Official 2008 cardfraud figures show chip and PIN continuing to drive fraudsters onlineor to those cards not yet reliant on PIN protection to authorisepayments.
ITPro.com By Miya Knights, 19 Mar 2009 at 14:07
Themain driver for growth in card fraud is on those transactions withoutchip and PIN protection, the main UK payment industry body, Apacs said today, as it released its fraud figures for 2008.
Card-not-present (CNP) fraud losses increased by 13 per cent overthe last year to now account for 54 per cent of all card fraud losses.This also amounts of a rise in CNP fraud of 243 per cent between 2001to 2008. Editor's Note: In addition to providing e-consumers with the ability to transact in a dually-authenticated manner, (What they have/Card, What they Know/PIN) HomeATM also reduces fraud by transforming CNP transactions into Card Present (CP) transactions. The end result? CP transactions cost less to process, PIN costs less to process. Why? Because they are MORE SECURE!. How Secure? PCI 2.0 PED secure!
But Apacs said this reflected the growing popularity of shoppingonline, which relies on CNP payments, and providing a lucrativealternative to criminals forced to look for alternatives with theadoption of chip and PIN.
It added that tackling CNP fraud was an industry priority, as itcontinues to encourage cardholder and retailer take-up of secure onlinepayment systems that help prevent online shopping fraud, such asMasterCard SecureCode and Verified by Visa.
Overall, card fraud losses total £609.9 million, online bankingfraud losses £52.5 million and cheque fraud losses £41.9 million.
Online banking fraud losses grew 132 per cent on 2007 levels, duemainly to an increase in phishing, Apacs said. At the same time, onlinebanking customers without sufficient security protection areincreasingly being targeted by malware attacks.
Here I sit at the 2009 Data Security Summit and Bob Russo, General Manager for the Payments Card Industry Security Standards Council is speaking. While he's speaking, I get notified that HomeATM's SafeTPIN Personal Swiping Device has been officially PCI PED 2.0 Certified. Coincidence? I think not. Try many, many man hours of hard work by the engineering department at HomeATM. But, still...it's kind of cool that as I listen to him speak about the imporatance of PCI, we get our certification. We agree Bob!
HomeATM is proud and honored to forever own the distinction as beingthe very first Online PIN Debit Solution to be PCI 2.0 certified. More on this later...want to get back to Bob Russo's presentation.
Irony abounds...at the 2009 Security Summit as we certified as reaching the summit of security.
Click the picture on the left to enlarge or visit the PCI Security Standards Website at:
Dutch supermarket chain Albert Heijn has decided not to follow up on a trial with payment via fingerprint. The trial was conducted in an Albert Heijn branch in the town of Breukelen, near Amsterdam, where 580 participants were able to pay for their daily groceries using their finger print instead of cash or debit cards.
The trial, which lasted 6 months, was the first of its kind in the Netherlands, where more than half of all supermarket transactions are completed using a debit card. During the first weeks of the trial, experts already pointed out a number of security issues arising from the use of the fingerprint payment method. A security expert managed to pay using someone else’s finger print.
Albert Heijn has currently decided not to follow up on the trial, citing ‘security issues and vulnerability to fraud’. The participants however were enthusiastic about the payment method and applauded the fact that they could complete their purchases without needing their debit cards, cash or loyalty cards.
Researcher cracks fingerprint payment system
Security expert beats supermarket chain's payment system with fingerprint made out of rubber
Within weeks after its introduction , a security researcher has cracked the Tip2Pay fingerprint payment system for Dutch supermarket chain Albert Heijn. The researcher succeeded at paying for groceries by using a copied fingerprint.
The Tip2Pay system allows consumers to pay for their groceries through a fingerprint reader. Albert Heijn is the largest chain of grocery stores in the Netherlands and the namesake of Ahold, a global supermarket group with stores in Europe and the US that had annual sales of US$70.4 billion in fiscal 2006.
Security researcher Ton van der Putte, a retired employee for ATOS Origin who specializes in biometric security, successfully crafted a copy of a fingerprint out of rubber that was accepted by the Tip2Pay system. Staff members for the grocery store failed to detect the fraud. The method is easy to copy: typically a fingerprint left on a glass suffices to create a usable copy.
The hack hardly comes as a surprise. Security experts at the time of launch cautioned that the technology used by the store was insecure. Albert Heijn, however, didn't seem too worried. The store in public comments has brushed away any security concerns.
