Quote of the Day

According to a new report from Gartner:

Computerworld - Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.

In Germany, those OTPs are typically called TANs (for 'transaction authentication numbers'). Some banks even dispatch such TANs to the user's mobile phone via SMS, in which case they are called mTANs (for 'mobile TANs').



Millions of online banking customers in Europe use a hardware device to authenticate themselves.. Most of these hardware devices use OTP's, which "are no longer enough to protect online banking transactions" So there you have it.



There are a whole lot of devices that need replacing...

• Todos uses OTP's


• RSA uses OTP's


• Vasco uses OTP's


• Barclays PIN Sentry uses OTP's


• the list goes on...

The EMV Version of HomeATM's PCI 2.x Certified PIN Entry Device would allow the online banking customer to insert their smart card into the EMV reader and Enter their PIN to authenticate the user. (existing cards, PINs and bank rails) It would also enable a "real-time" P2P Money Transfer offering and of course, secure eCommerce as it's never been secured before...



Barclays PIN Sentry is a One Time Password (OTP) Generating Device

Here's an interesting read From "Ranting About Barclays on Two Levels"



"I answered the first question "do you have your PINSentry through the post yet?" with a satisfied 'yes', and was then told to put my card into the slot and enter my pin, and enter the resulting 8-digit code into the website. That's it. No "here's a number, enter it into your device, encrypt it with your pin and enter the signed version back into the website", nothing.



So effectively, the PINSentry is just one of those time-based OTP token devices, only with a little bit of extra security in the way of a card slot and a PIN.



And the device itself authenticates PIN numbers too... my initial glee at having a device that can be used to quickly brute-force peoples' PINs was only marginally dented by the discovery that it has the ability to lock cards if you enter the PIN three times, because I now have a superb device for locking the cards of people I don't like."

Related articles by Zemanta

• Todos Secures Another Bank (pindebit.blogspot.com)


• Bell ID's I-PIN Platform (pindebit.blogspot.com)


• EMV Chip Cards Expected for Upscale U.S. Cardholders (pindebit.blogspot.com)


• MasterCard to Authenticate Online Transactions by SMS (textually.org)

Coinstar Money Transfer Signs an Agreement with Pocztowy Bank

There's been a lot of news and movement in the P2P industry.  Just an FYI:  HomeATM is the only company (we are aware of) that can enable P2P Money Transfers in "real-time."   We use existing bank cards, existing PINs and existing Bank Rails.  That means instant ATM access to your cash.  All under the security umbrella of our PCI 2.x Certified PED...



Coinstar expands in Poland, one of top five recipient countries in the world

BELLEVUE, Wash.--Payments Industry News--Coinstar Money Transfer Ltd., a subsidiary of Coinstar, Inc. (NASDAQ: CSTR), announced an agreement to offer money transfer services in all Pocztowy Bank (Postal Bank) locations. Postal Bank is the largest banking network in Poland, one of the top five recipient countries in the world. With this agreement, Coinstar Money Transfer becomes a key player in the Polish market and a new competitive money transfer service for the Polish Diaspora.



“We are very excited about this cooperation: Poland is among the top five recipient countries in the world and the flow of money to Poland in 2008 reached $11 billion,” said Mohit Davar, CEO of Coinstar Money Transfer Ltd. “This cooperation marks a milestone for our business development this year and in particular for Poland. The agreement with Postal Bank to provide their extensive nationwide network of 5,400 locations will enable our customers to receive cash within minutes all over the country and will give Coinstar the opportunity to serve its objective of providing safe and reliable money transfer services to the Polish Diaspora worldwide.”



Alfonso Grassopoulos, Regional Director of Coinstar Money Transfer for Italy, Greece, Cyprus, Switzerland and Poland continued, “This agreement gives us the opportunity to work with a large and experienced organization like the Postal Bank, to provide Coinstar Money Transfer services to millions of Polish people living and working in Italy, UK, USA and other countries. There is a significant flow of remittances going to the rural areas of Poland, now finally accessible through this crucial cooperation. Within this unstable financial environment, consumers are even more interested in value for money, reliable and secure services, which Coinstar Money Transfer strategically offers in the most important send markets for Poland and its Diaspora, mainly because of its direct and aggressive distribution model”.



"We look forward to adding Coinstar Money Transfer to our money transfer product portfolio and offer more convenience to our current and new customers" said Mr. Tomasz Bogus, President of Bank Pocztowy. "We are pleased to work with Coinstar Money Transfer in the remittance business. Money Transfer is a very important service in Poland for all the families expecting money from abroad and it is our pleasure and responsibility to offer consumers greater choice, convenience and high quality of service. “



About Coinstar Money Transfer Ltd.

Coinstar Money Transfer Ltd., a subsidiary of Coinstar Inc., provides an easy to use, reliable and cost effective way to send money around the world. Our services are specially suited for individuals away from home who need to send money to their family and friends or to manage their personal finances. Coinstar Money Transfer Ltd. has become one of the leading money transfer providers, with over 45,000 locations and operates in 140 countries worldwide. For more information, visit www.cmtmoney.com.



About Coinstar, Inc.

Coinstar, Inc. (NASDAQ: CSTR) is a leading provider of automated retail solutions offering convenient products and services that make life easier for consumers and drive incremental traffic and revenue for its retailers. The company’s core automated retail businesses are self-service coin counting and self-service DVD rental. Other Coinstar products and services include e-payment products – such as gift cards, prepaid debit cards and other prepaid products – and money transfer services. The company’s products and services can be found at more than 90,000 points of presence including supermarkets, drug stores, mass merchants, financial institutions, convenience stores, restaurants, and money transfer agents. For more information, visit www.coinstar.com.



