Stolen Card Info Plummets to $2.50 in Black Market

Prices for stolen information plummet > Identity > Breaches & Exposures > News > SC Magazine Australia/NZ

Prices for stolen information plummet

By Dan Raywood
Oct 10, 2008 9:48 AM

The black-market price for stolen credit and debit card details has dropped to as little as US $1.50, according to a newspaper investigation.

In an investigation by the Sydney Morning Herald, it was found that that almost anyone on the internet can buy stolen payment card details for as little as US $1.50 (for Australian details), and US $2.50 American and English cardholder information.

For credit card accounts in Britain and the United States, the cybercriminal salesmen claim to be able to bypass some of the latest anti-fraud protection, including Verified by Visa. And free samples of the stolen data are available, although key information is kept hidden to preserve its resale value.

The hackers also offer a surprising level of detail about their victims, such as a customer's bank account number, mother's maiden name, Social Security number, date of birth, driver's license number, as well as answers to security questions.

Yuval Ben-Itzhak, chief technology officer with Finjan, said: “Our research team spotted this not inconsiderable trade in stolen payment card data back in the late spring...At that time, however, the going rate was around US $15 a pop, so the rate has clearly fallen, perhaps because of the glut of this kind of data being sold on the internet.”

Related articles by Zemanta

• What Happens To E-Commerce When Credit Cards Don't Work?
• Credit card processors finally get clue, will ban WEP
• How 'carders' trade your stolen personal info
• Convenience and Security Boost Payment Card Industry
• Payment Card Reporting = Bad Idea?

Should Companies Interact with Consumers on Social Networks?

Image via CrunchBase

Consumers Await on Social Networks - eMarketer

Consumers Await on Social Networks
OCTOBER 10, 2008

Befriended and poked by companies

Nearly six out of 10 Americans who use social media interact with companies on social media Websites, according to a September 2008 study by conducted by Opinion Research Corporation for Cone.

The researchers found 85% of social media users thought companies should interact with their consumers through social media, at least when needed.

“Americans are eager to deepen their brand relationships through social media,” said Mike Hollywood, director of new media at Cone, in a statement. “It isn’t an intrusion into their lives, but rather a welcome channel for discussion.”

Extent that Companies Should Have a Presence in Social Media* According to US Adult Social Media Users, by Gender, September 2008 (% of respondents in each group)

Cone is a brand marketer that counts social networking among its capabilities, so its enthusiasm is understandable. But a growing number of retail e-commerce companies agree, judging by an August 2008 study conducted by Vovici Corporation for Internet Retailer.

Nearly four out of 10 online merchants surveyed used social networks. Of those, nearly one-third said they had a page on Facebook, and more than one-quarter said they used each of MySpace and YouTube.

Social Networking Sites on Which US Online Retailers Maintain a Page, August 2008 (% of respondents)

Related articles by Zemanta

• When retailers and consumers move into social media, news should surely follow
• Do Americans want companies to have more social (media)?
• Social Media and Shopping: A Growing Trend

Zopa Says Nopa to US Operation

Zopa to Close U.S. Operation

Zopa's U.S. social deposit/lending site will be shuttered, just 10 months after its launch The site, which delivered loan applications and CD customers to six credit union partners, apparently was closed by Zopa. At this point the exact reason is unclear, Zopa blamed the U.S. credit situation and said it wanted to concentrate its efforts in other markets.  Live long and Prosper...

This from Zopa's Blog:

Zopa blog - Zopa U.S.

You probably know that Zopa’s US operation has a very different model to that in the UK and Italy in that it works in partnership with financial institutions (the credit unions) rather than being a pure peer to peer marketplace as it is here and in Italy.

So while our model is doing very well in current market conditions, the US has been adversely affected in a way that just couldn’t have been predicted when we launched int he US and is no way the fault of our partners. For us, a real shame is that we weren’t able to launch the original model over there for regulatory reasons.

So, sadly, our US colleagues have decided to withdraw from the US marketplace. This decision will have no impact on Zopa’s other activities in the UK, Italy and Asia.

Zopa’s UK operation has experienced significant volume increases in 2008 with huge growth in new members and increasing lender returns, while continuing to maintain excellent credit quality – currently less than 0.5% of loans are affected by any kind of late payment issue, with actual losses below 0.04%.
Zopa Italy has also achieved the highest growth of any European peer-to-peer operation since its launch in January, and has recently launched the first secondary market for any peer-to-peer operation.

Zopa’s US customers’ deposit accounts continue to be insured by the NCUA up to $250,000, and servicing of those accounts as well as the loans will be assumed by the credit unions within 90 days.

Zopa looks forward to continuing to develop and expand its operation worldwide as it continues to offer investors a safe return on their investments and a better deal for borrowers, and remains optimistic that it can return to the US market when conditions permit.

We’d like to thank our US colleagues for their hard work, dedication and the oustanding service they have provided for their customers. I’m sure you’ll join us in wishing them the very best.

India ePayments to Grow 70% within 2 Years

Image via Wikipedia

The Green Sheet 2.0 :: Newswire

Bangalore, India, Oct. 8, 2008

Payments in India Going e-Way
Report Published by Celent

At a rapid pace, the Indian payments system is transforming from paper to electronic. The retail e-payments market is likely to grow nearly 70 percent in the next two years. The value of retail e-payments should reach US$150 billion to $180 billion by 2010.

Increasing awareness and adaptability of various electronic channels has resulted in 60 percent growth in Indian e-payments over the last three years. A new Celent report, Payments in India Going e-Way , examines the constant innovation, adoption, and implementation of electronic mechanisms in the Indian payments system. Although the system is still dominated by paper-based transactions, there is great potential for a transition to electronic payments. Electronic transactions currently account for just 37 percent of total payments by volume. However, over 75 percent of payment value is electronic.

