Nothing Phishy About PCI 2.0 Certified "Card Present 2FA"

Attn: Banking Institutions:  The phishing problem can be immediately solved with "Card Present" Two Factor Authentication.  And two of the steps are already in place.

1: Bank issues Card, 

2. Bank Issues PIN, 

3. Bank Issues HomeATM's iSwipe. ($12.00...less in quantity) 

A: Customer Swipes Card

B: Customer Enters PIN. 
C: Log-in authenticated, phishing problem solved. 

Description:
The growing popularity and success of Internet banking has brought on unprecedented attacks from gangs of well organized cybercriminals, according to AIB today.

For example, the number of phishing attacks on AIB in April 2009 surpassed the total number experienced in the whole of 2008, it said.

Online banking is growing in Ireland with AIB's Internet Banking service showing continued growth with over 570,000 customers (up 18pc) now regularly banking online. The number of transactions completed online also continues to grow strongly (up 27pc) in 2008.

HomeATM eliminates phishing attacks completely because the user MUST authenticate themselves by 1. swiping their bank issued card and 2. entering their bank issued PIN.  So even if the phisher obtained the Primary Account Number (PAN) and the Personal Identification Number (PIN) they would still be unable to log-in without physically swiping the card.  (Editor's Note:  It is highly unlikely anyone could obtain both the PAN and the PIN, I just use that to demonstrate how secure our 2FA log-in is.  It's not only two-factor-authentication, it's "card present" 2FA.  What the world needs now is "Card Present in a Card Not Present World."  It really is that simple.  See "Something Phishy About Bank's not Using Card Present 2FA"

Related articles

• BofA Targeted by Malicious Code Phishing Attack (pindebit.blogspot.com)
• Torpig Sinowa Botnet Harvests Online Banking Credentials (pindebit.blogspot.com)
• Card Not Present Fraud up 13%...HomeATM Can Help! (pindebit.blogspot.com)
• Card Not Present Fraud up 132% in UK (pindebit.blogspot.com)
• Online Theft Doubles...Fastenating! (pindebit.blogspot.com)
• Privacy is Dead, Long Live the PIN (pindebit.blogspot.com)

CNBC Video: Should Online Gambling be Legal?

Editor's Note:  Click the Title of this post, it will refresh and you may leave and/or read some of the comments re: this post.

On the right is a videotaped debate from CNBC on whether legalizing online gambling is a good idea. Sorry about the commercial!

The reason I'm posting it is because I

found it rather entertaining.  There's a guy named Les Bernal, (the bald dude)from

Stop Predatory Gambling and

when he's done with his rant, the CNBC announcer actuallykind of makes a little

fun of him,asking him if a PR firm came

up with the name "predatory" gambling

("you make it sound like like "child

porn," he says at one point)

Later he starts questioning his statistics

saying it sounds as if he just made

them up off the top of his head. 

When Les (the bald dude) says

he got the statistics from a study done

in Canada, the announcer actually says,

"Avoid Canada Joke Here".  Funny stuff.

He then goes on to tell the bald dude

that he's so extreme and that  his 

"bible toting" is hurting his case. 

The only case I can make is that  "Les is NOT more."  As I said, this is some pretty funny stuff...especially considering it's on CNBC and not YouTube.com 

For those unaware, on Wednesday Rep. Barney Frank, D-Mass., introduced a bill to legalizeInternet gambling.  I think it's H.R. 2268.  Harrah's today said it supports it.  So did MGM.  Oh, and YouBet.com too.  Surprise!Supporters say it could yield billions in taxrevenue, but others say it could raise gambling addiction.   What are your views?  As always, feel free to comment.   Just click the title of this post and the comment box will be at the bottom of the post.

Related articles

• Barney Frank to Unveil Online Gambling Bill (pindebit.blogspot.com)
• Barney Frank Releases Details of Online Gambling Bill (pindebit.blogspot.com)
• Barney Frank and Internet Gambling (pindebit.blogspot.com)
• YouBet.com Runs Ad on ESPN (pindebit.blogspot.com)
• CNBC Video: Should Online Gambling be Legal? (pindebit.blogspot.com)

Informal Chit Chat Opens Window for Metavante Acquisition

Informal CEO talks led to Metavante deal

The Business Journal of Milwaukee - by Rich Kirchen

While Fidelity National Information Services initiated formal merger talks with Metavante Technologies Inc., Metavante’s chairman and CEO actually started the conversation by informally contacting Fidelity National’s top executive.

That’s a different perspective on the genesis of the deal than the way it was portrayed April 1, the day both companies disclosed the transaction.