About Bank Pocztowy

Established in 1990 in Bydgoszcz. There are two shareholders of the Bank Code: Post of Poland (Polish Post), that owns 75% of shares (minus one share) and PKO Polish Bank SA (25% plus one share). Both of them are institutions enjoying the public trust having the largest distribution network and access to the most modern banking activities. Uniqueness of the offer of the Postal Bank consists largely in the wide access to the services rendered, found in post offices all over the country. Postal Bank offers a wide range of services, such as Savings and Settlement Accounts, payments and cash withdrawals, deposit accounts or bank loans. They have developed various distribution channels which provide our customers with free access to the accrued resources. The network, consisting of nearly 5,400 posts, is the largest in the country. Postal Bank is a modern universal bank offering customer-friendly and lucid financial services, which are available at the post offices and in the network of the Bank's branch offices across Poland. For more information, visit www.pocztowy.pl

First Two Banks Go Live with CashEdge's POPmoney(TM) Person-to-Person Payments Service

Five More Financial Institutions Preparing to Launch POPmoney in Early 2010

NEW YORK, /PIN Payments News Blog/ -- CashEdge, Inc. (www.cashedge.com), the leading provider of Intelligent Money Movement(TM) services, announced today that two top U.S. banks are the first in the nation to launch POPmoney(TM), its groundbreaking new email and mobile person-to-person (P2P) payments service offered through banks. Five additional financial institutions have signed on to launch the service in early 2010, demonstrating strong momentum for the innovative new P2P payments service.



POPmoney is the first email and mobile person-to-person payments service for financial institutions that allows bank customers to send an electronic payment directly from their online or mobile banking service, by simply using the recipient's email address, mobile phone number or bank account information. Likewise, the recipient of the payment can receive the funds directly into his or her account at any bank through online banking, if the bank offers POPmoney, or at www.POPmoney.com. POPmoney includes support for text messaging, WAP and downloadable mobile applications, enabling financial institutions to extend their P2P functionality to mobile phones.



"The launch of POPmoney by the first two banks is a very exciting and important milestone for CashEdge and for the payments industry overall," said Sanjeev Dheer, CEO and President, CashEdge Inc. "Consumers have been demanding online and mobile payment options that are simple and secure, and we strongly believe that banks are the best provider of these services. These two banks are the first of many who will offer POPmoney to their customers in the next year, ushering in a new era in P2P payments."



Consumers can visit POPmoney.com to view the current list of participating banks. Customers of participating banks can access POPmoney through their bank's online banking or at POPmoney.com.



POPmoney leverages the proven reliability, security and robustness of CashEdge's money movement platform, used by most of the nation's largest banks, which in 2008 processed nearly $50 billion in online funds transfers for bank customers. For current CashEdge clients, POPmoney is a simple upgrade of their existing TransferNow service.



Consumers can learn more about POPmoney by visiting www.POPmoney.com.



About CashEdge



CashEdge is the leader in Intelligent Money Movement(TM) services providing innovative payment solutions to financial institutions for their retail and small business banking customers. CashEdge's services include mobile and online person-to-person (P2P) payments and small business payments. CashEdge currently serves hundreds of leading financial institutions, including seven of the ten largest banks in the country.



CashEdge's industry leading products include POPmoney(TM) for person-to-person payments; OpenNow®/FundNow® for new account opening and funding; TransferNow® for Consumers, which includes Me-to-Me Transfers and Third Party Transfers; and TransferNow® for Small Businesses, which includes Invoicing, Me-to-Me Transfers, Employee Payments and Vendor Payments. All CashEdge products are supported by industry-leading risk management capabilities that leverage proprietary technology to help financial institutions mitigate risk and decrease fraud exposure.



The Company is headquartered in New York with offices in Silicon Valley and India. For more information, visit www.cashedge.com.



SOURCE CashEdge, Inc.

TrialPay Advocating Offer-based Payments that Put Consumers First

MOUNTAIN VIEW, Calif. -- In the wake of a scandal that revealed unethical practices by many companies in the offer-based payments industry, TrialPay today issued a whitepaper titled, “Doing Right by the Consumer: Going Beyond Compliance.” The paper, which is based upon guidelines that TrialPay has adhered to since the company’s inception 2006, outlines best practices for gaming developers, publishers, advertisers and offer companies to ensure consumer protections and long-term success of the industry at large.



To download a free copy of the whitepaper, visit: http://www.trialpay.com/go/doingright.



Offer-based payments are a method for consumers to pay for online games or to purchase virtual goods within online games. Instead of paying with cash, offer-based payments enable consumers to make their purchase by transacting with a third-party advertiser -- which could include making a purchase or signing-up for a free trial.



Following public revelations that some offer companies displayed ads that mislead consumers with hidden or reoccurring charges, the leading social networks on which these games are played quickly published new sets of guidelines for what they deem acceptable. Since that time, both Facebook and MySpace have banned companies for operating outside of their new regulations.



Offers that are done well and implemented ethically can benefit everyone. Gaming companies generate revenue from customers that may not have been willing to pay directly; advertisers make a sale and potentially gain a new customer; and consumers get their game or virtual goods for free in return for purchasing something they need or want from a reputable advertiser.



To help ensure that the industry returns to its mutually beneficial roots, the whitepaper issued today by TrialPay offers a number of tips gleaned from its years of experience in the software, retail, online services, social apps and casual games markets, including:



5 best practices for ensuring offers are consumer-friendly

7 ways to tell if an offer company is built to deliver consumer satisfaction



“Facebook and MySpace deserve recognition for their new policies and their quick action,” said TrialPay CEO, Alex Rampell. “However, it’s time to raise the bar and go beyond the bare minimum. Offer companies and game publishers must take it upon themselves to focus on higher quality and transparency to expose scammy offers and ensure long-term sustainability.”



About TrialPay



TrialPay introduces e-commerce solutions that increase conversion rates and boost order values for any online seller. TrialPay’s payment and promotions platform uses the efficiencies of the Web to pair online shoppers with ideal offers at every stage of the purchase process. With TrialPay, everyone wins: online stores make more sales from their current traffic, advertisers acquire new customers on a pay-for-performance basis and shoppers get a free product with every purchase.



TrialPay works with name-brand companies across many verticals, including: The Wall Street Journal, Gap, McAfee, Netflix, Match.com and thousands of others. In just two and a half years, TrialPay has provided 40 million registered users with compelling payment options at more than 7,500 online stores.

UChoose Chosen as Top 10 Technology by BTN

Fiserv, Inc., the leading global provider of financial services technology solutions, today announced that Bank Technology News has named UChoose Rewards as one of the "Top 10 Technologies of 2009" in its December Innovators issue. Bank Technology News selected ten companies/technologies for recognition based upon innovation that rose to meet the demands of this year's market conditions.