"The payment system in India has seen unmatched growth since the inception of electronic payment mechanisms," says Prathima Rajan , analyst at Celent and author of the report. "The introduction of various kinds of payment mechanisms into the retail payments space has ensured more timely and efficient completion of financial transactions," she adds.

With the growth of e-payments has come the increased usage of plastic payment cards. India has been one of the fastest growing countries for payment cards in the Asia-Pacific region. The country currently has approximately 130 million cards (both debit and credit) in circulation. Celent estimates that the number of cards in circulation will hit 210 million by 2010, with 169 million coming from debit cards and about 40 million from credit cards. However, credit cards will overtake debit cards in terms of transaction value as customers continue to use credit cards for purchases and bill payments.

This report analyses the payment patterns of Indian customers and looks at the potential for growth in the number of e-payment transactions. The report highlights the value proposition of banks outsourcing payment processing to various third party vendors. It also looks at the latest electronic payment mechanisms, such as card-based payments (smart cards and contactless cards), online payments, m-payments, POS terminals, etc. The report evaluates the market share of various players, including banks, non-banks, and other third party vendors in terms of payment processing, and profiles three major third party payment vendors.

About Celent

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally experienced analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is part of Marsh & McLennan Companies [NYSE: MMC].


Source: Company press release.

Related articles by Zemanta

• India - Debit,Credit a Hit/Scores Big - RBI
• Convenience and Security Boost Payment Card Industry
• 2008 Debit Issuer Study Released by Pulse
• HomeATM Transactions...Eminently More Secure than Bricks and Mortar
• Credit Card Fees Squeezing Profits? Switch to PIN Debit

Chinese SME Business eCommerce Adoption Grows 45%

Image via Wikipedia

200,000 Chinese small, midsize businesses to adopt e-commerce in 2008, up 45 percent

Industry analysts claim that the number of small and midsize businesses across China is to grow by over 45 percent, from 135,000 in 2007 to 200,000 by the end of 2008.  By 2010, this number is expected to hit 370,000. The analysts only take e-commerce activities executed by businesses that have offline stores as well. For companies that are entirely focused on e-commerce, they predict a growth in business by 4 percent over 2007.

The small businesses use the Internet as a marketing medium and have succeeded in incorporating e-commerce features including online shopping, e-payment gateways and web-surveys to improve customer relationship management, according to analysts at Access Markets International Partners China.

According to a Mastercard study, new markets such as China have brought a significant contribution to an increase in online shopping payments, due to the rising upper-middle income urban elite demographic.

Related articles by Zemanta

• China and the Internet
• China is Waiting - Online!

27% of Lost Online Business ReCoupable with Coupons

Online retailers in danger of losing 27 percent of online business by not offering coupons

Online stores that do not provide online coupons as a payment method for US online buyers find themselves at risk of losing 27 percent of their business.

More than half (51 percent) of US online customers have expressed their intention to change spending habits as a result of the crisis in the economical sector. Of these, 9 out of 10 have made plans to spend less on gifts during this year's holiday season, as compared with the same period of 2007. In terms of strategies to be adopted by online customers in order to spend less, 35 percent mentioned the use of coupons. 16 percent of respondents have declared that they will buy a certain product only if they can find a coupon.

The study also indicates that offering coupons can be a successful strategy to be adopted by online retailers in order to attract customers. 67 percent of those involved in the study believe that coupons can drive customer loyalty, while three out of four US online customers are inclined to visit again a store that offers coupons.

Almost 72 percent of online adults are likely to visit a new store if the latter offers them the possibility of using a coupon. In case they do not find a coupon which is available for a certain purchase for an online store, 20 percent have stated that they will choose another store that offers coupons as well as the same product, while 8 percent will prefer to wait for an available coupon to purchase that item. According to the study, the most popular items among online shoppers are books (mentioned by 71 percent of respondents). 62 percent of online shoppers have referred to music, 55 percent electronics and 53 percent gift certificates.

The Online Shopping survey was conducted by market research firm Harris Interactive and commissioned by RetailMeNot.com.

Related articles by Zemanta

• High Gas Prices to "Drive" More Shoppers Online
• Online Couponing Up 56% During Weak Economy, High Energy Prices

I Came, I Saw, I Clicked...

YouTube to enter e-commerce arena by adding 'click-to-buy' feature

In a move to monetize its popularity, the video sharing website YouTube is introducing the 'click-to-buy' option for users interested in purchasing goods and content related to the videos they are watching.

As part of this initiative, YouTube is to allow retailers to insert buttons below videos on its website which allow users to connect to Apple’s iTunes music store, Amazon’s shopping portal, or computing game publisher Electronic Arts to buy music and video games. The retail links are currently only available in the US.  YouTube plans to use this e-commerce service to sell music, films, TV shows, video games, books, concert tickets and other media-related products to generate additional revenue for both itself and companies placing videos on the website.

Industry analysts at research firm Piper Jaffray Research estimate that the video website could earn about USD 200 million in revenue in 2009, as compared with nearly USD 27 billion predicted for Google. ComScore reports that YouTube registered 330 million visitors in August 2008. In 2006, Google paid  $1.7 billion for the acquisition of YouTube. 

Related articles by Zemanta

• YouTube to sell music and games
• YouTube videos gain links to iTunes store
• YouTube wants to sell you games
• YouTube still looking for dollars: Adds ecommerce button to videos
• YouTube Unveils Click-to-Buy
• YouTube to Sell Music, Movies
• YouTube Adding Amazon, iTunes Download Links
• Click-to-buy links for songs, games added to YouTube
• YouTube Links to Online Music Stores
• Still Searching For A Video Business Model, Google Introduces The YouTubevertorial

12% of Online Buyers Have Been Victmized by Hacksters

12 percent of online buyers have fallen victim of fraud or identity theft

According to a study, one in ten shoppers (12 percent) claim their personal information has been stolen and used for online shopping in their name without their knowledge. 50 percent of respondents became aware of the situation by themselves, while 43 percent found out about the fraud from their bank or card provider and 7 percent were informed by the retailer. 93 percent of those involved in the study have succeeded in reclaiming the money.

