It's Official: US Treasury, Fed Delay Internet Gambling Ban 6 Months

Image via Wikipedia

* Move allows lawmakers time to overturn payments ban

* 2006 law failed to define "unlawful Internet gambling"

* Frank plans hearing on licensing Internet gambling firms (Adds statement from Representative Barney Frank)



By David Lawder



WASHINGTON, Nov 27 (Reuters) - The U.S. Treasury and Federal Reserve on Friday delayed the implementation date for a new Internet gambling payment ban for six months, a move that gives lawmakers time to overturn it or end confusion over illegal practices.



In a joint statement, the Treasury and Fed said the Dec. 1 implementation date for the law passed in 2006 would not be achievable for some financial institutions. They set a new compliance deadline of June 1, 2010.



"Commentators expressed concern that the act and the final regulation do not provide a clear definition of 'unlawful Internet gambling,' which is central to compliance," the two agencies said.



In addition, they said certain members of Congress have "expressed an intent to consider legislation that would allow problematic aspects of the act to be addressed."



The 2006 law, which cost European Internet gambling companies billions of euros in lost market value, prohibits credit card, check, and electronic fund transfer payments by U.S.-regulated financial institutions in connection with "unlawful Internet gambling."



But rather than define what types of gambling are illegal online, the bill relied on existing federal and state laws to answer that question. It also still allowed any online horse race betting permissible under the Interstate Horseracing Act of 1978.



FRANK SEEKING TO OVERTURN BAN



Congress passed the anti-gambling legislation in 2006, when Republicans still controlled both the House and Senate. The final regulations issued to enforce the ban were issued by the Treasury and Fed just before former President George W. Bush left office in January.



Representative Barney Frank, who chairs the House Financial Services Committee, in October urged a 12-month delay in the implementation because of confusion over what kinds of online gambling were illegal under the bill.



Frank's committee in September 2008 passed a bill to overturn the ban, but the full House never acted on the measure. Frank earlier this year reintroduced the bill, which would effectively overturn the ban and create a framework for the Treasury to license Internet gambling operators, collect taxes from them and enforce rules for transparency.



On Friday, Frank praised the Treasury and the Fed for delaying the regulations, which he said would "curtail the freedom of Americans to use the Internet as they choose" and put unrealistic burdens on financial institutions.



"This will give us a chance to act in an unhurried manner on my legislation to undo this regulatory excess by the Bush administration and to undo this ill-advised law," Frank said in a statement.



Frank has scheduled a hearing next Thursday on the legislation, dubbed the "Internet Gambling Regulation, Consumer Protection and Enforcement Act."



The six-month delay will allow banks to establish policies and procedures to require gambling businesses to document the legality of their activities, the Treasury and Fed said. (Editing by Kenneth Barry) ((david.lawder@thomsonreuters.com; +1 202 898 8395; Reuters Messaging: david.lawder.reuters.com@reuters.net))

Bank of Montreal/MasterCard Team on Contactless Blackberry Payments

Finextra:  Bank of Montreal, MasterCard and Research in Motion (RIM) are teaming up on a trial that will see Canadians make payments using BlackBerrys equipped with contactless stickers.



The four month pilot will see participants use PayPass Mobile Tag-equipped BlackBerrys to make purchases at any of the 8500 merchant locations in Canada that accept MasterCard's contactless technology.



The Mobile Tag is a self-adhesive device that is attached to the BlackBerry, containing the same chip and antenna found in a regular PayPass card.



In what the partners call a first, participants will receive a confirmation e-mail of each transaction sent to the phone, including purchase details such as the amount, retailer and date of transaction.



Continue Reading at Finextra

Related articles by Zemanta

• Monnet & PayFair May Unite/Form Debit Network (pindebit.blogspot.com)


• Canadian Debit Shakeup (pindebit.blogspot.com)


• Canada to Introduce National Debit Card Regulations (pindebit.blogspot.com)


• Visa Canada to Showcase Contactless Debit at Olympics in Vancouver (pindebit.blogspot.com)

MoneyGram Grows Postal!

MoneyGram International Grows Post Office Relationships as Cyprus Post and Post Cape Verde Join Agent Network





New post office locations doubled agent network in Cyprus, Cape Verde



MINNEAPOLIS--(BUSINESS WIRE)--MoneyGram International (NYSE:MGI), a leading global money transfer provider, today announced the addition of Cyprus Post and Post Cape Verde as new agents in its growing list of global post office networks. With these new post offices, MoneyGram doubled its agent locations for the island countries of Cyprus and Cape Verde.



“MoneyGram has long standing relationships with some of the world’s largest post offices,” said John Hempsey, chief executive officer of MoneyGram International Limited. “Country by country, post office locations are close to every household, providing convenient access to money transfer services.”



MoneyGram’s agent network in Cyprus and Cape Verde serve countries that combine for approximately $1 billion in money transfer flows, according to the 2008 World Bank estimates.



“While Cape Verde and Cyprus have different needs, post office locations have proven to be preferred by money transfer customers,” Hempsey added. “In Cyprus, we expect send services to be in high demand. Cape Verde, however, will primarily provide receive services as remittances produce nearly 10 percent of the country’s gross domestic product. Overall, our customers prefer post office locations as trusted, community institutions that provide affordable, reliable and convenient money transfer services close to their home.”



MoneyGram’s largest post office agent networks are in the United Kingdom, Italy, the Ukraine, Canada, Poland and Jamaica. Kenya Post also added MoneyGram money transfer services to its locations earlier this year.



About MoneyGram International



MoneyGram International offers more control and more choices to people separated from family and friends by distance or those with limited bank relationships to meet their financial needs. A leading global payment services company, MoneyGram International helps consumers to pay bills quickly and safely send money around the world with funds arriving at available agent locations in as little as 10 minutes. Its global network is comprised of 186,000 agent locations in 190 countries and territories. MoneyGram's convenient and reliable network includes retailers, international post offices and financial institutions. To learn more about money transfer or bill payment at an agent location or online, please visit www.moneygram.com.

