commerce vendor to send you legitimate e-mail. But how can you tell the difference? Well that's what the Phishing IQ test is all about - give it a try.

Instructions

To begin click the "Start the Test" button below. Each question will be displayed one at a time in a browser window and you decide if the e-mail is a "Phish" or "Legitimate." When you have completed the test you'll get a score along with a chance to see "why" a question was a phish or legitimate. Good Luck!

Helpful Hints:

1. At the bottom of each "e-mail", on the status bar, there is the URL of the active link - the one being pointed to in the e-mail. You can decide if what is displayed is "real" or fake.


2. For this test, assume that you are "John Doe" or "Jane Doe" - in other words that you received the e-mail in your inbox addressed to you.
   
   

Phishing Facts

$886 – The average dollar loss per Phishing Victim (Gartner, Dec 17, 2007)

$3.6 Billion – The total dollar loss of all phishing victims over a 1 year period (Gartner, Dec 17, 2007)

3.2 Million – The number of people who fell victims to phishing scams over that same 1 year period (Gartner, Dec 17, 2007)

8.5 Billion – The estimated number of phishing e-mails sent world-wide each month (SonicWALL, 2008)

32,414 – The number of phishing web sites that were operational in May 2008 (Anti-Phishing Working Group)

Phishing IQ Facts

1,012,000 - The number of people who have taken the Phishing IQ Test worldwide

7.4% - The percentage of test takers who get 100% - answering all 10 questions

86% - The percentage of phishing e-mails that are identifies as "phish" by the test takers

57% - The percentage of legitimate e-mails that are identified as "legitimate" by the test takers

PAY.ON and Elavon Formulate Strategic Partnership

Munich, Germany and London, Sept. 9, 2009 -(PIN Payments News Blog)- PAY.ON AG, a leading supplier of online payment and risk management technologies, and Elavon, a wholly owned subsidiary of U.S. Bancorp (NYSE: USB) and a leading global card acquirer, announce a cooperation to market their global payment services.



In cooperating, the two companies not only maximise their services but also manifest their global coverage. As a leading online payment technology provider and processor of payment transactions, PAY.ON serves its clients throughout the world with more than 140 different payment systems and connects on average 3-4 connectors every 4-6 weeks thereby offering a magnitude of payment methods. Typical clients of PAY.ON are leading payment service providers, payment scheme suppliers, acquirers, remittance provider, and risk management providers. With Elavon, the Company has forged a global relationship offering services that support the strong technology of PAY.ON.



The clients of PAY.ON have access to Elavon’s robust and secure payment platform that supports multi-currency and cross-border payment solutions for a number of industry segments such as retail, international sales trade, airlines, tourism, hotels and catering services. Elavon offers traditional and alternative payment methods and supports card-not-present-solutions from Visa & MasterCard as well as international and domestic debit cards such as Maestro, ec-cash, Electron, and V-Pay.



PAY.ON serves PSPs throughout the world with more than 140 different payment systems and provides Elavon an opportunity to continue expanding its global reach. In addition, PAY.ON and Elavon are in the position to offer localised services adapted to the individual market’s requirements. Therefore, both companies are able to penetrate new geographical as well as industrial markets. PAY.ON has recently opened a new office in Hong Kong and is well connected throughout Asia.



Robert Kuzelj, CEO of PAY.ON comments: „PAY.ON enhances once more its global partner network. We are very pleased to add Elavon’s merchant processing services to our payment platform. Both companies will benefit from synergy effects. The leading technology of PAY.ON combined with the competitive services of Elavon enable both companies to maximise their market potential. This will allow PAY.ON to further support its clients in becoming more active cross-border.”



Susanne Jenz, Head of Indirect Sales of Elavon adds: „As a globally acting technology provider, PAY.ON is a perfect match for us. Elavon not only offers the PSPs of PAY.ON a solid range of services, but also individual models of cooperation. We are very pleased to offer our services to the PSPs of PAY.ON.“



About PAY.ON AG:



PAY.ON is an internationally leading supplier of global online payment and risk management technologies. Clients of PAY.ON are leading payment service providers, payment scheme suppliers and financial institutions. The Company, founded in 2004 is headquartered in Munich, and has subsidiaries in Hong Kong and Manila. The Company follows a course of steady growth and expansion. PAY.ON offers the core competencies of global outsourcing services and routing for monetary transactions, wallet solutions, risk management and monitoring services, as well as various technical back-end solutions. All products are white-label and fully PCI-certified.



Source: Company press release.

sQuid eMoney Launches Prepay Contactless Smart Card with Pizza Hut

DUNDEE, Scotland–(PIN Payments News Blog)– sQuid eMoney today announces a new Pizza Hut branded pre-pay contactless smartcard for customers at stores in Dundee.



