HomeATM Officially Invites ATMDirect to a "PIN Off"

I was speaking with Ken Mages, the founder and CEO of HomeATM and George Gendron, HomeATM's President regarding ATMDirect's questionable press release (Smoke, Mirrors and Patents) last Sunday, and the notion of calling them on their bluff came up.

Additionaly, we discussed an article written by Digital Transaction News, whereby Rajiv Grover, an investor in ATMDirect said. “Our intention is to own Internet PIN debit transactions.”

Remember...I took at close look at ATMDirect when it went up for auction and when I began digging into ATMDirect's business my conclusion was that the asset value of the associated personal property (i.e. servers, networking equipment, computers and office equipment) was worth (in an eBay resale) between $500,000 and $750,000.

Freshly armed with this information I decidedly looked at their associated, and I use this term very loosely here, "intellectual property" which solely consisted of a single patent. (not 25 global patents as stated in ATMDirect's recent press release)

In what I consider to be a "more than bold" statement, the new owners of ATMDirect went on to say: "Over the course of the next 90 to 120 days, ATM Direct is set to contract with a major, publicly held acquirer to sign merchants, receive certifications from a couple of major electronic-funds transfer networks, and sign a number of large merchants...

This leads me to my point. I have a "common sense" question that I'd like to pose here. By the way, it's the same question I posed to myself when I decided not to move forward in my attempt to acquire ATMDirect.

But before posing the question, I would ask that you first take a look at the numbers shown in the graphic on the left. (to get a bigger picture of my point, click the picture and focus on the "debit". Okay, now on with my ponderings...

For a measly $600k, wouldn't one, or even you, think that PayPal, BillMeLater, Amazon, First Data, Heartland, CyberSource, (the list goes on forever) would have been interested in acquiring the assets of ATMDirect? If any of those aforementioned companies could have "Owned PIN Debit on the Internet," a $94 BILLION dollar market for only $600k, doesn't your common sense dictate that they would have been involved?

For obvious reasons ALL were glaringly absent.

Thus the only logical assumption that a pragmatic person can make is that there's nothing there. Which brings me back to the beginning of this post.

I was talking with both the CEO/Founder and President of HomeATM, and the notion of calling them on their bluff (Myth'd it By That Much...) came up.

The fairest and most arbitrary way would be to challenge them to an old-fashioned showdown which was dubbed during the course of our conversation, a "PIN-OFF."

HomeATM would be willing to have the "PIN Off" supervised by a knowledgeable, non-partisan entity. One suggestion among many as a "fair and balanced" arbitrator was John Stewart" the Editor in Chief of Digital Transactions Magazine.

Will you, ATMDirect accept? I think the real question is: Will ATMDirect even "be able" to accept? If so, will ATMDirect be able to do so "securely" without any glitches? That is the gist of the challenge.

My take is they won't. It's too "Rocky" a road for them to travel. They know that it's simply a case of the Contender vs. the Pretender...

...Everlast versus Never...mind...I think you get the picture!

However, I've been known to be wrong before, so...ATMDirect, prove me wrong! If you don't think that HomeATM would "PIN U" into the proverbial corner, feel free to accept the invitation to an offical PIN Off by emailing me at: ATMDirect Hereby Accepts

Study Reveals PIN Debit Provides Lowest Fraud Rate

A study shows that in 2007 organizations were much less likely to be subject to fraud from electronic payments than from checks, including ACH debit (26 percent), corporate cards (13 percent), ACH credit (4 percent) and wire transfer (3 percent). Most fraud is caused by thieves using credit cards. 89 percent of organizations that experienced consumer electronic payments fraud claim that credit cards were used.

More than one-third experienced ACH fraud and one-quarter claim they were subject of signature debit card fraud. PIN debit cards were not frequently used to commit fraud.

Two-thirds of organizations that experienced ACH and/or card payments fraud registered financial losses and 71 percent of these organizations state that the loss was caused by online commerce.

63 percent reported financial losses from in-person transactions, while 46 percent were subject to fraud because they accepted fraudulent ACH and/or card payments over the phone.

Data was published by the Association for Financial Professionals

In a related story, SEPA stated it's concern regarding the potential of fraudulent activity as it moves forward...

Sepa fraud risk warning for businesses
Laissez-faire attitude adds to confusion over payments...

As Europe starts to adopt pan-continental payments systems, UK payments takers are ill-equipped to deal with the exposure to fraud this change might bring. The Single Euro Payments Area (Sepa) directive came into operation at the beginning of the year and Faster Payments protocols are due to go live in May.

But UK organizations in the utilities, telecoms and insurance sectors are not anticipating any change in processes or systems to introduce fraud countermeasures following the introduction of Sepa Sepa allows organizations to offer services easily across the Euro area - but this also means fraudsters can bury their trails across a number of countries. A survey of 43 companies in the utilities, telecoms and insurance sectors, from newly rebranded Experian Payments (formerly Eiger Systems), found 98 per cent are not planning to change their security policies, even though three-quarters have some business overseas.

These sectors were chosen as a sample because they rely heavily on the automated direct debit payments Sepa seeks to streamline. A significant majority (86 per cent) said they had yet to even assess the payment fraud risk of Sepa, while 15 per cent of the insurance companies questioned believed there was a negligible risk.

Gartner research VP of banking and investment services Alistair Newton said: "There is often a difficulty in assessing the value of data on payment fraud, because of the disparity in how it is measured from organisation to organisation. The important angle here is that there is clearly a lack of visibility around payment fraud at a corporate level."