Related articles by Zemanta

• MoneyGram Goes Postal in Italy (pindebit.blogspot.com)

UK Banks Win Overdraft Rulng

UK banks win overdraft ruling The UK court battle between the Office of Fair Trading (OFT) and the country's major banks regarding overdraft fees has resulted in a ruling in favour of the banks. The UK's Supreme Court found that the legal basis of the OFT's action could not be applied to overdraft penalty charges. The OFT had brought legal action against the banks, arguing that the charges amounted to a breach of the laws on consumer contracts. The Supreme Court, however, ruled that the charges were part of the cost of having a current account and that the legal argument of unfair contract terms did not apply. The ruling overturned the previous judgments of the High Court and the Court of Appeal that overdraft charges could be applied to laws on unfair contracts. If the OFT is to pursue legal action against the banks, it will have to find different laws to argue its case. The OFT is expected to make an announcement in December 2009 about the next stage of its action against overdraft fees. The British Bankers Association said in a statement: "We recognise that this issue has been of real concern to a large number of our customers, and we are pleased that this decision now brings clarity for all parties. The banks will work with the regulators to ensure that the outstanding customer complaints are brought to a swift conclusion. We will also continue to work together with the OFT in connection with its on-going market study." Issue: 2009/26 Date: 26 Nov 2009

Related articles by Zemanta

• Millions May Be In Line For Refund From Banks (news.sky.com)


• Overdraft ruling saves banks £2bn (telegraph.co.uk)


• Bank charges ruling: timeline of main events (telegraph.co.uk)


• British Banks Win Court Battle on Overdraft Charges (nytimes.com)


• Court backs banks on overdraft charges (guardian.co.uk)


• British banks win 'stunning' victory in landmark ruling on overdraft fees (telegraph.co.uk)


• British banks win landmark overdraft ruling (telegraph.co.uk)

UIGEA Rules Delayed Six Months

According to Casino Gambling Web: (and several other sources)



Representative Barney Frank is expected to announce on Friday the first victory for the online gambling industry in years. Frank will announce that the implementation of the Unlawful Internet Gambling Enforcement Act will be delayed.



The rules were supposed to take affect on December 1st. Lawmakers and interest groups, however, have been pushing for a delay in the process. They have sent letters claiming that more time is needed to discuss Internet gambling's future in the US.



Apparently, U.S. Treasury Secretary Timothy Geithner has given in to that request, and will delay the implementation until June 1st. That will give Frank much needed time to begin the process of changing online gambling laws.



Frank has introduced two pieces of legislation aimed at overturning the UIGEA and setting up the framework for a regulated Internet gambling industry. The economic crisis in the country, however, has kept Frank and other lawmakers from discussing these two proposed Bills.



Republicans who pushed for the UIGEA and helped pass it will now hope that the new administration is unsuccessful in swaying enough lawmakers to pass Frank's legislation. Already, sixty-three co-sponsors have signed on to H.R. 2267.



The House Finance Committee is set to begin discussions on December 3rd regarding the Frank legislation. Now, the lawmakers will have more time to mark up the legislation.

2009 China Online Payment Industry Report

DUBLIN--(BUSINESS WIRE)--Research and Markets has announced the addition of the "China Online Payment Industry Report, 2009" report to their offering.



Editor's Note: This title is also available in the following language: China Online Payment Industry Report, 2009 (Chinese Version)



The global economic crisis has impacted on the majority of industries, but China online payment market is growing against the adversity, and has shown rapid growth trend in market scale and number of users. In 2008, the number of users registered 52 million, and in 2009 the figure will exceed 90 million. In 2008, the online payment market valued RMB210 billion, and will reach RMB430 billion in 2009.



With the issuance of Management Measures for Payment and Settlement Organizations, the supervision on online payment industry has been enhanced. The central bank will build up the payment service organization system which is led by the People's Bank, primarily supported by banking financial institutions, and assisted by payment and settlement organizations. The chaos once in payment industry will be controlled and malicious market competition alleviated. Those online payment enterprises in unfavorable operation will be eliminated, only the profit-making enterprises will survive, so the industry concentration will be further strengthened.



The largest third-party online payment platform in China -- Alipay announced the number of its users broke 200 million formally in July 2009, overrunning the giant Paypal to take the first position in online payment industry. As of July 6, 2009, AliPay had boasted of 200 million registered users, with daily trading volume of RMB700 million and daily four million transactions.



With the development of the Internet, particularly the further development of online shopping, the future competition among online payment enterprises will rest with individuation, accuracy and service.



Key Topics Covered:



Overview of Online Payment

E-payment and Online Payment

Classification and Process of Online Payment



Development of Online Payment Industry

Industry Chain

Market Scale

Competition

Influencing Factors



Major Online Payment Application Fields in China

China Online Shopping Market

Online Game

Air Ticket

Online Charge Agency Service

Online Education

Digital Content



Independent Third-party Online Payment Service Providers



Future Development Trends of Online Payment



Companies Mentioned:

• Zhejiang Alipay Internet Technology Co., Ltd


• Beijing Cncard Internet Technology Co., Ltd.


• Tenpay


• ebay-Paypal China


• China Payment and Remittance Service Co., Ltd.


• Shanghai International Payment Solutions Limited


• 99Bill Corporation


• Shanghai AllBuy


• Mobilebest (YeePay)


• Guangzhou UnionPay Network Payment Co., Ltd.


• Chinabank Payment


• Hangzhou XPay.cn Tech Co., Ltd.


• IPay


• ChinaPay

For more information visit http://www.researchandmarkets.com/research/1021fb/china_online_payme

New Position Paper on Security Risks in Online Banking Through European eID Cards

ENISA Launches New Position Paper on Security Risks in Online Banking Through European eID Cards



BRUSSELS and HERAKLION, Greece, November 26 /PRNewswire/ -- The EU's 'cyber security' Agency, ENISA (the European Network and Information Security Agency) today presents its new Position Paper. The paper is focusing on authentication risks with European eID Cards. It analyses 7 vulnerabilities, identifies 15 threats and gives security recommendations.