UChoose Rewards from Fiserv Named Among Top 10 Technologies of 2009 by Bank Technology News



Brookfield, Wis., December 18, 2009 - Fiserv, Inc. (NASDAQ: FISV), the leading global provider of financial services technology solutions, today announced that Bank Technology News has named UChoose Rewards(r) as one of the "Top 10 Technologies of 2009" in its December Innovators issue. Bank Technology News selected ten companies/technologies for recognition based upon innovation that rose to meet the demands of this year's market conditions.



UChoose Rewards from Fiserv is a turn-key rewards and loyalty solution that provides debit and credit card reward capabilities for financial institutions. Marketed to institutions of all sizes, UChoose Rewards enables smaller banks and credit unions to compete with the well - established reward programs of the nation's largest banks.



The ability for clients to choose from merchant-funded or issuer-funded programs - or a blend of the two - to meet their specific profitability objectives speaks to the innovation of UChoose Rewards; as does the solution's emphasis on local merchant recruitment, which enables clients to nominate smaller-scale neighborhood merchants to participate along with national chain stores. UChoose Rewards enables financial institutions to build programs based on the wants and needs of their cardholders, with options for debit, credit and opening an account. In addition, financial institutions have the opportunity to give customers the ability to combine points earned for all their bank or credit union accounts.



"UChoose Rewards truly is an innovative solution that enables financial institutions to increase their revenue and improve customer loyalty through a rewards program that is fully customizable to fit their unique business needs," said Andy Brown, vice president of Product Development for EFT Solutions from Fiserv. "Many of our UChoose Rewards clients are already seeing a significant increase in the number of transactions processed each month and average spend per cardholder, per month."



In addition to being recognized as one of the top technologies of 2009 by Bank Technology News, UChoose Rewards from Fiserv was recognized this year by Cards International for being the "Best Innovation in a Loyalty Program." Additionally, Chessie Federal Credit Union, an UChoose Rewards client, was selected for Best Practice recognition by Credit Union Journal for debit card use and card rewards.



About Fiserv

Fiserv, Inc. (NASDAQ: FISV) is the leading global provider of information management and electronic commerce systems for the financial services industry, driving innovation that transforms experiences for financial institutions and their customers. Ranked No. 1 on the FinTech 100 survey of top technology partners to the financial services industry, Fiserv celebrates its 25th year in 2009. For more information, visit www.fiserv.com.





# # #

CardinalCommerce Offering NYCE's SafeDebit Altpay

CardinalCommerce to offer NYCE’s SafeDebit solution

Secaucus, N.J., Dec. 14, 2009 -- NYCE® today announced that CardinalCommerce has signed an agreement to offer SafeDebit®, NYCE’s secure online payment solution for Internet purchases, to its merchant clients through Cardinal Centinel. CardinalCommerce Corporation is a leader in enabling authenticated payments, secure transactions and alternative payment brands for both e-commerce and mobile commerce. NYCE Payments Network, LLC, is a leading U.S. electronic payments network and an FIS™ company. FIS is one of the world’s largest providers of banking and payments technology.



CardinalCommerce will add the SafeDebit solution to its Centinel platform, which will enable CardinalCommerce merchants who elect to offer the solution to implement it quickly and efficiently. Centinel allows merchants to implement multiple payment brands with a single installation and reduces the integration efforts associated with activating additional solutions later.



“We chose to be an early adopter of the SafeDebit solution because we believe the solution fills a market need for our clients and fits competitively within the payment offerings we already provide,” said Michael Keresman, CardinalCommerce Chief Executive Officer. “Many merchants desire a debit option with rigorous cardholder authentication, which means our clients benefit from fewer chargebacks and the immediate verification of good funds. And with its combination of security and convenience — the elements consumers have said they are looking for in online retail payments — the SafeDebit system has the potential to boost merchant sales and bring in new transactions.”



Earlier this year, NYCE released results from a study it commissioned from the marketing research firm Analytica Inc. The study surveyed consumers regarding their behaviors and preferences related to Internet purchases. Security and convenience emerged as top considerations that affected whether and how often the respondents shopped online, as well as how they chose to pay.



“CardinalCommerce’s technology will allow merchants to implement the SafeDebit solution quickly and efficiently,” said Steve Rathgaber, president of NYCE. “By offering this solution to Cardinal’s large network of merchants, we are confident that cardholders whose institutions offer the SafeDebit system will easily find a place to shop.”



Using technology provided by Verient, the SafeDebit online payment solution enables consumers to pay for Internet purchases directly from their deposit accounts without disclosing their debit card information online. The system validates shoppers through their online banking credentials, and generates a pseudo card number for one-time use on a merchant’s site.



About CardinalCommerce Corporation

CardinalCommerce Corporation is the global leader in enabling authenticated payments, secure transactions and alternative payment brands for both eCommerce and mobile commerce. Cardinal Centinel®* enables payment brands such as Verified by Visa, MasterCard® SecureCode™, Amazon Payments™, Bill Me Later®, ClickandBuy®, Ebates™, eBillme™, eLayaway™, Google™ Checkout, Green Dot® MoneyPak®, Mazooma™, Moneta®, MyECheck, NACHA® Secure Vault Payments (SVP), NYCE® SafeDebit®, OneTouch Online Purchasing™, PayPal™, paysafecard, RevolutionCard™, SafetyPay™ , TeleCheck®, Ukash®, and more to a network of thousands of merchants and merchant service providers. Our mobile commerce platform, Cardinal MAX™, makes it simple for retailers to sell and market products through the mobile channel. Cardinal's proprietary and easily deployable technology provides consumers, merchants, credit/debit card issuers, and processors the ability to conduct authenticated Internet, wireless and mobile transactions safely and securely. Headquartered in Cleveland, Ohio, with facilities in the United States, Europe, and Africa, Cardinal services a worldwide customer base.



About NYCE

NYCE Payments Network, LLC, an FIS™ company, helps its clients grow with innovative new products and strategic alliances that enable them to capitalize on the efficiency, consumer convenience and security of electronic real-time payments. The NYCE Network provides consumers with secure, real-time access to their money, offering hundreds of thousands of ATM locations and millions of point-of-sale locations nationwide. The NYCE Direct Bill Payment service offers cardholders a convenient way to pay bills online in real-time using their deposit accounts. NYCE Balance Transfer services drive asset growth for consumer credit issuers through automated balance transfer/consolidation payment services. Headquartered in Secaucus, N.J., NYCE Payments Network, LLC, (www.nyce.net ) is a wholly owned subsidiary of FIS (NYSE:FIS).