In terms of customers' concerns regarding their online shopping experience, security is still an issue. 67 percent of customers who do not shop online have claimed that they have not made an online purchase yet because they favour a brick-and-mortar store, while 33 percent have not done so because of the fears related to the (lack of) security that online payment methods offer.

17 percent have more confidence in the safety of online shopping than they did a year ago, while 8 percent claim the contrary. When asked about whether the security measures that have already been adopted are adequate, 27 percent gave a negative answer. 25 percent consider that retailers should be held responsible for the security of online shopping, 18 percent mentioned banks, 8 percent referred to internet service providers and 7 percent the Government.

The study of 2,270 households was conducted by GfK.

Related articles by Zemanta

• 10 Tips to Secure Online Shopping
• Smarten up on Internet Shopping, Advises PMIdentity
• Baidu Launched Shopping Mall

GreenSense - Go Green on our Dime

Charter One Bank, the fourth-largest bank in Greater Cleveland, is launching a new rewards program that pays customers 10 cents for each transaction done electronically -- meaning not with paper.

The bank's GreenSense is aimed at helping the environment and attracting and retaining customers.

The initiative is similar to other banks' rewards programs and Charter One's existing program. The big difference is that GreenSense pays cash directly into customers' accounts, and it's aimed at promoting only electronic transactions. The program is voluntary.

Charter One plans to offset the expense of paying customers cash rewards by reducing paper statements it mails out, said spokeswoman Carrie Carpenter. Only about 10 percent of Charter One's customers with checking, savings or money market accounts currently receive statements electronically.

Most banks with rewards limit cash perks to debit card transactions only, or award points that can be redeemed for merchandise or gift cards.

National City, for example, in early 2006 launched a groundbreaking program that rewarded customers with points every time they wrote a check, made an online payment, used a small-business credit line or did other routine business with the bank. Citibank also awards points for having multiple types of accounts or services, such as direct deposit or online bill payment.

Charter One rolled out its first rewards program in 2000, before online banking took off, and revamped it in early 2007.  Charter One caps rewards at $10 per month, or $120 per year. The money is deposited into customer accounts monthly.

Transactions that qualify are debit card purchases, online bill payments and recurring payments scheduled through the bank.  Customers aren't rewarded for writing checks because "that's not saving the environment," Carpenter said.

Charter One estimates that a million customers will enroll. If each normally makes 10 transactions a month and does them electronically instead of with paper, that would save 700,000 pounds of paper and 7 million gallons of water in one year, Carpenter said.

Related articles by Zemanta

• 40 Billion Debit Transactions by 2010...Doubling that of 2005
• Are Wachovia Credit Card Rewards Points Safe?
• BMO cuts ABM withdrawal limit to $500 to combat debit-card fraud
• edo Baits Millennials with Prepaid 'P2P' Cash Card

Will Card Fraud Take Quantum Leap?

How quantum key technology may prevent online card fraud | Technology | The Guardian

The solace of quantum key technology

Encryption based on the fragility of quantum states could be used to protect consumers from card fraud

* Christine Evans-Pughe  * The Guardian, Thursday October 9 2008

If a fraudster copies the numbers from your bank debit or credit cards, there's little to stop them going on a shopping spree online. This kind of fraud - known as card-not-present (CNP)- exceeded £290m in the UK last year and is a growing problem. It could also be one of the first consumer applications to benefit from quantum key distribution.

Quantum key distribution - or QKD for short - exploits the quantum mechanical properties of light particles (photons) to generate secret keys (strings of random numbers) that can be shared between two parties (for example, you and your bank) and used to encrypt data to safeguard it from snoopers. Typically, QKD systems transmit a stream of differently oriented photons to represent 1s and 0s through an optical fibre or a free space link. The snooper-proofing is intrinsic due to the fragility of quantum states: if you try to measure them they collapse, which is a marker for tampering, alerting the legitimate users to the presence of an eavesdropper.

Can you keep a secret?

Using quantum keys to encrypt data is at present only of interest to banks, governments and defense organizations which might need to move lots of confidential information securely between sites. But a demonstration in Vienna this week takes the technology to a different level, by integrating quantum key distribution into a standard communications network.

The event will show VoIP, videoconferencing and web services encrypted with constantly refreshed quantum keys. It will also include a prototype solution to card-not-present fraud, developed by Professor John Rarity from the University of Bristol and Hewlett Packard Research Labs.

The idea is that we would fill up our mobile phones or similar handheld devices with secrets (random strings of digits) at a quantum ATM. During online transactions, we would gradually consume this personal stash of secrets to encrypt information, such as our PIN, or to authenticate ourselves.

"The quantum part gives you the promise that when you've topped up your secrets, only you and your service provider own this particular random digit string," says Tim Spiller of HP. "If you're doing an internet transaction, you send the merchant however many secret bits is deemed to be secure. The merchant sends them on to Visa, say, who checks they're OK and if so authenticates the transaction."

The Vienna event is the culmination of a four-year EU project called SECOQC (Secure Communication based on Quantum Cryptography) to bring QKD technology to the mainstream. The SECOQC partners - who are now defining a European technical standard - include Siemens, Toshiba, Hewlett Packard, ID Quantique, Thales and Qinetiq as well as leading quantum scientists.

For the demo, Siemens has installed seven quantum key links into a standard metropolitan fiber-optic communications network that runs around Vienna and connects several of its sites. The network has been successfully running in test mode for several weeks now, according to Wolfgang Richter of Siemens.