Major European eID interoperability projects, such as STORK and its successor ELSA are aiming at a European-wide take-up of new technologies. In this context, ENISA takes an independent look at the security risks related to online banking authentication by comparing smart eID cards with other authentication means in its latest Position Paper ( http://www.enisa.europa.eu/act/it/eid/eid-online-banking/).



Online banking in one of the most widely-used electronic services by European consumers. It is a strategic service for financial institutions and users. With 24 hour service availability, it is extremely convenient. It is often without any extra costs; or even at reduced costs compared to traditional banking processes. However, online banking fraud is on the rise. Thus, security is a major concern both for online banking, e.g. tax declarations. The report also includes a case study on privacy issues when authenticating with smart cards to online social networks.



The Agency report explains that because more and more internet applications require authentication, more standardized approaches to user identification and authentication are needed. In Europe, several states have already rolled out electronic ID cards. The first steps when we use internet services are usually to identify ourselves by our names and then authenticate that it is us. The security levels for these steps can vary from a simple combination of username, password, through a secret PIN, to credentials generated by some external device or a smart card using cryptography. Smart cards are increasingly being used for authentication purposes. Many European identity cards contain a smart-card chip, with functionalities for online authentication.



The ENISA Position Paper defines a comprehensive list of requirements for national ID cards to ensure that they become as flexible and as multi-purpose as possible.



The Executive Director of ENISA Dr Udo Helmbrecht concludes: "Electronic identity cards offer secure, reliable electronic authentication to Internet services, but banks and governments must cooperate better to be able to use national eID cards for banking purposes."

Privacy and Security Risks when Authenticating on the Internet with European eID Cards

Whenever we use internet services, the first steps we take are usually identification (we input our names) and authentication (we prove that it is us). How we actually identify and authenticate ourselves depends on the security level of the application.



The means used can vary from a simple combination of username and password, through a secret PIN, to a PIN generated by some external device or a smart card using cryptography. Smart cards are being used increasingly for authentication purposes. Many European identity cards now contain a smart-card chip, equipped with functionalities for online authentication.



They are usually called 'electronic identity cards' (eID cards). This report focuses on authentication using smart cards and compares this approach with other common means of authentication.

Publication date: Nov 26, 2009



Authors:

• Ingo Naumann, European Network and Information Security Agency (ENISA), EU


• Herbert Leitold, Zentrum für sichere Informationstechnologie (A-SIT), Austria


• John Velissarios, Accenture, UK


• Jens Bender, Federal Office for Information Security (BSI), Germany


• Gregory Henwood, Home Office, UK


• Andre Vasconcelos, Agency for Public Services Reform, Portugal


• Giles Hogben, European Network and Information Security Agency (ENISA), EU


• Jaan Priisalu, Swedbank, Estonia


• Marc Stern, FEDICT, Belgium


• Henning Daum, Giesecke & Devrient, Germany


• Lorenzo Gaston, Gemalto, France


• Arie Schilp, Rabobank, the Netherlands


• Frank Zimmermann, Hewlett-Packard, Switzerland


• Raul Sanchez-Reillo, Universidad Carlos III de Madrid, Spain

Downloads

Full report: eID_online_banking.pdf — PDF document, 760Kb

Related articles by Zemanta

• ENISA Cloud Computing Risk Assessment (deurainfosec.com)

Radiant Systems Sued Over Data Breach - Million$ $ought

Secret Service Investigation, Class Action Lawsuit, Cast Shadow Over Radiant Systems and Distributors

Atlanta Company and Distributor Accused of Negligence in Widespread Identity Theft at Restaurants

FOR IMMEDIATE RELEASE

Secret Service Investigation and Class Action Lawsuit Cast Shadow Over Radiant Systems and Louisiana Distributor

Atlanta Company and Distributor Accused of Negligence in Widespread Identity Theft at Restaurants



ATLANTA, —PIN Payments News Blog - Forensic audit investigations conducted by credit company-approved experts concluded that the Louisiana-based distributor for Radiant Systems, Inc. (http://www.radiantsystems.com/) products violated data protocols that directly contributed to security breaches at restaurants in Louisiana and Mississippi. This finding of alleged negligence is at the heart of a collective action lawsuit filed by seven restaurants claiming that hundreds of customers had their identities stolen as a result of poor business practices and faulty software from Radiant and Computer World (the distributor).


The restaurants are seeking millions of dollars in damages from Radiant and Computer World.



“Our clients are restaurants. They are food experts, not technologists. When major players in the hospitality industry such as Radiant Systems and its distributors say their software and business practices are PCI-DSS compliant, our clients trust them,” said Charles Hoff of the Law Offices of Charles Y. Hoff, PC, general counsel for the Georgia Restaurant Association and one of the attorneys acting as a legal advisor to the restaurants in the lawsuit.



Hoff continued: “When those claims of compliance and proper security practices turn out to be false, the restaurants are left to suffer huge financial losses due to financial penalties imposed by the credit card companies. Their reputations are tarnished. We’re determined not to let Radiant and Computer World simply walk away from their responsibilities.”



PCI-DSS is a comprehensive set of technological requirements and consumer protections created by the major credit card companies to safeguard point of sale (POS) systems from hackers and protect consumers from identify theft. POS system vendors must follow these standards, and any business accepting credit cards for payments (such as restaurants) are contractually obligated to use equipment and software from PCI-DSS compliant vendors. The penalties for retailers that have their systems breached can be massive, even if the problems are the fault of the hardware and software vendors.



A special investigation by the United States Secret Service (the agency responsible for investigating cases of credit card fraud and identity theft) was also conducted given the multitude of Radiant POS systems subject to security breaches throughout Louisiana and Mississippi and the findings by the forensic reports that Computer World – exclusive area distributor of Radiant Systems’ “Aloha” POS software - violated PCI-DSS provisions. Among the findings:



1) Restaurants were sold earlier model POS systems although they were represented to be new models;

2) Computer World used a remote access system that did not have adequate security patches – a violation of PCI-DSS standards;

3) Computer World used the same password for at least 200 operators in violation of PCI standards;

4) The distributor failed to remove prior sensitive customer credit data upon installation of Radiant POS systems, again in violation of PCI standards.



