Friend and Foe? Combating E-Commerce 'Friendly Fraud'  E-Commerce Times

“Many merchants feel that friendly fraud is impossible to detect or prevent. The fact is, there are ways to reduce friendly fraud -- and committing to reduce friendly fraud gives you the added benefit of reduced refund rates.” Tricia Philips (Read More)

Best Practices for Data Field Encryption to Protect Cardholder Information in Transit and Storage; VISA Press Release

Cardholder data security continues to be an important issue for all stakeholders in the payment system. (Read More)

ThreatMetrix Opens European Data Center to Support Fast-Growing Global Customer Base; Press Release

Expanded Investment in Europe Translates Into Unprecedented Reliability, Increased Performance, and Faster and More Accurate Fraud Screening (Read More)

Do Pay-By-Smartphone Systems Put Consumers At Risk? The Consumerist

As smartphones like the iPhone or Droid become more popular and more sophisticated, developers are finding new ways for consumers to use these mobile devices to replace existing items like airplane boarding passes, coupons and now credit cards. (Read More)

Bank Combats Fraud by Forcing PIN Debit; NACS Online

In three states Bonneville Bancorp has removed the option of signature debit, thereby admitting that PIN debit is in fact a more secure method of debit card payment. (Read More)

Apple, PayPal Dodge Questions About Ongoing iTunes Scam; MacNewsWorld

PayPal and financial institutions linked to the service apparently are reimbursing consumers for unauthorized charges made to iTunes -- sometimes thousands of dollars -- but neither PayPal nor Apple has much to say about how the scammers are perpetrating the ongoing fraud, or what -- if anything -- can be done to stop them. PayPal directs queries to Apple, while Apple issues its usual stock security response. (Read More)

Up-and-coming mobile technologies raise payment security concerns; Internet Retailer

Retailers should apply same protections to m-commerce as to e-commerce, experts say. (Read More)

Innovation: Mobile malware develops a money bug; New Scientist

“It's a common tale in the computing world: once you achieve popularity you become a target for hackers. And so it was for Android, Google's smartphone operating system.” Gareth Morgan (Read More)

Zeus Trojan Targets Online Banking, Steals $1 Million from British Accounts: Bank Systems & Technology

A sophisticated new Trojan has over the summer caused some $1 million in losses for a British bank by targeting online banking. And it's being billed as the "most dangerous Trojan virus ever created." (Read More)

Security Vendors Turn Focus to Smartphones: eWeek

As recent acquisitions have shown, mobile security is an area of growing interest for enterprises, with remote management and data protection capabilities at the top of the list. (Read More)

Changes to PCI Data Security Standard leave questions unanswered: COMPUTERWORLD

A new version of the PCI Data Security Standard scheduled for release later this year is likely to attract more attention for what it leaves unaddressed rather than what it changes, analysts say. (Read More)

Latest Jailbreak Shows it’s Time to Secure Mobile Commerce: Mobile-Financial.com

Mobile Commerce should get used to security breaches.  They’re a sign of mobile going mainstream. The mobile ecosystem needs to develop security strategies like the computing industry did in response to viruses and phishing. (Read More) 

Mobile Security’s Becoming a Big Deal For CIOs: Retail Banking Insights

Safety’s at the center of mobile device management at bank IT shops, particularly when it comes to access management and worries over hacking, according to a new Forrester report. (Read More)

Security: Top Hacks, Breaches and Compromises of 2010 (So Far): eWeek

This has been a busy year for both hackers and computer forensic specialists. Whether it was the 4 million usernames and e-mail addresses swiped in a hack of The Pirate Bay or AT&T's Website hack that exposed the e-mail addresses of iPad 3G owners, the first six months of 2010 are a reminder of the realities of today's IT security landscape. (Read More)

That Cute Android Wallpaper May Be Sending Your Data to China: E-Commerce Times

What's a nice app like "My Little Pony" doing in Shenzhen? Delivering the personal information of millions of Android users to a mysterious website, that's what. (Read More)

Apple iPhone, iPad Security Goes Into the Toilet and Down the Tubes: CBS BNET

Citi Discloses Security Flaw in Its iPhone App By SPENCER E. ANTE, The Wall Street Journal

Citigroup Inc. said its free U.S. mobile-banking application for Apple Inc.'s iPhone contained a security flaw and advised its customers to upgrade to a newer version that corrects the problem. (Read More)

Credit Card Numerology: The Luhn Formula; By Eva Norlyk Smith, Ph.D., CreditCardGuide

Do you ever wonder if it would be possible for someone to create a counterfeit credit card, by making up a credit card number and producing a fake credit card with the number encoded in the magnetic stripe? (Read More)

Fraudsters Like Virtual Goods; By BEN WORTHEN, The Wall Street Journal

Fast-Growing E-Commerce Segment Seems More Vulnerable to Cyber Criminals; (Read More)

vWorker Selects ThreatMetrix Fraud Network to Fight Fraud on Its Online Marketplace; Source: ThreatMetrix

ThreatMetrix Helps Protect the Integrity of the vWorker Brand, Its Ratings System and Ensures That Their Transactions Are Secure (Read More)

Hong Kong's Cashless-Payment Operator Under Fire; BY JEFFREY NG, The Wall Street Journal

The operator of a Hong Kong cashless payment system has come under fire after it reversed itself and admitted to selling the personal data of nearly two million customers to business partners, sparking public demands for better regulation of how personal information is handled. (Read More)

Banks anti-fraud measures a top concern for US customers; Source: DeticaNetReveal

Detica NetReveal® and Ipsos MORI survey illustrates account-fraud as top-of-mind for nearly 50% (Read More)

A Bad Week for Higher Ed Security Breaches; Source: The Security Blog

This past week has been a bad one for security breaches in Higher Ed. A few days ago I read about the University of Hawaii - Manoa data breach affecting about 53,000 people. (Read More)

Kansas City Federal Reserve White Paper

The Changing Nature of U.S. Card Payment Fraud (Read More)

Investor, TJX settle suit over data theft; By Hiawatha Bray, The Boston Globe

TJX Cos., which owns the T.J. Maxx and Marshalls discount retail chains, has settled an investor lawsuit related to the theft of millions of its customers’ credit card numbers. (Read More)

Credit Card Hackers Visit Hotels All Too Often; By JOE SHARKEY, The New York Times

HERE’S something that the struggling hotel sector prefers not to spotlight: it is a favorite target of hackers. (Read More)