Van der Putte has a long track record in biometric security. Since 1990 he has undertaken several experiments demonstrating that secure authentication through fingerprints requires additional security measures.
The Chaos Computer Club in 2004 also demonstrated that a stand-alone fingerprint can be easily copied. The club wrote a how-to guide with instructions on how to create a copy. Also, a system similar to the technology deployed by Albert Heijn was hacked last year in Germany.
BioXS, a firm specializing in biometric security, cautions that Albert Heijn's system was poorly designed.
The company worries that the failed experiment will wrongfully damage public trust in biometrics.
A spokesperson for Albert Heijn argues that the hack doesn't demonstrate a genuine security threat, because a registered user of the payment system voluntarily provided his fingerprint to the hacker. The company argues that therefore the hack compares to cloning an ATM (automated teller machine) card.
A company spokesperson told Webwereld, an IDG affiliate, that customers at no time will be at risk. The system has a daily spending limit and will compensate consumers if fraud is detected. Tip2Pay for now is run as a test. Albert Heijn expects to deploy additional security measures in case of a large-scale roll-out.
TowerGroup: Noncash Person-to-Person Market Reaches $1.1 Trillion in 2008, Driven by Check Payments
Analyst Urges Financial Institutions to Leverage Existing Tools to Convert Declining Check Volume to Electronic Payments
Highlights from Report:
TowerGroup estimates the gross dollar volume (GDV) of the US noncash person-to-person (P2P) market in 2008 was $1.1 trillion, composed of over 3 billion transactions.
In 2008, checks represented over $1.013 trillion of the noncash P2P payments in the United States and cost financial institutions what TowerGroup estimates to be $255 million to process.
TowerGroup classifies P2P payments into five categories: repayment, account-to-account (A2A), family support, informal purchases, and informal services.
Spurred by the continued consolidation of financial service institutions (FSIs) and the establishment of new bank holding companies, A2A transfer volume will reach a projected $127 billion in 2012, TowerGroup believes.
The P2P solutions available to financial institutions range from cobranding partnerships to private-labeled third-party solutions across multiple delivery channels and payment networks.
Financial institutions have the tools available to successfully target the P2P market and convert existing check volume to electronic alternatives.
Editor's Note: HomeATM is the "only" company in the world that can facilitate 3DES DUKPT Secure P2P payments in "real-time" at a fraction of the cost of methodologies currently being utilized.
NEEDHAM, Mass.--(BUSINESS WIRE)--New research from TowerGroup finds that the gross dollar volume (GDV) of the U.S. noncash person-to-person (P2P) market in 2008 was $1.1 trillion. Checks are in decline, but they remain the most significant payment method, amounting to over $1 trillion of the noncash P2P payments volume.
Defined by TowerGroup as a consumer-initiated transfer of funds to another consumer using multiple channels and payment methods, P2P payment methods1 have evolved over the past few years with the advent of the Internet and mobile devices. These payment channels are continuing to grow, as financial institutions look to offer alternative new methods to transfer payments using online fund-transfer modules and mobile platforms. P2P is becoming an essential ingredient for financial institutions as they look to attract a new audience that is interested in on-the-go solutions that are lower in processing cost and greater in functionality.
Despite the availability of these new payment methods, consumers continue to use checks, which represent a net loss to banks on an item basis. TowerGroup estimates that P2P check volume is declining at 10 percent year to year. More important, it is costing an estimated $255 million to process these transactions.
“Banks are losing money hand over fist as they absorb the processing costs associated with every check transaction,” said Jennifer Roth, research director in the Global Payments service at TowerGroup. “The advent of the Internet and mobile devices are driving financial institutions to innovate and adopt new, more cost-effective and convenient means for their customers to transfer and process payments. However, in order to garner additional P2P market share and convert checks to electronic alternatives, financial institutions must create simple, low-cost, and convenient alternatives with flexible funds accessibility.”
TowerGroup expects 2009 to be a crucial year for financial institutions to incorporate P2P solutions so as to retain customers and acquire new ones. To keep a competitive edge, institutions must expand the reach of their business beyond a branch footprint using solutions and options available today. These options range from cobranding partnerships with alternative payment delivery providers such as PayPal and Obopay to private-labeled third-party solutions across multiple delivery channels and payment networks.