As a result, the lawsuit’s plaintiffs are alleging that:

• Radiant Systems’ negligence and failure to either instruct or monitor Computer World’s actions led to systems being compromised and leaving the plaintiffs’ customers vulnerable to identity theft and fraud.

• That Radiant and Computer World were warned by Visa in 2007 that their programs were non-compliant. (The restaurants were unaware of these warnings at the time they purchased the Aloha system.)

• Once the breaches occurred and cases of identity theft and fraud began to appear, Visa, MasterCard and the card processing companies invoked their contracts and directly penalized the restaurants for the actions of Radiant and Computer World. The plaintiffs were hit with huge fines, required to pay for forensic audits to trace the problems, reimbursement of fraud costs to the credit card companies and payments for re-issuance of credit cards to affected individuals.



The lawsuit is seeking compensation to repay the penalties levied by the credit card companies and the massive costs to track down and repair the POS system problems. According to the attorneys, damages “could run well into seven figures”.



The restaurants have filed their lawsuit in the 15th Judicial District Court of Louisiana in Lafayette Parish and “will be seeking to raise awareness of the chaos and financial turmoil caused by companies such as Computer World and Radiant. We want other restaurants nationally to be aware of the hidden dangers posed by these technology companies and the unfair penalties imposed by the credit card companies,” said Shiel Gallagher of Gallagher & Gupta, PC, in Chicago, the second attorney leading the lawsuit. “These huge companies shouldn’t have the power to destroy these restaurants. It’s a classic David-versus-Goliath story and we’re going to do what we can to protect what these small business owners have struggled to build.”

Growth in Credit Card Usage in India and China

Unlike in the Western countries, people in Asian countries still use cash for most transactions. However credit card usage is slowly increasing. With about 50% of the global population, Asia holds plenty of potential for credit card growth. MasterCard (MA) and Visa (V) accounted for 90% of volume at the end of 2007.

Credit Card Usage by Country:

Japan ranks the highest in terms of card transactions followed by South Korea and Australia. India has the lowest card volume at just US $2.0 billion. Chinese spent nearly $24.0 billion using credit cards - 12 times that of India. With the world’s two largest populations, China and India offer substantial growth in the next few years.



Credit Card Growth in China



Due to strong competition, most banks waive annual fees for cardholders. Chinese banks have to deal with low rates of revolving credit on cards since most Chinese do not carry balances on their cards. This is a huge difference from other countries where credit card issuers earn most of their profits via interest on revolving balances. Hence Chinese banks cannot easily earn high profits on credit cards. The Credit and Debit card growth rate has increased from 18% in 2004 to about 58% last year.



Source: Card payments in Asia Pacific The state of the nations, KPMG

Related articles by Zemanta

• In Australia, Curbs on Credit Card Fees Backfired (nytimes.com)


• 100,000 Cards Being Replaced After Car Park Hack in Auckland (pindebit.blogspot.com)


• Amex Wants to Swipe Canadian Market Share from Banks (pindebit.blogspot.com)

Happy Thanksgiving from HomeATM

The Pilgrims made seven times more graves than huts. No Americans have been more impoverished than these who, nevertheless, set aside a day of thanksgiving. ~H.U. Westermayer





If the only prayer you said in your whole life was, "thank you," that would suffice. ~Meister Eckhart





Thanksgiving Day is a jewel, to set in the hearts of honest men; but be careful that you do not take the day, and leave out the gratitude. ~E.P. Powell

 

Related articles by Zemanta

• Turkey Timer app (textually.org)

Wells Fargo Offers Online Banking Tips for Fraud Prevention to Keep Holidays Happy

SAN FRANCISCO--(BUSINESS WIRE)--To kick off the holiday shopping season, Wells Fargo (NYSE: WFC) is offering tips to help consumers shop safely, whether in person or online.



Before I share it, let me explain the reason for doing so in the first place.  Instead of providing myriad tips on how to protect your sensitive data, there's only one that works.  Don't Type ANYTHING you want to keep private into a box on ANY website. 



“We want to remind shoppers that there are ways to protect themselves,” said Lisa H. Robinson, senior vice president, Wells Fargo Internet Services Group.  Editor's Note:  Yes there are.  But you won't find a bullet-proof solution from the recommendations below.  I'm not singling out Wells Fargo.  I'm talking Username: Password: here...



“Traditionally, the day after Thanksgiving is one of the busiest shopping days of the year and marks the kick-off of the holiday season.” Customers braving the crowds to shop over the Thanksgiving holiday should remember these tips before heading out the door:

• Take the paperless route with online banking: The 2009 Identity Fraud Survey Report from Javelin Strategy & Research shows that some thieves still do it the old-fashioned way—by stealing bank or credit card statements from the mailbox. Reduce your risk of stolen mail by picking up mail promptly and switching to online statements.


• Monitor your activity: Financial institutions such as Wells Fargo use sophisticated systems to track purchasing and transaction habits so irregularities can be flagged. Register for email or mobile alerts so you can stay informed.

According to Forrester Research Inc.'s independent report, “US Online Holiday Retail Forecast, 2009,” analysts expect online retail sales to reach $44.7 billion during the months of November and December 2009, an eight percent increase over 2008. If you’re logging on to shop, keep these tips on hand:

• Protect your computer from malware: Crooks are getting smarter with phishing and malware scams. Make sure your computer has the most up to date virus prevention and don’t download any attachment or plug-in without ensuring it is from an authorized site. When making purchases, be sure the website address starts with “https://...” The “s” helps ensure that your information will be passed along in a secure manner.
  