Heartland ramps up first end-to-end encryption; By Ellen Messmer, Network World

 Heartland Payment Systems, the victim last year of a massive data breach of sensitive card data, vowed after that devastating event to develop new security gear based on end-to-end encryption between itself and its merchants to prevent such a breach from occurring again. That's now taking shape, but slowly. (Read More)

TNS Helps Industry Strengthen Payment Transaction Security; Source: TNS

Transaction Network Services (NYSE:TNS) is playing an increasing role in helping acquirers and merchants protect sensitive cardholder information as payment transaction security continues to be a major issue for everyone involved in the industry. (Read More)

Do You Know Where Your Employee’s Smartphone Is? New Unisys-Sponsored Research Shows IT Organizations Are Playing Catch-Up With Rapid Growth of Consumer Technologies in the Workplace; Source: UNISYS

New global studies reveal organizations are not adequately prepared to manage, support and secure consumerization of IT in the enterprise (Read More)

New PCI DSS Guide for Merchants; Source: PCI DSS Compliance Blog

The guide is intended to provide simple and quick information security steps for small to mid-size merchants that accept credit and/or debit cards as a form of payment. (Read More)

Chip-and-PIN fraud gang jailed; By Tom Espiner, ZDNet

A gang of four Londoners have been jailed for a Chip-and-PIN fraud operation which netted £725,000. (Read More)

Square Suspends Reader Shipments To Deal With Credit Risk And Fraud Issues; Source: mocoNews.net

When Twitter co-founder Jack Dorsey unveiled his latest start-up, Square, in December critics harped that the company, billed as a mobile payments solution that would disrupt the traditional credit card processing world, didn’t get how complicated the payments space is, or how risky. Now, it appears, Dorsey has admitted as much. (Read More)

iovation Partners with Failsafe Payments to Expand Fraud Protection for Merchants; Source: iovation

PORTLAND, Ore.- June 17, 2010 – iovation, provider of the world’s first device reputation service for preventing online fraud and abuse, today announced a partnership with Failsafe Payments to protect merchants and merchant service providers (MSPs) using Certo Payment Gateway. (Read More) 

Leading Colombian Payment Processor and Aggregator Pagosonline Drives South American Business Expansion Using ThreatMetrix to Control Online Fraud; Source: ThreatMetrix

By Helping to Reduce Customers' Fraud Rates, Pagosonline Improves Its Corporate Brand Image and Ability to Sell More (Read More)

June 14, 2010

10 of the Top Data Breaches of the Decade; How Does iPad Security Breach Compare to Others? By KI MAE HEUSSNER,  ABC News

The Internet cried foul last week when news broke that an AT&T security breach exposed the e-mail addresses of at least 100,000 owners of Apple's iPad 3G. (Read More)

June 14, 2010 Press Release

FIS to Acquire Compliance Coach, Inc. Source: FIS

Deal Positions FIS as Premier Provider of Regulatory Compliance Services  (Read More)

June 10, 2010

One Man's Quest To Foil Hackers; By Maureen Farrell, Forbes.com

Identity fraud costs $54 billion a year. Robert Carr aims to alleviate some of that pain. (Read More)

June 10, 2010

Computing with Secrets, but Keeping them Safe; By Tom Simonite, Technology Review

A cryptographic method could see cloud services work with sensitive data without ever decrypting it. (Read More)

June 9, 2010

Mobile banking: Threshold of concern, threshold of alarm and the zone of comfort; By Jan Chipchase, CGAP

Not all transactions are created equal: the very last dollar in your wallet has a higher value than when there’s a stack of notes; an online transaction completed at home has different security implications than one completed in an internet cafe. Service designers have long recognized the need for extra checks and balances for ‘risker’ transactions - and these are typically reflected by levels of authentification. From a user’s perspective we’ve found it useful to frame transactions in terms of thresholds of concern and thresholds of alarm. (Read More)

June 8, 2010 Press Release

Elavon Expands its Powerful Suite of Security Solutions; Source: Elavon

Elavon, a wholly owned subsidiary of U.S. Bancorp (NYSE: USB) and a leading global payments provider, has chosen to extend its comprehensive security solutions suite by adapting technologies from Semtek and Voltage Security to include end-to-end encryption capabilities for its acquiring and gateway solutions. Additionally, Elavon has developed advanced tokenization schemes that will allow merchants to securely access card data for future transactions. (Read More)

June 7, 2010 Press Release

Gemalto Achieves Additional MasterCard Accreditation With its Consulting Services; Source: Gemalto

Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announced receiving MasterCard accreditation for its Gemalto Consulting Services. As the first digital security company to join the MasterCard M/Chip Accredited Third Party program, this accreditation officially endorses Gemalto’s consulting capabilities and its vendor-independent services in contact and contactless deployments worldwide. (Read More)

June 1, 2010 Press Release

MagTek Responds to the SPVA's Recently Published E2E Guidelines; Source: PR Leap

MagTek, Inc., a well known leader in payment security, today responded to the Secure POS Vendors Alliance and its published guidelines on the application of encryption technology (E2E) to payment card data used for retail financial transactions. The guidelines establish an auditable set of requirements that can be used to validate cardholder data security across the many entities that participate in the transport of payment card data. (Read More)

June 1, 2010

Is U.S. Ready for Chip & PIN? Source: BankInfo Security

EMV Chip Cards Are Here, But Debate is About Security Vs. Cost (Read More)

May 28, 2010 Press Release

Top Tier Merchants and the Challenge of Card Data Security; Source: Mercator Advisory Group

New insight into the issues posed by PCI and card number security for merchant category leaders provides guidance and cautions. (Read More)

May 25, 2010 Press Release

PhoneFactor and Fiserv Partner for Phone-Based Multi-Factor Authentication; Source: PhoneFactor

New Option for Secure User Authentication will be Available through the Corillian Online Banking Solution from Fiserv. (Read More)

May 25, 2010 Press Release

ID Analytics Secures Identity-Based Fraud Detection Patent; Source: ID Analytics

Company Receives Third Patent from U.S. Patent and Trademark Office for New Detection System and Method Using Historical Identity Records (Read More)

May 25, 2010 Press Release

VeriFone Offers Payment Security Monitoring Service to Foil Criminals; Source: VeriFone

VPAS - VeriFone PED Authentication Service – Detects Presence of Rogue Devices Installed to Hijack Payment Data Information. (Read More)

May 19, 2010 Press Release

Heartland Payment Systems® and MasterCard Agree to $41.4 Million Intrusion Settlement: Source: Heartland Payment Systems

Company has now reached breach-related settlements with three major card brands. (Read More)