Additional highlights of the research include:
Over 3 billion P2P transactions occurred in 2008.
In 2008, checks represented over $1.013 trillion of the noncash P2P payments in the United States and cost financial institutions what TowerGroup estimates as $255 million to process.
Spurred by the continued consolidation of financial service institutions (FSIs) and the establishment of new bank holding companies, TowerGroup believes, account-to-account (A2A) transfer volume will reach a projected $127 billion in 2012.
The TowerGroup Research Note titled “Noncash P2P Payments: Checks in Decline Still Rule the Roost,” is available to qualified members of the press for review. To request a copy of or to arrange an interview with Ms. Roth, please contact Erica Chase at 212-704-44693 or erica.chase@edelman.com.
About TowerGroup: TowerGroup is the leading research and advisory services firm focused exclusively on the financial services industry. A respected source for trusted information and advice, TowerGroup brings many of the world’s leading financial institutions, technology companies, and professional services firms a deeper understanding of the business and technology issues impacting their organizations. Headquartered near Boston in Needham, Massachusetts, and with offices in North America and Europe, TowerGroup serves a global client base. Visit www.towergroup.com for more information.
1 TowerGroup classifies P2P payments into five categories: repayment, account-to-account (A2A), family support, informal purchases, and informal services.
Contacts
Edelman for TowerGroup Erica Chase, 212-704-4469 erica.chase@edelman.com Permalink: http://www.businesswire.com/news/google/20090318005266/en
Just received notification from Witham Labs that HomeATM's "Safe"T"PIN (the "T" stands for "Transaction") should officially receive PCI 2.0 PED certification from PCI.
Here's the notification from Witham Labs.
Hello Ben, Susan, and Kenneth,
We've been tracking the approval status of the report, and recieved this from PCI this morning in response to our request about the status:
"Barring any last minute holdups by the PED group, HomeATM should clear the report cycle tomorrow."
I will continue to keep you informed of the status.
Best regards,
--
Andrew Jamieson Technical Manager Witham Laboratories 1/842 High Street Kew East Victoria 3102 Australia
Witham Laboratories specialises in the independent security evaluation of all security aspects of payment devices - particularly PIN Entry Devices and those providing cryptographic services.
We are accredited to evaluate devices against international standards such as those of the Payment Card Industry (PCI), as well as local standards of varying regions, such as those of the Australian Payments Clearing Association (APCA).
Our clients actively seek us from around the world for our flexibility, innovation and expertise:
Our evaluations cover both physical and logical security
Evaluations can be performed to a customer specified level or against industry standards
Many of our clients take advantage of our ability to produce reports for multiple payment schemes, minimising the cost and time involved
We are at the leading edge for knowledge of current best practice and evolving industry requirements
PCI PIN Entry Device requirements
A presentation detaiing the PCI PED testing and evaluation process can be downloaded here. Alldevices that accept MasterCard, Visa, JCB, Discover, or AmericanExpress PINs must be evaluated by a PCI approved laboratory. WithamLaboratories is the only organisation in the Asia-Pacific region accredited by the PCI to test PIN Entry Devices (PEDs), among only eight in the world.
WithamLaboratories can perform full evaluations on any device, and provideguidance to assist in the understanding of the PCI criteria, which canoften be daunting. PCI currently have standards for the evaluation of POS PIN Entry Devices (POS PED), and Encrypting PIN Pads (EPP). New standards for Unattended Payment Terminals (UPT) and Hardware Security Modules (HSM) are under consideration.
Our clients find our knowledge on how the PCI criteria apply to their individual products invaluable. As an independent laboratory, we are not permitted to assist in the design of a product, but we offer a pre-evaluation service to begin assisting clients as early as possible in their projects.
Experience has shown that a pre-evaluation helps to avoid problems early in the design of a product, saving time and money further down the track. Many devices are not compliant with the PCI standard when submitted for the first evaluation.
Westrongly recommend that additional time is factored into projects toallow for additional evaluations, and that the cost of a secondevaluation is considered when comparing prices.
APCA requirements for PIN Entry Devices
All PIN Entry Devices for the Australian market must be evaluated by an APCA approved laboratory. Witham Laboratories is the only APCA accredited laboratory in the Asia-Pacific region.