  
  
  Well that's easier said than done.  Based on recent reports that  "50% of American's don't even know what phishing is" telling them to protect their computer from malware,  which, by the way, should be named Mal-every-ware...because it is...is a tall order.  Especially since some online banking trojans, such as Zeus, evade detection from even the most up-to-date anti-virus programs.  Why not simply "ELIMINATE" the threat of Phishing ENTIRELY.  Swipe, Encrypt, Transmit and there's nothing to phish phor. 
  
  
  
  Oh...and that last part about Https?  It should be  htt"bs" because SSL is flawed...(see related articles below)  (or Google SSL Flawed)
  
  
  
  


• Don’t believe in offers that seem to good to be true* No one wants to be cynical during the holidays, but if something seems too good to be true, it probably is. Watch out for email scams or suspicious messages and report any that may pose to be from your financial institution and report those that try to look like your financial institution to your bank or credit card company.
  
  
  
  *Unless you see one that says:  Open an online banking account with Wells Fargo and we'll provide you with a FREE HomeATM PCI 2.x Certified PIN Pad so you can sign on to your online banking session the same trusted way you access cash at an ATM...cause I guarantee the bad guys wouldn't want to send you something that will hurt their ability to steal your hard-earned money.
  
  
  
  


• Be careful what you share: Unless you initiated the interaction, do not provide sensitive financial information over the Internet or phone, including Social Security numbers, passwords, personal identification numbers (PINs) or account numbers.
  
  
  
  


• Editor's Note:  That's weird.  In order to open a Wells Fargo online banking account you have to "TYPE IN" your "sensitive financial information" into a browser.  (including your Social Security number AND your Card Number)  See Screen Shot below of Wells Fargo online banking log-in page.  To be fair, they did say "unless you "initiate" the interaction...although hundreds of security experts would disagree.  What if it was a phishing attack that incorporated a cloned website?  What if your PC had an online banking trojan.  Here's my holiday tip.  Never Type...anything sensitive into the browser space.
  
  
  
  
  
  
  • Editor's Note:  OR...simply tell your bank that you want a PCI 2.x Certified PIN Entry Device so YOU can Swipe your card information instead of the bad guys doing it.  Sure it will cost your bank money, but it will save them more.  Unlike the hundreds of "useless banking promotions" you see now and which cost the bank more than what giving away our device would.  So tell your bank to "bite the bullet" and provide a "bullet proof" solution for online banking security.  Call it HAAS.  (Hardware As A Service)
    
    
  
  

“Education and awareness are important tools to make sure this really is the most festive time of the year,” said Teddy De Rivera, executive vice president, Wells Fargo Internet Services Group. “Whether customers are shopping online or off, keep the following steps in mind to make sure accounts stay problem-free.”

• Check your list twice: Review your account activity regularly, especially during big shopping trips. Enroll in mobile banking to check your balance and transactions while on the go, or check your purchase activity online as soon as you get home. Sign up for transaction alerts on your debit or credit card which will notify you of transactions over your threshold.


• Be aware of your surroundings: Cover the pin pad when you enter your pin number. Do not repeat sensitive financial information where it could be overheard.


• Ensure you're protected in case of loss or theft: Wells Fargo guarantees that its customers will be covered for 100% of the funds in their Wells Fargo account in the unlikely event that someone you haven’t authorized removes those funds through Wells Fargo Online^® or Wells Fargo Business Online^®. Customers are responsible for protecting their password and account information and for providing prompt notification of an unauthorized transaction. Customers can visit https://www.wellsfargo.com/privacy_security/online/guarantee for how the guarantee works.


• Ensure your cards are covered: Wells Fargo cardholders are also protected by the built-in WellsProtect^® program, which provides zero liability if a card is ever used without the customer’s permission when promptly reported.


• Know your credit report: Review your credit report at least once a year, looking for suspicious or unauthorized transactions. You can get a free credit report once a year from each of the three major credit bureaus at the AnnualCreditReport web site.

Wells Fargo’s Fraud Information Center (https://www.wellsfargo.com/privacy_security/fraud/) located on Wells Fargo’s public web site provides fraud prevention tips for all shoppers to learn about fraud and take action to ensure that the New Year starts off right by taking some simple precautions.



Wells Fargo maintains multiple layers of security to protect customers, their accounts and their information. Wells Fargo's layered approach to online security extends beyond a unique username and password, 128-bit encryption for online banking, bill pay, a powerful firewall, technology updates, and continuous surveillance. Wells Fargo uses a combination of front-end and back-end controls (https://www.wellsfargo.com/privacy_security/online/protect), and continuously evolves its security activities in response to the changing environment as well as customer needs.



About Wells Fargo & Company



Wells Fargo & Company is a diversified financial services company with $1.2 trillion in assets, providing banking, insurance, investments, mortgage and consumer finance through more than 10,000 stores and 12,000 ATMs and the Internet (wellsfargo.com) across North America and internationally.

Related articles by Zemanta

• Closing Out Online Banking Security is Weak Week...with a Bang (pindebit.blogspot.com)


• Online Banking Doomed Unless We Start Swiping vs. Typing! (pindebit.blogspot.com)


• Critical Flaw in SSL Found, Software Makers Scrambling for Band-Aid! (pindebit.blogspot.com)


• Man-In-the-Middle Vulnerability For SSL and TLS (it.slashdot.org)

Citibank China Opens Hi-Tech Banking Branch in Shanghai

Image via Wikipedia

Shanghai, November 25, 2009 – Citibank (China) Co. Ltd. (“Citibank China”) opened a new high-technology sub-branch in Xintiandi, Shanghai today designed to provide a unique customer service experience among banks in China. The sub-branch was opened at a ceremony attended by Mr. Jonathan Larsen, Citi’s Head of Consumer Banking & Global Cards, Asia Pacific, Mr. Andrew Au, Chief Executive Officer of Citi China, and Mr. Anand Selva, Country Business Manager of Consumer Group, Citibank China



Mr. Jonathan Larsen said, “The opening of this high-technology sub-branch in Shanghai marks a new era for retail banking in China. We believe it will provide Citibank customers with a superior banking experience, and its opening reflects our intent to be the most innovative, customer-focused international bank in China.”



