Canada's Debit Market in Turmoil

Canada's debit card market is in turmoil as payment processors begin "aggressively marketing" new Visa and MasterCard debit cards to retailers, a leading merchant organization says.



The retailers fear the credit card companies' entry into Canada's $168 billion debit market will mean higher fees for them.



"We've been overwhelmed by calls from small merchants," Diane Brisebois, president and chief executive officer of the Retail Council of Canada, said in a telephone interview. "We can't believe some of the stories we're hearing."



Canada's debit market is currently dominated by Interac, a low-cost, non-profit member-owned association, which charges merchants a flat fee per transaction.



The Canadian Federation of Independent Business said it's also receiving complaints from members, who are confused because the new debit products are being introduced at the same time as the CHIP-enabled card readers...



Continue Reading at The Star

Related articles by Zemanta

• Canada to Introduce National Debit Card Regulations (pindebit.blogspot.com)


• Credit card giants create debit havoc (thestar.com)


• Flaherty set to deal debit card set of rules (thestar.com)

APWG Phishing Report Released

Here is a sampling...(click to enlarge)





Click Here to Read the Report (PDF)

Online Banking Growing in Vietnam

VietNamNet Bridge – Initial responses gained from online banking services have been so positive bankers believe this will be a future key product.

Currently, most Vietnamese people have to visit banks to carry out transactions. Whereas VIP clients, or those with large sums have staff to sent to them.



Either way, Vietnamese banks are coming to the same conclusion as those in the west – that it’s more convenient and cheaper all around if people are allowed to carry out their own transactions – online.



Therefore, online banking, which has been provided by some banks on a trial basis, has brought a new solution. With a mouse click, busy office workers just have to spend five minutes only to wrap up a transaction at any time they want.



Techcombank says its online banking has attracted 1,000 accounts just two weeks after launching the service. One third of the accounts have the balance of 50 million dong or higher.



Rahn Wood, a senior executive of Techcombank, said currently, online baking remains unfamiliar in Vietnam, but will be welcomed by Vietnamese people.



“This will be the key product of banks in mobilising capital ,” he said, adding that the percentage of Internet users in Vietnam has been increasing, while Vietnamese people have higher income and of course, higher deposits



Surveys conducted worldwide have showed clients who make deposits through Internet Banking services maintain deposit balances higher than those who make traditional deposits.



Therefore, he has revealed that Techcombank has decided to develop online activities as part of their plan to become the leading retail bank in Vietnam.



Nguyet Oanh also thinks that Internet banking will be indispensable in Vietnam. She points out that not only developed countries in the US and Europe, but ASEAN countries like Thailand and the Philippines have developed the services year ahead of Vietnam.



Not only ‘old banks’, new comers in the market, including Lien Viet Bank and Saigon-Hanoi Bank have also announced the plan to develop new online products.

VietNamNet/VnMedia

Related articles by Zemanta

• Why is My Online Banking So Lame? (pindebit.blogspot.com)

Guardian Website Hacked - Half Million at Risk

Hackers attack Guardian website



Personal details of half a million users at risk

By Janine Milne - Computer Business Review

Personal details of around half a million users of Guardian’s UK jobs websites may have been compromised in a hacking attack this weekend.



The Guardian claimed that a "sophisticated and deliberate hack" was halted in mid hack and the site was secure, but advised users to contact their credit reference agency and UK prevention service Cifas to ensure their personal information had not been breached.



Patrik Runald, senior manager of Websense's security labs, advised users to be extra vigilant over the next few weeks: "What we’ve seen happen before, in similar breaches, is that the individuals who had their data stolen have become targets of highly targeted attacks. With the bad guys having access to personal information about the target, it’s makes it possible to create a very attractive and believable email that will have a high likelihood to trick the recipient into click on a link/run the attachment," said Runald.

Continue Reading at CBR

Related articles by Zemanta

• Hackers target Guardian jobs site (guardian.co.uk)


• Guardian Jobs website targeted by hackers (telegraph.co.uk)


• Hackers target Guardian jobs site (news.bbc.co.uk)

NEACH Presents Payment Insights 2009 - “Mastering the Winds of Change”

Strategic Insights from NACHA Executives, Federal Reserve Executives, and Nationally Recognized Industry Experts

Payment Insights 2009



BURLINGTON, Mass.--(BUSINESS WIRE)--NEACH (New England Automated Clearing House) presents its annual executive payments conference, Payment Insights 2009, in the midst of extraordinary industry change. This important conference will be held on November 2 - 3, 2009, at the Boston (Burlington) Marriott Hotel, Burlington, MA. Program sessions include keynote presentations, panel discussions, and in-depth presentations on topics that executives and payments professionals need to know, focusing on the opportunities and risks taking place in the payments environment.



“This year’s program includes such experts as Jane Larimer, EVP and General Counsel, NACHA, and payments law expert, attorney Al Watkins sharing their views on the legal aspects of payments convergence and Mark Sievewright, SVP, Strategic & Corporate Marketing, Fiserv among our general session speakers. Also, an insider look at alternative payments initiatives will feature Wenceslao Casares, Co-CEO, Bling Nation, Guido Sacchi, CEO, Moneta, and Samantha Carrier, senior director, NACHA,” stated Linda O’Hara, NEACH CEO. “They are industry leaders who will present thought-provoking content to challenge our members to think differently about payment opportunities.”