May 12, 2010 Press Release

VeriSign and Bank Associates Merchant Services Bring Extended Validation SSL to More Merchants: Source: VeriSign

BAMS to Now Offer VeriSign EV SSL With E-Commerce Processing Solutions (Read More)

May 11, 2010 Press Release

ID Score® Account Takeover Accurately Pinpoints Account Takeover at Any Point in the Customer Lifecycle; Source: ID Analytics

New Solution Incorporates Comprehensive Assessment of Identity Risk to Reduce Fraud-Related Expenses and Minimize Customer Friction (Read More)

May 4, 2010 Press Release

SoundBite Communications Introduces Real-Time, Interactive Fraud Management Solution for Card Issuing Banks; Source: SoundBite

Leading Issuing Bank Implements Solution to Enhance Fraud Resolution Efficiency and Effectiveness (Read More)

May 4, 2010

Former Con Man Helps Feds Thwart Alleged ATM Hacking Spree; By Kevin Poulsen, Threat Level

A North Carolina grocery worker is being held without bail in Houston on attempted computer hacking charges after inadvertently partnering with an undercover FBI agent in an alleged citywide ATM-reprogramming caper. (Read More )

May 3, 2010

P2P Payments: What You Need to Know;  Early-Adopters Discuss Security Considerations Behind New Trend; By Linda McGlasson, Bank Info Security

U.S. banking institutions are quickly adopting the new, simple payment solution called "Person-to-Person" for customers to send money to family and friends via email or text message. At the top of the list for reasons to deploy this new mobile payments solution: Customer convenience. (Read More)

April 30, 2010 Press Release

ONLY UNIVERSAL ID KEY SYSTEM WILL MAKE FRAUD CRIMES A THING OF THE PAST; Source: Visual Security International Limited

These details show why ONLY the proposed ID KEY system will reduce all fraud crimes to virtually ZERO simply by making outdated signature and PIN systems reliable. (Read More)

April 29, 2010

RBS chief victim of credit card fraud; Source: WalesOnline

Banking chief Sir Philip Hampton has been a victim of credit card fraud, he revealed. (Read More)

April 28, 2010 Press Release

Entrust Brings Strong Authentication to Mobile Devices - Versatile Authentication Platform Secures Consumer and Enterprise Environments; Source: Entrust

Entrust IdentityGuard Mobile enables strong enterprise authentication while protecting against latest malware threats. (Read More)

April 28, 2010 Press Release

BillMyParents Uses ThreatMetrix to Stop Fraud While Facilitating and Protecting Teen Online Spending; Source: ThreatMetrix (Read More)

Leading Online Teen Payments Solution is Able to Take More Orders with Less Friction While Determining Who Is and Who Isn’t a Fraud Threat

April 28, 2010 Press Release

Media Alert: nuBridges’ Gary Palgon to Instruct IT Pros on Data Security Challenges; Source: Nubridges

nuBridges information security expert Gary Palgon will address three timely data security challenges that IT professionals are facing throughout the extended enterprise at COMMON 2010 at the Hilton Orlando. Palgon will discuss how a new data security standard, tokenization, can be used alone or to augment encryption to protect cardholder and personally identifiable information in an IBM i-centric organization; how today’s secure B2B gateways and Managed File Transfer technology can help companies to create a data exchange infrastructure that will ensure compliancy with current and future data security regulations; and why being compliant with data security mandates and laws doesn’t ensure security. (Read More)

April 26, 2010

India is no. 3 haven for hackers; By Debjoy Sengupta, ET Bureau

KOLKATA: India may be poised to become a software superpower by 2020, but it has already emerged as one of the top three spawning grounds for Web-based attacks. (Read More)

April 23, 2010

Blippy’s Response To Credit Card Data Breach: “It’s A Lot Less Bad Than It Looks”; By Jason Kincaid, TechCrunch

Earlier today, VentureBeat detailed a major Blippy privacy breach that exposed user credit card information to search engines. The breach appears to have occurred on a small scale undefined Blippy believes that only four users had their credit cards compromised undefined but the fact that it happened at all is unsettling. After all, Blippy’s service asks users to entrust it with their credit card information (and in some cases, their credentials for online services) undefined it is of paramount importance that Blippy keep that data secure. (Read More

April 22, 2010 Press Release

2010 Payments Fraud and Control Survey; Source: Association for Financial Professionals

B2B payments fraud is still a threat to US organizations, but many are employing fraud control measures to keep it at bay. A majority of organizations experienced attempted or actual payments fraud in last year. However, most now employ measures to combat these threats, using a combination of account-level solutions and services provided by their banks. The 2010 Payments Fraud and Control Survey is underwritten by J.P. Morgan. (Read More)

April 22, 2010 Press Release

Latest Release of Kount Complete Propels Fraud Control Technology Forward; Source: Kount Inc.

New version of powerful fraud-fighting solution gives merchants additional tools to stay ahead of fraud. (Read More)

April 20, 2010

Lesser-Known Vulnerabilities of Mobile Payments By Penny Crosman, Bank Systems & Technology

I recently read the following sentence in an email and was alarmed: "Hackers can extract cryptographic keys from smart-card enabled credit cards and payment devices by monitoring the card's power consumption while in use." It turns out that this vulnerability was discovered in the mid-1990s. "There are elements of it that have been reasonably well solved by the payments industry and there are elements where the story is not yet finished," says Benjamin Jun, vice president of technology at Cryptography Research, which originally discovered the power-based fraud, which is technically known as DPA, for Differential Power Analysis. Jun spoke to Bank Systems & Technology this afternoon in a phone interview. (Read More)

April 20, 2010 Press Release

Vindicia Changes Market Dynamics of PCI Compliance; Hosted Order Automation Eliminates PCI Burden and Delivers Millions in Savings for Online Merchants; Source: Vindicia

Vindicia today announced the availability of its new Hosted Order Automation (HOA) capabilities as part of the Vindicia CashBox™ solution. By using HOA in CashBox, online merchants are able to completely offload PCI compliance to Vindicia while maintaining complete control over their customers' buying experience. HOA allows merchants to accept credit cards on their own order pages, maintain complete control over their customer data, and create a compelling online experience for their customers without ever touching a credit card and subjecting themselves to PCI regulations.  (Read More)

April 15, 2010

New PCI Changes: Network Segmentation, One-Way PAN Hashing; By Walter Conway, StoreFrontBackTalk