Quantum keys won't be able to encrypt data traffic in real-world networks until standards have been finalized. However, SECOQC project leader Christian Monyk is optimistic. " We could produce it in six months."

When (or if) consumers enter the picture is difficult to predict. Rarity and HP's technology is "on the banks' radars", according to Spiller. But the point about their system is that it's potentially very cheap. HP's vision is that mobile phones could easily include half a short-range QKD system (which they say can be built from some standard LEDS and a low-cost integrated optical circuit). "Getting that into the market would depend on demand but five years is reasonable," says Spiller.

No hiccups

Meanwhile, quantum cryptography is gaining interest. Last year, ID Quantique's simple point-to-point quantum key distribution technology was used to guarantee the security of votes cast in Geneva during the Swiss general election. This summer, the defence and security company Qinetiq has been doing trials in London with network operator AboveNet, which provides fibre-optic connections for businesses. "We've done some experiments sending polarised photons through part of their network," says Dr Brian Lowans of Qinetiq. "We didn't have any hiccups."

Related articles by Zemanta

• How quantum key technology may prevent online card fraud
• UK crypto boffins turbo-charge quantum cryptography
• 'Unbreakable' encryption unveiled
• EU scientists launch new, 'unbreakable' encryption system

More on the Alternative Payments Threat to V/MC Duopoly

Card brands, issuers to lose USD 345 million in volume in 2010 in favor of alternative payments

A study focusing on the market value gained by alternative payments indicates that these type of payments threaten to take away almost $345 million in potential transactions from card brands and issuers by 2010. This volume is expected to grow to $1.7 billion by 2015.

Presently, alternative payments represent 15 percent of the total e-commerce volume. Nevertheless, they could become a threat to traditional payment methods by making higher value proposition to buyers and they are already focusing on offering higher value than payment cards, the study suggests. Despite their dominance and wide acceptance, payment cards have serious weaknesses. The most important one is security, since 40 percent of consumers are reticent when it comes to revealing credit card information on the internet.

The study also reveals that every time a bank account is debited via ACH instead of a card, the card industry loses from 1.5 to 2.4 percent of the transaction size.

The 'Alternative Realities: The Commoditization and Allure of Alternative Payments' study was conducted by Celent.

Related articles by Zemanta

• What Happens To E-Commerce When Credit Cards Don't Work?
• Pumping Gas Just Got Much Riskier - MSNBC
• Alternative Payments Growing Threat to Cards - Bank Technology News
• Alternative Payments from Bankers?
• PayPal rival details fees for launch on eBay

Pumping Gas Just Got Much Riskier - MSNBC

I've been blogging about the dangers of paying at the pump for a long time.  The security of the card readers leave much to be desired.  Frankly, a decent hacker wouldn't even need a skimming device,..that's for the amateurs.  Even  when you're not being skimmed by hackers, the banks are putting a hold on your account for up to $100, many times resulting in overdraft charges.  ALWAYS pay inside using your PIN, it's a real-time transaction, eliminating overdraft charges and significantly reducing the likelihood of falling victim to a skimscam.  For more on the subject of skimming, take a look at "related articles" located at the bottom of this post: 

Beware of debit card skimmers - ConsumerMan - MSNBC.com

Secret Service, police warn of 'well-organized' debit card skimmers
By Herb Weisbaum
MSNBC
updated 9:37 a.m. MT, Wed., Oct. 8, 2008

Becki Turner got the call from her bank’s fraud department on Labor Day. The investigator wanted to know if she had withdrawn $500 from an ATM in California over the holiday weekend. She hadn’t. She couldn’t. Turner was home in Puyallup, Wash.

“I was just flabbergasted,” she says. “I had the card with me, the ATM was in another state, and the person using the machine had to have my security code.” Turner worried crooks had gotten into the banking system and stolen her password.

It wasn’t anything that complicated. Puyallup police say thieves snagged her account information — along with the debit card numbers and PIN codes of hundreds of other people — at two gas stations in the area.

They did it by installing their own hard-to-spot card reader, called a skimmer, on top of the card reader built into the pump. The skimmer is able to grab the account information from the card without interfering with the legitimate payment transaction.

The crooks used the stolen data to create (or clone) fake debit cards that were used at ATMs in Washington State over the Fourth of July weekend and in Northern California on Labor Day weekend. The bad guys like three-day holidays because it gives them more time to use the cards before the unauthorized withdrawals are spotted.

“We are looking at a sophisticated, very well-organized group of individuals,” says Detective Jason Visnaw with the Puyallup Police Department. When all the victims from these two incidents are identified, the total loss could reach half a million dollars.

Why steal debit card numbers? “With a credit card you have to go and buy merchandise and then you have to fence it or pawn it,” Det. Visnaw explains. “With a debit card, you’re getting cash money.”

This is not an isolated case. Gas pumps are being compromised in cities across the country. “We don’t view it as an epidemic, but there are cases open in at least a half dozen states right now,” says Ed Donovan, spokesman for the U.S. Secret Service. These investigations are underway in California, Nevada, Pennsylvania, Delaware and Washington.

Donovan tells me the Secret Service believes some of these crimes are inside jobs, involving someone at the service station.

Gas pumps are just the latest target
Skimming credit cards and debit cards is not new. Portable card readers make it possible for anyone to copy the information stored on a card’s magnetic stripe. This information is not encrypted so it’s easy to steal.

“You just run it through the skimmer and it has all the information right there in plain text,” says former White House cyber security advisor Howard Schmidt. “It’s very easy to imprint that data on another magnetic strip and use it somewhere else.”

The first skimming cases were reported at restaurants and stores where dishonest employees ran cards through their reader before ringing up the sale. As technology improved, the bad guys developed skimmers for ATMs. Now they’ve added gas pumps.