NEACH’s Breffni McGuire, Senior Director of Payments Strategy added, “This past year was difficult for financial institutions and the need for risk management and operational efficiencies was paramount. As we emerge from the recession, institutions need to have a plan for allocating scarce resources to strategies that will move them forward. At Payment Insights, the expert presenters know where the risks and opportunities lie to help institutions move ahead more safely and competitively.”



Senior executives and leaders from various payments arenas will share their views on industry direction, opportunities, challenges, and results. Professionals from across the payments spectrum will find the information thought-provoking and actionable. Financial institutions, cash managers, and technologists will benefit from the conference.



About NEACH



The New England Automated Clearing House (NEACH) is a non-profit association that helps members originate and receive ACH transactions and provides products, services, education, and marketing to its member institutions and other New England entities engaged in electronic payments in order to increase the acceptance, use, and quality of electronic transactions.

Related articles by Zemanta

• 100 Billion Transaction Plateau Reached for First Time in U.S. (pindebit.blogspot.com)

PYMNTS.com Launches to Provide the “First Look” at Developments in the Payments Industry Worldwide

Joint venture between Business Wire and Market Platform Dynamics creates an online

platform for the industry to contribute and consume content related to critical happenings in payments worldwide



NEW YORK--(BUSINESS WIRE)--PYMNTS.com, is an online media channel that captures user-generated and expert-driven commentary, information, news and analysis on “what’s next” in the payments sector, worldwide. The site provides a platform for industry professionals to share content related to their latest company and product developments, to tap into the collective commentary and analysis from experts, bloggers and industry pundits, and to interact with industry thought leaders and other influentials on topics of critical importance to the future of the sector. PYMTNS.com was launched on October 20, 2009 in New York at The Lydian Roundtable, an annual closed door gathering of industry executives, in which Warren Buffett delivered a video keynote produced by DS Simon Productions Inc on “what’s next” in the payments sector.



PYMNTS.com. provides an innovative new platform for emerging players to “pitch” their venture and companies in the sector to launch new products. The PYMNTS.com wiki provides a first-ever country-specific payment information repository, created and maintained by professionals in those countries with access to and knowledge of their local payments environment. Breaking news is provided by a direct feed to the site from Business Wire. PYMNTS.com will also host the third edition of Paying with Plastic: The Digital Revolution in Buying and Borrowing written by Market Platform Dynamics Founder and Chairman, David S. Evans and Richard Schmalensee, respectively.



PYMNTS.com will address a variety of topics, including the “mash-up” of payments and mobile, payments and social media/social networks, and payments and online media as well as the technologies and applications that are driving the sector’s innovation and evolution worldwide.



A joint venture of Business Wire, a Berkshire Hathaway Company and Market Platform Dynamics, PYMNTS.com will redefine the ways in which B2B news and information is both generated and distributed. “PYMNTS.com delivers an important ‘first look’ at what’s important to the sector, by those who are shaping its future,” remarks Karen Webster, President of Market Platform Dynamics. “We’re often asked to help our clients define ‘what’s next’ in the context of the new technologies, new entrants and new business models and observed an opportunity to aggregate user-generated and expert-opinion on those topics in an engaging medium. We hope that PYMNTS.com will play an important role in both stimulating and documenting the exciting developments that have and will enable commerce worldwide.”



“Discovering and creating new and innovative ways to deliver and feature breaking news content from our members is a primary goal for us at Business Wire," said Cathy Baron Tamraz, Business Wire’s President and Chief Executive Officer. “PYMNTS.com takes the online industry trade publication concept and moves it into the 21st century by combining news and commentary from media, industry leaders and academics with the tools of social media to bring all interested parties into the conversation.”



PYMNTS.com addresses topics of interest to the payments community in The Briefing Room. New entrants and established companies alike can pitch new products and services in the Hot Pitches area. Intel is the site’s shared content platform which encourages everyone to upload content that they would like to share with their fellow professionals, Industry Insider features “what’s up” with the leading players, and offers a chance to Ask the Industry. Community interaction is encouraged in various country wikis and on the PYMNTS.com blog.



A key feature of the site is the Lydian Payments Journal which is an online journal focused exclusively on the global payments sector. Named after the kingdom credited with inventing coinage in 600 BC, this monthly journal will publish original pieces from prominent thought leaders across the globe. It will shape and chronicle the industry on a spectrum of topics from policy issues such as competition, consumer protection, fees and interchange to disruptive innovation such as social lending, remittance products, and mobile commerce.



For information on the editorial calendar for upcoming topics being featured on PYMNTS.com, please contact editorial@PYMNTS.com



You can also subscribe to receive the daily PYMNTS.com newsletter at subscribe@PYMNTS.com.



Follow us on Twitter at http://twitter.com/pymnts join the PYMNTS Linked In group.



For information on how you can provide content to PYMNTS.com portal contact us at info@PYMNTS.com.



About Market Platform Dynamics (MPD):



MPD is a management consulting firm that ignites catalyst businesses by leveraging new technologies, business models and pricing strategies. MPD has a wealth of experience within industries that are characterized by complex platform-centered ecosystems, including payments, mobile/telecoms, digital and advertising-supported media, and software-based businesses.



MPD works with both incumbents and new entrants, offering a unique lens into the dynamics that shape the competitive playing field. In addition to traditional consulting-based services, MPD’s Catalyst Ventures provides intellectual and human capital to new firms. MPD’s experts include economists, econometricians, product development specialists, and strategic marketers who apply cutting-edge business theory and statistical methods to the practical problems of building and growing a profitable catalyst business. MPD is headquartered in Cambridge, MA, and has offices in London and Hong Kong.