At the time, Don Layden, senior executive vice president of Brown Deer-based Metavante (NYSE: MV), said Metavante executives weren’t looking to sell, but were open to discussing the possibility when Fidelity National approached them about nine months earlier. However, in an interview last week with the Jacksonville (Fla.) Business Journal, Metavante chairman and CEO Frank Martire said he began the conversation with Lee Kennedy, president and CEO of Jacksonville-based Fidelity National.

“I gave Lee a call one day and said it would be interesting to see if there is some synergy” between the two companies, Martire said.

Metavante has agreed to a $3 billion acquisition by Fidelity National (NYSE: FIS) in a deal that is expected to result in the loss of hundreds of jobs as the companies look to cut $260 million in annual costs. Job cuts will be announced within the next two months, Metavante executives said. The company has about 2,700 employees in metro Milwaukee.

Martire told the Jacksonville Business Journal he always admired Fidelity National Information Services as one of his closest competitors. By the end of the year, Martire will move to Jacksonville to run the company from its Jacksonville headquarters. The deal is expected to close in the third quarter.

Metavante spokesman Chip Swearngen said Tuesday that the difference between the Martire and Layden statements is that Martire was discussing an informal initial exploratory contact with Fidelity National and Layden referenced the official contact by Fidelity National that led to the deal.

Continue Reading at Milwaukee Biz Journal

Related articles the PIN Payments News Blog

• FIS Ranked #1 in Vendor Matrix by ABI Research (pindebit.blogspot.com)
• Monitise & Metavante Launch Text Message Banking (pindebit.blogspot.com)
• HomeATM at FinovateStartup09 Today (pindebit.blogspot.com)
• FIS Reports Strong Earnings Growth (pindebit.blogspot.com)
• HomeATM Featured in American Banker (pindebit.blogspot.com)

PayPal Blog: New P2P Application for Android

New PayPal Application for Android

---

Hi blog readers!  I’m Eric Duprat from PayPal’s mobile team.  For all you Androidlovers out there, we’ve got a special treat for you today.  We’ve nowlaunched a PayPal app just for you.  This application will give youeasy access to your PayPal account right from your Android phone.
With this application, you’ll get:

Direct integration with the contact list.  You won’t need toremember people’s numbers or emails anymore to send them money!  Justselect their name from your list of contacts, and we’ll make sure theyget paid.

Recent history. You can use your phone to look at your transactionsover the last couple of months.  So if you ever need to check whetheror not a payment has come through, it’ll be simple to find out.

Balance checks.  We show you all your balances in any of the currencies you hold.

And, of course, all your mobile payments are kept safe using thesame start-of-the-art technology we use on paypal.com.  So, if you havean Android phone, visit the Android Market to download the app and try it out.  Let us know what you think!
Update 5/6/09:  Just to clarify, here is how you can download the PayPal Android Application on your G1 phone:

1. Click on the Android Market
2. Search for “PayPal” (or scroll through the finance category)
3. Click install

This entry was posted on Wednesday, May 6th, 2009 at 10:12 am and is filed under Innovation at PayPal. You can leave a comment, or trackback from your own site.

Web Retailers Increase Quarterly Web Sales

From: IRNewsLink  (click to enlarge pic)

Web retailers increase their quarterly web sales

Even in the current recession, people are still shopping online and more so than one year ago. The combined web sales of 13 retailers that broke out quarterly web sales in early April through early May increased year over year by 14.1% to $6.15 billion from $5.39 billion. Six web retailers posted quarterly gains year over year in e-commerce sales while seven others showed a decrease. Amazon.com continued to show its outsized influence on the web retailing market by posting an 18.4% increase in Q1 2009 web sales to $4.89 billion from $4.13 billion in the first quarter of 2008. Without Amazon, the remaining 12 retailers increased their quarterly sales year over year by 0.2% to $1.267 billion from $1.264 billion. Six other web retailers also finished out 2008 with higher e-commerce sales, increasing their combined total by 11.2% to $1.39 billion in 2008 from $1.25 billion in 2007.

Related articles

• 58% of Onlinie Retailers Saw Q1 Sales Increase (pindebit.blogspot.com)
• Online Retailers Holding Their Own During Recession (shoppingblog.com)
• China UnionPay Expanding Online Payments (pindebit.blogspot.com)
• Amazon Payments Expanded (pindebit.blogspot.com)

Show Me Your ATM Card

PNC Bank has signed a banking contract with Marymount University, marking its first university deal in the Washington, D.C. area.
Under the five-year contract, the university’s 3,600 students and more than 400 employees will get access to PNC’s personal banking products and services.

Marymount users will have the option of tying their school ID card to PNC accounts to make it an ATM card, as well.


“The partnership with PNC Bank will...enable parents to transfer funds easily to their student’s account and provide students, faculty, and staff with easy access to financial services,” said a spokeswoman for Marymount.

The Washington Business Journal is a sister publication to the Pittsburgh Business Times.