The eMoney smartcard uses contactless payment, the latest innovation in retailing. It combines ‘pay as you go’ to make life easier for customers with a loyalty email voucher scheme giving customers rewards to redeem in-store.



With three stores in Dundee and Dunfermline now accepting sQuid eMoney payments, this is an extension to sQuid’s launch across the City of Dundee, where they already work with Dundee City Council, the National Entitlement Card (NEC), the University of Abertay and local Dundee retailers.



sQuidcard provides contactless eMoney services in retail and campus networks. With an ability to provide an available-to-all prepaid card and to deliver multi-purse technology, sQuid is much more flexible than bank cards or other loyalty schemes. It has been specifically designed to replace cash transactions in fast retail environments, and is compatible with transport smartcard applications including ITSO.



Andrew Pollard, the franchisee owner of the three Dundee stores says: “I am pleased to be supporting the local community here in Dundee while being among the first to use this innovative and new payment scheme for our customers. sQuid means that we can make our customers life easier at the point of purchase, while rewarding loyal customers with some great deals at the same time as.”



All sQuid eMoney cards are accepted at the participating Pizza Hut Delivery stores and they are also launching with a limited edition branded card, which can also be used across Dundee. Customers can register their cards online and then view their transactions, top-up their card and receive special money-off vouchers by email.



sQuid is a new kind of cash: smart cash. It can be used to pay for those everyday items, such as your morning coffee, a mid morning snack, your lunchtime sandwich or evening pizza treat. It saves time, is more convenient than cash, and helps you keep an eye on where your money is going. sQuid is an independent eMoney network, you can’t get into debt and you don’t even need a bank account to use it, making it ideal for everyone.



“It’s great to be working with Pizza Hut in Dundee, following on from some other successful trials we have undertaken with similar high profile, high street brand,” says Adam Smith, Managing Director of sQuidcard. “We are extending the use of sQuid across the wider Dundee community and the way that people pay for everyday items; we’re making life so much easier. By incorporating easy payment on a branded card for Pizza Hut and emailing personal voucher rewards to registered card holders, customers will be able to enjoy hassle-free payments whilst benefiting from some great deals.”



About sQuidcard Limited



sQuid eMoney is the alternative to the debit and credit card networks for sub £10 contactless transactions – a market forecast to grow rapidly, replacing some of the £200bn cash transactions made each year in the UK.



Deploying its own technologies, with proven contactless payments between card and reader, sQuid delivers a significantly faster transaction than chip & pin.



sQuid has a multi-purse capability and is compatible with ITSO (transit) schemes. sQuid operates enhanced security between the card, the terminal and the payments engine, and allows additional functions to be delivered to the card holder and the retailer. This enables a sQuidcard to be used not only for low value purchases but also as a pre-pay transit card.



sQuid eMoney is available in Bolton, Greater Manchester where it complements the Council’s Bolton Smart smartcard programme. This includes a transport smartcard service which is being developed with the sQuid and Greater Manchester Passenger Transport Executive. sQuid is also available in Dundee in partnership with the Scottish National Entitlement Card.



sQuidcard is a subsidiary of Nucleus Limited, a leading brand, internet and venturing business.



www.squidcard.com/pizzahut



About Pizza Hut Delivery



In 1958, Frank and Dan Carney had an idea for a great local pizza restaurant in Wichita Kansas. The small 25 seat restaurant only had room for 9 letters on the sign… the building looked like a hut… so ‘Pizza Hut’ was born!



Fifteen years later, we opened the first UK restaurant and since then we’ve become the biggest Pizza Company on the planet!



For more information about Pizza Hut Delivery please visit www.pizzahut.co.uk/delivery

Press Release Contacts

Armadillo Consulting Group Lloyd Mullenger, +44 (0)203 195 6727 lloyd@armadillocg.com

Press Release Tags

Tags: Consumer, Contract/Agreement, Europe, hardware, Men, Online Retail, Other Consumer, Other Professional Services, Other Retail, Other Technology, professional services, Restaurant/Bar, Retail, Security, Software, Specialty, Supply Chain Management, Technology, united kingdom, women

Related articles by Zemanta

• Half Of Tokyoites Prefer to Wave Instead of Swiping and Counting [Electronic Money] (gizmodo.com)


• A Third of Web Users are Too Scared To Shop (sitepoint.com)

Google Offering Micropayments for Newspapers?

Extra Extra...Read All About It...



Google moves toward micropayments for newspapers

According to the Nieman Journalism Lab,  Google want to build a payment platform that is geared toward newspapers that want to charge for digital content.