About FIS

FIS delivers banking and payments technologies to more than 14,000 financial institutions and businesses in over 100 countries worldwide. FIS provides financial institution core processing, and card issuer and transaction processing services, including the NYCE® Network. FIS maintains processing and technology relationships with 40 of the top 50 global banks, including nine of the top 10. FIS is a member of Standard and Poor's (S&P) 500® Index and consistently holds a leading ranking in the annual FinTech 100 rankings. Headquartered in Jacksonville, Fla., FIS employs more than 30,000 on a global basis. FIS is listed on the New York Stock Exchange under the “FIS” ticker symbol. For more information about FIS see www.fisglobal.com .



Source: Company press release.

Discover and Pulse Offer Tips at DebitFacts.org

RIVERWOODS, Ill. & HOUSTON--(BUSINESS WIRE)--In the final dash of the holiday shopping season, consumers should not overlook the need to protect themselves against fraud and identity theft.



Discover Financial Services (NYSE: DFS) and PULSE, one of the nation’s leading ATM/debit networks, are urging consumers to take care when using credit and debit cards in order to guard their identities and finances while finishing holiday shopping.



“Credit card fraud can affect anyone, at any time, but consumers are particularly vulnerable around the holidays,” said Jack McCoy, vice president of corporate security for Discover Financial Services. “However, there are a number of tips that smart shoppers can adopt to reduce the likelihood of falling victim to scammers, hackers and credit card thieves.”



“Debit cards are also susceptible to fraudulent activity,” added Cindy Ballard, executive vice president of PULSE. “Between all of the holiday expenses like gifts, travel and entertainment, it can be difficult to keep track of accurate and potentially fraudulent expenses.”



Both McCoy and Ballard agree about the importance of monitoring spending on a regular basis. Whether working from a small or large budget, consumers should keep track of their daily spending by monitoring checking accounts and account statements online. This will keep consumers up to date on credit limits and account balances and give them the opportunity to review accounts for fraudulent activity.



In terms of managing spending, consumers are encouraged to look around the house for gift cards that might have value. If necessary, combine two or three cards to purchase a gift without affecting other money set aside for gift giving.



Plus, look for promotional codes and discounts that many retailers are offering around the holidays. These can provide great deals without breaking the budget.



Many e-retailers offer promotional codes that give discounts at checkout or free shipping. There are also ways to get extra cash while shopping online. Discover Cardmembers can earn Double Cashback Bonus through the end of the year on up to $1,000 in purchases when they use their card to buy gifts anywhere online. Shopdiscover.com, Discover’s online shopping portal, offers cardmembers the ability to earn five to 20 percent Cashback Bonus at participating retailers when making purchases through the site.



These spending and security tips and tools will help keep consumers’ finances safe and secure through the holiday season. For additional information about the difference between debit and credit cards, and debit card usage information, visit www.debitfacts.org.

Visa, FTC and BBB Partner to Educate Consumers about Online Scams

Twenty-nine percent of online U.S. consumers victimized by deceptive marketing

Washington, DC, December 17, 2009 /PRNewswire/ — Today Visa Inc. (NYSE: V) joined the Federal Trade Commission and the Better Business Bureau in a press conference to alert consumers to online deceptive marketing practices associated with free trials with a negative option feature. According to a Visa survey, 29 percent of American consumers have fallen victim to deceptive marketing when unscrupulous e-commerce merchants require them to cancel or opt-out of a recurring charge for future products or services.¹



With free trials with a negative option feature, a company takes a consumer’s failure to cancel as permission to begin charging. While many merchants use this billing process appropriately, others pre-check consent boxes, bury the details of the offers in the terms and conditions and make cancellations or returns difficult, catching consumers in a cycle of recurring charges for products and services they do not want.



“Most e-commerce merchants care about their customers and conduct business fairly, but even a few bad actors can cause consumer distrust,” said William M. Sheedy, Group President, The Americas, Visa Inc. “We want to let consumers know more about the protections they have against these types of practices and how to pursue a reversal of charges if they’ve been charged improperly.”



Visa monitors its payment network to identify merchants with excessive levels of cardholder disputes which may indicate the use of deceptive marketing practices. In fact, merchants who use deceptive marketing practices have up to 20 times as many consumer disputes as the average e-commerce merchant. Visa requires the merchant and its bank to take corrective action to reduce excessive consumer disputes, or risk termination of Visa acceptance privileges.



According to Better Business Bureau, consumers should research the business before they buy. “Online trial offers for acai berry supplements, colon cleanser and detox products, teeth whiteners, free government grants and debt consolidation services may sound risk-free, but BBB has received thousands of complaints from people who learned the hard way that a free trial can cost a lot of money in the end,” said Steve Salter, Vice President of BBBOnline. “Before handing over debit or credit card numbers to any business online, shoppers should always check the company’s Reliability Report® first with BBB.”



Visa, the FTC and BBB offers tips to online shoppers on how to spot deceptive free trial offers and deceptive negative option features, and how to deal with unauthorized charges:

• Take time to read and understand all terms and conditions, so a free trial doesn’t turn into a costly purchase you didn’t intend to make.


• Pay particular attention to any pre-checked boxes before you submit your payment card information for an order. Failing to un-check the boxes may bind you to terms and conditions you’re not interested in.


• Review card statements when you get them for any unauthorized charges, and notify the card issuer promptly of any unusual activity or unauthorized charges.


• Try to resolve the situation with the merchant. If you’re unsuccessful, contact the card issuer immediately to dispute the charge.

David Vladeck, Director of the Bureau of Consumer Protection said, "Online shoppers: If you see charges on your statement or debits that you didn't authorize, fight it. Start by contacting the merchant. If you are unable to contact the merchant or they can't or won't help, call your card issuer and then file a complaint with the FTC. You can do that online at ftc.gov or by phone at 1-877-FTC-HELP."