Cheat Sheet: Sepa

Back in 2000, European political big wigs got together in Lisbon. By the end of their jaunt in the sun, they decided the EU would be one of the world's leading knowledge-based economies by 2010 - a plan that has become known as the Lisbon Agenda.

Out of this stemmed the idea to support innovation and the idea of a single market by making it easier and cheaper to move money around the EU.

The EC decided that cross-border payments should cost no more than domestic payments and in 2002 the European Payments Council (a group of banks) sketched plans for how this would be done.

Thus the Single European Payments Area (Sepa) was born.

What will it mean?
Basically it means fewer charges on transactions and purchases. On the consumer side of things, if Sepa comes into being by 2010, it could mean you'll be able to buy things on your card in another European country and pay nothing more than you would domestically.

On the business side, it'll basically mean the same thing but moving money around should be as cheap as it is domestically. This means banks will have to sharpen up their IT systems, to replace manual processes with automatic ones in order to bring down costs.

Sepa will also mean that European-wide card issuers can compete with domestic card firms. Sepa is probably going to be built around EuroPay MasterCard Visa (EMV) card technology to ensure security and interoperability at the acceptance point. How will it happen?

Aye, there's the rub. The thing is the banks don't really know what they should do as wise men at the EC in Brussels haven't issued any strict guidelines. A lot has been left to interpretation.

Saying that, Voca, the payments organisation formally known as Bacs, is already revamping its infrastructure to accommodate future demands of Sepa. Analysts have also predicted banks will have to spend money quite fast to hit the 2010 deadline.

After all, making all European businesses and all banks sing from the same song sheet isn't going to be easy.

What should I do to be to prepare for Sepa?
Basically, get ready to buy technology and think Europe-wide.

Is it all smooth sailing?
As mentioned, it could cost a lot for banks to get up to scratch but the benefits will be that banks can compete for customers anywhere in Europe.

New Feature on HomeATM Blog

On the right sidebar you'll find a "search this blog" option. Simply type in your request and it will search not only this blog, but give you additional options for the search parameters. For example...type in ATMDirect and4 the results will appear on the top of the most recent post.

Smoke, Mirrors and Patents

The many people who subscribed to my Pay By Touch Blog over the past couple years know that I was a big advocate for ATMDirect, more specifically, a methodology designed to offer Internet Retailers a lower cost, more secure PIN Debit payment solution.

In fact, in one specific post I did in June of '06 I mentioned that I really believed that ATMDirect might have been a Pay By Touch Cash Cow.

That is why, when Pay By Touch announced they were selling their non-core assets, including ATMDirect, I decided to take a close look at it. Thus, I signed the requisite non-disclosure and PBT forwarded me the confidential information that they forwarded to others who may have been interested in procuring ATMDirect's assets.

I also spoke to former Pay By Touch executives who informed me that some of the claims made by the former owner of ATMDirect regarding their patents were, "misleading" or at least "overblown." So I looked at their patents, no...let's make that "patent" since only one is issued (the rest are only applied for,) as well as other key ingredients and, frankly, came away rather unimpressed.

How unimpressed? Let's just say that my vision of ATMDirect as a "cash cow" took on a new form...(which I graphically illustrate on the right)

I knew that Pay By Touch had (been duped?) paid $30.5 million only two years previously, and that now it could be had for somewhere around $500k-$750k. Even though there were several IBM Blade Servers worth about $1.5 million, I decided to pass as I wasn't in the used blade server resale business.

On Friday, I mentioned that I was going to do a post discussing how ATMDirect is bluffing their way through the PIN Debit Card game. They sure made it easy for me. as yesterday, while I was watching the Cubs game, I got an e-mail alert regarding a press release from ATMDirect.

Here's the link, followed by the portion of the press release that, in my view, is blatantly misleading. Bluffs only work when you don't have to show your cards, but when you say you have a Four Aces, you better have four and not one.

As you read the following, keep in mind that ATMDirect (or should I say ATM-Indirect.) has been issued ONE patent...and that I saw everything that ATMD had to offer and was simply not interested.

Frankly, one word sums up this press release...Unbelievable!

###

Accullink, LLC Acquires Pay by Touch Internet PIN Debit "Patents"

Accullink, LLC is pleased to announce the acquisition of Pay By Touch's "suite of 25 global Internet PIN Debit patents".

These "patents" enable, for the first time, a software-only solution for PIN based payment transactions on the Internet. "The patents" are being commercialized through Accullink, LLC subsidiary ATM Direct. Their solution provides a compelling alternative payment method for consumers and merchants.

Atlanta, GA, April 06, 2008 --(PR.com)-- Accullink, LLC, an Atlanta based investor group, has acquired Pay by Touch's suite of 25 global patents that enable a software-only solution for PIN based payment transactions on the Internet. Accullink, LLC is commercializing the patent suite through its subsidiary ATM Direct, a leading alternative payment provider.

I'll have more to say on this subject later on. By the way...if anyone from ATMDirect disputes anything I've stated in this post, I would invite them to feel free to contact me and set the record straight. johnbfrank@gmail.com

Coming Monday...Myth'd It By That Much...

PIN Debit for the Internet...which Avenue should Online Retailers Take?


VERSUS

Consumers Prefer PIN Debit - Gartner Research

Consumers believe it's more secure than signature credit and debit transactions and Online Retailers would love to eliminate chargebacks, let alone, reduce their Interchange Fees by 100 basis points.