Related articles

• FIS Ranked #1 in Vendor Matrix by ABI Research (pindebit.blogspot.com)
• FreeMason Job: Chip-and-PIN On Trial (pindebit.blogspot.com)
• HomeATM Added To FinovateStartup09 Lineup (pindebit.blogspot.com)
• HomeATM at FinovateStartup09 Today (pindebit.blogspot.com)

Prey: It Does Happen (Bait and Switch)

Students Become Prey for Cards Charging 18% After Free Lunch - Bloomberg.com

Irena Cabrilo got a free lunch during her freshman year at the University of North Texas in exchange for signing up for a credit card from Bank of America Corp. Eight months later, she was carrying a $1,500 balance and struggling to pay an 18 percent interest rate.

“They made it sound so easy,” said Cabrilo, now a senior majoring in marketing and advertising. “Just sign up, you’ll get approved and have access to money. They don’t talk about interest rates and what will happen to your credit history.”

Average credit-card debt among graduating college seniors increased to more than $4,100 last year from $2,900 in 2004, according to a study by SLM Corp.  

Editor's Note:  The worst part is that of the $4100, usually more than half ($2000) was put on the card when the interest rate was low (2.9% for example) then suddenly it  becomes 18%.   If that's not a classic case of "bait and switch" I don't know what is. 

About 85 percent of students have at least one credit card, according to the study, conducted every four years by Reston, Virginia-based SLM, also known as Sallie Mae, the largest lender to U.S. students.


Continue Reading at Bloomberg.com

Related articles

• Elavon Put in Angie's List Penalty Box? (pindebit.blogspot.com)
• Merchant Risk Council to Sponsor CNP Payment Forum (pindebit.blogspot.com)
• E-vidence of Paradigm Shift...MasterCard Focusing on Debit Business (pindebit.blogspot.com)
• Debit Surpasses Credit for the1st Time in Visa History (Volume & Transactions) (pindebit.blogspot.com)
• Merchants On "Warpath" Against Interchange (pindebit.blogspot.com)
• If "Https://" is Really "Httbs//" Then How Do You Secure Online Transactions? (pindebit.blogspot.com)
• Congress Asked to Lower Credit Card Fees (pindebit.blogspot.com)

Underbanked Financial Services Forum: June 1st-3rd Dallas

The 4th Annual Underbanked Financial Services Forum presented with the Center for Financial Services Innovation will be held this year June 1-3 in Dallas, TX at The Westin Galleria.

This year's forum will be exploring multiple perspectives on serving the underbanked in today's climate. As awareness of the potential value and demographic diversity of the underbanked market continues to grow, the Underbanked Financial Services Forum remains the best single place to learn from and connect with the people transforming the financial services landscape.

* Understand the attitudes, needs and behaviors of the underbanked
* Learn innovative ideas for these challenging times
* Gain further insight on the global perspective

Back by popular demand...

Underbanked Xtreme Networking is back by popular demand! Borrowed from the idea of speed dating, this networking event delivers an accelerated meet and exchange between industry leaders and innovators. Pre-register before the event to receive an optimized schedule tailored to fit your specific networking needs.

Who are the underbanked?

Since 2006, this annual gathering has become the premier event for players across the financial services spectrum:

* Financial institutions and credit unions
* Technology and service companies
* Retailers and other providers
* Nonprofit organizations
* Government agencies

Get the latest information from industry experts and case studies from on the ground and across the globe on the best strategies and offerings to achieve profitable growth and long-term success.

REGISTER EARLY & SAVE!

*offer valid for new registrations only and cannot be combined with any other offers

Data Sniffing Costs Heartland Bigtime

Source: The Register
Complete item: http://www.theregister.co.uk/2009/05/07/heartland_breach_costs/

Description:
Electronic payments processor Heartland Payment Systems said Thursday it has allocated $12.6m to cover a security breach that exposed sensitive card holder data crossing its network.

More than half that amount involves a fine MasterCard has assessed banks that did business with Heartland, said company CEO Robert Carr, according to this conference-call transcript. The remainder covers legal costs and other expenses related to the breach, which was discovered in January.

Carr said the company plans to roll out a new security system designed to encrypt payment card transactions from their point of origin with merchants to their final destination with the card issuers. The mechanism would go well beyond so-called PCI DSS, or payment card industry data security standards, which are mandated on merchants, processors, and banks that work with credit and debit cards. Heartland is still working with card companies such as Visa and MasterCard to see if they will be able to accept the encrypted data.

Currently, the vast majority of transactions transmit data that is sent in the clear, except for personal identification numbers.

"We are in a cyber crimes arms race, and we need to stay ahead of the bad guys who never rest and do not call committee meetings to update their malicious tools and attack vectors," Carr said.