The skimmers are designed to slip over the real card reader. They can be hard to spot. And quite frankly, most of us would never look for something like this anyway. We want to pay and go.

So how do they get your PIN number? They can hide a little camera in the skimmer or on the pump. It shows your fingers as you type in the number.

There are also fake keypads that slip over the real keypad that can transmit the PIN code as you enter it.

In Las Vegas, police have discovered even more sophisticated technology – wireless transmitters installed inside the pump. “They can actually sit in the parking lot with a laptop and get real-time information as victims use their card,” explains Lt. Robert Sebby of the Las Vegas Metropolitan Police Department. Because there’s nothing on the outside of the pump, there’s no way you can tell the pump is compromised.

Not a safe way to pay
Nancy and Jim Tew no longer use their debit cards to pay at the pump — and for good reason. They both had their debit card numbers stolen at one of those gas stations in Puyallup, Wash.

Nancy Tew found out about the theft when her card was rejected at the grocery store. “To my astonishment, I had no money in the bank,” she said.

The thieves used her account number at ATMs in Hollywood, Calif., to steal $600. They got $900 from her husband’s checking account. She tells me it was “totally bizarre and really scary” to be targeted like that and not even know it.

The Tews now pay for their gas — with cash or debit card — at the register. That may sound paranoid, but other victims of this skimming attack tell me they now do the same thing.

Police in Puyallup and Las Vegas now advise residents not to use their debit card at a gas pump because there’s no way to be sure it hasn’t been tampered with.

That’s smart advice and here’s why. Debit cards do not offer the same fraud protection as credit cards. If crook armed with a skimmer snags your credit card number and uses it to buy things, you can dispute the charges with the credit card company. You won’t owe a thing while they investigate.

If the crook grabs your debit card number, he can go to a cash machine and pull money out of your checking account. It could take days for the bank to investigate and put that money back into your account. During that time checks could bounce or you might not be able to pay your bills. That’s why the only way I pay at the pump is with a credit card.

© 2008 MSNBC Interactive

URL: http://www.msnbc.msn.com/id/27085818/

Related articles 

• Credit, Debit Card Fraud and Skimming Cases Rise
• More on the "WarDriving 11" and their 40 Million Card Data Theft
• 6 Tips to Avoid Becoming a Skimming Victim
• Criminals hijack terminals to swipe Chip-and-PIN data
• What Happens To E-Commerce When Credit Cards Don't Work?
• Citibank ATM Server Allegedly Hacked, Leading to Cash Machine Crime Spree
• Cost Plus World Breach Spreads to Arizona
• Russian Hack Creates "Rush On" Changing PIN's in Dubai
• Pumping Gas Just Got Much Riskier - MSNBC

Microsoft Launches SearchPerks to Compliment Live's CashBack

Microsoft Corp. has unveiled another reward program for Internet users who search the web using MSN.com's Live Search. Called "SearchPerks," the program awards points to users each time they use MSN Live for a search.

Points can be redeemed for merchandise, music downloads, airline miles and other rewards.  Participants get 500 points for signing up and can earn up to 25 points per day. 

I have a suggestion..how about 500 points AND a HomeATM Point of Sale Device for signing up  for SearchPerks!  Then their CashBack Live Search partners can save even more money when  their goods are purchased using the more secure HomeATM PIN Debit platform.  Yeah...that's the ticket!

Essentially Microsoft is taking the "point system" used at gas stations and airports that gets cardholders prizes after they accumulate a certain number of points, and calling them "tickets" instead of "points." Each search on Live.com, MSN.com, Windows Live Hotmail, or Windows Live Messenger, is worth a ticket. Since searching is free, and people are capable of searching many more times in a day than they purchase gas or flight tickets, the company is limiting the number of tickets that can be earned in a day to 25.

While Microsoft is giving everyone 500 tickets as a bonus for signing up, the more attractive prizes still take quite a lot of searching to get; an Xbox 360 Wireless Controller costs, for example, 5,500 tickets—200 days of max Live  Search usage.  Among the examples that MSN provides, 525 tickets equal 5 music downloads, 1,800 tickets equal 1,000 airline miles, 1,100 tickets equal a T-shirt, 3,400 tickets equal a cookbook.  Users must sign up before Dec. 31; the promotion ends April 15, 2009.

The new program joins MSN's 4-month-old Cashback initiative, which rewards shoppers with rebates when they start a search through the Live Search Cashback portal. That initiative appears to be enjoying at least limited success, reports Hitwise, an Internet site monitoring and measurement company.

While noting that the Cashback initiative does not appear to have moved the needle on market share vs. other search engines, Hitwise reports that the share of MSN users who go to the Cashback section has increased from 3.75% 11 weeks ago to 6.29% last week.

Hitwise notes that the program may have at least stopped Microsoft's MSN.com Live Search from losing further market share to Google. "Everyone is aware that the share of searches on Google has continued to increase, but over the past three months, the share of searches on MSN"s search properties has remained consistent," says Heather Dougherty, director of research at Hitwise. 55% of MSN Cashback users are women, 22% were 25 to 34 years old and 27% were 35 to 44. Just under one-fifth had annual household incomes over $100,000.

Related articles by Zemanta

• Live Search coming to Blackberry, according to CNET News
• Microsoft to Bring Advertising to Live Search Mobile
• A minor update to Live Search homepage
• OMG! Live Search Cashback is Actually Effective!
• Live Search Cashback may be paying off for Microsoft search
• CashBack in Hard Economic Times? That Works!
• Hitwise: Microsoft Cashback is Working
• Live Search Cashback Increases in Popularity During Economic Downturn

Alternative Payments Growing Threat to Cards - Bank Technology News

Alternative Payments Growing Threat to Cards - 10..2008 - Bank Technology News Article

Talk about piling on. Just as payments industry players were absorbing eBay’s eye-popping $945 billion acquisition of Bill Me Later this week, Celent unleashed a report Tuesday predicting that alternative e-commerce payment schemes threaten to take away up to $1.7 billion in potential transactions from card brands and issuers by 2015.