So it appears that bringing PIN Debit and PIN Credit transactions to the web is just going to be the natural order of things.

HomeATM is positioned to help consumers and online retailers do just that with their patented browser space PIN debit application, which includes being able to assign PIN's to previous Non-PIN'd existing credit and signature debit cards.

Here's the report from Gartner:

U.S banks have put significant efforts into marketing contactless and signature-based debit card payments, but they have failed to win over consumers, according to market research firm Gartner.

According to a survey of 4,500 online U.S. adults in August 2007, consumers prefer PIN debit over other payment methods such as credit cards, contactless cards and signature-based debit.

PIN debit is popular with cardholders, as they believe it is more secure than signature based transactions, Gartner says.

“Despite significant marketing campaigns by banks and issuers to steer consumers towards using debit cards with a signature, consumers prefer entering their PIN to pay for groceries with their debit card over all types of signature-based card payments, whether credit or debit,” says Avivah Litan, vice president and distinguished analyst at Gartner.

Consumers’ least-favorite payment method when shopping for groceries is contactless cards, and there is similarly little interest in using cellphones for making payments, Gartner says.

According to Litan, banks promote signature-based debit payments as they earn more interchange fee revenue from card-accepting merchants. “The reason is that signature-based debit is riskier and more prone to theft, so banks need to earn higher interchange fees to compensate,” Litan says.

Fraud rates on signature-based debit card payments are at least 10 times higher than on PIN debit.

Gartner adds that contactless debit and credit card transactions earn issuers higher interchange fees than contact-based transactions. The Gartner survey found that, when shopping at grocery stories, consumers prefer PIN-debit card payments, even though only card payments with physically signed receipts typically earn them reward points. “Brick-and-mortar businesses which accept electronic consumer payments should promote use of PIN-based debit card payments through payment terminal programs and by offering store-based incentive campaigns,” Litan says.

“Businesses pay less to banks for PIN-based payments, and, since consumers prefer them anyway, this is a win-win strategy for all parties except card issuers and banks.” Related Links:

www.gartner.com
Why Aren’t More Merchants Prompting for PIN - Digital Transaction News
U.S. Consumer Secure Payment Preferences Create Opportunities for Nonbanks
Another U.S. Alternative Payment Service Debuts
U.S. E-Shoppers Turning to Alternative Payments
Surge Seen In U.S. Alternative Payments

HomeATM Card Present Solution

Card Present Solution for Online e-commerce Retailers

Traditional e-commerce is based on Card Not Present (CNP) transactions; i.e. the cardholder enters credit / debit card data using an online form. There is no way to prove that the user entering the card information is in fact the actual cardholder. To truly identify the cardholder the card needs to be processed via some form of hardware device that interrogates the card in order to match the data entered by the user with data phyiscally stored on the card.

Enter Home ATM. The HomeATM solution is based on an Internet consumer connecting the HomeATM device to their PC via a USB port. Once installed and configured the HomeATM Scanpad may used to process card present credit card and PIN debit card transactions via the Internet, resulting in less risk for all parties.

Payment for goods using PIN based Debit Cards as the settlement instrument of choice is the fastest growing card sector in the world at present. PIN based Debit Card settlement offers merchants a number of benefits such as Zero Chargeback and NO Risk.

Traditionally the ability to accept PIN based debit cards has been reliant on the card issuer. Home ATM removes this reliance - any debit card, issued by any issuer can be processed by merchants. Technically it's exactly the same transaction type as a user using a POS device or an ATM device.

Would HomeATM's "PIN My Card" Technology Remove 75%-90% of Fraud?

In the wake of Hannaford's recent "PCI Compliant" breach of over 4 million cardholders data, there has been much written on the subject. Below is a rather interesting comment from Gartner, Inc.

Avivah Litan, a security analyst at Gartner Inc. argues that the biggest lesson is that the banking industry needs to make it harder for thieves to put stolen credit card data to use.

Requiring PINs on credit card transactions, she said, "would remove 75 to 90 percent of the fraud in the system."

HomeATM's PIN My Card technology assigns PIN's to existing cardholders Credit Cards.

Hmmm...sounds like HomeATM is on to something. Look for more on HomeATM's PIN my Card technology later....

New Credit Card Breach Will Test PCI

In a follow up to yesterday's post regarding whether or not current PCI Standards are flawed, I include this related article from Information Week.

Does Hannaford Hack Suggest PCI Standards are Flawed?

A security breach of one of our nation's grocery chains computer system may have exposed 4.2 million debit and credit card numbers to theft, making it one of the largest such cases in the nation. Hannaford Bros. says it has secured its credit and debit card transaction system to block future unauthorized access and the Secret Service is investigating. So far, 1,800 cases of fraud are linked to the breach.

Kevin Mandia, president of Alexandria, Va.-based computer security firm Mandiant Corp., said retailers are most vulnerable during the processing of the credit or debit transaction. Hackers can create a type of software called a "sniffer" that acts like a wiretap and can intercept credit and debit card data as it travels between the retailer's point of sale and the credit card processing company. It can be very difficult to detect sniffers.

While the banks appear all but ready to blame Hannaford for failing to follow payment card industry standards on security, there are signs that this may be the first of many cases to surface this year wherein the affected retailer was hacked even though it appeared to be following all of the security rules laid out by the credit card associations.

Editor's Note: What does this have to do with HomeATM you ask? The highlighted sections below underline deficiencies (in the brick and mortar world) where deficiencies should NOT exist and where HomeATM has already taken precautions designed to alleviate these new concerns.