The FTC has outlined five principles regarding the appropriate use of negative options, which call for:

• Disclosing material terms in an understandable manner, without making them unnecessarily long or inconsistent;


• Making the disclosures clear and conspicuous by placing them where consumers are likely to look on Web pages, by labeling disclosures (and links to them) to indicate their importance and relevance, and by using easy-to-read fonts and colors;


• Disclosing the offer’s material terms before the consumer incurs a financial obligation;


• Getting consumers’ affirmative consent to the offer by, for example, having them click “I Agree” And without relying on pre-checked boxes;


• Not impeding the effective operation of promised cancellation procedures and honoring cancellation requests that comply with such procedures.

Consumers who think they’ve been victims of deceptive marketing and who haven’t been able to resolve the issue directly with the merchant should call their card issuer to dispute the charge. They also may report their experiences to the FTC at www.ftc.gov/complaint or their local BBB at www.bbb.org. More information is available at www.visa.com/negativeoption.

###

Note to Editors: Media information and materials can be found at www.visa.com/dmp. Consumer tips and information are at www.visa.com/negativeoption.

Radiant Systems Calls for Industry to Unite Against Data Thieves

Company announces creation of new leadership position in the fight against credit card criminals





ATLANTA--(BUSINESS WIRE)--Radiant Systems, Inc. (Nasdaq: RADS) today issued a new challenge to the industry to come together to dramatically improve data security in the transaction-processing industry.



“Our vision is to encourage all involved in transaction processing to move from a mindset of independent compliance to one of collaborative security that will greatly reduce the risk of data theft,” said John Heyman, chief executive officer at Radiant Systems. “We believe the current data security blueprint in the payments industry is designed with many constraints in mind and therefore is not able to go far enough.”



Today, payment application technology providers have a narrowly defined requirement to develop secure payment applications, which is only a small piece of protecting merchants and the consumer data they handle. Improving the security of data requires many companies throughout the transaction process to work together on a united front. Radiant is committed to taking an industry-leading stand against criminal activity and is inviting everyone in the industry to participate.



Under current industry guidelines, card issuers, banks, processors, network providers, merchants and point-of-sale vendors all play a role in processing each credit or debit card transaction. Businesses that support this transaction process have evolved independently over the past 40 years. By working together, these businesses can more tightly integrate the payment solution to protect consumers, resulting in significantly reduced risk for retailers and restaurants.



“We have expanded the responsibilities of Jimmy Fortuna, vice president of product development for the hospitality division at Radiant Systems, to now include industry data security,” added Heyman. Fortuna brings 10 years of industry experience to this role. ”Jimmy will work inside and outside the walls of our company to fight for increased levels of data security in the retail and restaurant industries.”



Radiant is investing in these activities to help define new standards across the payment process, educate businesses on how to reduce theft by meeting the current 12-step Payment Card Industry Data Security Standard (PCI DSS) requirement process, and build new technologies outside its POS software to combat theft.



“We have been a leader in meeting payment application requirements, and we applaud the standards set forth by the Payment Card Industry, as well as the mission of newly established organizations such as the Secure POS Vendor Alliance,” Fortuna said. “But using a secure payment application is only part of the 12 steps for a business to be fully compliant with the PCI DSS requirements. And, being fully compliant with this standard does not eliminate the risk of criminals stealing card data from merchants, so we want to do more.”



Radiant Systems’ third generation of Payment Application Data Security Standard (PA DSS) validated POS platforms is currently completing validation by Coalfire Systems, Inc., a leading IT audit and compliance firm. “Over the past year, we have seen a dramatic increase in the sophistication of attacks on payment transactions that look for the gaps between PA DSS-validated payment applications and PCI DSS-compliant network infrastructure,” said Rick Dakin, president of Coalfire. “Radiant Systems’ leadership, a catalyst for increased collaboration efforts between merchants, infrastructure solution vendors and POS platform developers, will be essential to close the gaps that put the entire transaction process at risk.”



“The goal is simple – we want to reduce theft, even though we recognize it is impossible to completely eliminate,” added Heyman. “Even banks with the best vaults can still be robbed.”



“Every consumer deserves to be protected - whether or not they are in a restaurant or shop that uses our technology. We are calling on all companies involved in the card payment process, including our competitors, to work together in the fight to stamp out theft of sensitive data.”



About Radiant Systems, Inc.

Headquartered in Atlanta, Radiant Systems, Inc. (Nasdaq: RADS) is a global provider of innovative technology to the hospitality and retail industries. For more than two decades, Radiant's point of sale hardware and software solutions have helped to redefine the consumer experience in more than 100,000 restaurants, retail stores, stadiums, parks, arenas, cinemas, convenience stores, fuel centers and other customer-service venues. Radiant has offices in North America, Europe, Asia and Australia. For more information, visit www.radiantsystems.com.

Related articles by Zemanta

• Hypercom Teams with Voltage Security in Fight Against Fraud (pindebit.blogspot.com)


• Voltage Security Opens End-to-End Encryption to POS Vendors with Zero-cost License (pindebit.blogspot.com)


• Aegenis Founder, Chris Mark Talks about PCI Compliance in Shift4 Video (pindebit.blogspot.com)

Iranian Cyber Army Hacks Twitter

Twitter compromised, DNS hijacking to blame - HNS

 

According to Help Net Security, the Twitter web site appeared to be defaced by someone called "Iranian Cyber Army". The situation was fixed and as it turned out, hack was a result of DNS hijacking. 





Initial message from the official Twitter account:

Twitter's DNS records were temporarily compromised but have now been fixed. We will update with more information soon.

Twitter's blog post that followed:

As we tweeted a bit ago, Twitter's DNS records were temporarily compromised tonight but have now been fixed. As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we've investigated more fully.

Related articles by Zemanta

• Twitter hacked by 'Iranian Cyber Army' (telegraph.co.uk)


• Twitter hack by 'Iranian Cyber Army' is really just misdirection (guardian.co.uk)


• Online Anger As Group Hacks Into Twitter (news.sky.com)


• 'Iranian cyber army' hits Twitter (news.bbc.co.uk)

HomeATM Headline Newsletter through December 18th

For more extensive news and industry coverage please see our award winning blog or visit our corporate website.