When the new version of PCI becomes the law of the card-processing land in October, it will include new rules and clarifications on a wide range of key retail payment complaints. Among the top changes, according to PCI officials, are: a requirement that retailers must perform extensive searches for cardholder data across all their networks and systems; clarification on strong one-way hashing of PANs; a move to a three-year PCI lifecycle; clarification on what constitutes acceptable network segmentation; new wording on what constitutes cardholder data; and the applicability of PCI for card issuers. (Read More)

April 15, 2010 Press Release

Top 3 Israeli banks roll out customer facing Voice Biometrics technology by PerSay;  Source: PerSay Voice Biometrics

Voice Biometrics is poised to become mainstream authentication technology for remote services and applications (Read More)

April 13, 2010

Ingenico and Element Form a Strategic Partnership to Secure End-to-End Transaction Processing; Source: The Wall Street Journal

Partnership Benefits Merchants and Software Providers by Reducing the Scope, Risk, and Cost of Implementing and Maintaining PCI DSS Controls (Read More)

April 12, 2010

Man-in-the-Middle Attacks Against SSL; By Matt Blaze, Schneier on Security

A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much. (Read More)

April 9, 2010 Press Release

MICROS Partners with Trustwave to Offer its Clients Additional PCI Compliance Tools; Source: TrustWave

April 8, 2010

Italy central bank orders stop to new AmEx cards; By FRANCES D'EMILIO, Associated Press

ROME undefined Italy's central bank on Thursday ordered a stop to the issuance of new credit cards by American Express in the country until the company can improve compliance with laws combating money laundering and usury. (Read More)

April 8, 2010

Cloud security best practices foster rapid deployments; By Laura Smith, CIO News

Other companies have shied away from cloud computing because of security concerns, but the Sun National Bank subsidiary of Sun Bancorp Inc. has taken a pragmatic approach to taking advantage of the cloud's potential for rapid deployment. That approach isn't just a matter of connecting routers and VPNs, the bank's CIO said, but a detailed series of cloud security best practices for partner evaluation, risk assessment and contractual negotiation. (Read More)

April 6, 2010 Press Release

ThreatMetrix to Showcase Leading Online Fraud Detection Solutions at April 13 – 15 Electronic Transactions Association Annual Meeting and Expo in Las Vegas; Source: ThreatMatrix

ThreatMetrix™, a fast growing provider of fraud detection solutions that do not require personally identifiable information (PII), today announced that it will be exhibiting in Booth 856 at the 2010 Electronic Transactions Association (ETA) Meeting and Expo, April 13 – 15, at the Mandalay Bay & Casino, Las Vegas, Nevada. (Read More)

April 6, 2010 Press Release

Heartland Payment Systems and OpenBook Bring State-of-the-Art Data Security to Lodging Industry; Source: Heartland Payment Systems

Heartland Payment Systems(R) and OpenBook(R) -- a division of Yellowstone Hotel Systems -- plan on delivering secure payments to the hotel and lodging industry by integrating Heartland's E3(TM) end-to-end encryption solution with OpenBook's property management software. Heartland is one of the nation's largest payments processors and the American Hotel & Lodging Association's official preferred provider of card processing, check management, payroll and tip management services.  (Read More)

April 6, 2010

Visa reports rise in retail terminal key-logger attacks; By Gill Montia, Banking Times

Visa has recently alerted its transaction processing members and their clients to an increase in keylogger attacks involving retailers. (Read More)

April 6, 2010

Oyster card upgrade underway; Source: ContactlessNews

Transport for London, issuer of the popular Oyster Card, is in the process of upgrading to new, more secure cards. (Read More)

April 1, 2010 Research

Data Security Top Concern for Merchants Yet First Data Survey Finds Many Merchants Unaware of Consequences, Solutions; Source: First Data

First Data recently conducted a survey asking merchants about data security. Not surprisingly, it is a universally important issue: More than 80% of small and mid‐size merchants described themselves “very concerned” about payment card security. But these merchants’ experiences with data violations differ vastly, as does their understanding of the consequences of a breach. (Read More)

March 26, 2010

TJX hacker Gonzalez gets 20 year jail term; Source: finextra

Computer hacker Albert Gonzalez has been sentenced to 20 years in prison for masterminding a string of cyber-attacks on retailers, including TJX, which resulted in the theft of tens of millions of payment card details (Read More)

March 25, 2010

Heartland Preps for Its Big End-to-End Encryption Rollout; Source: Digital Transactions

Merchant acquirer Heartland Payment Systems Inc.’s sales force will begin selling the company’s new end-to-end encryption system in the second quarter following testing that began last June, the company says. Heartland also says several terminal manufacturers are integrating the technological protocols of its system, which was developed by Voltage Security Inc., into their own hardware. (Read More)

March 26, 2010

TJX hacker Gonzalez gets 20 year jail term; Source: finextra

Computer hacker Albert Gonzalez has been sentenced to 20 years in prison for masterminding a string of cyber-attacks on retailers, including TJX, which resulted in the theft of tens of millions of payment card details (Read More)

April 1, 2010 Research

Data Security Top Concern for Merchants Yet First Data Survey Finds Many Merchants Unaware of Consequences, Solutions; Source: First Data

First Data recently conducted a survey asking merchants about data security. Not surprisingly, it is a universally important issue: More than 80% of small and mid‐size merchants described themselves “very concerned” about payment card security. But these merchants’ experiences with data violations differ vastly, as does their understanding of the consequences of a breach. (Read More)

March 30, 2010

Card Fraud in the United States: The Case for Encryption; Source: Aite Group

The card industry should focus on encryption technologies, cutting off the source of card data for criminal networks. (Read More)

March 29, 2010

U.K. online credit card fraud to be handled by specialist team; Source The Thrifty Scot

Over recent years a rising number of people have started to go online in order to conduct their financial affairs, using the Internet to do everything from their day to day banking to dealing with their credit card accounts. (Read More)

March 26, 2010

Security flaw found in new chip credit cards; Source: 3news.co.nz

A British university has identified security flaws in new chip and Pin credit cards that banks in New Zealand are about to introduce. (Read More)

March 26, 2010

Leader of Hacking Ring Sentenced for Massive Identity Thefts from Payment Processor and U.S. Retail Networks; Source: U.S. Department of Justice

The leader of the largest hacking and identity theft ring ever prosecuted by the U.S. government has been sentenced to 20 years and one day in prison for his role in a series of hacks into a major payment processor and several retail networks, announced Assistant Attorney General for the Criminal Division Lanny A. Breuer; U.S. Attorney for the District of Massachusetts Carmen Milagros Ortiz; U.S. Attorney for the Eastern District of New York Benton J. Campbell; U.S. Attorney for the District of New Jersey Paul J. Fishman; and Director of the U.S. Secret Service Mark Sullivan. (Read More)