PayPal, Bill Me Later, Google Checkout and Amazon Payments are the lead mercenaries who will diminish credit cards to under 50 percent of total online transaction volume within two years, compared to more than 60 percent in 2005. Even with rising debit card usage, all card-based volume will be around 70 percent in 2010, according to Celent (down from nearly 80 percent currently).

Despite their dominance and acceptance ubiquity, Celent notes, “payment cards have a number of serious weaknesses.” Chief among them is security, as 40 percent of consumers dislike providing credit card information online, despite new PCI security standards from the card industry and the long-standing zero-liability fraud protections in place for unauthorized transactions. Then there are the merchant irritations with interchange, which have prompted wider e-store adoption of Bill Me Later and Amazon Payments options on checkout pages and encouraged wider use of ACH-based transactions.

What makes many of the alt-payment companies stand out, says Celent, is the role they play in encouraging purchases. Consumers attracted by discount or promotional financing through the preferred payment method, discounts, and—most prominently with Google—closely tying together payment services with marketing opportunities.

“Alternative payments players are starting to differentiate themselves via their ability to induce payments,” wrote senior banking analyst Red Gillen.

“In other words, those players that are likely to succeed and pose the greatest disruptive threat to payment cards are those that have evolved from simply enabling payments to actually creating sales lift.”

Editor's Note: An example would be taking the savings derived from HomeATM's lower PIN Debit interchange rate and applying it towards a loyalty-rewards platform in combination with an existing platform.  By participating in a co-op rewards platform, the offerings to consumers would be more attractive than a single rewards offering.

40 Billion Debit Transactions by 2010...Doubling that of 2005

It's estimated that by 2010, a whopping 40 billion consumer transactions will be completed using debit cards - that's double the number from 2005.

Recognizing that explosive growth, banks are working hard to make money off these transactions. (Translation:  Banks are working hard to devise sneaky, underhanded, non-ethical but legal ways to make money off these transactions) Thus, it's up to consumers to watch out for wayward fees that can make using a debit card an expensive proposition.  5 secrets to smart debit card use

Citibank PIN Code Hackers in Court

When using  HomeATM's patented solution, PIN codes ARE SACROSANCT so we encrypt them from the "very millisecond" they are tapped into the PIN Pad. When processed properly there is NO safer transaction than a PIN based transaction, which is why they boast the lowest interchange rates of all...

Citibank must like shortcuts, because their machines in convenience stores across America were the target of the biggest and most effective remote PIN code theft scam in US banking history about three months ago. And they shouldn't have been.  No excuses.  In addition to bringing the hackers to court, maybe the individual who made the decision to make ATM's easier to breach should be there too.

The Citibank/7-Eleven hack does NOT reflect PIN Debit as a whole.  It relates specifically to Bank ATM machines, more specifically, ATM's that employ a remote diagnostic capability designed to repair them.  (which can also apparently "leak information.")  Details of the fraud have only now been made public, as the case makes its way through the US District Court for the Southern District of New York. 

The following information is from several different articles over the last couple months. Feel free to browse through the "related articles" I've included at the bottom of this post.  Let me begin by explaining why PIN Debit has always enjoyed the lowest Interchange Rates of all the payment mechanisms: The biggest and foremost reason is that...

PIN codes have always been the most closely guarded secrets in banking transactions. They are supposed to be encrypted from the very second they are tapped into a keypad.  Until recently, it was virtually impossible to get at them without physically looking over someone’s shoulder as they punched in their digits to withdraw money. I've posted many times here about  scams involving strategically placed mirrors or tiny video cameras have become something of a common threat for banks.  That's enough to be concerned about.  Here's more than enough...


"Technology for ATM's has changed over the past few years. The infrastructure is now built on Microsoft’s Windows operating system, and the ATM cash machines themselves can be remotely diagnosed and repaired online.  Unfortunately, this means that PIN codes have started to “leak” along the way — suggesting that industry guidelines on encryption are not always being followed."  Here's the part where you can say: "Well that's just great.  In order to save the expense of sending out an ATM Repair Man, they put everybody's checking and savings account at risk" (and play with /tarnish the reputation of PIN Debit in the marketplace, I might add.)   What is Citibank thinking?  And they're one of the "survivors" of this banking fiasco?

“PINs were supposed be sacrosanct,” says Avivah Litan, a distinguished security analyst with the Gartner research firm. “What this shows is that PINs aren’t always encrypted like they’re supposed to be. The banks need much better fraud detection systems and much better authentication.”

ATM fraud is growing exponentially. I've posted several times about this in the recent past, including fraudsters setting up fake keyboards and mini-camera's to glean PINs — or PIN codes that have been obtained through “phishing” scams.   According to one article, it is not clear how many Citibank customers were affected by the hackers. The bank has nearly 5,700 Citibank-branded cash machines inside 7-Eleven stores, but it does not own or operate any of them. The maintenance of the machines is carried out by two companies: Cardtronics, based in Texas, and Fiserve, based in Wisconsin.

The alleged hackers — Yuriy Rakushchynets, Ivan Biltse and Angelina Kitaeva — are accused of stealing at least $2 million through the PIN scam and have been indicted on two counts each of conspiracy and fraud. It is thought that a much larger sum of money might have already been transferred to Russian bank accounts — and there are suggestions that the actual hacking was performed by another party, with the defendants simply using second-hand information to make cash withdrawals. The wording of the indictment against them is vague.