The Boston Globe's Ross Kerber today writes that Hannaford is still investigating the specifics of how the data was taken, but that the company's chief executive said the data "was illegally accessed from our computer systems during transmission of card authorization." Translation: The hackers snatched the credit/debit card data sometime between when the customer swiped their card in the reader at the register and when that transaction was approved.

Editor's Note: If the passage in the second highlighted area is correct, then the revised PCI-DSS standard is flawed.

The Globe story continues: "What could make the Hannaford case unusual is that since last spring its stores have met industry standards regarding how customer data is stored and maintained, Eleazer said. Many other retailers victimized by breaches, including TJX, had been faulted for lax security. It's too soon to know whether Hannaford's case will warrant the consideration of further security reforms, said Ted Julian, vice president of strategy at Application Security Inc., a New York database services company."

Brian Sartin, vice president of investigative response for Cybertrust, a division of Verizon said a great many retailers have taken extra precautions to ensure that any credit or debit card data they store is properly encrypted and secured.

Sartin said his team is currently responding to a number of data breaches in which hackers have targeted financial data as it is being transferred from the retailer to the credit card processor and back.

While the payment card industry standards require retailers to encrypt payment data when it traverses public networks, that requirement does not necessarily apply to a company's own internal, non-public networks, Sartin said.

"I would say a trend we're seeing hitting a lot of retailers right now is that these organizations can be [compliant with the credit card industry security standards] and still have customer data stolen," Sartin said. "The data in transit is allowed to traverse private links and internal infrastructure without being encrypted, and the attackers are taking advantage of that."

Editor's Note: According to George Gendron, President of HomeATM, "Contrary to current practices – and a function that HomeATM has presented a patent application on – HomeATM decreases the chance of hacking during transmission by not only encrypting the PIN, but also the PAN prior to transmitting."

Sartin declined to say whether this dynamic was at work in the Hannaford case (his company had been retained by a party involved in the breach). But he noted that Cybertrust has found with a number of very recent compromises that attackers have seized control over the very terminals that control cash registers or point-of-sale systems within a retail store, or the server through which all registers connect to pass transaction data out across the Internet to the store's payment processor. Once these systems have been compromised, Sartin said, the attackers typically eavesdrop on the network using "sniffer" programs that can extract credit and debit card data as it moves across the wire, before it even leaves the store's network.

Indeed, attackers appear to be exploiting the letter - if not the spirit - of the payment card industry standards, said Tom Kellerman, vice president of security awareness at Core Security.

Kellerman said many retailers not only fail to encrypt financial data while it is being moved around inside the stores, but they also fail to understand that encrypting data is meaningless if the merchant doesn't also harden the security of the computers that power the point of sale systems.

Already, there are signs that 2008 may turn out to be a record-breaking year for retailer and card processor data breach disclosures. Kevin Mandia, president of Mandiant Corp., an Alexandria, Va.-based company that specializes in investigating data breaches, said his firm responded to more credit card losses in the past year than in any prior 12-month period. "It's early in the year, but the tempo [of data breaches] has been very heightened since the summer of 2007 and maintained the same barrage," Mandia said. "We're seeing at least two new companies a week discovering that they've lost credit card numbers, and at the rate we're going [the criminals] are going to exhaust U.S. retailers as targets.

HomeATM's New Flash Website is Up

HomeATM's new Flash Website is up and running. Although there's still a lot of work to be done before it's complete, it is currently available for viewing. I expect that it will be up and down over the course of the next few weeks/month as ongoing work is being done to complete it. But take a look. FYI: To turn off the music, look for an icon on the bottom middle right and click it.

On the right is a screen capture of the Introduction and Benefits to Merchants...

Click the picture to enlarge or vist HomeATM's website at:

www.homeatm.net

Fraud Still a Problem in 2007

From Digital Transaction News on March 13th, 2008

Companies that accept checks and electronic payments were victimized by fraud at virtually the same rate in 2007 as in 2006, but those that experienced fraud saw more incidents of it, according to a survey by the Association for Financial Professionals released this week. The Bethesda, Md.-based AFP is a trade group made up of treasury professionals from retailing, manufacturing, and other sectors.

While the AFP reports 71% of respondent organizations reported actual or attempted fraud last year, virtually unchanged from 72% in 2006, some 30% of those companies said the number of incidents increased; 18% reported fewer incidents, while 52% said the number was unchanged.

Much of this fraud resulted from paper check payments, with fully 94% of victimized organizations reporting this type of fraud. Of those companies that receive electronic payments from consumers in the form of cards or through the automated clearing house, just 10% said they were hit last year by actual or attempted fraud. And incidents of consumer-based fraud appear to be moderating. Among these companies, 61% said they had experienced the same number of incidents as in 2006. Thirty-seven percent reported more incidents, and 2% said there had been fewer.

Altogether, 43% of the respondents reported accepting consumer-based ACH and card payments.

Among companies reporting consumer-based fraud, credit cards were responsible for most of the incidents, with 89% of organizations reporting this type of fraud, followed by ACH (38%), and signature debit cards (24%).

Interestingly, 11% reported attempted or actual fraud on PIN debit cards, often seen as safer than either signature debit cards or credit cards because of their PIN authentication.

But consumer fraud often results in actual losses for these businesses, largely because of online commerce. The AFP report says two-thirds of organizations reporting consumer ACH or card fraud sustained losses, compared to 37% for all companies reporting fraudulent incidents of all types. Again, credit cards were responsible for most of the consumer-fraud losses, with 92% of those reporting such losses citing this as the source. ACH fraud caused losses for 36% of these companies, followed by signature debit cards (28%) and PIN debit cards (20%).