For more information visit www.marketplatforms.com.

Windows and Online Banking, Like Oil and Water

Enterprise IT Planet did a story regarding online banking and Windows. Again, it's not necessarily Windows that is the problem. The problem is that 93% (as of July) of Internet users employ Windows and so that's what is being targeted. If everyone switches over to Linux, as recommended below, then so will the bad guys redirect their malware efforts towards targeting that platform. Why are people stuck on band-aids? Swipe, Don't Type. Eliminate phishing completely don't educate people how to recognize it. It's unrecognizably sophisticated and will become even more so. So don't click, don't type, don't not enter. Swipe, Encrypt, Transmit....



By Michael Horowitz

October 26, 2009

In August I wrote an article here that suggested rather than doing online banking from a Windows computer, a much safer approach is to re-boot using Linux (either from a CD, USB flash drive or a memory card) and running Firefox under Linux to access banking websites. (Editor's Note: It's a lot easier to plug in a HomeATM device into the USB port and bank via that separate machine)



Now, a consensus seems to be forming behind this idea. The cons"senses" should be forming around the idea to use a separate machine for online banking. That separate machine is the HomeATM.



For months, Brian Krebs has been writing in the Washington Post about companies, municipalities and school districts that suffered large losses due to online banking fraud. The impetus for my article came from one of his first stories.



After interviewing businesses that suffered these losses, Krebs would inevitably be asked by the owners of the business about protecting themselves going forward. Addressing this in a recent column, he said:

"The simplest, most cost-effective answer I know of? Don't use Microsoft Windows when accessing your bank account online. I do not offer this recommendation lightly ... But I have interviewed dozens of victim companies that lost anywhere from $10,000 to $500,000 dollars because of a single malware infection. I have heard stories worthy of a screenplay about the myriad ways cyber crooks are evading nearly every security obstacle the banks put in their way ... all of the attacks shared a single, undeniable common denominator: They succeeded because the bad guys were able to plant malicious software that gave them complete control over the victim's Windows computer."

The rest of the column goes on to discuss security measures taken by assorted banks and how the bad guys breached every one of them.



Antivirus and Anti spyware Software



If you think anti-virus and/or anti-spyware software will protect a Windows computer, think again. You are certainly safer running anti-malware software but you are not safe. As Randy Abrams of ESET put it recently, "There was a day that anti-virus software could protect you against almost all of the viruses in the world, but that day was significantly more than a decade ago."



Anti-malware software is only one line of defense, and it cannot be your only defense. Whether anti-malware software protects you 10 percent of the time or 90 percent of the time, everyone agrees that it cannot protect you 100 percent of the time.



In one case that Krebs wrote about, the malware that drained the bank account first infected the computer a year earlier, despite antivirus software. When I'm called on to clean up an infected computer, I always run a handful of anti-virus and anti-spyware programs. Normally, the third, fourth and fifth scans find malware that the first few products missed.



The amount of malware targeting Windows is staggering.



Just days after my previous article on online banking was published, Trend Micro reported that "... in the first six months of 2008 ... 253.4 million systems were infected with malware. The comparable volume for 2009 is almost double at 491.2 million." The same blog posting says that AV-Test.org is finding more than a million new malware samples every month. In the good old days of 2007, they had only 5,490,000 samples of malware....

Continue Reading

Related articles by Zemanta

• Trend Micro CEO: hackers hitting AV infrastructure (computerworld.com)


• Gadgetwise: 'Antivirus' Ad on NYTimes.com (gadgetwise.blogs.nytimes.com)

Hypercom Teams with Voltage Security in Fight Against Fraud

Scottsdale, Ariz., Oct. 26, 2009 -PIN Payments News Blog– Hypercom Corporation (NYSE: HYC) today announced key initiatives to step up the payment card industry’s ability to attack payment card data fraud. Effective immediately, the Company is bringing its Asia-Pacific-based EFTSec Server™ payment data encryption technology to North America, Latin America and Europe, teaming with Voltage Security, Inc. to deliver highly innovative and scalable cryptographic technology, and forming a global data protection business unit to address customer-specific security threats with five key approaches to data security.



“We are bringing to market innovative and highly adaptable security solutions that can meet each of our customer’s individual implementation requirements and technology choices to protect cardholder data and preserve cardholder trust in the integrity of the electronic payments system,” said Philippe Tartavull, Chief Executive Officer and President, Hypercom Corporation. “Banks, processors, retailers and consumers will not tolerate endless attacks and incessant expenditures on card data security. Just as the threats are multi-faceted, so too must be the security approaches to counter these threats.”



Delivers Five Key Components Required to Protect Payment Card Data



End-to-End Payment Data Protection: Hypercom believes end-to-end payment data protection encompasses protecting data throughout its lifecycle—not only encrypting it when in transit but also when at rest in a merchant or payment processing enterprise environment. Hypercom also believes that the scope of payment data protection includes the use of strong security technology throughout the design, deployment, operation and maintenance of payment terminals and their applications including the loading and storage of debit keys that reside on those devices.

• Line Encryption for Data in Transit: Line encryption encrypts cardholder data during transaction processing, starting at the payment terminal and ending at a trusted point where the data is decrypted. That trusted point can be within a large merchant or payment service provider environment. Hypercom was the first electronic payment solutions provider to initiate card data encryption with its EFTSec technology introduced in 2006. Developed to combat attacks then prevalent in several Asian countries, EFTSec is now the defacto industry standard for payment terminal initiated link encryption in Asia. EFTSec is already in use by seven major banks with combined assets of more than US$178 billion, and licensed to and implemented by several major terminal manufacturers. Unlike recently introduced competing solutions that require customers to purchase custom equipment or utilize third party decryption services, EFTSec leverages existing network infrastructure.
  