As we are Australian based, we have close ties to APCA and can provide important insightinto the requirements and processes involved in gaining accreditation.The APCA requirements are provided in Standards Australia's AS 2805.14, which is similar to ISO13491, from the International Organization of Standardization. Currently,APCA recognises the evaluation of POS PIN Entry Devices (POS PED),Automatic Teller Machines (ATM), Hardware Security Modules (HSM), andEncrypting PIN Pads. We are the only laboratory with experience inevaluating all of these devices to APCA requirements.
Witham Laboratories is the premium provider of evaluations in the Asia-Pacific region:
We can conduct multiple evaluations at a discounted price for clients who want to gain both PCI and APCAapproval, saving both time and money. Devices that will acceptMasterCard, Visa, or JCB PINs in Australia will need APCA and PCIcertification
The APCA requirements contain several subtle differences to those of PCI, and our clients have found that our detailed understanding of these differences has greatly assisted them when bringing products into the Australian market
The evaluation process
Once supplied with a minimum level of samples and supporting documentation, our evaluations are conducted as quickly and efficientlyas possible - typically 4 weeks for a full report. A full APCAevaluation will take about 4 weeks as well. Once the report iscompleted, we seek client's approval before sending it to APCA foraccreditation. This can take 2-4 weeks.
We happily provide valuable feedbackto our clients throughout evaluations, maintaining close contact andoffering as much advice and guidance as possible. Our advice hasassisted a number of manufacturers to quickly bring their products intocompliance with the new PCI requirements.
Woman Attacked By Man With Needle At ATM SALEM, N.H. (WBZ)
The Bank of America ATM in Salem, New Hampshire where the woman was attacked March 12.
Police are looking for a man who terrified a woman by trying to rob her at an ATM while armed with a hypodermic needle.
It happened Thursday night at a Bank of America kiosk on Route 28 in Salem, New Hampshire near the Methuen border. A 35-year-old woman went to the ATM around 7:30 p.m. and a man snuck up and grabbed her from behind.
She told police he held the needle to her neck and demanded money. When she told him she had nothing he ran off.
Officers from Salem and Methuen and search dogs were called in, but they found nothing. Police are having a difficult time in their investigation because the video surveillance system at the ATM was broken at the time of the attack.
The woman was not seriously hurt. She described her attacker as a young white man in his mid 20's, about six-feet tall, with freckles and facial hair. He was wearing an olive pullover sweatshirt and black gloves.
Anyone with information should call Salem Police at (603) 893-1911.
Profit protection is key in tough economic environment; Business airlines see lowest fraud losses
MOUNTAIN VIEW, Calif. - March 16, 2009 New survey findings released today show airlines worldwide lost over $1.4 billion to online fraudsters in 2008, about 1.3% of worldwide airlines' online revenue. The data comes from a new independent Airline Online Fraud Survey commissioned by CyberSource Corporation [NASDAQ: CYBS] in association with Airline Information LLC and completed January, 2009.
Airlines are on the front line of the battle against online fraud--33% of the industry's revenues derive from eCommerce, three times the proportion of sales transacted online by non-travel companies--so efficient management of the problem is of critical concern to the airlines. Editor's Note: HomeATM is in discussions with all the major airlines, as a PIN Debit solution would provide not only a more secure dually authenticated e-transaction, but would also reduce their Interchange Fees. Remember, by SwipePIN your card, it becomes a "card present" transaction. In addition our device provides a true PIN Debit solution, therefore, chargebacks are virtually eliminated and Interchange is reduced further.
According to survey data, the ways airlines manage fraud vary significantly by airline category. In 2008, business-class airlines, with higher-priced tickets to protect, typically embraced profit protection measures, whereas low-cost carriers tended to focus on revenue capture. On average, business airlines used the most fraud detection tools (6.5 tools per business-class airline), had the highest rate of manual review (47%), and rejected more bookings due to suspicion of fraud (3.6%). Conversely, low-cost carriers used the least number of automated screening tools (4.9 tools per low-cost carrier), were less likely to manually review bookings (13%), and rejected fewer bookings due to suspicion of fraud (2%). The result of these differing strategies is that in 2008 business airlines lost 1.1% of their revenues to fraud and low-cost carriers, by contrast, lost 1.6%.
"The good news is that solutions exist," said Christopher Staab, Managing Partner of Airline Information, an airline industry organization. "Improving the efficiency of fraud management is one of the quickest cost-cutting moves airlines have at their disposal."Fraud management tactics vary widely by region.