Heartland hopes to put the system in place by the third quarter, a time line that may be overly optimistic. That's because there are a lot of players in the payment card industry, and for the system to work, each will have to upgrade their equipment to deploy the new mechanism.

"For this to really be effective, the banks need to participate and so do Visa and MasterCard and American Express," said Avivah Litan, a security analyst with Gartner. Right now, a small number of processors offer end-to-end encryption, but none of them are among the top 10 players, she said. Editor's Note: Buy we try harder!

The breach occurred when criminal hackers managed to sneak malware onto Heartland's network that sniffed card data that was stored there. The company has yet to provide basic details about the intrusion including how long it lasted, how the software was able to penetrate the company's defenses or how many cards were intercepted. At least 160 banks in the US, Canada, Guam, and elsewhere have been affected, the BankInfoSecurity.com news portal said in February.

Besides expenses in excess of $12m, the breach has been costly to Heartland in other ways. Among other things, it has distracted company employees and been used as a scare tactic by competitors, who tell Heartland customers they could be held liable if they continue to use the processor, Carr said. (The claims are false, he added).

It also likely played a role in Heartland being removed from Visa's list of processors that are in good standing with industry-mandated standards for data security. Heartland late last week was reinstated.

Given all the pain, it's understandable Heartland wants to put the breach behind. And that means moving to beyond PCI DSS, which many security experts say is insufficient to protect card data.

Heartland executives "don't want to wait until the industry figures this out," said Gartner's Litan. "They're pushing the industry into this encryption."

E-Secure-IT
https://www.e-secure-it.com

Related articles

• Heartland Reinstated to Visa's List of PCI DSS Providers (pindebit.blogspot.com)
• On to the Next Breach... (pindebit.blogspot.com)
• Mystery Processor's Breach Timeline (pindebit.blogspot.com)
• Banks File Class Action Against Heartland (pindebit.blogspot.com)
• HomeATM at FinovateStartup09 Tomorrow (pindebit.blogspot.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)

MoneyGram Announces Reload Agreement with netSpend

Press Release

Minneapolis and Austin, Tex., May. 8, 2009 -- MoneyGram International (NYSE:MGI), a leading global payment services company, and NetSpend Corporation, a leading provider of financial services and products for the underbanked, today announced an agreement that will increase transaction volume in MoneyGram’s U.S. locations. The agreement highlights MoneyGram’s continued success in the important prepaid segment.

Through the relationship, NetSpend prepaid debit card holders will be able to conveniently load value to their cards in a real-time, single-step transaction at any of the 40,000 MoneyGram ExpressPayment® agent locations nationwide. The agreement with MoneyGram brings the number of locations that NetSpend customers can reload their prepaid debit cards to approximately 90,000—making it one of the largest networks of its kind in the country.

“Convenience is very important to our customers. Their time is valuable and the ability to choose how they reload their NetSpend card—whether online or through the thousands of reload centers—gives them unprecedented control and freedom,” said Dan Henry, chief executive officer of NetSpend. “MoneyGram brings the convenience of the NetSpend card to a completely new level and is a welcome partner for our millions of cardholders.”

Anthony Ryan, president and chief executive officer of MoneyGram International, said: “This strategic partnership with NetSpend broadens our presence in the key prepaid market by opening the MoneyGram reload network to one of the largest prepaid card providers in the industry. We continue to provide control and choice to consumers with our urgent bill payment product and real-time prepaid card load capabilities.”

About NetSpend Corporation

NetSpend Corporation is one of the premier providers of innovative, accessible prepaid debit cards which empower consumers with the convenience, security and freedom to be self-banked. NetSpend achieves its mission by serving its customers anytime and anywhere, being trustworthy, reliable, and delivering innovative high value products and features. NetSpend's proprietary processing platform allows it to support prepaid card programs end-to-end from customer acquisition and card fulfillment to customer service and risk management. The NetSpend® Prepaid Card Network includes leading consumer brands and companies serving the un-banked and under-banked markets, and its strategic relationships include card issuers, EFT networks and payment card associations. For more information, visit www.netspend.com .

About MoneyGram International

MoneyGram International offers more choices and more control for people separated from friends and family by distance or those with limited bank relationships to meet their financial needs. A leading global payment services company, MoneyGram International helps consumers to pay bills quickly and safely send money around the world in as little as 10 minutes. Its global network is comprised of 180,000 agent locations in 190 countries and territories. MoneyGram’s convenient and reliable network includes retailers, international post offices and financial institutions. To learn more about money transfer or bill payment at an agent location or online, please visit www.moneygram.com .

Source: Company press release.

Source: Sophos
Complete item: http://www.sophos.com/blogs/gc/g/2009/05/07/worldpay-card-transactions-carry-malware-danger/

Description:
Cybercriminals are up to their old tricks again, disguising their Trojan horses by spamming them out attached to emails claiming to come from legitimate organizations.