March 25, 2010

Heartland Preps for Its Big End-to-End Encryption Rollout; Source: Digital Transactions

Merchant acquirer Heartland Payment Systems Inc.’s sales force will begin selling the company’s new end-to-end encryption system in the second quarter following testing that began last June, the company says. Heartland also says several terminal manufacturers are integrating the technological protocols of its system, which was developed by Voltage Security Inc., into their own hardware. (Read More)

March 25, 2010

Credit card companies play security catchup; By ROELAND VAN DEN BERGH, The Dominion Post

Rising fraud and the Rugby World Cup have pushed credit card companies to ditch magnetic swipe cards in favour of more-secure chip cards from next month. (Read More)

March 25,2010

Dave & Buster's Settles FTC Charges it Failed to Protect Consumers' Information; More than 130,000 Customers' Credit or Debit Cards Compromised; Source: Federal Trade Commission

Entertainment operation Dave & Buster’s, Inc. has agreed to settle Federal Trade Commission charges that the company left consumers’ credit and debit card information vulnerable to hackers, resulting in several hundred thousand dollars in fraudulent charges. Dave & Buster’s operates 53 restaurant and entertainment complexes across the country under the names Dave & Buster’s, Dave & Buster’s Grand Sports Café, and Jillian’s. (Read More)

March 25,2010 Press Release

Heartland Payment Systems® E3TM Data Security Protocol Adopted by Leading Payments Manufacturers; Source: Heartland Payment Systems

Several of the world’s leading electronic payments system manufacturers are working with Heartland Payment Systems® (NYSE: HPY), one of the nation’s largest payments processors, to ensure their point-of-sale (POS) devices and other payments platforms offer the highest level of data security to businesses that accept credit and debit card payments. These manufacturers are integrating Heartland’s E3™ protocol, an industry-leading end-to-end encryption solution that leverages Voltage SecureData™ encryption and key management technology. End-to-end encryption is considered the most effective security method available for protecting cardholder data. (Read More)

March 24, 2010

New fraud alerts available for Wells Fargo cardholders; By PETER EICHENBAUM, Bloomberg News

Wells Fargo & Co. executive Kevin Rhein got a firsthand taste of credit-card fraud while walking on a treadmill at home in Minneapolis: An alert on his Blackberry showed his card was used to buy a $1,500 laptop in Las Vegas. (Read More)

March 24, 2010

The Spy in the Middle; are SSL certificates even more broken than we thought? By Matt Blaze, Exhaustive Search

A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much. (Read More)

March 24, 2010 Press Release

Kansas City Federal Reserve Seeks Input for Payment Card Fraud Survey; Source: NACS

The Kansas City Federal Reserve, with the assistance of NACS, has designed a study on payment card fraud that will look closely at fraud-related charge-backs imposed on merchants from all U.S. market segments. NACS is partnering with the Kansas City Federal Reserve to distribute this survey to convenience and petroleum retailers to assist in efforts to fully disclose industry costs associated with card payment, and to advocate for efficient card payment systems. (Read More)

March 23, 2010

U.S. Aims to Bolster Overseas Fight Against Cybercrime; By SIOBHAN GORMAN, Wall Street Journal

The alleged Chinese cyber attacks on Google have spurred proposals at the State Department and on Capitol Hill to establish an ambassador-level cyber security post and to tie foreign aid to a country's ability to police cybercrime. (Read More)

March 18, 2010

Security concerns may be holding back social-media apps; By: Daniel Taylor, oDesk

Social networks are all the rage among web users and developers alike – but increased social-media uptake may be held back by consumers’ security worries. (Read More)

March 17, 2010

E-Commerce Merchants Take on More Risk in Search of More Sales; Source: Digital Transactions

With the economy still shaky, some established online merchants are branching into new product lines in search of incremental revenue, and that can create problems if the merchants don’t work closely with their acquirers, Bob Nadeau, group executive at Chase Paymentech Solutions LLC, tells Digital Transactions News.  (Read More)

March 17,2010

Managing Online Payment Security, Compliance with Cloud-Based Tool; By Marisa Peacock, CMS WiRE

PCI (Payment Card Industry) compliance standards protect personal information and ensure security when transactions are processed using a payment card. Thanks to ClearPoint Metrics new PCI compliance management solution, organizations can manage PCI compliance risk more effectively, and reduce the cost of auditing and reporting. (Read More)

March 17, 2010

5 Burning Questions: Gemalto's VP & General Manager of Secure Transactions, Jack Jania; Source: PYMNTS.com

In this exclusive NEXTcast interview, Jack Jania of Gemalto sat down in the PYMNTS.com Hot Seat to discuss the 5 burning questions on risk and fraud. (Read More)

March 17,2010

30 Second Fraud Checklist for Ecommerce Merchants; Source: The Merchant Account Blog

Credit card fraud and online ordering fraud has hampered ecommerce merchants since the first credit card payment was taken over the internet. Because fraud is still successful, and because there is virtually no way to go after someone you suspect of fraud, it is still a plague to website owners trying to run a business on the internet. (Read More)

March 15, 2010

FBI: Internet Fraud Cost $559 Million in 2009; Source: eWeek.com

A new report from the Internet Crime Complaint Center, a joint effort by the FBI and the National White Collar Crime Center, found the amount of losses from cyber-crime doubled in 2009, and those between the ages of 30-49 were hardest hit. (Read More)

March 12, 2010

FBI: Internet fraud losses more than doubled in 2009- FBI report says e-mail scams, identity theft, spam causing most pain; By Layer 8 by Michael Cooney; Source: NETWORKWORLD

The Federal Bureau of Investigation's annual wide-ranging look at Internet crime found that online crime is indeed paying off - for the criminals as it cost users $559.7 million, up from $265 million in 2008. Further, the agency's Internet Crime Complaint Center (IC3) Web site received a total of 336,655 complaints about online problems, a 22.3% increase over 2008. (Read More)

March 11, 2010

Online fraud levels increase as positive signs are seen over card fraud; A decline in the amount of card fraud is a positive, but UK cardholders should remain vigilant. By Dan Raywood, SC Magazine

Figures released by the UK Cards Association showed that total fraud losses on UK cards fell by 28 per cent between 2008 and 2009 to £440.3 million – a decrease of £170 million on the previous year's total. (Read More)

March 10, 2010

Online banking fraud 'suffers increase'; Source: BBC News

Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, according to new research. (Read More)