Some 71% of those suffering losses said the loss came from Web sales, followed by card-present sales (63%) and phone-based transactions (46%).

Taking into account all payment instruments, including checks, and business-to-business payments as well as consumer transactions, some 63% of organizations reporting actual or attempted fraud suffered no losses at all. Among those that did, the median loss came to $13,900, a number the AFP report characterizes as “relatively small.” Though check fraud seems pandemic, with nearly all companies reporting fraud citing checks as a source, only 17% of these organizations sustained losses.

The AFP survey is the fourth annual poll the organization has conducted and was underwritten by the Electronic Payments Network, a unit of The Clearing House Payments Co. LLC, New York. It was fielded in January and went to 3,950 members, with 488 responses. Surveys sent to non-member companies yielded another 64 responses. Manufacturers and retailers made up nearly one-third of respondents.

Online Retailers Need Online PIN Debit

Question: What do the Top 500 Internet Retailers All Have in Common?

Answer: They are all being charged Interchange Fees that are 100 basis points higher than they would pay with a web based PIN debit payment platform. HomeATM can bring PIN Debit to your website today. Call John B. Frank at 612-432-6980 to find out how....



Smaller niche retailers pace the 2007 Top 500

America’s 500 largest web retailers accounted for 61% of all e-commerce sales in 2006, but the fastest-growing merchants are smaller niche retailers who specialize and know what makes their customers tick, according to Internet Retailer’s forthcoming 2007 Top 500 Guide.

While the Top 500 was the engine that powered online sales growth for several years, in 2006 sales at the Top 500 companies grew 21.3% compared to 25.9% for the entire market. Top 500 sales totaled $83.6 billion, up from $68.9 billion a year earlier. The rest of the market, including an estimated $34 billion in eBay Inc.-originated sales that could be considered retail sales, accounted for $52.6 billion in sales, up 29.9% from $40.5 billion a year earlier.

Within the Top 500, the split between slower growing large sites and faster growing smaller sites was apparent. In 2006, combined revenue of the Top 500’s 100 smallest merchants—with annual sales of about $5.5 million to $10.9 million—rose by 23% to $836.3 million from $682.6 million in 2005. Sales at the Top 100 grew 19% to $71.6 billion in 2006 from $60.2 billion in 2005.

In 2006, the Top 500 accounted for 61.3% of all online retail sales of $136.2 billion, down from 62.9% a year earlier. Among the Top 500, the Top 100 account for 86% of all sales, down slightly from 87% a year earlier.

But smaller and more nimble merchants continue to grow faster than their established competitors. For instance, the Top 25 retailers grew their combined sales in 2006 to $52.9 billion from $44.8 billion, an increase of 18%. But the total sales for all start-up retailers in the Top 500 Guide—companies only in business since 2004—grew by 55% to $494 million last year from $319 million in 2005.

The Top 500 Guide ranks America’s 500 largest web retailing organizations based on annual sales. Each retailer’s listing also includes: site traffic, conversion rate, average ticket, senior management, key vendors and where each retailer ranks in the market they serve. New this year are a list of web features and functions for each retailer, the percent of traffic from search engines for 2005 and 2006 for each merchant, and a browser satisfaction score and the ForeSee Results/Internet Retailer Purchase Intent Index for each top 100 e-retailer.

The Top 500 Guide includes 145 e-retail businesses that are owned or operated by store-based retail chains, 89 by catalog and direct-marketing firms, 42 by consumer branded manufacturers and 224 by the so-called pure plays or web-only retailers.

As e-retailing becomes more established, the Top 500 Guide finds that more online merchants are freely revealing their online sales numbers. This year, 256 companies reported their online sales data, compared with 240 last year and 150 the year before. The Top 500 Guide sells for $59 for a single copy plus $9.95 for shipping and handling. To order, click here.

There's No Place Like Home...ATM

Costco Wholesale Corp. is investigating two technologies that would allow the retailing giant to accept PIN debit cards for payment on its Web site, according to sources familiar with the matter.

At a meeting arranged by Chase Paymentech Solutions LLC, a senior Costco official met with representatives of ATM Direct (which has since gone bankrupt), HomeATM and Intel Corp. to discuss methods for processing PIN debit transactions online, these sources say.

Irving, Texas-based ATM Direct and HomeATM, a Montreal company, market products that give consumers the ability to enter PINs on PCs.

HomeATM uses, depending on the application, either an external PIN pad combined with a mouse clicks on a floating screen based PIN Pad. They also have the ability to transact without the external PIN Pad.

ATM Direct relied only on a PIN entry via mouse clicks although now that it's bankrupt, dismantled, and it's website gone (www.atmdirect.com) , it seems irrelevant what they did or could have done. ATM Direct WAS a unit of San Francisco-based Pay By Touch, a provider of biometrically authenticated payment processing. They have since filed for bankruptcy and must liquidate their core and non-core assets.

ATM Direct was sold at auction and is therefore no longer considered a player.

To give you an idea of the lack of viability regarding ATM Direct's platform; according to Digital Transaction News, Pay By Touch paid $30.5 million dollars for ATM Direct, yet it fetched only $600,000 at auction. Therefore, one would have to logically assume that it's intellectual property was not very strong in the face of HomeATM's and thus it was purchased for the purpose of it's inventory, which consisted of 25+ IBM Blade Servers.