North American-based companies relied far more heavily on detection tools, employing an average of 7.5 tools vs. a European average of 5.4--the overall world average is 5.8. North American airlines manually reviewed only 3% of their bookings whereas Middle Eastern-based airlines manually reviewed 81%.
European and Asia Pacific-based airlines manually reviewed 22% and 49% of their bookings respectively. According to Dr. Akif Khan, CyberSource Head of Client and Technical Services in the UK, "These findings highlight the need for airlines to adopt a more automated, holistic approach to fraud management--from initial screening through booking review and disposition. Improving the accuracy of automated screening is key. In doing so, they can reduce overhead costs associated with manual review, as well as improve revenue capture and lower fraud loss. With the right tools, airlines can realize these benefits in a matter of weeks--not years."To see the full survey -- for journalists: please call or email any of the contacts listed below. For all others: please visit http://forms.cybersource.com/forms/airlinefraudpr
The Airline Online Fraud Survey was commissioned by CyberSource Corporation. The data was compiled in an online survey conducted by Mindwave Research in the U.S., and additional phone follow-ups were conducted by Vanson Bourne Ltd. in the U.K. The surveys were fielded December 1, 2008 through January 16, 2009 and yielded 99 qualified and complete responses. Incentive to respondents included a summary of the research.
About CyberSource CyberSource Corporation is a leading provider of electronic payment and risk management solutions. CyberSource solutions enable electronic payment processing for Web, call center, and POS environments. CyberSource also offers industry leading risk management solutions for merchants accepting card-not-present transactions. CyberSource Professional Services designs, integrates, and optimizes commerce transaction processing systems.
Approximately 253,000 businesses use CyberSource solutions, including half the companies comprising the Dow Jones Industrial Average. The company is headquartered in Mountain View, California, and has sales and service offices in Japan, the United Kingdom, and other locations in the United States including Bellevue, Washington and American Fork, Utah.
Des Moines, Iowa, Mar. 17, 2009 -- In an effort to help creditunions better manage credit and debit card fraud, TMG (The MembersGroup) is today rolling out its customizable Fraud & Risk Analysisprogram.
Using a custom process developed by TMG’sfraud department, TMG fraud experts analyze 12 months of a creditunion’s fraud cases to pinpoint exactly where fraud is originating.After the analysis is complete, TMG’s fraud experts recommend and helpimplement new fraud strategies to minimize future risk.
Betatesting the analysis program with Vermont State Employees Credit Unionin 2008, TMG’s newly implemented strategies stopped an estimated$20,000 in potential fraud loss for the Montpelier-based credit union.
“Thesavings potential of TMG’s new program is enormous,” said VictoriaBoudreault, Vermont State Employees’ Deposit Operations Manager.“Losses from fraud are only one area of savings, as this program alsoprotects interchange income, customer service demands, and mostimportantly, our reputation among cardholders.
Accordingto TMG Cards Risk Senior Manager Karen Postma, ideal clients of theFraud & Risk Analysis program are credit unions with a card basegreater than 15,000 that also have the flexibility to modify theirfraud strategies.
“It’s important to TMG that ourcredit union clients be able to modify their existing strategies in away that is completely transparent to members,” said Postma. “We areskilled in our ability to carve out exactly the strategies that willdecrease fraud without sacrificing interchange income or disruptingmember cardholder experience.”
TMG predicts atypical program will take between six and seven weeks to complete andrecommends an annual analysis to stay on top of trends and minimizeexposure to risk.
As an added bonus, clients ofTMG’s Fraud & Risk Analysis program receive a TMG-developeddecision matrix that guides credit unions through the decision makingprocess while experiencing a compromise.
About Vermont State Employees Credit Union
TheVermont State Employees Credit Union is a not-for-profit financialcooperative that offers a full range of affordable financial productsand services to its member-owners. People eligible to join the creditunion include anyone who lives or works in Vermont’s Addison,Caledonia, Chittenden, Lamoille, Orange, Rutland or Washingtoncounties, along with Vermont's state employees and their families. Formore information about VSECU, visit www.vsecu.com .
About TMG
Ownedby the Iowa Credit Union League, TMG is a financial servicesorganization dedicated to providing innovative customized solutions tocredit unions and financial institutions across North America. TMG’score products include credit, debit, ATM and prepaid solutions, as wellas online reporting, item processing, ACH, ALM and printing services.TMG’s prepaid card products are branded ATIRA. For more information,visit www.TheMembersGroup.com .