Today one of the malware campaigns we are seeing pose as communications from WorldPay, claiming that your credit card has been charged on behalf of Amazon.  The emails have the subject line "WorldPay CARD transaction Confirmation", and part of the email message reads:

"Your transaction has been processed by WorldPay, on behalf of Amazon Inc. The invoice file is attached to this message. This is not a tax receipt. We processed your payment. Amazon Inc has received your order, and will inform you about delivery."

Of course, if you haven't bought anything on Amazon lately you might be all too tempted to click on the attached file (named WorldPay_CONFR.zip).  Which would be a mistake, of course, because it contains a copy of the Troj/Agent-JUC Trojan horse.

This is far from the first time that hackers have used a scam like this, and it won't be the last.  The message, as always, is to be on your guard and think twice before opening an unsolicited email attachment.

Related articles

• Cybercrime (PIN Payments Blog)
• If "Https://" is Really "Httbs//" Then How Do You Secure Online Transactions? (pindebit.blogspot.com)
• Torpig Botnet Harvests Online Banking Credentials (pindebit.blogspot.com)
• Ten Commandments of Web Payments (pindebit.blogspot.com)
• BofA Targeted by Malicious Code Phishing Attack (pindebit.blogspot.com)

Irish Bank Outage ID's POS Vulnerabilities

Source: storefrontbacktalk
Complete item: http://www.storefrontbacktalk.com/e-commerce/irish-bank-outage-points-out-pos-vulnerabilities/

Description:
On Tuesday (May 5) , the National Irish Bank (NIB) reported that "technology problems were behind the failure of its debit and credit cards at point-of-sale machines in shops and other businesses across the country" earlier that day. But while the unspecified glitch was resolved within a few hours, retail POS issues continued, prompting the bank to "apologize unreservedly," according to The Irish Times.

Here's where it gets interesting. The bank issued a statement that "as soon as the problem was identified, the network was switched to a back-up system and National Irish Bank customers are able to access their funds at the bank's ATMs as normal now." But what about Ireland's retailers, whose transactions were halted? No emergent backup system for them? Another reminder that banks know ATMs and vaults, but POS is a new and lower priority concept.

E-Secure-IT
https://www.e-secure-it.com

Related articles

• India's ICICI Selling ATM/POS Networks? (pindebit.blogspot.com)
• Debit Surpasses Credit for the1st Time in Visa History (Volume & Transactions) (pindebit.blogspot.com)
• Prepaid Cash Cards "Swipe your Dollars!" (pindebit.blogspot.com)
• ATM Skimming 101 (pindebit.blogspot.com)
• HomeATM Featured in American Banker (pindebit.blogspot.com)

YouBet.com Runs Ad on ESPN

ESPN Runs Online Gambling Horse Racing Ad

Other online gambling Web sites continue to be stifled under UIGEA

By Nadav S | May 07, 2009

Althoughthe terms of the 2006 Unlawful Internet Gambling Enforcement Act meanyou won't see advertisements for online gambling sites in the US, horseracing betting sites are still getting a free ride if a recent ad onESPN is any indication.

Youbet.com, a US-owned, based andlicensed operation, has been running ads recently on the US's mostpopular sports television channel and Website.

Placing ads onthe Connecticut-based cable television network exposes the Website tomillions of people, including minors, a right seemingly deprived toother online gambling sites.

This particular ad tells viewers to "sign up and get your first $25 free!" before jumping to the slogan "Youbet.com! You in?"

The advertisement includes a link to the Website as well a phone number to call to place bets.

Youbet.comis only open to legal residents of the US living in 13 specific stateslisted on its Website. The states include Nevada, New Jersey andArizona.

According to its Website, Youbet.com Inc. is a publiclytraded company (NASDAQ: UBET) that is US based, US licensed and in fullcompliance with all applicable state and federal laws.

It accepts wagers around-the-clock on races from over 150 racetracks in the United States and abroad.

Related articles

• Odds are Good That U.S. Online Gambling Will Return (daniweb.com)
• US Stimulus Package: Regulate Online Gambling (shoemoney.com)
• Representative vows to put online gambling back in play (arstechnica.com)
• Barney Frank and Internet Gambling (pindebit.blogspot.com)

Visa Debit Commercial: Why Bother Going to an ATM?

Visa’s New Debit Commercial asks “Why bother going to the ATM?”

Visa has launched a new television advertising spot in India entitled “Why bother going to the ATM?”, reflecting the company’s focus to increase cardholder awareness for using Visa Debit cards at point-of-sale locations.

FOR IMMEDIATE RELEASE

PRLog (Press Release) – May 07, 2009 – Bangalore, Visa, the world's largest retail electronic payments network, has launched a new television advertising spot in India entitled “Why bother going to the ATM?”, reflecting the company’s focus to increase cardholder awareness for using Visa Debit cards at point-of-sale locations.