  


• Protection for Data End-to-End: Hypercom has teamed with Voltage Security, Inc. to implement cryptographic technology that delivers an array of end-to-end encryption across its product line. Management of card data at rest and in use is critically important and must be protected at all times. That said, portions of the data must be available for legitimate business purposes. Voltage’s technology provides businesses with strong protection without compromising flexibility or requiring major changes to existing business processes. The key benefit for banks, processors and large retailers: provides the technology to protect cardholder data throughout the enterprise.
  
  


• Protection for Data During Operation and Maintenance: Protecting the operational procedures and maintenance of payment terminals is just as important as protecting cardholder data. Hypercom’s HyperSafe® suite of security products defends terminals from rogue applications and malware, protects the terminal management system from communicating with fraudulent terminals and provides the industry’s only remote key management system. The key benefit for banks, processors and large retailers: protects their investment in the point of sale estate, reduces the potential for fraudulent use of terminals and ensures the secure transport of cryptographic keys.
  
  


• Virtual Terminals: Segmenting a merchant’s point of sale system data from payment data is one method of reducing the scope of PCI DSS compliance for merchants. Virtual terminals are web-based secure platforms which easily integrate payment processing and business critical processes with ubiquitous client side applications and devices. By utilizing advanced server capabilities such as Hypercom’s SmartPayments™ and Wynid® product suites, data segmentation can be easily achieved, enabling “large store functionality” for mid-size business environments. The key benefit for small and mid-size retailers: provides top-level security for sensitive cardholder data, reduces PCI DSS compliance costs.
  
  


• Card Authentication: In addition to complete enterprise-wide end-to-end payment data protection, Hypercom supports the strengthening of card authentication as an important tool to prevent card skimming. Hypercom supports a number of technologies that, if broadly adopted, would significantly reduce fraud through card skimming. Technologies include contact and contactless chip cards, and Magnetic Stripe Image Authentication. Magnetic Stripe Image Authentication is an innovative dynamic digital authentication solution that detects counterfeit magnetic stripe credit, debit, gift and ATM cards. Whenever a card is used at a payment terminal, magnetic stripe security imaging authenticates the card’s legitimacy in real time by matching each magnetic stripe’s unique ‘noise fingerprint’ against the ‘fingerprint’ originally obtained from the legitimate card. The key benefit to retailers: protects the cardholder against credit card ‘skimming’ fraud wherein criminals copy the data encoded on a legitimate card and produce a fraudulent card.
  
  

“Hypercom is setting a new global card protection standard by bringing to market the payment industry’s widest choice of protection options to protect businesses and simplify implementation,” said Mark Bower, Vice President, Product Management, Voltage Security, Inc. “Hypercom has long been recognized as the leader in payment security and we are delighted to team with them to help businesses worldwide.”



Forms Data Card Protection Business Unit



Hypercom’s new Global Data Protection Business Unit will consult with customers to determine individual system configurations, security threats and the best security solutions to address their specific needs, and then direct the implementation. TK Cheung, Hypercom’s Vice President, Global Quality and Security, heads the new business unit. He also serves as Vice Chairman and Chief Technical Officer of The Secure POS Vendor Alliance (SPVA).



“One solution does not fit all when it comes to payment card data protection. The payment industry is highly complex and requires a range of solutions each of which can protect the various elements that comprise an end-to-end solution. To that end, we are making available the smartest array of security approaches providing choices for businesses of all types to fortify their defenses and protect cardholder data against current and future threats. The addition of Voltage Security’s end-to-end encryption to our arsenal of crime-fighting technologies together with EFTSec and HyperSafe suite of security products allows us to deliver the industry’s most comprehensive selection of security solutions,” said Mr. Cheung.



Mr. Cheung has more than 30 years of experience in the telecommunications and electronic payment industries. Prior to his current positions, Mr. Cheung was Managing Director for Hypercom’s Asia-Pacific region, where he successfully launched the hardware and software based EFTSec security products to combat increasing levels of credit card fraud prevalent to this region and to satisfy stringent customer requirements.



For information on EFTSec, visit: http://www.hypercom.com/products/eftsec.asp .

For additional information on Voltage Security, visit: http://www.voltage.com .



About Hypercom (www.hypercom.com )



Global payment technology leader Hypercom Corporation delivers a full suite of high security, end-to-end electronic payment products and services. The Company's solutions address the high security electronic transaction needs of banks and other financial institutions, processors, large scale retailers, smaller merchants, quick service restaurants, and users in the transportation, petroleum, healthcare, prepaid, unattended and many other markets. Hypercom solutions enable businesses in more than 100 countries to securely expand their revenues and profits. Hypercom is a founding member of the Secure POS Vendor Alliance (SPVA) and is the second largest provider of electronic payment solutions and services in Western Europe and third largest provider globally.



Source: Company press release.

In Banks We Mistrust - New Aite Report

A New Report From Aite Group

In Banks We Mistrust: Something the French, Americans and British Agree Upon

Engendering a minimum level of consumer trust is insufficient for banks to drive referrals or customers' intention to grow their relationships with their bank.