EBay Inc. hopes that combining the risk management strengths of its PayPal Inc. unit with new features designed to attract new types of users will help it become a global leader in online payments.
The San Jose e-commerce company shared its plans for PayPal during an analyst presentation Wednesday, including details on how it will incorporate Bill Me Later Inc., the instant credit provider it purchased in November, and an open development platform it expects to roll out this year.
John Donahoe, eBay's president and chief executive, described online payments as a winner-take-all market and said he expects PayPal to become one of the top global brands, in contrast to the online retail market, where he expects his company's auction service to be one merchant among many.
Visa Yanks Heartland, RBS WorldPay Compliance Status
Bank Technology News | March 2009
By Rebecca Sausner
Visa pulled Heartland Payment Systems and RBS WorldPay from its list of PCI compliant service providers, placing the two on probation until they close the holes that led to the massive data breaches reported in January and December. Both continue to serve as processors in the Visa system.
“Heartland and RBS WorldPay are actively working on revalidation of PCI DSS compliance using a Qualified Security Assessor. Visa will consider re-listing both organizations following their submissions of their PCI DSS reports on compliance,” Visa said in a written statement.
The Romanian police had a busy Wednesday, breaking up a major bank fraud ring and arresting another individual who is accused of breaking into major U.S. government and university servers.
According to news reports, the Romanian police, working along with the FBI, arrested 20 individuals who allegedly built cloned bank sites and then drained the accounts of users who were lured into logging in to them.
Editor's Note: Did you know that the HomeATM SwipePIN device can be utilized as a log-in authentication device for online banking? Now you do. More confirmation that we kick booty! Here's why:
Instead of a bank providing the inherently weak (and what should have been obsolete years ago) username/password function, online banking customers could simply swipe their card and enter their PIN.
Wow...an end-to-end encrypted login which would have prevented what transpired in this story. Not only would HomeATM be able to identify that it was a cloned site, but the cloned site wouldn't be able to do ANYTHING with the E2EE 3DES DUKPT sign in data anyway.
Suffice it to say that a cloned website wouldn't work with because we've cloned the secure process that banks use at the lobby of the bank's ATM machine. Except we encrypt the Track 2 data as well. So now the consumer is SwipePIN...instead of the fraudsters! Sorry Click Jackers!
The information provided by our SwipePIN device is for non-cloned banks eye's only! Hey Bankers...the phone lines are open!
Continuing with the story: The cloned sites, which were deployed in Italy and Spain, looked and operated like the actual bank Websites, but they asked users questions that ultimately led to the divulging of personal bank details, according to Stefan Negrila, chief of the Romanian Police's organized crime division. Once obtained, the hackers allegedly used that information to access the real bank Websites and transfer or withdraw cash.
Nearly 100 police officers from special troops entered suspects' houses in major cities across Romania, the reports said. Investigators said the ring stole at least 350,000 euros.
World of Choice Consumer Payment Preferences By Chris Allen, Melissa Fox, Dan Hough (BAI), and Mark Riddle (BAI)
The inevitable and ongoing march from paper to electronic retail payments has become a full-on run, according to a recent consumer payment study conducted by BAI and Hitachi Consulting. Consumers are using debit cards more aggressively, particularly PIN debit, instead of cash or checks, even for small-value purchases in stores, while increasingly using electronic bill pay for recurring payments. This rise in the use of plastic and automated payment vehicles is putting greater pressure on banks to find new ways to reward and retain customers for their electronic payments. Bankers also need to find an appropriate balance managing cash and checks, as those become a smaller part of the payments mix.
Featured as the cover story of the January/February issue of Banking Strategies Magazine, this article discusses the decisive shift in consumer payment preferences from paper and cash to electronics and the implications of those changes for banks and the broader payments industry. To read the full article, click here.
Editor's Note: This article is rather vague but it supports my argument that e-commerce is NOT SAFE in a web browser. Which is why HomeATM uses hardware to facilitate the transaction.
Computer-virus infections don't cause your machine to crash anymore.Nowadays, the criminals behind the infections usually want your computer operating in top form so you don't know something's wrong. That way, they can log your keystrokes and steal any passwords or credit-card numbers you enter at Web sites.