Therefore, it is my guess that it will never be heard from again, which although it probably wouldn't have mattered anyway, still bodes well for HomeATM.

HomeATM relies at least in part on technology acquired from InstaPay Systems Inc., whose Kryptosima unit developed external PIN pads that can be hooked up to PCs via USB connections. (Digital Transactions News, Sept. 7, 2004). However, in the last three years, they have vastly improved on this technology and hold the global patent for PIN based transactions in a web-browser space. This is the patent that probably resulted in ATM Direct becoming a Blade Server Discount Store.

Also in attendance at the meeting, held at Costco’s headquarters in Issaquah, Wash., were representatives of three of the five biggest electronic-funds transfer networks, according to one of the sources, who declined to identify them.

A spokesperson for Chase Paymentech declined to comment. Calls from Digital Transactions News to the other known participants in the meeting were not returned by late Wednesday.

While the ultimate outcome of the meeting will likely remain unclear for some time, its purpose was to provide a basis on which Costco and its processor, Chase Paymentech, can decide on which technology to use, say the sources familiar with the matter. Moreover, Chase Paymentech, a merchant-processing behemoth owned jointly by JPMorgan Chase & Co. and First Data Corp., is trying to decide how to place its bets when it comes to PIN debit for e-commerce in the face of mounting demand from merchant clients, these sources say. This is just the beginning of what could be a whirlwind decade for HomeATM.

“There’s likely to be more meetings [with other merchants] in the near future” like the one with Costco, says one source, who adds much of the demand for Web-based PIN debit is coming from multichannel retailers looking to cut the cost of online transactions.

A move by Costco, a top-25 Internet merchant, to take PIN debit on its site would lend considerable credibility...make that debibility...to the idea of taking PIN debit online.

This is a notion many EFT officials have historically shied away from, citing concerns about security and about a possible threat to the interchange income EFT network members earn from signature debit. However, according to HomeATM, their transactions would be 99.9 Sigma Secure, so it seems they have overcome those concerns and are poised to challenge some of the biggest online payment players for market share.

Because of these concerns, the EFT networks have limited PIN debit online to payments in certain biller categories regarded as safe because the billers have established relationships with consumers. These categories include utilities and insurers, though lately the networks have added more categories, such as rent payments.

PIN debit interchange rates are significantly lower than those for signature debit. Of course, signature debit doesn't really even exist on the Internet, as it's not physically possible to provide a signature, thus the rates web retailers pay are typically even higher than signature debit.

Costco’s site is the 21st largest among Web retailers with $1.22 billion in annual sales, according to Internet Retailer magazine.

Thus, according to the chart on the left, HomeATM could save Costco 100 basis points on it's Interchange Fees. That would equivocate to an annual savings of $12.2 million dollars, or $122.2 million dollars over the next whirlwind decade that HomeATM could enjoy.

Imagine that only half of the top 30 Internet Retailers, who each process $1 billion dollars per year were smart enough to save 100 basis points, reduce back office risk management costs by half (estimated to average around 4%) The sales proposition is as simple as it gets. Save More, Risk Less.

HomeATM Article from Digital Transaction News

Smart Card Marketing, HomeATM Enable PIN Debit Online and at Stores

In a move that could further the penetration of "Internet-based PIN debit", (Editors Note: I prefer PIN Authenticated Internet Debit which gives us the acronym P.A.I.D which could also stand for PIN Authenticated ID) a San Antonio-based processor of prepaid card transactions has adopted a device that will allow users of its electronic-wallet service to load their accounts online with credit cards and PIN debit cards.

Smart Card Marketing Systems Inc., which introduced its VelocityMoney.com e-wallet product just six months ago and so far has 1,000 users, will use a device from Montreal-based HomeATM that connects to PCs via a USB cable to allow users to load accounts online with card swipes. The device includes a numeric pad for entry of PINs linked to debit cards.

Also, as part of the agreement with Smart Card Marketing Systems, HomeATM will begin reaching the physical point of sale for the first time.

Working with an unnamed merchant acquirer, Smart Card Marketing Systems is signing up merchants to accept credit and debit cards through the HomeATM device.

The acquirer will process credit card transactions, while HomeATM will handle debit card payments. Smart Card Marketing has booked orders from merchants for 9,000 of the devices so far, says Bruce Baillio, president of the company. Targeting niche merchants that in many cases don’t have existing merchant accounts, Smart Card Marketing is offering the HomeATM device as a substitute for conventional point-of-sale terminals and pricing it at around $50.

Although the devices will accept credit or debit cards, Baillio says many merchants have a strong interest in PIN debit. “Our merchants are interested in the debit-loading aspects of this,” he notes. A travel agency, for example, finds the service useful to allow customers to load prepaid cards for use on trips, he says. Another client is a processor for small online merchants that wants to enable PIN debit payment, Baillio says.

The agreement with Smart Card Marketing represents the second major deal HomeATM, a small engineering company with a handful of Web merchants as clients, has struck in the past two months. In December, the company agreed to use its technology to enable online PIN debit and credit card transactions for airlines linked to the Universal Air Travel Plan transaction switch.

At the same time, it applied for a patent on a PIN-authentication system called PinMyCard, which, when paired with its device, could allow merchants to process credit card transactions online at card-present interchange rates. Company officials say this is possible by virtually eliminating the risk of fraud (Digital Transactions News, Dec. 18, 2007).