The new commercial highlights the “buy now, pay now” feature of Visa Debit cards which provides cardholders direct access to their nominated bank account to make purchases wherever Visa is accepted.

Uttam Nayak, country manager, South Asia, Visa said, “Our message is aimed at the millions of Indian consumers already carrying a Visa Debit card in their wallet or pocket. We are using this campaign to remind cardholders that there is no need to go to the ATM or spend time queuing in lines to withdraw cash. Instead, all they need to do is use their Visa Debit card to pay for everyday purchases including for petrol, groceries, bill payments and dining out at those merchant outlets displaying the Visa acceptance sign.”

Consumers can use their Visa Debit cards at more than 30 million merchant locations at home and abroad, as well as make online and phone purchases. A Visa Debit card provides cardholders with a safe and convenient way to pay for goods and services at point-of-sale, without the risk associated with carrying cash. Cardholders can also access funds from their bank account at over 1.4 million ATMs worldwide.

The “Why bother going to the ATM?” advertising made its debut on 1 May with a television commercial (TVC) featuring established Bollywood actor Vinay Pathak. The effort will be supported through various channels such as outdoor signage, print, radio and cinema as well as consumer promotion activities. The TVC will be aired in Hindi and English, plus six local languages.

The TVC portrays Vinay as an autorickshaw driver who gives his passenger a humorous lesson about the card in his pocket and how going direct is better. The screenplay highlights the fact that the card the passenger is carrying in his pocket is actually a Visa Debit card that can be used at point-of-sale locations such as the supermarket, cinema or restaurant.

In March 2009, Visa launched the ‘More People around the World Go with Visa’ campaign in India, a locally adapted global campaign which connected with Indians through emotional touch points such as cricket, festivals, marriage and dining.

“This new commercial reinforces Visa’s call to action through an invitation to cardholders to move spending from cash to electronic payments by using their Visa Debit card. This is in line with our vision of better money for better living especially in challenging economic times when consumers are focused on better ways to manage their money,” Mr. Nayak said.

# # #

About Visa Inc.
Visa Inc. operates the world's largest retail electronic payments network providing processing services and payment product platforms. This includes consumer credit, debit, prepaid and commercial payments, which are offered under the Visa, Visa Electron, Interlink and PLUS brands. Visa enjoys unsurpassed acceptance around the world, and Visa/PLUS is one of the world's largest global ATM networks, offering cash access in local currency in more than 170 countries. For more information, visit www.corporate.visa.com.

Because There's No Patch for Human Stupidity

Source: Finextra
Complete item: http://www.finextra.com/fullstory.asp?id=20007

Description:
An intruder has gained access to the offices of a FTSE-listed financial services firm and duped staff into handing over sensitive information, including staff usernames and passwords, during a social engineering exercise.

Siemens Enterprise Communications, which conducted the exercise, says organizations now spend fortunes to protect confidential information from cybercriminals who try to hack into their IT systems.  Yet they are still at risk through simple social engineering techniques where staff are manipulated into handing over information.

At the financial firm the intruder, a Siemens consultant, managed to enter the office without being challenged by security staff before basing himself in a third floor meeting room, where he worked for several days.

The intruder gained access to the company's data room, IT, and telecoms network. He then used the internal telephone system to call employees, claiming to be from the IT department, backed up by the caller ID, and requested information.

Of twenty users targeted, seventeen supplied their usernames and passwords giving the intruder easy access to confidential electronic data.

During the week-long exercise at the firm, Siemans says the consultant befriended a number of employees and was even on first name terms with the foyer security guard.  On two separate occasions, the consultant managed to escort a second Siemens staffer into the building who was able to perform further analysis of the company's IT network.

Colin Greenlees, security and counter fraud consultant, Siemens Enterprise Communication, says: "Social engineering is principally concerned with manipulating people into performing actions or divulging confidential information in order to access electronic or physical data. Hi-tech protection systems are completely ineffectual against such attacks, and most employees are utterly unaware that they are being manipulated."

Vuja Day

I'm having a Vuja Day. That's when you get the feeling that this never happened before...and then it's gone...!

In a press release Acculynk announced they signed up 2Checkout.

I'd started to write a post about that ...but then realized that I had already done one on 2Checkout...."2Plus years ago!" (so I was able to save some time and simply repost the one I had already done...see below) In the meantime, my Vuja Day just turned out to be Deja Vu...all over again.