Cardinal to Offer a Web Debit Product

American Banker  CardinalCommerce Corp., a payment-security company, said it will begin offering SafeDebit, an Internet debit product from the NYCE Payments Network LLC

PayPal App Advances Mobile Trend

American Banker  PayPal Inc. announced that its mobile Send Money application is now available for BlackBerry handsets from the Canadian smart phone maker Research in Motion ...

TOO COMPLEX TO THRIVE' WESTERN BANKS FACE UNCERTAIN FUTURE - IBM STUDY

At a time when trust in banks is at an all time low, a new study by IBM finds that too many are over-reliant on revenue streams that no longer exist, have unsustainable cost structures, and are burdened by excessive levels of operational complexity and inflexibility.  More on this story: http://www.finextra.com/news/fullstory.aspx?newsitemid=20888

MONITISE PREPARES FOR GROWTH WITH NEW INVESTMENT AND PARTNERSHIPS

Mobile money outfit Monitise has raised £15.8 million in funding and struck two new partnerships it hopes will help build its presence in the retail sector and Asia Pacific. The company also says it is on track to meet full year revenue expectations after record consumer uptake.  More on this story: http://www.finextra.com/news/fullstory.aspx?newsitemid=20886

Two-Factor Authentication Falling Short for Security, Gartner Says

In a new report, Gartner points out where strong two-factor authentication is falling short when it comes to preventing fraud and online attacks. According to the company, businesses need to makes some changes.  READ MORE >>



BANK LEUMI INTRODUCES BIOMETRIC PASSWORD RE-SETS FOR ONLINE BANKING

Israel's Bank Leumi is introducing a password re-set feature for online banking customers that is operated by voice biometrics.  More on this story: http://www.finextra.com/news/fullstory.aspx?newsitemid=20889

Accel/Exchange Plans a Big Acquiring Push for Online PIN Debit

Digital Transactions  ... into online PIN debit by other EFT networks. Acculynk has agreement with half a dozen networks, including Pulse and NYCE, which are large regional systems.

PayPal announces "Send Money" application for BlackBerry smartphones

Canada NewsWire (press release)  16 /CNW/ - PayPal today announced that its mobile "Send Money" application is now available for BlackBerry(R) smartphones. The PayPal application is free to

How the World War on Interchange Fees Transformed the Card Industry

A global war on interchange fees raged during most of the decade and will continue into the next. We'll have to wait until next decade to find out who wins the war. But the war itself has already led to massive ramifications for the card business around the globe.

Facebook Credits Take Another Step Toward Becoming the Web's Currency

Mashable (blog)  All the way back in March, I wrote about how Facebook could rival PayPal by creating a virtual currency and making it usable for financial transactions,

Hackers are defeating tough authentication, Gartner warns

The Industry Standard - San Francisco,CA,USA  ... banks need to quickly implement additional layers of security to protect their customers from falling victim to online fraud, said Avivah Litan,



Ebay expects over 500 million in mobile-based revenue in 2009

Mobile-Financial.com  To do their part in growing e-commerce eBay has opened up PayPal. eBay is now allowing 3 rd parties to integrate with PayPal in the hopes that it will drive ...

Heartland Pays Amex $3.6 Million Over 2008 Data Breach

By Robert McMillan, IDG News Service



PC World is reporting that AMEX is the first card brand to settle with Heartland over "last years" breach announced earlier "this year..."





Heartland Payment Systems will pay American Express $3.6 million to settle charges relating to the 2008 hacking of its payment system network.



This is the first settlement Heartland has reached with a card brand since disclosing the incident in January of this year.

Continue Reading at PC World

ATM Fraud and Security Digest - November 2009

Written by Douglas Russell, DFR Risk Management

Card Trapping / Card Theft / Distraction / Card Swapping Lebanese Loops and other card trapping devices were reported in November, particularly in the UK. Distraction techniques also continued to be reported globally. Iincidents often included teams of two perpetrators with one pointing to a low-value bank note (£5 in UK incidents) on the ground and indicating to the victim that they had dropped it, the second perpetrator removing the card from the ATM while the victim was distracted,the PIN observed previously while being entered. In The Philippines, a P500 note was typically used and the card was swapped, as opposed to simply being stolen. ATM Skimming / Skimming / Data Compromise ATM skimming continued to be significant globally in November. Police in Nigeria arrested a group who claimed they purchased the skimming equipment from Malaysia. One of the suspects apparently boasted that their crime was intellectually superior to using firearms and merely robbing victims. Some of the more sophisticated skimming devices recovered in November included those which incorporated Bluetooth transmitters. An apparent payment terminal compromise at a car park in New Zealand was reported in November with an indication that there were around 100,000 potential victims - cards were blocked and re-issued in many cases following the discovery. Other incidents of significant card re-issuing included activity by Lebanese banks in November. Co-operation between law-enforcement organizations in the US and Europe included raids executed by Romanian police and the seizure of equipment used in card fraud and, in particular, ATM skimming. Charges in the USA were made against suspects in last year's sophisticated data compromise at the major US processing centre, RBS WorldPay. Transaction Reversal Fraud / Manipulation / Denomination Fraud / LTL Transaction Reversal Fraud (TRF) was detected in the UK during November. Various incidents of denomination fraud were detected globally, including one in which the perpetrator forgot to reset the value of currency in the ATM and honest consumers reported they were being charged only £1 for every £10 dispensed. Leaving Transaction Live (LTL) fraud was reported in India during November - the suspect targeted those who seemed unsure on how to use an ATM and tricked them into leaving the ATM while the transaction was still live and uncompleted. Vishing / Phishing / Smsishing / Advanced Fee / Funds Transfer Fraud Many incidents of Phishing related crime persisted during November. While vishing attacks continued, one potential victim in the USA decided, wisely, not to follow instructions to go to an ATM in the middle of the night, hanging up the phone instead. Cheque Fraud (Check Fraud) / Fake Deposit A teenager in IL (USA) was accused in November of opening accounts with false names, depositing cheques knowing they would not be honoured, and withdrawing funds via an ATM before the cheques could be fully cleared. Ram Raid Attacks / Theft of ATM / Smash-and-Grab Ram raid attacks were reported in many countries throughout November. A significant number failed for various reasons which included chains breaking, parts of the vehicle coming loose, and a general failure to overcome strong anchoring. Police in Eire and Northern Ireland increased co-operation following a number of attacks on both sides of the border. ATM thefts that succeeded included incidents where the ATM was removed manually, with little more effort than the use of a crowbar. Safe Cutting / Safe Breaking / Frontal Attacks / Theft from ATM Cutting tools were used to both open ATM security enclosures and facilitate the theft of complete ATMs in November. In India, an estimated Rs2.8 million was stolen after the ATM was cut from its anchoring using a blowtorch. In The Netherlands, British suspects were killed when their vehicle crashed. They were suspects in a cutting attack. In the UK,13 gang members were sentenced to a total of 78 years imprisonment following a large number of attacks which included the use of oxyacetylene cutting equipment. Explosive Attacks Explosive attacks were reported in The Netherlands, South Africa, Thailand and Australia in November. In Australia, arrests included that of a 15-year-old youth, along with a 43 year old man, accused of using explosive devices to attack ATMs. Legislation / Law New laws to be introduced in Queensland, Australia, will strengthen existing legislation that makes it an offence to skim card data and will criminalize the possession of various devices for the purpose of obtaining or dealing with identification information. In Canada, a successful prosecution against the owners and operators of a company supplying equipment that could be used to compromise cards was brought under criminal organization legislation. The above digest is provided by DFR Risk Management, who provide consultancy services advising ATM and self-service terminal deployers and manufacturers, as well as law-enforcement agencies, on how to manage ATM and self-service terminal fraud and security threats. Contact us: contact@dfrRiskManagement.com This e-mail address is being protected from spambots. You need JavaScript enabled to view it www.dfrRiskManagement.com