For users of Smart Card Marketing’s VelocityMoney.com service, the HomeATM device will enable cardholders to replenish the company’s prepaid MasterCard online with the swipe of a credit or PIN debit card. VelocityMoney.com, an e-wallet platform, also allows loading through the automated clearing house, wire transfers, and checks and money orders. The advantage of PIN debit card swipes, Baillio says, is that the company will get good funds the same day. “Unless you’re getting physical cash from someone, the time frame of moving money is extended, it could turn into multiple days or a week,” he says.

The agreement with Smart Card Marketing does not yet involve HomeATM’s PinMyCard system, so online credit card transactions on the devices are being assessed card-not-present interchange, according to Mitchell Cobrin, chief operating officer at HomeATM. But he says talks are under way with Smart Card Marketing to integrate the system and allow card-present rates, which do not carry the premium the card networks levy on card-not-present payments.

Universal Air Travel Plan Selects HomeATM's PIN Solution

Targets Airlines with PIN Based Alternative Form of Payment

Washington, DC – Universal Air Travel Plan, Inc. (UATP), today announced a partnership with HomeATM ePayment Solutions, a global online payment solution and web security engineering firm.

The partnership will initially offer an alternative payment option to the global commercial airline community.

“UATP continues to expand its partnerships into alternative forms of payment with HomeATM, utilizing UATP’s existing connections with the airlines to offer a new form of payment option for consumer use,” said Ralph Kaiser president and CEO, UATP.

“UATP’s goal is to maximize the usage of the network infrastructure and offer to the buying-public the options of payment that they are looking for.”

Addressing the consumer need for online debit card processing abilities, HomeATM developed a secure PIN debit and PIN credit card (as card present) transaction method via the internet; the growing preferred method of payment for consumers and merchants alike.

HomeATM’s unique system utilizes state of the art technology and the HomeATM swipe pad to allow users to conduct secure, PIN-based transactions ensuring virtually zero fraud and with significantly lower merchant processing fee costs.

“Through this partnership, airlines will be able to address the growing demand for alternative forms of payment, significantly reduce their cost and offer the buyer side 99-Sigma security”, said Mitchell Cobrin, chief operating officer, HomeATM.

“Our motivation for aligning with UATP was to extend this most timely payment process to as wide a swath of the travel sector in as short a lead time as possible. Now that it is done, HomeATM will gain speed to market by offering a quasi Plug and Play solution to commercial airlines globally. We could not be more pleased.”

Functionally, HomeATM mirrors brick and mortar POS transaction processes and is the first player in the e-payment space to bring PIN – or dually authenticated – debit to the web environment. In addition - through its PinMyCard technology and with an eye to increasing the security of sensitive buyer data and lowering merchant processing, fraud and reserve costs - HomeATM will be offering airline clients the capability of generating a PIN for use with their credit cards.

For more information, visit http://uatp.com or www.homeatm.net

About UATP

UATP accounts are accepted as a form of payment for corporate business travel by airlines and travel agencies worldwide. UATP accounts are issued by: Aer Lingus, Air New Zealand, American Airlines (NYSE: AMR), Austrian Airlines, Continental Airlines (NYSE: CAL), Delta Air Lines (NYSE:DAL), Japan Airlines (Pink sheets: JALSY.PK), Northwest Airlines (NYSE: NWA), Qantas Airways, Ltd., United Airlines (Nasdaq: UAUA), and US Airways (NYSE:LCC). AirPlus International issues the UATP-based Company Account for: British Airways (Pink sheets:Bairy.pk), Continental Airlines (NYSE: CAL), and Lufthansa German Airlines.


About HomeATM:

HomeATM is the owner of a global patent covering PIN-debit card and PIN-credit card authentication in a browser environment and of patent pending solutions for both a 2nd generation iteration aiming to turn any Internet-enabled device into a fully secured, bank “standard” transaction device as well as a PIN-based dual-authentication conversion process for traditional credit and charge cards, aspiring to be a significant player in online financial services,payment solutions and remittance.

HomeATM Featured in The GreenSheet

Homing in on e-commerce

HomeATM Payments creates innovative solutions for processing secure debit and credit card transactions on the Web. You may wonder why this is newsworthy. After all, many companies process transactions online. HomeATM has a twist: It processes all transactions as card present.

Yes, you read that correctly.

With HomeATM, consumers make e-commerce purchases using their ATM or credit cards, and payments are processed as PIN debit transactions. HomeATM Chief Operating Officer Mitchell Cobrin said the company's mission is to "expand current payment options on the Web by enabling consumers to use their debit/bank ATM cards, a growing payment option of choice."

The company was founded in 2002 by a group of payment industry experts and Internet entrepreneurs. It recently switched headquarters from Chicago to Montreal, and its 25 employees are spread among offices in Chicago, Montreal and Hong Kong.

While HomeATM is just four years old, its founders have more than 40 years of combined experience introducing e-commerce solutions. Among them, they have more than 30 patents.

After three years of research and development and spending more than $3 million, HomeATM owns one patent and has six more pending. They all pertain to innovations in payment processing and encryption.

"HomeATM owns the worldwide patent for PIN debit or credit transacted through a Web browser," Cobrin said. "We are capable of enabling e-consumers to use their PIN debit/bank ATM card from the comforts of their home with participating merchants. We will defend our patent and pursue infringers.

The HomeATM process requires only a computer, a HomeATM ScanPad and an ATM/debit card. No registration or enrollment is needed. To deploy, a consumer simply connects a ScanPad to a computer, swipes an ATM card and enters a PIN. That's it.