Boston, MA, October 21, 2009 – A new report, issued jointly by Aite Group, LLC and Plenitudes Prospective & Management, explores the degree of trust that U.S., U.K. and French consumers have in the financial institutions with which they do business. Based on a February 2009 survey of 1,222 consumers in the United States, United Kingdom and France, the report identifies drivers of consumer trust in banks, and how trust levels impact consumers' relationships with their banks.

Though the level of consumer trust in banks varies across countries, few consumers in the U.S., U.K. or France have a high degree of trust of banks in general. Consumers are more forgiving of their primary bank, however, with 22% of U.S. consumers expressing a great deal of trust in their primary bank, compared to only 4% of U.S. consumers expressing a great deal of trust in banks in general. And despite the financial crisis in the United States, Americans still have a higher level of trust in their banks than British or French consumers have in theirs. In order to assess the level of trust consumers have in banks, Aite Group and Plenitudes define four dimensions of trust - symbolic, institutional, relationship and cognitive - and find that the most valuable trust dimension is the one consumers generally view to be the weakest. "High levels of trust drive both referral behavior and future purchase intention," says Ron Shevlin, senior analyst with Aite Group and author of this report. "Engendering a minimum level of consumer trust is insufficient for banks to drive referral behavior or customers' intention to grow their relationships with their bank. While cognitive trust attributes - like competency and efficiency - are considered the most important drivers of trust by consumers in the U.S., U.K. and France, consumers in all three countries agree that these attributes do not describe their banks to the extent that other trust attributes do." This 35-page Impact Report contains 25 figures and three tables. Clients of Aite Group's Retail Banking services can download the report by clicking on the icon to the right.

Related Aite Group Research: Measuring Customer Engagement: Making the Metric Matter How to (Re)Build Consumer Trust in Banks Marketing Analytics Trends in Retail Financial Services Retail Banking: Why Online Marketing Matters

Boston, Oct. 26, 2009 -– A new report from Aite Group, LLC assesses the true costs assumed by the card industry when U.S. cardholders experience difficulties making card payments abroad. The report is based on a September 2009 Aite Group online survey of 1,019 U.S. resident cardholders that traveled to countries outside of Canada, the Caribbean and Mexico between 2006 and 2009. It provides insight into the frequency of failed card payments abroad, the emotional response and lingering effect caused by failed card payments, and how the U.S. card industry can address this problem.



The promise of ubiquitous card payments acceptance falls apart once U.S. cardholders cross their national border. For cardholders traveling to one of the most popular destination for U.S. travelers - Western Europe - over the past three years, there is an almost 50% chance that they have experienced some form of problem using a U.S. payment card. Aite Group estimates that 9.7 million U.S. cardholders experienced issues with card payments abroad in 2008, and that the U.S. card industry missed out on US$3.9 billion in transactions and US$447 million in revenues as a result of these lost card payments. Interestingly, the responsibility for the majority of negative issues experienced by U.S. cardholders abroad lies squarely on the shoulders of U.S. card issuers, which cause 64% of the deterrents.



"Nearly two-thirds of cardholders adjust payment behavior after a bad experience, directly resulting in lower usage of the problem card," says Nick Holland, senior analyst with Aite Group and co-author of this report. "An issue caused by incompatible card technology is treated far more seriously by cardholders than issues stemming from card acceptance, fees or merchant policies. A quarter of cardholders experiencing these types of problems will agree either somewhat or totally that the problem ruined or almost ruined their trip."



This 54-page Impact Report contains 39 figures. Clients of Aite Group's Retail Banking service can download the report.



Related Aite Group Research:



Engaging Gen Y: Cultivating a New Generation of Banking Customers

Card Data Security: In Search of a Technology Solution

The Card Industry: Between a Rock and a Hard Place

The Mobile Transactions Landscape: Mapping New Territory

Aite Group Study on 2010 Capital Markets IT Spending Trends



Aite Group, LLC invites C-level technology and operations executives at securities firms to participate in an important survey and share their views on U.S. IT spending trends in the capital markets for 2010.*  he survey should take approximately 15 minutes to complete. For your participation, you will be entered into a drawing for a Dell Inspiron 11z Netbook.



To participate, please click on the following link: http://aitegroup.2010ITPrioritiesSpend.sgizmo.com

*All responses will be reported anonymously and in aggregate. Individual responses will remain strictly confidential.



About Aite Group, LLC

Aite Group is a leading independent research and advisory firm focused on business, technology and regulatory issues and their impact on the financial services industry. It was founded by leading industry experts in Banking and Securities & Investments. Aite Group brings together a team of business strategy, technology and regulatory experts to deliver comprehensive, timely and actionable advice to financial institutions and technology vendors. It seeks to become a true partner, advisor and catalyst by exchanging ideas with and challenging basic assumptions of its clients, ensuring that they always stay one step ahead of the competition.



Source: Company press release.

MasterCard Announces Webcast Scheduled on November 5th

Image via Wikipedia

Purchase, N.Y., Oct. 26, 2009 -- On Thursday, November 5, Chris McWilton, president, U.S. Markets for MasterCard (NYSE:MA) will participate in the SunTrust Robinson Humphrey Business Services Unconference in New York City. The discussion will begin at 1:00 p.m. (EST) and last for approximately 40 minutes.

A listen-only live audio webcast will be accessible through the Investor Relations section of the MasterCard website at www.mastercard.com. An audio replay of the session will also be available for 30 days at the same website location.