The ring-leader of the three suspects is Mr Rakushchynets, a 32-year-old Ukrainian and a regular contributor to underground online credit card fraud forums. When he was arrested by the FBI — he was already under investigation for his suspected role in a separate $5 million hacking scam — agents found $800,000 of cash at his Brooklyn home, most of it stuffed into rubbish bags.

It remains unknown or at least undisclosed, exactly how the hackers infiltrated the closely guarded computer network, although it has been confirmed that they broke in through a server at a third-party processing company.   Once they obtained the PIN codes, the hackers could then simply make card clones (See my post and a video on how easy it is to clone a card:  "Card Cloning Quickly Becoming a Global Affair")  and use them to withdraw funds from compromised accounts at virtually any cash machine in the country.

Don Jackson, director of threat intelligence for the computer security company SecureWorks, said he had seen an “alarming” spike in the number of attacks on back-end computers for cash machine networks over the past year. “What makes this case unique is the sheer luck of happening upon these guys and catching them red-handed,” he said. “But there are a whole lot of other and PIN compromises going on that aren’t reported.”

Citibank has declined to comment on the details of the case, saying only that it has notified affected customers and issued them with new debit cards. “We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts,” it said in a statement. Cardtronics has said it is co-operating with authorities, while Fiserv insists the intrusion did not happen on any of its servers.

“Fiserv is confident in the integrity and security of our system,” said a spokeswoman.

Related articles Compiled by the HomeATM Blog

• Hackers Steal PINs From Citibank ATMs
• Citibank ATM breach exposes PIN security flaws
• Citibank ATM Pin Numbers Hacked
• Citibank ATM Server Allegedly Hacked, Leading to Cash Machine Crime Spree
• 6 Tips to Avoid Becoming a Skimming Victim
• Citibank debit card fraud highlights ATM vulnerabilities
• Citibank Replaces Some ATM Cards After Online PIN Heist
• Russian Hack Creates "Rush On" Changing PIN's in Dubai
• Credit, Debit Card Fraud and Skimming Cases Rise
• Digital thieves steal millions from Citibank customers
• Business Briefing | Legal: Suspect Pleads Guilty in Credit Card Theft

Credit Card Fees Squeezing Profits? Switch to PIN Debit

Credit-card fees squeeze profits - El Paso Times

Greg Matthews tries to discourage customers at his East Side pharmacy from using credit cards to pay for prescriptions because transaction fees on cards cuts into his already slim profit margin.

"A lady the other day paid her $80 co-pay" on a $120 prescription with a credit card. "I was going to make $3.48," but the credit-card fee took $1.98 so Matthews only made $1.50 on the transaction, he said. The other day a customer was going to pay a $1.05 prescription payment with a credit card, and "I said, 'Forget it.' I just gave it to him" because of the credit-card fee, he said.

Credit-card transaction fees, specifically the interchange fee set by credit- card companies and collected by banks that issue the cards, have become a hot issue with retailers in recent years.

 For more information: www.unfaircreditcardfees.com; www.electronicpaymentscoalition.org

The Merchants Payments Coalition, a national group of retailers, including supermarkets, drug stores, convenience stores and others, has been campaigning to lower the fees. The coalition is pushing for legislation in the U.S. Congress to set up a mechanism to let retailers negotiate card transaction fees with the credit-card companies. Some members of the coalition also are part of pending lawsuits consolidated into one case in a New York federal court alleging price-fixing of fees by MasterCard, Visa and several banks.

"What we want them to do is negotiate with us (merchants) a price fair for their service," said John Motley, senior vice president for the Food and Marketing Institute in Washington, D.C., a member of the coalition. "The reason the issue is so big for us (grocery stores) is the average profit within the food retailing industry in the U.S. is about 1.2 percent." The credit-card fees increase product costs to consumers, he said.

Interchange fees for credit-card transactions average around 2 percent of each transaction dollar amount, Motley said. Supermarkets were offered a low interchange fee years ago to encourage supermarkets to accept cards, but that "rate is now disappearing" because premium credit cards are becoming more prevalent and have a higher fee, he said. Fees on debit cards used with a PIN number average around one-half percent, which is not as much of a problem, he said.

Gasoline retailers earlier this year began complaining about being hurt by rising credit-card fee costs because customers were charging larger amounts due to rising fuel prices. MasterCard and Visa made adjustments in fee charges for fuel retailers, the companies said in statements issued this year.

Last year, $42 billion in interchange fees were collected, and this year that number is projected to grow to almost $49 billion, Motley said. That is a 16.7-percent increase. Only a small portion of the fees go for transaction costs, he said.

Visa and MasterCard, the nation's two largest credit-card companies, said the companies each set their own card interchange rates, but they receive no revenue from interchange fees.

The interchange rate is what the merchant's bank pays to the cardholder's bank for taking on the risk, said Denise Dunckel, a Washington, D.C.-based spokeswoman for Visa. "Visa makes its money from contracts with banks," she said.

Sharon Gamsin, a spokeswoman for MasterCard's headquarters in the New York City areas, told the El Paso Times in May that MasterCard makes its money from fees it charges banks that issue cards.

The interchange fee is part of a merchant discount fee, which is negotiated between the merchant and its bank for credit-card and debit-card transactions, according to information from MasterCard.

The interchange rate is set high enough for banks to have an incentive to issue credit cards and low enough to encourage businesses to accept the cards, the credit-card companies said.

"I think merchants are getting a good value for what they pay for. The alternative (cash or checks) costs more" to handle," said Linda Echard, president and CEO of ICBA Bancard in Washington, D.C., an Independent Community Bankers of America subsidiary that provides credit-card services to community banks. The interchange and merchant fees are important revenue sources that allow banks to stay in the credit-card business, she said.

In Australia, where the government stepped in and reduced interchange rates, the number of cards being issued has decreased, Echard said. A MasterCard statement said Australian credit- cardholders are now also paying higher interest rates and fees because of the decrease in interchange rates.