Mr. Andrew Au said, “Citi is committed to continued investment in our network around China, and this includes deepening our presence in the cities in which we already operate. We are delighted to be opening this world-class sub-branch which is helping to redefine how banks interact with customers in China.”



The Citibank Xintiandi sub-branch has been designed to cater to the changing needs and lifestyles of Citibank customers. Key attributes of the new sub-branch include:

• Wi-Fi enabled – the sub-branch is first Citibank outlet to be fully Wi-Fi enabled, allowing customers to go online while inside the outlet using their mobile devices (laptop, cell phone, PDA, etc).


• Internet kiosks – dedicated and state-of-the-art complimentary kiosks are available for customers to browse the Internet.


• Touch screens – a number of interactive touch screens are available that enable customers to easily view at their own leisure Citibank’s latest product and service offerings, latest news relating to Citibank, and a range of other information at the touch of a finger.


• Live interactive video phones – customers seeking additional expert opinion in relation to a particular financial need have the ability to consult with Citibank China specialists at another location on a real time basis using video phones.


• Wallboard screens and Tablet PCs – wall board screens ensure an uncluttered working environment and a more interactive customer service experience allowing customers to see everything their personal banker sees. In addition, wireless tablet computers provide added convenience, mobility and flexibility during customer interactions.


• Interactive multimedia – High resolution LCD TV integrated media contents of CBN news, latest Citibank product & service posters and text lively updated via centralized media content management system.


• Soft phones – the sub-branch uses wireless phones for all staff while providing complimentary use of mobile phones for its customers.

The new sub-branch will also be Citibank’s first retail outlet in China to be submitted for LEED (Leadership in Energy and Environmental Design) certification. LEED is an internationally recognized green building certification system, providing third-party verification that a building was designed and built using strategies aimed at improving performance across all the metrics that matter most: energy savings, water efficiency, CO2 emissions reduction, improved indoor environmental quality, and stewardship of resources and sensitivity to their impacts.



Environmentally-friendly aspects of Citibank’s Xintiandi sub-branch include:

• Materials: all carpet at the sub-branch is LEED certified and recycled wooden material has been used for interior finish.


• Water efficiency: water efficiency equipment has been installed to reduce water consumption at the sub-branch.


• Fresh Air: an additional fresh air system has been installed to improve indoor air quality.


• Lighting efficiency: through a 15% reduction in lighting power density and using energy efficiency bulbs, power consumption relating to lighting is expected to fall by 40%.


• Equipment: more than 80% of the equipment used at the sub-branch meets or exceeds the Energy Star standard.

The new Xintiandi outlet is a full service one, providing foreign currency and RMB products and services. Like all other Citibank retail outlets in China, the new outlet offers both Citibank and Citigold services. Customers using the Citibank service, which requires a minimum balance of RMB80,000, will be provided with a choice of a comprehensive range of services to manage their wealth. Services provided include savings, deposits and investment products (including Premium Accounts, Structured Investment Accounts and QDII products); ATM/debit cards; mortgage loans in multiple currencies; insurance products designed to protect, grow and transfer wealth; unsecured personal loans and remittance services. Customers can also conduct their banking at their convenience through the multiple electronic channels such as online banking, mobile banking, 24x7 phone banking and fax banking.



The outlet also features a Citigold Service Center, designed to provide leading wealth management services. The Citigold offering, which requires a minimum balance of RMB500,000, is distinguished by factors that include:

• Dedicated relationship managers supported by a team of product specialists


• Personalized banking products and services


• Access to award winning global research, market outlook, latest financial developments and dedicated information channels


• Unique proprietary tools such as Citigold Financial Needs Analysis


• Membership rewards and privileges


• Citigold customers also benefit from Citi’s global presence with worldwide Citigold VIP recognition, courtesy access to world wide Citigold centers, overseas account opening referral, overseas emergency cash up to USD10,000, overseas Citigold preferential FX rate and fee charge, worldwide toll-free home connection service hotline and Citigold International SOS Healthcare Services, etc.

The Xintiandi outlet houses 12 retail banking professionals including Citigold Relationship Managers and Personal Bankers, trained and certified to provide premium banking services. It is located at Unit F, No. 222, Ma Dang Road, Xintiandi, Shanghai.



Citibank’s high technology sub-branch comes shortly after the launch of its new mobile banking capability in China. The new service, known as Citi Mobile, is the first to be offered by an international bank in China, and allows customers to access online banking services using their mobile phone anytime, anywhere.

100,000 Cards Being Replaced After Car Park Hack in Auckland

More than 100,000 credit cards are being replaced as a result of thieves hacking into payment machines at the Downtown carpark in central Auckland.   Auckland IT consultant Steven Ellis yesterday said service desk staff at ASB Bank told him that his new credit card was one of more than 100,000 Mastercard and Visa cards banks were replacing because of the scam.



Last night, Bankers' Association chief executive Sarah Mehrtens said everyone who used a credit card or debit card at the Auckland City Council-owned carpark would have it replaced.  She said she did not know how many people were affected.



ASB, Westpac Bank - which is investigating the fraud - Mastercard and Visa are refusing to reveal the scale of the problem.



Continue Reading

Tony Wai's card details were used fraudulently

to buy goods worth $900 in Arizona.