About MasterCard Incorporated



MasterCard Incorporated advances global commerce by providing a critical economic link among financial institutions, businesses, cardholders and merchants worldwide. As a franchisor, processor and advisor, MasterCard develops and markets payment solutions, processes approximately 21 billion transactions each year, and provides industry leading analysis and consulting services to financial-institution customers and merchants. Powered by the MasterCard Worldwide Network and through its family of brands, including MasterCard® Maestro® and Cirrus® MasterCard serves consumers and businesses in more than 210 countries and territories. For more information go to www.mastercard.com .



Source: Company press release.

Here's An Online Banking Promotion That Works!

I've been blogging about the inherent weakness surrounding online banking.  I've even used the toaster analogy when it comes to providing banks with an online banking promotion.  Instead of giving away a toaster, they should give away our online banking HomeATM.  Heck, it's less expensive than the promotions they are currently running and it would solve a problem.  It would eliminate phishing, it would eliminate fear, it would eliminate anxiety and it would eliminate the already obsolete username/password log-in procedure. 



It would attract customers looking for security, it would create trust, it would create loyalty and it would create peace of mind.  Why give away $125?  When that's gone there's nothing there.  Why not provide a promotion that "enables" the online banking customer to conduct safe and secure eCommerce transactions, such as funds transfers, online bill payments and more?



Here's an interesting article on the return of banking promotions.  Banks simply need to decipher what will have the strongest long-term impact.   I would use logic to infer that by giving away our Online Banking HomeATM, banks would not only drastically reduce fraud, but they would drastically increase loyalty and profit from the transactional revenue model derived each time a customer swiped their card in their new device in order to conduct a safe and secure "outside the browser" eCommerce payment...



From the Houston Chronicle:

Banks offering ‘free' money

Banks that survived the bust try new ways to entice customers

Uncertainty in the banking industry means banks are trying harder than ever to recruit new clients who might be fleeing from competitors.

Resources

BIGGER THAN A TOASTER

Here are some recent promotions offered by banks with branches in the Houston area:

Chase

• Promotion: $125 bonus offer to targeted customers for opening a new checking account, plus rewards and cash back for existing checking account holders.

• Fine print: $100 minimum opening deposit, and set up direct deposit.

Wells Fargo

• Promotion: $50 bonus for a new checking account, expired Aug. 15.

• Fine print: $100 minimum deposit.

Bank of America

• Promotion: $100 bonus for opening a checking account this summer, now expired.

• Fine print: Minimum $250 deposit, plus use the bank's online bill pay service for at least two bills within 30 days.

BBVA Compass

• Promotion: Win an iPod Touch.

• Fine print: Current customers can earn entry points for signing up for and using a check card, switching to paperless statements, using direct deposit and online bill pay. Runs through Dec. 31.

Capital One Bank

• Promotion: $50 bonus for opening a savings account online.

• Fine print: Open your first account by Nov. 25 and deposit $10,000 or more.

TDECU

• Promotion: Save 30 cents a gallon at Buc-ee's gas stations when you fill up with your debit card.

• Fine print: Participating Buc-ee's stores until Oct. 31.

Source: bank promotional materials

The banking industry has always been highly competitive. But as smaller banks fold in waves nationwide and the behemoths lumber on with government help, surviving companies are finding new ways to entice the customers who are fleeing their competitors.



Big banks are promoting their stability and security, while smaller banks are marketing the very fact that they're not the big banks. On every level, promotions abound.



“In the '80s it was: you open a checking account and get a toaster. Now we're harkening back to that,” said Dick Barnes, a marketing consultant for the Bellevue, Wash.-based Freeland Group. “You'll see some things in the next year or two that we haven't seen in decades.”



While Barnes mentions a Seattle-area bank that did give away toasters — “it was kind of tongue-in-cheek, but it was close to a $200 toaster” — most of the promotions are financial.



In targeted mailings, Chase Bank has been offering a $125 bonus for opening a new checking account. Bank of America and Citibank offered $100 bonuses over the summer.



That's not pocket change for the banks, considering that personal checking accounts alone tend not to be lucrative, and that opening a new account can cost them roughly $200 in administrative costs, experts say.



It's a gamble they're willing to take because the market's upheaval offers new opportunities to glean clients, and banks are anxious to shore up capital reserves.



“There's a lot of money in motion, and banks need to demonstrate core deposit growth,” said Les Dinkin, a managing director at the New York management consulting firm Novantas. “The kinds of offers range from financial incentives to rewards points to gadgets. We see offers ranging from iPods to Crock-Pots.”



‘Bribing people'



A promotion may get people in the door, but banks have to find a way to keep those customers, industry analysts warn. Otherwise they'll be out the door again the next time a competitor offers them $100.



“It's not building loyalty. It's not about what you do as a bank. It's more about bribing people,” said Adam Isler, client services director for PNT Marketing Services in New York. “Given the competitive environment, that kind of short-term thinking is getting a lot of play right now.”



Rewards programs are one way to ensure customers stay around longer and do more banking, Isler said. Companies like Chase and Capital One Bank use rewards to encourage customers to use their debit card, pay bills online, and take advantage of other features.



Chase has long offered rewards, said company spokesman Greg Hassell, but it is emphasizing them more lately and rolling out new benefits for current customers.



“The strategy behind that is to get the checking account as the core relationship. Then if you have that, you can get a better deal on your CD, on your mortgage, on your car loan,” he said. “You can deepen your relationship with the customers.”