March 10, 2010

Why debit card criminals may soon migrate from Canada to the USA; By Jonathan_Chevreau, Financial Post

My column in the FP today and various Canwest dailies -- Thieves hit my bank account -- describes the rising incidence of debit card fraud in Canada. Here's some data that didn't make it into the column but supports my contention that the rise of debit card fraud is near "epidemic" proportions. The data -- from the web site at www.interac.ca -- shows the number of Canadian debit card holders who had to be reimbursed for losses almost quintupled between 2004 and 2009.  (Read More)

March 10, 2010

Biometrics: What, Where and Why; By Mary Brandel, CSO Online

Biometrics are slowly gaining acceptance. Here's a look the most common forms and uses of biometrics and the forces shaping the market. (Read More)

March 9, 2010

Big Merchants Pay $225,000 on Average for PCI Audits, Study Says; Source: Digital Transactions

Getting an annual assessment to determine their compliance with the Payment Card Industry data-security standard costs big merchants an average of $225,000, but some pay $500,000 or more and others much less, according to a new research report by Ponemon Institute LLC. The report also says that only about 2% of card-accepting merchants fail their Payment Card Industry data-security standard (PCI) audits, but more than 40% might fail if they weren’t allowed to use “compensating controls” that often are effectively temporary fixes. (Read More)

March 4, 2010

PCI tokenization push promising but premature, experts say; By Robert Westervelt, SearchSecurity.com

Tokenization technology has the potential to protect credit card data while reducing the scope of a PCI DSS assessment, but a lack of standards and some complexity issues are cause for concern, panelists said Wednesday, at RSA Conference 2010. (Read More)

March 4th, 2010

Cyberthieves Using Bluetooth To Steal Gas Station Credit Card Data; By Evan Schuman, StorefrontBacktalk

When cyberthieves plant skimming devices inside POS PIN pads, they typically have one of two headaches. First, they have to return to the scene of the crime to retrieve the device and its stolen data, which is dangerous. If the thieves use the device to wirelessly phone the data to one of their own, it’s safer initially. But if that data is detected and examined, it could lead law enforcement right to the culpritsundefineda.k.a., problem number two. (Read More)

March 3, 2010

Is Microsoft redeeming itself on security issues? By Robert Mullins, NETWORKWORLD

When Christian Christiansen, an IDC IT security analyst, was briefed by people at Microsoft before the company launched its Trustworthy Computing initiative eight years ago, he was frank: "I told them 'You know it's going to take you 10 years to even start to change widespread customer opinion about how bad you are.'" (Read More)

March 2, 2010 Press Release

NIST Releases Guide for Applying the Risk Management Framework to Federal Information Systems; Source: National Institute of Standards and Technology (NIST)

The final publication of the Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach (NIST Special Publication 800-37, Revision 1) is now available on the National Institute of Standards and Technology’s (NIST) Computer Security Resource Center (csrc.nist.gov). (Read More)

March 1, 2010

Bank fraud rises 10% in 2009 New report reveals high risk of identity fraud; Source: Which?

New data has revealed that the level of bank account fraud in the UK rose by almost 10% in 2009. According to CIFAS, the UK’s fraud prevention service, 80,105 cases of bank account fraud were filed in 2009 – compared with 72,988 cases in 2008. This increase contributes to the overall rise in identity fraud recorded by CIFAS, which saw the number of incidents increase by 32% last year. (Read More)

Feb. 26, 2010

Credit Card Crooks Like to Shop at Best Buy, Target, Amazon; By DALIA FAHMY, ABC News

Chainsaws, Rogaine and X-Box consoles: these are a few of thieves' favorite things. So don't be too surprised if you get a phone call from your credit card company asking if you've suddenly gone bald. (Read More)

February 26, 2010 

Wyndham Hotels Hacked Again; By Robert McMillan, IDG News Service; Source PC World

Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data. (Read More)

February 25, 2010

Smaller, safer, easier, smarter – Todos AB unveils new products; Source: todos

Welcome to the next generation of e-banking and e-commerce security. Todos AB unveils online authentication devices that take security, convenience, flexibility and style to new levels (Read More)

February 25, 2010

Paying at the pump could cost extra thanks to skimmers; By Josh Smith, WalletPop

We've all heard of crooks installing skimmers on ATM machines to steal debit card information, including pin numbers, but a new scheme has been uncovered that is much harder to detect and it happens at a place you might equate with highway robbery -- the gas pump. Reports have come in from across the country of debit card skimmers inside gas pumps that record your debit card number, including PIN, and send it wirelessly to a crook who then makes a fake card and helps himself to your money. (Read More)

February 25, 2010

ATM Skimming: How to Recognize Card Fraud; By Joan Goodchild, CSO Security and Risk

Criminals are increasingly turning to card skimming as a profitable way to steal cash. Would you know what to look for at your local ATM? (Read More)

February 24, 2010

Do Companies Need Fed Cybersecurity Intervention? By Richard Adhikari, E-Commerce Times

The former U.S. director of national intelligence was the latest in a long line of intel gurus telling Congress how woefully under-protected America's infrastructure is from cyberattacks. The Senate is currently mulling the U.S. Cybersecurity Amendment Act of 2009 and considering how much new regulation the government may need to introduce in the name of national security. (Read More)

February 24, 2010

The Cost Of A Breach, Heartland Style: At Least $129 Million; Might Be $229 Million; By Evan Schuman, StorefrontBacktalk

In its latest financial report, Heartland Payment Systems reported that it dropped $129 million on data breach costs last year (an incident that briefly placed Heartland on Visa’s Bad Breach Boy list). The company added that it still has a reserve of $100 million for additional expenses. (Read More)

February 23, 2010

ActivIdentity Empowers Innovative Cloud-Based Digital Identity Service; Source: CNNMoney

Company's Credential Management Solution Selected by idOnDemand to Simplify Issuance and Management of Digital Credentials (Read More)

February 17, 2010

Privacy, Security & Convenience on a Collision Course

February 12, 2010 Press Release

Deluxe Unveils Comprehensive Suite of Identity Theft Protection Solutions for Financial Institutions; Deluxe Provent Helps Lower Risk, Strengthen Account Holder Relationships; Source: Deluxe Corporation

With powerful tools to help prevent and respond to identity theft, Deluxe Corporation (NYSE: DLX), a business partner to nearly 6,400 financial institutions in North America, introduces Deluxe Provent(SM) - a flexible, integrated suite of identity theft protection solutions. (Read More)