Photo / Richard Robinson

 

 

Related articles by Zemanta

• In Australia, Curbs on Credit Card Fees Backfired (nytimes.com)


• Visa/MasterCard Telemarketing Scam Uncovered (pindebit.blogspot.com)

Payments Fraud Reduction Key Driver for Adoption

Smart Card Alliance Study on EMV/Chip in Brazil and Mexico Finds that Payments Fraud Reduction is Top Driver for Adoption Organizations to host webinar to discuss findings

November 25, 2009 Reducing payments fraud is the top driver for issuers and acquirers to adopt EMV/chip in Brazil and Mexico, according to a new study from the Smart Card Alliance Latin America (SCALA), produced in participation with Visa Inc., available for sale today. Other important findings: respondents are also driven to adopt EMV/chip cards in order to position themselves as innovators and technology leaders, and they all expect to have 100 percent of their credit and debit card portfolios migrated to EMV/chip within one to five years.  SCALA and Visa commissioned First Annapolis Consulting to survey issuers and acquirers in Brazil and Mexico on the current state of EMV migration and the long-term growth of the EMV market. The resulting report, “EMV Migration Study and Market Analysis on Mexico and Brazil,” is available for purchase by both Smart Card Alliance members and non-members by visiting http://www.smartcardalliance.org/pages/publications-scala-emv-market-study.  The organizations will host English, Portuguese and Spanish language webinars on the study findings.  The English language webinar will take place on December 1st at at 11:00 A.M. eastern standard time, while the Portuguese and Spanish webinars will take place on December 8th at 11:00 A.M. eastern standard time and 12:00 P.M. eastern standard time, respectively.  Registration for the webinars is available at http://www.smartcardalliance.org/pages/publications-scala-emv-market-study.   “With the global payments industry migrating to chip technology for credit and debit cards, it’s important to understand the drivers and best practices for implementation. Mexico and Brazil are ideal markets to study, as they are well on their way to full migration,” said Edgar Betts, associate director, Smart Card Alliance Latin America. “The number of respondents that said fraud reduction is the main driver for adoption was overwhelming; almost all survey respondents claim a marked reduction in overall fraud rates, particularly with domestic counterfeit fraud. We also found it exciting that the respondents see contactless, loyalty programs, and multiple applications as a natural evolution for the cards.” In addition to the detailed review of the adoption drivers, the report also reviews implementation considerations, migration strategies, business impact and evolution for Brazilian and Mexican issuers and acquirers. The study forecasts the size of the EMV/chip market in Brazil and Mexico through 2015, including chip cards, point-of-sale terminals and transactions. “Visa has been spearheading the migration to EMV/chip worldwide as a solution to prevent fraud, especially card skimming, but also as a great platform for added services,” said Jurgen Wassmann, head of emerging products and channels for Visa Latin America and the Caribbean. “In the markets where issuers, acquirers, merchants, brand networks, industry groups and the government collaborate, EMV/chip adoption efforts have accelerated the fastest.” The study reports results from surveys and interviews with 13 issuers and acquirers in Mexico and Brazil, which captured perspectives from a wide variety of organizations that had direct experience with implementing EMV/chip cards. The study addresses these questions and more: What were the key factors influencing the adoption of EMV/chip cards and EMV-compliant merchant terminals for issuers and acquirers in Mexico and Brazil? What challenges were encountered during the EMV/chip migration process? How are organizations leveraging EMV/chip technology to improve performance, introduce new products and services, and capture new market opportunities? What is the "next wave" in the evolution of the EMV market? What is the business impact of EMV/chip adoption for issuers and acquirers? What is the EMV/chip market size in Mexico and Brazil through 2015? For more information on “EMV Migration Study and Market Analysis on Mexico and Brazil” and webinar from SCALA and Visa, please visit http://www.smartcardalliance.org/pages/publications-scala-emv-market-study. About the Smart Card Alliance Latin America (SCALA) The primary mission of the Smart Card Alliance Latin American chapter is in line with the overall goal of the Alliance: to stimulate the understanding, adoption, use and widespread application of smart cards.  The Alliance plans to use specific projects such as bilingual education programs, market research, advocacy, industry relations and open forums to keep Latin American chapter organization members connected to industry leaders and innovative thought. About the Smart Card Alliance The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.  Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought.  The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America.  For more information please visit http://www.smartcardalliance.org. About Visa Inc. Visa Inc. operates the world's largest retail electronic payments network providing processing services and payment product platforms. This includes consumer credit, debit, prepaid and commercial payments, which are offered under the Visa, Visa Electron, Interlink and PLUS brands. Visa enjoys unsurpassed acceptance around the world, and Visa/PLUS is one of the world's largest global ATM networks, offering cash access in local currency in more than 200 countries and territories. For more information, visit www.corporate.visa.com. About First Annapolis First Annapolis is a management consulting firm focused on the financial services industry, with specialties in merchant acquiring, electronic commerce, credit card issuing, commercial card and  private label card programs, and mortgage banking.  With over 50 professionals, First Annapolis specializes in advising clients on strategic and tactical matters across all major payment products and services including credit cards, deposit access products, and commercial payment vehicles. First Annapolis brings an unparalleled level of expertise in traditional and emerging payment market segments.  For more information, visit www.firstannapolis.com. ### Contact: Deb Montner, Montner & Associates, 203-226-9290, dmontner@montner.com

Related articles by Zemanta

• Smart Card Alliance Study on EMV/Chip in Brazil and Mexico (pindebit.blogspot.com)


• EMV Chip Cards Expected for Upscale U.S. Cardholders (pindebit.blogspot.com)

2009 Computer Crime and Security Survey Out Next Week

CSI's Annual Crime and Security Survey will be released December 1st in conjunction with this Webcast. 



Respondents reported significant jumps in the incidences of:


Financial fraud:  19.5 percent, over 12 percent last year (avg: $450,000)

Malware Infection:  64.3 percent, over 50 percent last year;

Denials of Service:  29.2 percent, over 21 percent last year,

Password Sniffing: 17.3 percent, over 9 percent last year); and

Web site Defacement: 13.5 percent, over 6 percent last year.



CSI Computer Crime & Security Survey Webcast

Date: Tuesday, December 1, 2009

Time: 11AM PT/ 2PM ET

Duration: 60-minutes



The CSI Computer Crime & Security Survey is the world's most widely quoted research on computer crime. This webcast, moderated by CSI Director Robert Richardson, will feature survey project leader and CSI senior editor Sara Peters, who will discuss the findings of the 2009 Survey and what they mean.  



Peters will discuss the incidence of unauthorized access, attack sources and types, the financial impact on organizations and actions taken. She will also discuss the economic decisions organizations make regarding computer security, and the way they manage the risk associated with security breaches. The presentation will also present some findings from the premium version of the survey report, generally only available to CSI members.