Smaller financial institutions aren't offering incentives on the same scale, but many see their own opportunity in the chaotic market. They've upped their marketing efforts, promising good customer service without the flashy promotions.



“We don't really have what you might call loss leaders out there at this time,” said Graham Painter, executive vice president at Houston-based Sterling Bank. “We're pricing things effectively for the market and doing a lot of what you might call knocking on doors.”



‘A flight to safety'



Local credit unions, too, are finding newfound favor.



“As we watch the big banks implode, we see what you might call a flight to safety,” said Lucilla Henderson, vice president of marketing for TDECU, a credit union with 19 branches in Texas, 10 of them in the greater Houston area. “Basically our intent is to let (prospective customers) know that we're not responsible for this mess in regard to the nation's financial institutions.”



The company is also running a local promotion: Until the end of the month, members get a 30-cent-a-gallon gas discount at participating Buc-ee's stores.



As attractive as a cash bonus can be, some people say frustration with big banks makes them immune to the siren call of free money.



Orit Pennington banked with one of the giants for more than 15 years, but became fed up in recent months with new policies that she said put the bank's interests ahead of her own. Now the Houston small business owner banks with USAA, a company that offers online banking to military families. It didn't offer her an incentive to join.



“The $100 isn't worth it,” she said. jennifer.latson@chron.com

<!--h4 class="txtHdr1">Most recommended comments</h4--> <table id="comments-table" border="0" width="100%"> <tbody> {for c in Comments} {if c.ContentBlockingState == "Unblocked" && (c.Author.IsBlocked == "False" || c.Author.DisplayName == getCurrentUser()) } <tr> <td class="commenter-avatar"> <a href="http://www.chron.com/commons/persona.html?newspaperUserId=${c.Author.DisplayName}&plckUserId=${c.Author.DisplayName}"><img src="${c.Author.AvatarPhotoUrl}" alt="${c.Author.DisplayName}"/></a> <a href="http://www.chron.com/commons/persona.html?newspaperUserId=${c.Author.DisplayName}&plckUserId=${c.Author.DisplayName}" class="friends" title="Friends:(${c.Author.NumberOfFriends})"><img class="friends_icn" src="http://images.chron.com/common/735/sandbox/storypage/images/friends.gif">(${c.Author.NumberOfFriends})</a> </td> <td class="comment-text"> <div class="commenter"> <a href="http://www.chron.com/commons/persona.html?newspaperUserId=${c.Author.DisplayName}&plckUserId=${c.Author.DisplayName}">${c.Author.DisplayName}</a> wrote: </div> <div class="comment-body"> ${c.CommentBody.replace(/<[^>]*>/g, '').replace(/\b(https?:\S+)/g, "<a rel=\"nofollow\" href=\"$1\">$1</a>").replace(/\n+/g,'<br/>') } </div> <h4 class="txtHdr1"> ${c.PostedAtTime} </h4> <div id="commented-tools" class="navLink"> <span>Recommend: <a id="yay:${c.CommentKey.Key}" class="thumb-up" {if c.CurrentUserHasRecommended == "True"} disabled="disabled" {else} onclick="javascript:thumbsUp(this); return false;" {/if} href="#none">(${c.NumberOfRecommendations})</a> <a id="nay:${c.CommentKey.Key}" class="thumb-down" href="#none" onclick="javascript:thumbsDown(this); return false;">(0)</a></span> {if c.CurrentUserHasReportedAbuse == "True"} <a id="abuse:${c.CommentKey.Key}" class="report-abuse" disabled="disabled" href="#none">[Reported] {else} <a id="abuse:${c.CommentKey.Key}" class="report-abuse" onclick="javascript:showReportAbuse(event,'${c.CommentKey.Key}'); return false;" href="#none">[Report abuse] {/if} </a> </div> </td> </tr> {/if} {/for} </tbody> </table> <div class="comment-pagination"> </div>

Related articles by Zemanta

• Online Fraud Likely to Harm Online Banking (pindebit.blogspot.com)


• FBI Director, Online Banking and Bank Systems & Technology News (pindebit.blogspot.com)


• Online Banking's Ticking Time Bomb... (pindebit.blogspot.com)


• Todos Secures Another Bank (pindebit.blogspot.com)


• Zeus Online Banking Trojan Webinar Infected with...Zeus! (pindebit.blogspot.com)


• Cambridge Exposes Flaw in Barclays PINSentry Device (pindebit.blogspot.com)


• Swipe Out Phishing! (pindebit.blogspot.com)


• Chat In the Middle Online Banking Threat (pindebit.blogspot.com)


• Customers 'Blamed for Card Fraud' by Bank (pindebit.blogspot.com)


• Online Banking Fraud in the UK Hits a New High (pindebit.blogspot.com)


• Online Banking is Weak Week Continues (pindebit.blogspot.com)


• Garlik's UK Cybercrime Report 2009 Released (pindebit.blogspot.com)

Cambridge Exposes Flaw in Barclays PINSentry Device

A team from Cambridge University's Computer Lab demonstrated how they could access an account protected by Barclays' online card reader system.



Some banks, including Barclays, are giving online customers hand-held card readers - devices used to help raise security on transactions which are vulnerable to fraud because they can be carried out with card details only and do not require a PIN or signature.



The card reader gives the user a unique pin code every time it is used, allowing the consumer to assert, even from a distance, that they are in possession of the genuine card and not just the details of that card.

But the Cambridge team say that by using a fake chip and pin terminal attached to a laptop the fraudster can learn the customer's name and unique pin code.