February 11, 2010 Press Release

ThreatMetrix to Demonstrate Leading Fraud Prevention Solutions for Etailers at Merchant Risk Council Conference; New Report Says 45% of Large Merchants Plan to Add Device Fingerprinting Technology Solutions in Next 12 Months; Source: ThreatMetrix

ThreatMetrix™, the fastest growing provider of device identification solutions for preventing online fraud, today announced it will demonstrate new fraud prevention solutions for etailers at the Merchant Risk Council e-Commerce Payments and Risk Conference, March 16 – 18, in Las Vegas. On display in Booth 604 will be fraud prevention solutions that extend ThreatMetrix’ leadership position in device identification, a technology that leverages the “fingerprint of a computer” to determine if an online transaction is legitimate or fraudulent. (Read More)

February 11,2010

Oxford scientists develop security protocol for m-payments; Source: finextra.com

Isis Innovation, the University of Oxford's technology transfer company, is looking for commercial partners to help develop a new cryptographic application for securing person-to-person mobile payment transactions. (Read More)

February 11, 2010

Cambridge researchers show that the Chip and PIN system is vulnerable to fraud

Steven J. Murdoch, Saar Drimer, Ross Anderson and Mike Bond, researchers at the Computer Laboratory, University of Cambridge, have shown that flaws in the Chip and PIN system allow criminals to use stolen credit and debit cards, without knowing the correct PIN. (Read More)

February 10. 2010 Press Release

Javelin Study Finds Identity Fraud Reached New High in 2009, but Consumers are Fighting Back; Source: Javelin Strategy & Research

Identity Fraud Affected 11 Million Americans in 2009; Proactive Measures by Financial Institutions, Businesses and Consumers Helped Decrease Costs; Increase in Prosecutions and Convictions (Read More)

February 9, 2010 Press Release

UK Online Fraud Report 2010; Source CyberSource

The most comprehensive guide to UK online fraud is out now and available to download. (Read More)

February 9, 2010 Press Release

Voltage Security Announces Profitable Year with Increased Momentum Across Product Lines; Over 70% Revenue Growth for Fiscal Year

Voltage Security™, the global leader in end-to-end data protection, today announced financial results for the fiscal year ending January 31, 2010. With growing market acceptance of its broad set of encryption solutions, including Voltage SecureData™, its end-to-end encryption product line for enterprise and payment applications, Voltage completed four quarters of year-over-year revenue growth, and three consecutive quarters of profitability and cash generation from operations, resulting in over 70% revenue growth for the fiscal year. The company also was cash flow positive from operations and profitable for the fiscal year. (Read More)

February 8, 2010 Press Release

ID Watchdog Announces Revolutionary New Product that Provides Instant Feedback on ID Theft

idCHECK Makes Identity Theft Analysis Quick, Easy, and Affordable for Every Individual – and is Available for Free for a Limited Time (Read More)

February 8, 2010 Press Release

Bob Carr Appointed to the Secure POS Vendor Alliance Board of Directors; Heartland Payment Systems' Chairman and CEO Joins Payments Security Leadership Group; Source Heartland Payment Systems

Heartland Payment Systems' Chairman and Chief Executive Officer Bob Carr has been elected to the 2010 Secure POS Vendor Alliance (SPVA) Board of Directors. Carr, who has been spearheading the development and implementation of secure payments processing technologies over the past year, will continue to help advance data security through his appointment as Associate Member Director. The SPVA is a nonprofit organization comprised of payments industry leaders who work with multiple stakeholders in the payment value chain to develop an end-to-end security framework and enhance the security of payment solutions. (Read More)

February 5, 2010 Press Release

Financial Services Firms Worry More about Fraud than Customer Convenience According to New Report; Trend Speaks to Growth in Credit Card Fraud and Need for New Fraud Prevention Tools; Source: ThreatMetrix

ThreatMetrix™, the fastest growing provider of device identification solutions for preventing online fraud, today announced the results of at new research report in online banking, “Trends in Online Banking: Fraud Prevention and Customer Authentication.” (Read More)

February 4, 2010 Press Release

Secure POS Vendor Alliance Launches Lab Network to Improve Security Within the Payment Industry; Third party lab certification process extends SPVA reach, provides more confidence to customers; Source: SPVA

The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom (NYSE: HYC), Ingenico S.A. (EURONEXT: ING) and VeriFone (NYSE: PAY) announces the formation of its new Lab Network, a group of labs that will participate with SPVA members, prospective members and the SPVA's Technical Working Groups on security evaluations of the SPVA implementation guidelines. Members of the Lab Network will work together to share best practices and raise the security level within the point of sale industry. (Read More)

February 3, 2010 Press Release

SAGEM WIRELESS AND UPEK PARTNER TO BRING FINGERPRINT-BASED IDENTITY CAPABILITIES TO NEW MOBILE DEVICES; Source: Sagem Wireless

Sagem Wireless, a leader in the design and delivery of customized connected lifestyle devices and services, announced today that it has formed a partnership with UPEK to bring fingerprint identity capabilities to a range of new devices that Sagem Wireless is expected to launch later this year, including new Android-based mobile devices. Sagem Wireless selected UPEK for its superior fingerprint technology, which offers industry-leading recognition accuracy, ruggedness, power efficiency, and enhanced touch-input capabilities as well as its support of a standards-based, open-platform software solution. (Read More)

February 2, 2010

Anatomy of a Data Breach; Source: SmartMoney

A data breach occurs when records containing sensitive personal information, such as names, addresses or social security numbers, are compromised. That could mean the loss or theft of a laptop; a hack into a retailer or payment processor’s database containing credit-card numbers; or a situation in which an employee with access to sensitive information sells it to a third party. (Read More)

February 2, 2010

Are chip and PIN credit cards coming? By Claes Bell, Bankrate.com

The U.K. is all abuzz about "chip and PIN," but it's not a popular pub snack or a nickname for the newest celebrity power couple. It's the credit card security system rolled out in recent years to stem a wave of credit card crime. (Read More)

February 1, 2010 Press Release

Thales payShield Cardholder Authentication safeguards credit card information for payment processors, helping reduce fraud

Thales, leader in information systems and communications security, announces that Thales’s payShield Cardholder Authentication for nShield is now available for its nShield Connect and nShield PCI Express hardware security modules (HSMs). Thales payShield Cardholder Authentication for nShield authenticates credit card users and protects encryption key transfers, safeguarding credit card information and assisting with regulatory compliance such as PCI. payShield Cardholder Authentication for nShield is already widely deployed in web-based applications for MasterCard’s Chip Authentication Program (CAP) and Visa’s Dynamic Passcode Authentication (DPA) for online banking and 3D-Secure applications such as Verified by Visa and MasterCard SecureCode for online payments. (Read More)