Early Bird on American Banker Symposium Expires Tomorrow

The 15th Annual Best Practices in Retail Financial Services Symposium will meet on March 21-23, 2010 in Orlando FL. You can't afford to miss this critical industry gathering. Register now with a special limited-time offer: use PROMO CODE: SAVE100 and save an additional $100 off the lowest conference rate! This offer will expire tomorrow, December 18th. The conference agenda is now available on our website. ON THE AGENDA YOU WILL FIND: Presentations from more than 25 executives who run Retail Banking operations at their institutions 5 female executives who were honored as U.S. Banker's 2009 25 Most Powerful Women in Banking and 25 Women to Watch 8+ hours of networking time with speakers, fellow attendees and solution providers 3 tracks dedicated to in-depth discussion of the most pressing topics View agenda online and then register with the special offer that will save you an additional $100. Don't delay – offer expires tomorrow, December 18th.  Look forward to seeing you in Orlando. Best regards, Michele Davidson Senior Program Manager SourceMedia

ATM Fraud, Security Issues Take Centerstage at Diebold Conference

PRESS RELEASE





The rising threat of automated teller machine (ATM) fraud, and the innovative technology solutions that financial institutions could adopt to address security challenges, dominated discussion at a conference held in Beirut today to address the significant changes that are transforming the role of the ATM.



The conference was attended by more than 100 representatives from leading financial institutions in the region and senior executives from major IT companies in the banking and financial services market, including Dave Wetzel, vice president and managing director for Europe, the Middle East and Africa (EMEA), Diebold, Incorporated (NYSE:DBD); Samer Kandalaft, general manager of Quantech, Lebanon; Pierre Abi Jaoude, CEO of CBM, Lebanon; Ahmad Al-Mukhtar, CEO of MESSC, Iraq; Emad Suwan, CEO of JBS, Jordan; and Emad Al Saffar, division manager of Axis-Solutions, Kuwait.



Held at the Habtoor Grand Hotel in Beirut, the conference addressed emerging trends in retail banking and the financial self-service marketplace, covering the important themes of branch transformation, deposit automation, next-generation software solutions, integrated services, with a special emphasis on ATM security.



Addressing his company's key strategic initiatives in the region, Wetzel emphasized the pressing need for financial institutions to ensure increased ATM security.

"In a climate of increased ATM fraud and threats, financial institutions can no longer afford to take a reactive approach to detecting and preventing fraud attempts and attacks on their ATMs. For emerging markets such as the Middle East, which has been witnessing a massive rise in ATM fraud over the past few years and where financial self-service activities are set to increase exponentially, ensuring protection against security threats is critical, as the extent of market growth will be closely linked to the level of transaction security offered to customers."

Wetzel said.



ATM security remained the dominant theme of the day with experts from Diebold, Incorporated - the leading global provider of automated teller machines which organized the conference - and keynote speakers from major IT players in the region analyzing the current landscape, regulatory compliance, card skimming and PIN interception.



"Providing a secure environment for ATM users is essential to maintain consumer confidence in this important channel," Wetzel said. "To address the security requirements of financial institutions, Diebold has taken a leading role in ATM security and the prevention of ATM frauds and attacks. By integrating leading-edge security features directly into the design of our Opteva family of ATMs, we have engineered what just might be the most sophisticated, most advanced ATM security solution in the business."



Wetzel also discussed Diebold's innovations, inspired thinking and collaborative approach during its 150 years in business, and highlighted the comprehensive portfolio of security solutions the company offers financial institutions worldwide.



One of the highlights of the conference was a roundtable discussion on the challenges facing the financial services market in 2010. Participants in the discussion included some of the leading names from the regional financial services and Information Technology industry.



At the conference, Diebold showcased several of its next-generation solutions at a specially designated demonstration area, including its range of deposit automation technologies for cash optimization with recycling capability, the latest cash dispensers, teller recycling solutions and other non-cash terminals which complement today's branch automation requirements.



Diebold has established itself as a dominant player in the ATM market in the Middle East, and enjoys around 75% market share in Lebanon, where its customer base includes most of the major banks in the country. With the Lebanon ATM market having grown at an impressive rate of around 10% in the past two years despite political and security instabilities, and given the significant improvement in the political and economic climate in the country since, Diebold expects growth to pick up considerably in 2010.