A Video Demonstration of the Barclays Hack can be seen by clicking here...



Once they have also tricked the customer into giving out their bank membership number, the fraudster can go into the online account and make transactions. According to Steven Murdoch at the lab, this fraud is already being perpetrated. He said: "I believe this is something fraudsters are already doing, the technology has been out there and they've had time to learn how to do it."



Barclays told the BBC it did not believe this demonstration to be a plausible risk.



Read the Entire Article from the BBC Here



The full report can be seen on Inside Out in the East 1930 BBC One on 26 October .



 

Related articles by Zemanta

• Pin reminder security scrutinised (news.bbc.co.uk)


• Customers 'Blamed for Card Fraud' by Bank (pindebit.blogspot.com)


• RSA 2009: Fake Chip and PIN readers hit UK (pindebit.blogspot.com)


• Cardholders tricked into revealing their Pins in telephone scam (telegraph.co.uk)


• Banking Internet Security faulty. (warintel.blogspot.com)

"Pizza Boy" Hacks into ATM

According to Finextra, a "Pizza Boy" hacked into an ATM's hard drives, changed their settings, stole $30k, got caught, was  facing two years in prison, but agreed to pay the money back and join the Australian Military in exchange for no jail time...

Pizza boy uses ATM manual to steal A$30,000 in under an hour



An Australian pizza boy who hacked into ATMs and changed their settings before stealing around A$30,000 in under an hour has escaped a prison term, according to local press reports.



In 2007, Brian Sommer, 23, used information he found on the Internet and in an ATM handbook to hack into cash machine hard drives and change their settings, enabling him to withdraw huge amounts of money.



He stole A$21,120 from an ATM at a service station in Bundaberg, Queensland, before taking a further A$7500 from another machine in nearby Hervey Bay, according to the Fraser Coast Chronicle.



However, his plan had a major flaw - to make the withdrawals he used his own card and those of his mother, girlfriend and two friends.



Continue Reading at Finextra

Phishing Surge Causes Concern

FROM THE EDITOR





Phishing surge causes concern

[by Eric B. Parizo, Senior Site Editor]

eparizo@techtarget.com







Here at SearchSecurity.com, we've been tracking phishing attacks for years, but this month's headlines leave little doubt that phishing has reemerged as a top-of-mind threat to enterprise information security.



Proving just how widespread and pervasive organized phishing has become, just a couple weeks ago the FBI and Egyptian authorities announced they had charged nearly 100 people in the U.S. and Egypt with allegedly sending out phishing email messages that directed victims to malicious webpages cloaked as legitimate banking sites. It was the largest number of defendants ever charged in a cybercrime case, and it's merely the tip of the iceberg.



Earlier this month, we reported that gangs of cybercriminals have fueled a dramatic increase in new phishing websites and rogue antivirus programs, and the number of unique phishing websites is closing in on an all-time high. InGuardians' Ed Skoudis said in a recent edition of our Security Wire Weekly podcast that attackers continue to use spear phishing Web content and emails to exploit individual client machines, and from there can easily gain access to any other enterprise resource -- including servers and databases with sensitive or mission critical data.



With so many ways to distribute phishing attacks -- email, websites (both legitimate and rogue) and emerging methods like social networking services -- experts say that the average Internet user could come face to face with a phishing attack at virtually any moment. The digital underground knows how much money stands to be made from phishing, and attackers keep cashing in -- often at the expense of enterprises that haven't mounted a proper defense.



So where should a defense against phishing begin? Security expert Eric Ogren argues that technology -- such as the use of SSL and certificates, as well as security-aware DNS services -- can help, but enterprise security organizations must launch their own user-focused antiphishing programs. Show end users what recent and proven phishing attacks look like, and do so often; getting users' attention regularly is the only way to enforce good habits. For those enterprises looking to take phishing prevention to the next level, expert Sherri Davidoff has advice on how to use social engineering tests to prevent phishing attacks.



Phishing isn't going away anytime soon, so invest the time now to make sure your enterprise has its antiphishing strategy in place. I've included a few more helpful resources below.



Stay safe out there,

Eric

Clampi Online Banking Trojan Wreaks Havoc

Clampi Trojan Virus Attacks the World of Online Banking

From Fight Identity Theft dot com...

July 2009 not only brought the hopes of fun summer activities, but it also brought the new vicious Trojan virus called Clampi.



Clampi is a newly sophisticated virus designed to attack online banking systems.  And unlike most Trojan viruses this virus can be picked up from trusted sites like blogs, online magazines, search engines and mainstream news websites, not just gambling and pornography sites.  It also is only designed to attack computers running the Microsoft Windows operating system.  So Mac users are safe from Clampi, for now.

Currently, Clampi is tracking over 4,500 financial websites.  Most Trojan viruses usually track 30-40 sites at a time.  Clampi is designed to watch: banks, credit card companies, e-mails, retail sites, utilities, online casinos, wire transfer services, share brokerages, government sites and mortgage lenders. Clampi is also not just limited to the United States.  It has been found attacking in the United States, Britain and other English speaking countries.

How Clampi Operates

Once Clampi has been picked up it settles into your computer and waits.  What does it wait for?  It waits for the user to log on to a bank account, credit card or some other financial website.  Once the login information is entered, Clampi grabs it and shoots it to the cyber criminal's computer.  From there the criminal uses the information to fulfill their desires.  Whether it is taking money from a bank account, using a credit card to make purchases or reek whatever havoc they may.

Continue Reading at FightIdentityTheft.com