Editor's Note: If you Swipe vs. Type then they cannot "log your keystrokes."
Here are some signs your computer is infected, tapped to serve as part of "botnet" armies run by criminals:
• You experience new, prolonged slowdowns. This can be a sign that a malicious program is running in the background. • You continually get pop-up ads that you can't make go away. This is a sure sign you have "adware," and possibly more, on your machine. • You're being directed to sites you didn't intend to visit, or your search results are coming back funky. This is another sign that hackers have gotten to your machine.
So what do you do? Editor's Note: The article really provide any sound advice as to what you need to do...it does, however, make suggestions for "possibly" reducing risk. That said, here's what you "don't do:" Never, ever type your card information into a web browser.
Which is why it's surprising/befuddling to read about "cautious acceptance" to a supposed PIN Debit solution which "instructs you" to type in your PAN (as usual using your keyboard) Once you do that, the supposed solution will be "enabled" to decipher whether it's a card that can be used with a PIN. The question begs to be asked. Who else might be enabled to do the same? If they can do it, so can somebody else. (maybe not right away, but sooner rather than later)
Caveat Emptor. By "instructing you" to type in your card information, you're being led down the wrong path from the get go.
Here's why. If you're not leery when suddenly, a "pop-up" PIN Pad appears out of nowhere...then you should be when you're informed that your computer's keyboard has just been remotely "taken over" and locked.
Why do they do this? Because it's NOT SAFE to type in a PIN with a keyboard...even though...moments ago, they implied it was safe, to "type in" the card number.
Am I alone in making the determination that this makes absolutely no sense whatsoever? What changed? Is this not an ADMISSION that it's not safe to type in card information using a keyboard? So now another question begs to be asked. If their supposed solution is safe, then why would they instruct you to "type" in your PAN, as usual?
Let's utilize some common sense and assume that since we know that keylogging and clickjacking exist, is there not the very real likelihood that those two exisiting threats can be combined to create a new one? Call it: "clicklogging." Until then, hackers can always resort to screen scraping.
Now let's Add It Up. Hardware is a NECESSITY. Just as your cell-phone (which is hardware) requires a peripheral to charge it, whether it's the charger you plug into the wall or the charger you plug into your your car's old cigarette lighter receptacle, a peripheral is a NECESSITY. The good thing, is that plugging in a HomeATM SwipePIN device is just as quick and easy to plug into your PC or laptop as it is to plug in a phone charger. And there's NO SOFTWARE to download. The SwipePIN device is truly plug and play. Not only does it provide end-to-end encryption, but it also encrypts your cards Track 2 data. The Black Hats hate the idea of a hardware device. For that reason, security professionals tend to love it.
Back to the story...
• Having anti-virus software here is hugely helpful. For one, it can identify "known" malicious programs and disable them. If the virus that has infected your machine isn't detected, many anti-virus vendors offer a service in which they can "remotely take over your computer" and delete the malware for a fee.
Editor's Note: The Hacker's can "remotely take over your computer" for free...(the price you pay comes later when they empty your bank account(s).
• Some "anti-virus vendors" also offer free, online virus-scanning services. Editor's Note: ALL "virus vendors" offer free, online virus- infection services. Plus, tests show that anti-virus programs don't really work that well.
• You may have to reinstall your operating system if your computer is still experiencing problems. It's a good idea even if you believe you've cleaned up the mess because malware can still be hidden on your machine. You will need to back up your files before you do this.
How do I know what information has been taken?
• It's very hard to tell what's been taken. Not every infection steals your data. Some just serve unwanted ads. Others poison your search result or steer you to Web sites you don't want to see. Others log your every keystroke. The anti-virus vendors have extensive databases about what the known infections do and don't do. Comparing the results from your virus scans to those entries will give you a good idea about what criminals may have snatched up.
Translation: You'll know when you start buying things you didn't buy!