Related articles by Zemanta

• Diebold CEO To Deliver Keynote Presentation at ATM, Debit & Prepaid Forum (pindebit.blogspot.com)


• Diebold Forms Direct Operation in Turkey (pindebit.blogspot.com)


• Synovate Research: Online Banking Grows, Telephone Banking, ATM Use Drops (pindebit.blogspot.com)


• Mercator Advisory Group Press Release (pindebit.blogspot.com)

mPayy Launches Free Android Mobile Payment App

Meets Growing Demand for an Alternative Mobile Payment Solution

CHICAGO--(BUSINESS WIRE)--mPayy, an emerging leader in mobile and online alternative payments, today announced the availability of its secure mobile payments application in the Android marketplace for all phones that run the Android operating system. mPayy enables free person-to-person payments between members, and low cost merchant processing through its new Android application. Images and screen-by-screen descriptions of the application are available at https://www.mpayy.com/mobile-payment-solutions/android-application.



“We are incredibly bullish on the mass market appeal and flexibility of Android’s open source, java-centric operating system,” stated Conrad Sheehan, CEO of mPayy. “mPayy’s payment services enable convenient, secure transactions on the go and is ready to plug into advanced mobile commerce experiences for any merchant. We realize we’re a little ahead of the curve, but that puts us in a good spot as merchants and billers of all sizes work to build out mobile commerce offerings and pursue alternative payments that don’t rely on card networks.”



All mPayy Personal and Business accounts may use the Android application to make and receive person-to-person payments, track activity, and withdraw funds from their mPayy accounts to linked bank accounts. Small business account holders are also able to issue refunds for any sale through the application, even if it occurred on their website.



Once members open Small Business accounts, they will be able to generate their own API key to unlock mPayy’s payment services, and add secure debit payments to their online or mobile websites and applications. API keys may be used to authorize one-time or recurring billing subscription payments. Merchants can receive mPayy members’ shipping information to fulfill orders conducted through its online & mobile payments service.



mPayy members without bank accounts can receive funds into free, no fee, Stored Value accounts. These funds can be easily budgeted and used to make purchases at e-commerce merchants where mPayy is accepted, or transferred for free to account holders that have bank accounts where the funds can be withdrawn quickly for free.



mPayy’s Android application is free to download from the Android Market. The mPayy application runs on all Android devices – from the Sprint HTC Hero and T-Mobile Motorola CLIQ running Android 1.5 to the newly released Verizon Motorola Droid running Android 2.0.



About mPayy, Inc.



mPayy is a secure online and mobile payment platform that enables merchant and bill payment processing for any sized business, plus quick and simple payment for buyers. The company’s highly scalable platform improves margins by eliminating fraud and reducing transaction costs. mPayy has created an efficient and ubiquitous payment service that enables profitable micro-payments; easy, yet secure purchases of digital content and physical goods; flexible recurring and subscription payments and free person-to-person payments. For more information, please visit www.mpayy.com or follow mPayy on Twitter @mpayy.

Hypercom and The McDonnell Group to Create Data Communications Venture

Phoenix Managed Networks Will Deliver Alternative High Speed Transaction Transport Services

SCOTTSDALE, Ariz. & MCLEAN, Va.--(BUSINESS WIRE)--Hypercom Corporation (NYSE: HYC) and The McDonnell Group today announced they have signed a Letter of Intent to form a joint venture that will equip payment processors, banks and retailers worldwide with highly reliable and cost-effective data communications services for transaction-based applications. The joint venture will be called Phoenix Managed Networks LLC, and will acquire and operate Hypercom’s HBNet secure transaction transport business. Industry veteran John (Jack) McDonnell, Jr. will serve as CEO of Phoenix Managed Networks.



“We believe that the combination of Hypercom’s HBNet business and Jack McDonnell’s in-depth knowledge and expertise in data communications will significantly enhance our ability to expand market share and deliver strong returns for Hypercom’s shareholders and business partners. Jack McDonnell is an expert and seasoned operator in the payments industry, and I am confident that Jack and his team will be great partners,” said Philippe Tartavull, Chief Executive Officer and President, Hypercom Corporation.



“Phoenix Managed Networks is expected to bring state-of-the art, reliable and cost-effective transaction communications services to the payments industry and aggressively expand the global business Hypercom established with HBNet,” said Jack McDonnell, Managing Member of The McDonnell Group. Mr. McDonnell is the founder and former Chairman and CEO of Transaction Network Services, Inc. (NYSE:TNS). “I am also delighted to announce that former TNS executives Matthew Mudd and Trevor Fall will be joining the management team for this venture. At TNS, Trevor was SVP of sales for the POS division and Matt was EVP, with expertise in network operations, engineering and product development.”



Phoenix Managed Networks will utilize Hypercom’s HBNet network to speed the authorization and processing of electronic transactions for retail point-of-sale, financial, government, health care and other customers in dial, wireless and IP POS markets. In addition, the company will utilize Hypercom’s SmartPay gateway technology to support wireless and IP-initiated transactions.



HBNet is powered by robust, ultra high-density Hypercom technology strategically positioned within the North American Public Switching Telephone Network (PSTN) and at processor data centers. It supports all POS terminal protocols, provides uninterrupted service with no single point of failure, seamless load balancing, state-of-the-art Web-based reporting, and simple all-inclusive pricing.



About The McDonnell Group



The McDonnell Group LLC is a technology-focused investment fund managed by Jack McDonnell. Companies financed by The McDonnell Group include Transaction Network Services (NYSE:TNS); PaylinX, acquired by CyberSource (Nasdaq: CYBS); ExaDigm; Ecutel Systems, acquired by Smith Micro Software (Nasdaq:SMSI); webMethods (Nasdaq:WEBM), acquired by Software AG (FSE:SOW); LifeLinkMD, acquired by Medtronic (NYSE:MDT); Core Communications, acquired by Swisscom (NYSE:SCM); and BizTelOne, acquired by NeuStar (NYSE:NSR).



About Hypercom (www.hypercom.com)



Global payment technology leader Hypercom Corporation delivers a full suite of high security, end-to-end electronic payment products and services. The Company's solutions address the high security electronic transaction needs of banks and other financial institutions, processors, large scale retailers, smaller merchants, quick service restaurants, and users in the transportation, petroleum, healthcare, prepaid, unattended and many other markets. Hypercom solutions enable businesses in more than 100 countries to securely expand their revenues and profits. Hypercom is a founding member of the Secure POS Vendor Alliance (SPVA) and is the second largest provider of electronic payment solutions and services in Western Europe and third largest provider globally.