Monday, April 09, 2007

Pay By Touch PIN-Debit Solution Adopted by 2Checkout

Leading E-Commerce Platform Adopts Internet's First Software-Only PIN-Debit Payment Service

SAN FRANCISCO, CA, IRVING, TX AND COLUMBUS, OH – (April 9, 2007) – ATM Direct, a division of Pay By Touch and providerof the first software-only Internet PIN-debit payment service, todayannounced that 2Checkout.com, Inc., a leading eCommerce distributioncompany, is adopting the ATM Direct™ service to allow shoppers to usePIN-debit cards to buy goods online.

"Our focus is on providinga great customer shopping experience, including giving consumers avariety of ways to pay," said Kristin Dach, Chief Financial Officer for2Checkout.com (www.2checkout.com).

"Manypeople are seeking a more secure way to pay online or simply prefer toshop with their PIN-debit cards. We see Internet PIN-debit as anotherway to provide superior service to these customers while encouragingmore consumers to shop with us."

PIN Debit has been in widespreaduse for over 20 years and remains one of the most popular, fastestgrowing and most secure payment methods in the world. On the Internet,the ATM Direct PIN-debit service (www.atmdirect.com)provides an ideal payment alternative for consumers that prefer debit,have limited credit or are seeking a more secure way to pay over theInternet.

"Consumersrecognize PIN-debit as a very secure form of payment, and the onlinePIN-debit experience is the same," said Robert Ziegler, General Managerfor ATM Direct at Pay By Touch. "ATM Direct does not change the flow ofthe merchant site or redirect the shopper to a new page. Merchants havecontrol over how they present the PIN-debit option, which can be aseasy as 'Debit or Credit.' Shoppers simply enter their card number,followed by their 4 digit PIN. It's fast, easy and can help lower therisk of shopping cart abandonment."

Like PIN-debit paymentsin the brick-and-mortar world, Internet PIN-Debit transactions areprocessed across the EFT networks directly with the consumer's bank,allowing real-time, guaranteed payments to Internet retailers at lowercost than credit card or signature debit card transactions over theInternet.

The ATM Direct service is the Internet's onlysoftware-only PIN-debit solution which allows for rapid, no-costdistribution. By adhering to PIN-debit industry standards, the ATMDirect service also enables networks, banks and card issuers thatalready accept PIN-debit to accept Internet PIN-debit transactions withfew to no changes to their infrastructure.

About 2Checkout™
2Checkout.com,Inc. (2CO) is an online reseller for over 300,000 tangible or digitalproducts and services. Established in 1999 and headquartered inColumbus, Ohio, 2Checkout.com is an e-commerce solution that deals inUSD and multiple foreign currencies. The 2CO model combines multiplepayment channels, fraud detection, data security, customer service, PCIcompliance, co-branding and dependability. For additional information,visit http://www.2checkout.com.

About ATM Direct, a Division of Pay By Touch
ATMDirect, a division of Pay By Touch, provides innovative and securepayment and authentication services to the Internet economy. The ATMDirect™ merchant services deliver the industry’s first software-only,regulatory compliant, Internet PIN-debit payment service. Foradditional information, visit www.atmdirect.com

About Pay By Touch™
PayBy Touch (www.paybytouch.com) is the global leader in biometricauthentication, personalized marketing and payment solutions. Already,more than 3.6 million consumers are using Pay By Touch services toidentify themselves, make purchases, cash checks and get personalizedsavings with the touch of a finger. Pay By Touch services are free forconsumers to use and available in more than 3,000 retail locationsacross 44 states, the UK and Singapore. Pay By Touch also providesrobust data management and payment processing solutions for ACH(electronic checking), card-present and card-not-present debit andcredit transactions for retail clients. Founded in 2002 andheadquartered in San Francisco, Pay By Touch employs 800 professionalsand holds more than 60 patents worldwide on secure, convenient andcost-effective transaction solutions.

Pay By Touch

Fountain Hills, Arizona, United States

View my complete profile

Fed Rejects Common Sense - Retroactive Rate Increase Cool with Them

Fed rejects request to end retroactive interest rate increases

WASHINGTON (Reuters) - The U.S. Federal Reserve rejected a request to force credit card companies to immediately halt retroactive interest-rate increases on existing balances, Democratic Senator Charles Schumer said on Tuesday.

Schumer and Christopher Dodd, who chairs the Senate Banking Committee, asked the Fed last month to use its emergency powers for rescuing banks to also help credit card consumers being slapped with unexpected rate increases.

"The Federal Reserve's failure to protect consumers from these outrageous rate increases is unconscionable," Schumer said.

Editor's Thoughts:  So let's say you decide you "may" want to purchase a 52" LCD HDTV.  Part of the decision process to "buy" is that you have a 5.9% rate on one of  your credit cards.  So you make the purchase.  Then, the credit card company hikes your rate to 19%.  If it was 19% at the time of the purchase, you wouldn't have made the move.  It was BECAUSE you had a 5.9% rate that you did.   It only makes complete and logical sense that retroactive rate increases are ridiculous. 