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sNeZfrj2hJudJTUMpz35KHUrqZtnixzmMpvsiy8awJTThy-c8-g6KGW4DelpehMKPz2ezj6ADiQlvzFq3yZnfXT5rlhXMTr4h_plqUG781OLSULtQFI0P1PW0szfbFOxHRFbpt3p7SnOIEmrkb5f8=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tkgjhQZMPDTCVKY1IFz7HPKS5EF-ij7GfVKUq8H6sxoxmTS_v69UfgHJy_z3Q9zHKyzLX6-ld7v9YqOH6KcioHPnQ9cx6tF7Q0CkuCSOr7-9t2zl1ZgENsfE54vvPzdiHL3FIwxyW5fTbadrzcuhac=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uaK1cxpMMzNyerg6tc42mRmSOtQXsRWRi_eEb40ut1-_Jt9W_BTZV4A5bopPqqo4qVspX8af9fq4r08PEGOAmFuyqRcvH_DtgABvVR0pB39SqrKX_VtznpwWtyjsqoOcQmzqzIVZ-vLyz-BHOg0fTz=s0-d)
TowerGroup: Noncash Person-to-Person Market Reaches $1.1 Trillion in 2008, Driven by Check Payments![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sALMZo1Y9bfNBDIJ3MY1NKQmmrN33FiWzh8dEVgyQpo0XjYKzxYBmcWKNCW5p2TCG4uyXRHyOwZSIwnoX-h-aXz571nBdtFoeKkt8f91az-NlJxvnymmOW5XxFxooyeZWsyawFDIuex4vnmIhtHjsV=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tR8jKGlc35-uHugsu-tpSy8xFBmsA-wwGxzZoxUdD7LSufsgtfpTMSev5r_VI2n4Wgxe3c8VFh_8Nt4mipjZDeoVsiC4-bQDS4VFah9_6LZb8pOZBdqIFRKgo3IwQc5GzZu9xLgcyXoxi8cqxRWJyB=s0-d)
She told police he held the needle to her neck and demanded money.![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sfClk9ZDhCbFmLyDGdkfU83yUkc6mH4OKIGG2LIXP9CRlrSYO7aFNVLyMEacAXy26RUBXWxo8EIYiNso0WN6TvI3DYgpIYwe0amClVFGoAsOlV7dgXk2dU2nY2v-RDVDiYXKIO02rCxieDWNrGAEbS=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s4r4mTt7eyDBENHgetOckQsGyoWjHxv2eZDy3XZ8c69s4JNXzIlOXG-6ht5DfpMmDB1pJHulGtLBw8x-WHOJ8w0-PWNmsLhsb9l6DMkY2g-c6EEsZ_51hcQlJSVHbXyh3u1cxOUnuxdBtBfeCT1flP=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u7pFaZOgWUcyE6pY_NQP3qk0Cm_U3yaXRYZgN9bzgSTQtFMMZwT44-LDZXO2P9HP6UtrSGwyqswv0S_MHteeCW9pzl0mfs0KDV2B57TjDSVPF57-k4eNU3kFtHrIbR2wjRk5EwAMSMu6GaJt4SR4Sv=s0-d)
EBay Set to Merge PayPal and Bill Me Later Systems
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vccokqmfHTO6OPffvtqQ_Enq8P5NWpptvA-EBI6RPIp8pc8H0UoUtb7wYXfwgHyFkEQ_SIkk2A-Nkq_qr48EP3YkX4Gh9aZuedzbPeTnaGLRnfKvd1IlJL_53QMOetIrkeuGrr6RvEqufALG8Ao4Ru=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vzf8Ov5zhv_66pN-y4nPuE93Ah4IQsh4qhFLwCvWXtQObphX8KN7RsjCG_hcU8L--xiYZue37cU_V9aJcAaGupcKTltcL9FrV0lWPVs5kvlaYLggnkL_Si9baZ7kQ1bx38PxjtsK16u9FpdJVIVcw=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t1t3KcpXy_PSKKPcphe39cI2R66IoCmv7UqlmM9xSZjuJQqTYYBTfWEUUQcG8d8c1rXg0JyqgI5zfHi7bm30ovxJ0eajr6NXEIFU-9Yl2tXYpC-ALqb_Z-Zv_T1a2IsqUT_m2mlfkm8Aej9kKBPc8m=s0-d)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vPpxS7cUZ3HYH--iVK00pkdAjvJpefm6zswjzQLmA1Z6IniLnaKN9BGO46ZgIZ3l5IryerI0h1j3pbNex9ZndWe9lu0Pd_IB0j6KdC72HUwY_q7SkgBMTpcHJxDdgNCCs5-qe--ipVBs5B-kKB1WA=s0-d)
Caveat Emptor. By "instructing you" to type in your card information, you're being led down the wrong path from the get go. 