Featured Speakers

Sara Peters, Senior Editor, CSI

Senior Editor Sara Peters joined the Computer Security Institute in 2005, taking on a security beat that includes both policy issues (like Web vulnerability disclosure legislation and the compliance in the cloud) and technological issues like virtualization and browser security). Additionally, Sara founded the CSI Working Group on Web Security Research Law and authored the group’s inaugural report. Prior to her work in information security, she served as associate director of communications at Princeton University's School of Engineering and Applied Science, writing and editing their quarterly magazine. She began her reporting career in a small newspaper chain after graduating from Rutgers University with a B.A. degree in journalism.

Robert Richardson, Director, CSI

Robert Richardson has served as Director at CSI since 2003, having worked IT in various capacities for twenty years. He's given keynote presentations on three continents, often speaking about the CSI Computer Crime and Security Survey. Prior to CSI, Richardson served as Senior Editor of CMP's Communications Convergence magazine for two years and has contributed to magazines and Web publications such as Ziff-Davis Internet Computing, BYTE, Network Magazine, and Small Business Computing. Based outside Philadelphia, he occasionally serves as an adjunct teacher of computer science at Swarthmore College.

VeriSign to Present at Two Tech Conferences

SOURCE: VeriSign, Inc.

Nov 24, 2009 16:15 ET

VeriSign to Present at the Credit Suisse Annual Technology Conference and the Barclays Capital Global Technology Conference

MOUNTAIN VIEW, CA--(Marketwire - November 24, 2009) - VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services, announced that Mark McLaughlin, president and chief executive officer, will speak at the Credit Suisse 2009 Annual Technology Conference in Phoenix on Tuesday, December 1 at 9:00 a.m. (MST). Additionally, Brian Robins, chief financial officer, will speak at the Barclays Capital 2009 Global Technology Conference in San Francisco on Tuesday, December 8 at 4:30 p.m. (PST). During the presentations, recent company performance and business initiatives will be discussed. Both presentations will be available via live webcast at http://investor.verisign.com. Replays of both webcasts will also be available at http://investor.verisign.com after the events for a limited period of time.



About VeriSign

VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Nobody Knows About This

By Diane Bartz and Jim Finkle via Reuters

Cyber breaches are a closely kept secret

WASHINGTON (Reuters) - Cybercriminals regularly breach computer security systems, stealing millions of dollars and credit card numbers in cases that companies keep secret, said the FBI's top Internet crimes investigator on Tuesday.



For every break-in like the highly publicized attacks against TJX Co (TJX.N) and Heartland Payment (HPY.N), where hacker rings stole millions of credit card numbers, there are many more that never make the news.



"Of the thousands of cases that we've investigated, the public knows about a handful," said Shawn Henry, assistant director for the Federal Bureau of Investigation's Cyber Division. "There are million-dollar cases that nobody knows about."



Companies that are victims of cybercrime are reluctant to come forward out of fear the publicity will hurt their reputations, scare away customers and hurt profits. Sometimes they don't report the crimes to the FBI at all. In other cases they wait so long that it is tough to track down evidence.



"Keeping your head in the sand on filing a report means that the bad guys are out there hitting the next guy, and the next guy after that," Henry said.



He said the cybercrime problem has gotten bigger over the past three years because hackers have changed their attack methods as companies have tightened up security.

"It's absolutely gotten bigger, yes, absolutely," he said.

That is because the Internet is rapidly growing as a tool for commerce. As it does, consumers and companies alike are exposing valuable data such as business plans, credit card numbers, banking information and Social Security numbers.



"There are hundreds of billions of dollars that traverse the Internet," he said.



DESPERATELY SEEKING EASIER TARGETS



Cybercriminals are now looking beyond large companies, which in the past 10 years have bolstered security on their networks using products from software companies including Symantec Corp (SYMC.O), McAfee Inc (MFE.N) and Trend Micro Inc (4704.T). Cisco Systems Inc (CSCO.O), International Business Machines Corp (IBM.N) and Websense Inc (WBSN.O) also sell products to protect computer networks.



Instead criminals are attacking small and medium-sized companies that don't have the inclination, money or expertise to prevent cybercrime.



They also target corporate executives and other wealthy public figures who it is relatively easy to pursue using public records. The FBI pursues such cases, though they are rarely made public.

On November 4, the FBI warned of major fraud cases involving the theft of online banking credentials belonging to small and medium-sized businesses, local governments and school districts.

In this case, as in others, people hired through work-at-home schemes were used to move the money overseas.



A similar approach was used in a scheme that defrauded the Royal Bank of Scotland's (RBS.L) RBS WorldPay of more than $9 million. A group, which included people from Estonia, Russia and Moldova, has been indicted for compromising the data encryption used by RBS WorldPay, one of the leading payment processing businesses globally.



The ring was accused of hacking data for payroll debit cards, which enable employees to withdraw their salaries from automated teller machines. More than $9 million was withdrawn in less than 12 hours from more than 2,100 ATMs around the world, the Justice Department has said.



Henry said that it was relatively inexpensive to pull together a cybercrime organization.



Some groups consist of a core of just about a dozen people -- including strategists, hackers and programmers -- who can get started with a budget of a few thousand dollars to set themselves up with computers and broadband access.



When they are ready to launch an attack, they might hire hundreds more people who help them launder the money. Known as "money mules," these people are often found through "work-at-home" schemes, where they are hired to cash checks for a few thousand dollars, keep a percentage and send the rest back to the core group.



"I think that there are people who are ignorant completely and others who have their head in the sand," said Henry.



Editor's Note:  I respectfully agree!

Related articles by Zemanta

• Police: ATM Hackers Took £5m In Global Fraud (news.sky.com)


• Hackers indicted for 12-hour ATM attack that netted $9 million (scientificamerican.com)


• Crime ring that hit 280 cities' ATMs at once busted (boingboing.net)