"Our bank-level secure technology operates via a USB peripheral and offers the consumer dual authentication," Cobrin said. The plug-and-play devices are supplied to merchants at cost. Merchants then give the devices to their customers, free of charge.

Merchants determine which clients receive devices. For example, a merchant may decide any consumer who spends a certain amount of money within a given time deserves the device.

Cobrin realizes some consumers may resist changing their online purchasing habits. For them, merchants can offer incentives. For instance, an airline may offer three miles for every dollar spent with the device, rather than the standard one mile for every dollar spent using other payment methods.

HomeATM does not seek to profit from equipment sales. Rather, it wants to get the ScanPad into the hands of end users. The situation is analogous to cell phone service or satellite television subscriptions. In these models, the hardware is typically provided at no cost to the consumer. The provider earns profits on the use of the service.

The company is also beta testing PIN-entry software that has the same capabilities as the ScanPad. But Cobrin noted its release is not imminent. HomeATM continues to collaborate on development with processors and banks.

Speedy, safe and profitable

HomeATM's target merchants have large, recurring client bases. Cobrin said it is advantageous for these merchants to convert consumers from card not present credit transactions to PIN debit transactions because there is less risk.

"We guarantee 100% payment in real time with no chargebacks or reserves," he said. The company is able to make this guarantee because PIN debit transactions take place in real time. "When the transaction occurs, the funds are set aside at the issuing bank. Those funds settle at 3:00 a.m. Eastern Time that night. No chargebacks," he added.

Cobrin also pointed out that PIN debit transactions are more cost effective: HomeATM can often save merchants 100 to 150 basis points.

"Debit is a cheaper transaction on the whole," he said. "The rates across the board in the debit world are less. With debit we have a point of sale rate that allows us to pass the savings on to the merchant."

Merchants also benefit from the system's flexibility. They can use any processor because the HomeATM software works with all existing debit and credit networks.

Another attractive feature of HomeATM transactions is their security. Transaction information is not entered into merchant databases. It doesn't even go to merchants; it goes directly to consumers' banks. Therefore, the risk of consumer data remaining on merchant servers is eliminated.

Additionally, all customer data is encrypted in the ScanPad's PIN pad before it even reaches the computer. The card data is never visible, eliminating the risk of theft due to phishing, key logging and other criminal tactics.

Consumers can even use this technology to send funds person to person by simply swiping their bankcards. The intended recipients can retrieve the money from any ATM worldwide, or use it for POS transactions at any merchant who accepts debit cards.

When asked if PayPal is a competitor, Cobrin said, "It can be a friend or foe. HomeATM can be an instrument to load a PayPal wallet, or it can be a direct competitor at the checkout. We can do everything PayPal can and a whole lot more. And our rates are much more advantageous."

Good news all around

HomeATM is good news for consumers who want to use their ATM cards online. It is good news for merchants who want access to that market. And it is good news for ISOs and merchant level salespeople (MLSs) because HomeATM is interested in forming relationships with the ISO and MLS community.

"We are a dexterous and nimble company eager to add ISOs, MLSs and merchants, and we are open-minded to strategic relationships and partnerships," Cobrin said. The company uses hybrid buy rates and offers agents commissions and residuals.

HomeATM already has several established relationships with agents around the world. "We are a company that offers a lot of support and collaboration to our ISO/MLS agents throughout the sales, integration and customer care processes," he said. "We view these organizations as partners; our success relies on their success."

The company is interested in working with ISOs that are sector-based and have expertise and contacts in industries such as e-commerce, travel and hospitality.

"We want to align ourselves with companies who have established relationships with appropriate e-merchants who fit our markets," Cobrin said. "Costco.com, walmart.com, dell.com and so on - those are the people we envision doing business with."

Tapping new markets

ISOs and MLSs choosing to add HomeATM to their merchant offerings will be able to help their customers access consumers who have previously been out of reach.

E-commerce security is an ongoing and growing concern. And, debit is the largest growing transaction method. Both of these factors contribute to an environment ripe for an effective PIN debit e-commerce solution.

"There is a huge market of people who don't use credit, and there is a huge part of the market who are petrified to put their data into a Web browser," Cobrin said.

Not only can HomeATM help ISOs and merchants reach the debit community, it can help them reach the credit community and other profit areas.

"Debit can be a conduit to grow sales," Cobrin said. "It is generating sales growth potential. Even micro payments are an opportunity. Because of our cost system, we can make it affordable."

HomeATM can also process credit cards: The HomeATM device is chip-and-PIN-ready. And when a credit card is swiped using HomeATM's device, track 2 data is captured.

"We can still do credit better than anyone can do remotely," Cobrin said. "From a chargeback, repudiation and fraud consideration, capturing track 2 data is nonexistent from home" with other providers.

HomeATM's focus is to make payments easy for all parties. It can work with any industry in any region. The company's process is compatible with all banks and acquirers.

"Since we are technology-centric and bank-agnostic, we are flexible to integrate and work with an unlimited amount of processors and banks," Cobrin said. "We are happy to work with our clients' processors and acquirers."

Of particular interest to merchants, HomeATM custom designs programs to accommodate each industry's challenges. This honors HomeATM's commitment to flexibility and ease of use and is another selling point for ISOs and MLSs.

"Our solution can be applied to every industry including person-to-person money transfers, travel, MLM, taxation, parking meters, airlines, car rentals, hotels, tour operators and so forth," Cobrin said. "When it comes to PIN debit over the Internet, there is only one place to go, and that's with our worldwide patented technology."