Related articles by Zemanta

• Interchange PAIN Can Be "A"lleviated with PIN-terchange
• NRF Has It's Say to House Judiciary Committee
• Use a PIN to "Stop Sticking It To Us"...
• Credit Card Useless Overseas? PIN it with HomeATM
• Paying for Gas with Credit? Not Here
• Interchange, Duopoly's and Politics...Oh My!

First Data to Offer All Major Alternative Payment Brands via CardinalCommerce

Press Release from Cardinal Commerce

DENVER and MENTOR, Ohio, Oct. 8 /PRNewswire/ - First Data, a global leader in electronic commerce and payment services, and CardinalCommerce Corporation, the worldwide leading provider of payment brands, have joined forces to bring First Data merchants a complete eCommerce solution for authentication programs and alternative payment brands.

Through this agreement, First Data becomes the first payment processor with the ability to offer all major alternative payment brands to their 100,000+ eCommerce merchants. This solution provides one of the fastest, easiest technical integrations for merchants, backed up with 24/7/365 support from CardinalCommerce. In addition, First Data will offer payer authentication service that leverages online payment verification offered by both Verified by Visa and MasterCard SecureCode programs.

"First Data is focused on developing robust and secure Software-as-a-Service payment solutions for our expanding online merchant community," said Souheil Badran, senior vice president and general manager, First Data eCommerce Solutions. "We're pleased to add the CardinalCommerce established solution to our scalable suite of services. Our goal is to offer a positive return on our merchants' investment while continually mitigating their fraud risk."

Now First Data merchants will have access to the most comprehensive online payment options available in the marketplace to increase sales and average order values, minimize fraud and the costs of order acceptance, and to help customers make eCommerce purchases with confidence. Through the First Data Global Gateway service, merchants will be able to receive the benefits of Verified by Visa(TM) and MasterCard(R) SecureCode(TM), as well as PayPal(TM), Google(TM) Checkout, and more.

"Cardinal is extremely excited to work with a company as distinguished in their field as First Data," said Mike Keresman, CEO, CardinalCommerce. "We're thrilled that the world's largest payment processor has confidence in our Cardinal Centinel(R) technology and we look forward to assisting their aggressive growth strategies in the eCommerce sector."

About First Data

First Data is a global technology leader in information commerce. The company processes transaction data of all kinds, harnesses the power of that data and delivers innovations in secure infrastructure, intelligence and insight for its customers. With operations in 37 countries, First Data serves more than 5.4 million merchant locations and more than 2,000 card issuers and their customers. It powers the global economy by making it easy, fast and secure for people and businesses around the world to buy goods and services using virtually any form of payment. The company's portfolio of services and solutions includes merchant transaction processing services; credit, debit, private-label, gift, payroll and other prepaid card offerings; fraud protection and authentication solutions; electronic check acceptance services through TeleCheck; as well as Internet commerce and mobile payment solutions. The company's STAR Network offers PIN-secured debit acceptance at 2.1 million ATM and retail locations. Through First Data's centers of excellence, such as security, analytics, customer loyalty and mobile payments, it offers data-driven commerce solutions for customers around the globe. For more information, visit http://www.firstdata.com.


About CardinalCommerce

CardinalCommerce Corporation is the global leader in enabling authenticated payments, secure transactions and alternative payment brands for both eCommerce and mobile commerce. Cardinal Centinel(R)* enables payment brands such as Verified by Visa, MasterCard(R) SecureCode(R), PayPal(TM), eBillme(TM), Bill Me Later(R), Google(TM) Checkout, MyECheck, NACHA(R) Secure Vault Payments (SVP), Ukash(TM), eLayaway(TM), Ebates(TM), Amazon Payments(TM), RevolutionCard(TM), and more to a network of over 30,000 merchants and merchant service providers. Our mobile commerce platform, branded Cardinal MAX(TM), makes it simple for retailers to sell and market products through the mobile channel. Cardinal's proprietary and easily deployable technology provides consumers, merchants, credit/debit card issuers, and processors the ability to conduct authenticated Internet, wireless and mobile transactions safely and securely. Headquartered in Cleveland, Ohio, with facilities in the United States, Europe and Africa, Cardinal services a worldwide customer base. For more information, visit http://www.cardinalcommerce.com

* Patent # US 7,051,002 B2

SOURCE CardinalCommerce

Related articles by Zemanta

• Alternative Payments Entice Internet Retailers Even More in a Bad Economy
• Revisting Gartner's Report on Consumers Preference for PIN Based Transactions

Amazon Gift Cards 2B Dispensed via ATM's Nationwide

According to a news release, Better ATM Services has reached agreements with Automated Cash Management Systems and APTUS Financial to dispense Amazon.com gift cards at ATMs across the nation.

The two ISOs will be part of a special pilot program in which Amazon.com gift cards will be distributed with a free $25 Restaurant.com promotional card. Dallas–based Columbus Data Services will provide transaction processing services for the program.

Better ATM Services also has become a reseller of Amazon.com gift cards, allowing Amazon.com gift cards to be distributed through ATM networks owned and operated by ISOs throughout the United States. The Amazon.com gift card is immediately valid for use toward purchase of any of the millions of items offered for sale at Amazon.com.

"Tough economic times mean consumers will increasingly demand more value," said Better ATM Services chief executive Todd Nuttall. "Gift cards with coupons and incentives distributed through ATMs provide just that."

Gift cards make up the largest segment of prepaid cards. Boston-based TowerGroup estimates that approximately $80 billion was spent on gift cards in 2006. Based on Mercator Advisory Group research, that total included approximately 600 million cards that were sold in-store.

Related articles by Zemanta

• 2008 Debit Issuer Study Released by Pulse