What would happen if you decided to buy a $35,000 car because they advertised 0% financing and 6 months into the purchase, they changed the rate to 19%?  What's the difference?  Why did the Federal Reserve reject this request?  It doesn't seem to make sense.

Western Union to Acquire Custom House

Source: Bloomberg News

WesternUnion has announced a definitive agreement to acquire Canada-basedCustom House, Ltd., a provider of business-to-business internationalpayment solutions for small and medium enterprises. The US $370 millioncash transaction is expected to close in the third quarter 2009,subject to regulatory approvals and customary closing conditions.

The international SME payments market is a large,growing and highly fragmented category. Today, Custom House is on planto generate US $100 million in annualized revenue, primarily fromsenders in seven countries including Canada, the United States, theUnited Kingdom, Italy, Australia, Singapore and New Zealand. Thecompany has built a sizable client base, significant internationalpayment capabilities, a strong network of banking partners and scalableoperations that are poised to capitalize on this opportunity.

CustomHouse’s multi-channel payment solutions include their online platform,which provides reliable web-based payment capabilities to over 120countries worldwide. These strengths will be enhanced by WesternUnion’s globally recognized brand, international footprint andfinancial strength.

Christina Gold, president and chief executive officer ofWestern Union, stated, “Custom House is a dynamic business and has asignificant customer base in the cross-border payments market, whichgenerates strong margins and cash flow. Western Union intends to growthis business by attracting new customers and entering newgeographies.”

Strategic Rationale
The acquisition of Custom House supports Western Union’s strategic plan by:

• Entering a new growth market and diversifying its product portfolio
• Furthering Western Union’s presence in the SME payment market
• Expanding its customer base
• Building a global line of business
• Establishing strong account-to-account transfer capabilitiesthat complement Western Union’s existing cash-to-cash andaccount-to-cash expertise

Peter Gustavson, Custom Housechairman and founder, stated, “We are extraordinarily proud of what theCustom House team has accomplished as an independent company and areexcited about the increased potential that will come from leveragingour collective resources.”
Currently owned by Peter Gustavson and the Boston-based privateequity firm Great Hill Partners, Custom House will become part of theWestern Union Global Payments segment (formerly theconsumer-to-business segment) on completion of the transaction, andcontinue to operate under its existing management team in Canada. Foreach of the past nine years, Custom House has been voted one ofCanada’s 50 Best Managed Companies.

Ranjana Clark, executive vice president of Global Payments andGlobal Strategy, stated, “Custom House is a highly complementarybusiness with a proven operating model, seasoned management anddifferentiating technology. Custom House President and CEO Peter Ciceriand his team are known for providing clients with speed, accuracy andworld-class customer service. We look forward to working closely withCustom House as we continue to grow this dynamic business.”

Custom House has been growing revenue at a 20% CAGR over thepast three years. The Victoria-based company has a diverseinternational client base of nearly 40,000 customers with an averageprincipal per transaction of approximately US$25,000. With a strongteam of 630 employees worldwide, Custom House’s multi-channel deliveryand recurring transaction-based business model has significantoperating leverage.

Related articles

• Over 3 Billion P2P Transactions Occurred in 2008 - TowerGroup (pindebit.blogspot.com)
• Banks Must Wake up to Payments Challenge (pindebit.blogspot.com)
• Airlines Tackle $1.4 Billion Online Fraud Challenge (pindebit.blogspot.com)
• FIS Reports Strong Earnings Growth (pindebit.blogspot.com)

Snapshots Added to PIN Payments Blog

Introducing Snap Shots from Snap.com

I just installed a nice little tool on this site called Snap Shots that enhances links with visual previews of the destination site. Sometimes Snap Shots bring you the information you need, without your having to leave the site, while other times it lets you "look ahead," before deciding if you want to follow a link or not.

Should you decide this is not for you, just click the Options icon in the upper right corner of the Snap Shot and opt-out.

China UnionPay Expanding Online Payments

The Paypers. Insights in payments.

China UnionPay targets online payments market expansion Tuesday 5 May 2009 | 11:28 AM CET

Chinese credit card organization and interbank operator China UnionPay (CUP) aims to provide its online payment services to companies which are active in the Chinese e-commerce sector, Interfax China reports.

For this purpose, ChinaPay E-payment Service, CUP's online payments division, has become involved in negotiations for partnership purposes with various Chinese online retailers, including online book retailer Dangdang.com, B2C e-commerce company 360buy.com and Joyo Amazon. Furthermore, CUP has opened branches across the region and has signed agreements with banks across 61 countries and regions in order to tap into the online payments market.

According to Chinese consulting firm iResearch Consulting Group, revenues generated by internet payment transactions in China in Q1 2009 have reached USD 17.26 billion, growing 146.9 percent over Q1 2008.