Here's the letter that details Google's plan and was sent  to the Newspaper Association for America.



"While currently in the early planning stages, micropayments will be a payment vehicle available to both Google and non-Google properties within the next year," the letter, as published by the Nieman Lab, explained. "The idea is to allow viable payments of a penny to several dollars by aggregating purchases across merchants and over time. Google will mitigate the risk of non-payment by assigning credit limits based on past purchasing behavior and having credit card instruments on file for those with higher credit limits and using our proprietary risk engines to track abuse or fraud. Merchant integration will be extremely simple."

Related articles by Zemanta

• Google gets into micropayments (blogs.reuters.com)

Hawkins Strategic Releases Retail 3.0 Paper on Marketing Communications

Hawkins Strategic was the creator of SmartShop, the very innovative and very promising "personalized marketing" platform employed by biometric payments firm Pay By Touch. The results were outstanding, click picture on right for brief overview or read about Supervalu's adoption of SmartShop here.



Hawkins Strategic issued a press release announcing their new whitepaper:



Los Angeles, CA: (PIN Payments News Blog | Thursday, September 10, 2009 ) Hawkins Strategic today announced the release of a new position paper on Marketing Communications, the latest installment in its Retail 3.0 series. The paper describes how product-driven and customer-focused strategies must interact in the Retail 3.0 ecosystem, and provides a framework within which marketers can decide what communication channels are appropriate for any given task.



Marketing Communications makes clear the importance of tying marketing spend to a Shopper Inventory, providing management a way to truly begin objectively measuring marketing effectiveness. The paper includes an example of a Shopper Inventory statement drawn from Gary Hawkins’s book Customer Intelligence, where the idea was first raised. This analysis makes it possible to measure total marketing cost per realized shopper. This metric is revolutionary. It is also a reality for 3.0 Retailers—today.

“CEOs should demand regular measurement of their company’s total marketing cost per realized shopper, a powerful new metric available to companies in the Retail 3.0 ecosystem,” says Gary Hawkins. “The growing divide in the retail industry between those retailers who possess shopper-identified transaction data and those who do not, will become a chasm when applied to the area of marketing communications.”



The Retail 3.0 position paper series has received extensive coverage in industry media. The first paper in the series, Shopper Data, demonstrated why retailers without means to consistently identify shoppers and link them with their transactions will become increasingly disadvantaged, regularly underperforming compared to their peers and being penalized in the financial markets.



To download Marketing Communications and learn more, please click here.



To learn more about Retail 3.0, please click here.



About Hawkins Strategic: Hawkins Strategic is leading the genesis of Retail 3.0, a new industry ecosystem driven by relevant marketing to the individual shopper, supported by realtime marketing and supply chain synergies, and built on the foundation of shopper-identified transaction data. From launching one of the first loyalty programs in the U.S., to advising some of the world’s largest and most progressive retailers and manufacturers; from founding the world’s first truly personalized retail communication platform, to partnering with world-class enabling technologies; Hawkins Strategic is ideally and uniquely positioned to move the industry to this next level through thought leadership, strategic guidance, value creation, and its Center for Advanced Retail Technology.



For more information please contact Berkeley Hawkins at berkeley.hawkins@hawkinsstrategic.com.

Related articles

• • Consumer Closeup - Pay by Touch
  
  
  • PBT Expands into Financial Services
  
  
  • Pay by Touch Wins 3rd Award in 30 days
  
  
  • A Closer Look at PBT Loyalty Program
  
  
  • A Closer Look at PBT Online
  
  
  • Aite Group Report on Biometrics
  
  
  • A Closer Look at PBT's ATM Direct
  
  
  • 60 Days of Breathless Activity
  
  

Analyst Upgrades MasterCard

NEW YORK (AP) -- A Citi Investment Research analyst upgraded MasterCard Inc. Wednesday, writing in a note to investors that a negative adjustment in consumer spending is largely over.



Analyst Donald Fandetti lifted his rating for the credit card and global payments processor to "Hold" from "Sell" and lifted his price target to $209 from $172. While consumer spending remains weak and there is a trend towards less consumption, Fandetti said he has a positive outlook for the sector.



"We are upgrading ... as signs of stabilization in U.S. and global economies simply make us less bearish," Fandetti said.



Tougher new card regulation and constrained credit will likely contribute to soft volumes, Fandetti said. Still, fourth-quarter results should be an improvement from a year ago and would get a boost from any weakness in the U.S. dollar.



Fandetti also upgraded Capital One Financial Corp. Wednesday, citing an expected improvement in credit losses.



Shares of MasterCard rose $2.28, or 1.1 percent, to $209.73 in late trading. The stock has traded between $113.05 and $239 over the past year.