January 28,2010

HID Global's iCLASS® Contactless Smart Card Technology Enables U.S. Bank's Award-Winning PayID Card: Collaboration with U.S. Bank Reinforces HID Global’s Position in the Development of Converged Physical Access and Contactless Payment Solutions; Source: HID Global

HID Global, the trusted source for solutions for the delivery of secure identity, today announced the recognition of its iCLASS® contactless smart card technology as a key component in U.S. Bank’s award-winning PayID card program. The PayID card pilot program, which recently won the 2010 Paybefore Award for Most Innovative Program, included HID Global’s iCLASS application. PayID uses a single, all-purpose card to provide contactless physical access to secure U.S. Bank facilities, along with contactless payments and traditional magnetic stripe purchases. (Read More)

January 28, 2010

Benevolent hackers poke holes in e-banking; Source: NewScientist

ONLINE banking fraud doesn't just affect the naive. Last year, Robert Mueller, a director at the US Federal Bureau of Investigation, admitted he'd come within a mouse-click of being a victim himself. Now the extent of the problem has been brought into sharp relief, with computer scientists warning that banking culture is increasing the likelihood that customers are using vulnerable systems. (Read More)

January 27, 2010

Cambridge scientists blast 3-D Secure system ; Source: finextra.com

The 3-D Secure protocol adopted by banks and card schemes under the Verified by Visa and MasterCard SecureCode banners has been branded by Cambridge University academics as "a textbook example of how not to design an authentication protocol" by ignoring good design principles and presenting "signifi cant vulnerabilities". (Read More)

January 27, 2010 Press Release

Verisys Acquires ID Insight's AddressWatch™:  Combination of AddressWatch™ with Verisys® databases will provide another tool to improve the detection of health care fraud and abuse

Verisys Corporation, the developer of FACIS® (Fraud and Abuse Control Information Systems), has acquired ID Insight’s AddressWatch, a trusted data source of U.S. and Canadian addresses and delivery points that pose a high fraud risk. With fraud and abuse widely considered a major contributor to U.S. health care costs, Verisys will integrate AddressWatch’s suspect address data with its FACIS data records of known fraudulent addresses to create one of the largest high-risk address databases available. (Read More)

January 25, 2010 Press Release

ChosenSecurity Partners with idOnDemand. Source: ChosenSecurity

ChosenSecurity and idOnDemand today announced a partnership under which idOnDemand will use ChosenSecurity’s globally trusted digital certificates as part of its integrated smartcard offerings for physical and network environments. Digital certificates enable a wide range of trust for applications: controlling authorization and access to physical and digital assets, protecting against data leakage and supporting compliance with privacy, e-signature and other identity regulations. They provide applications with strong authentication, secure email, digital signatures and data encryption capabilities. By combining digital certificates with smart cards, enterprises get a total solution to their authentication, encryption and digital signing needs. (Read More)

January 25,2010

Different technologies vie to protect payments. Source: Digital News

End-to-end encryption, dynamic cryptograms and EMV are all options being considered to protect payment transaction data in the U.S. The goal is to prevent data breaches, such as the one with Heartland Payment Systems in 2008, and make it easier for merchants and processors to secure the information. (Read More)

January 22, 2010

NFA reveals true extent of UK’s £30 billion fraud loss

The National Fraud Authority (NFA) has released the UK's first comprehensive fraud estimate which estimates that fraud costs the UK over £30 billion a year (1). The figure is published in the National Fraud Authority Annual Fraud Indicator. (Read More)

January 21, 2010

January 21, 2010

Heartland Payment Systems: Lessons Learned from a Data Breach

By Julia S. Cheney, Payment Cards Center, Federal Reserve Bank of Philadelphia

On August 13, 2009, the Payment Cards Center hosted a workshop examining the changing nature of data security in consumer electronic payments. The center invited the chairman and CEO of Heartland Payment Systems (HPS or Heartland), Robert (Bob) Carr, to lead this discussion and to share his experiences stemming from the data breach at his company in late 2008 and, as important, to discuss lessons learned as a result of this event. The former director of the Payment Cards Center, Peter Burns, who is acting as a senior payments advisor to HPS, also joined the discussion to outline Heartland’s post-breach efforts aimed at improving information sharing and data security within the consumer payments industry. In conclusion, Carr introduced several technology solutions that are under discussion in payment security circles as ways to better secure payment card data as they move among the different parties in the card payment systems: end-to-end encryption, tokenization, and chip technology. While HPS has been very supportive of end-to-end encryption, each of these alternatives offers its own set of advantages and disadvantages.  (Read More)

January 21, 2010

The Secure POS Vendor Alliance Broadens its International Reach with Five New Payment Company Members

The inaugural year of the Secure POS Vendor Alliance (SPVA) wrapped up with the same enthusiasm with which it began – capped off by the membership of five more leading payment and enterprise security companies. Joining the SPVA are Elavon, ID TECH, Independent Purchasing Cooperative, Inc. (IPC), Voltage Security, Inc., and the first Asia-based company, GHL Systems Berhad. (Read More)

January 20, 2010

Are Tokenization And End-To-End Encryption Substitutes? By Walter Conway, StorefrontBacktalk

Maybe tokenization and end-to-end encryption are just two closely related approaches that can, when properly implemented, accomplish the same thing: minimize your total PCI scope. One thing is for sure, though: Either way, you will need to bring your checkbook. (Read More)

January 20, 2010 Press Release

RSA Global Survey Reveals Confidence in Social Networking Security Shaken as Online Crime Rises. Source: EMC

RSA, The Security Division of EMC (NYSE: EMC), announced the results of its 2010 Global Online Consumer Security Survey that polled more than 4,500 consumers regarding their awareness of online threats, concerns with the safety of their personal information online and their willingness to share it, and desire for better identity protection. (Read More)

January 19, 2010

Cryptography Research Experiences Rapid Adoption of its Security Technologies in 2009; Sees Continued Growth in 2010. Source: (Read More)

The Company’s Patented DPA Countermeasures and CryptoFirewall Security Core Licensed in More Than 4.5 Billion Security Chips Made in 2009

January 19, 2010

MasterCard Submits Comments On Draft Code of Conduct. Source: Yahoo Finance

MasterCard Canada has submitted its comments on the Minister of Finance's Draft Code of Conduct for the Credit and Debit Industry. (Read More)

January 18, 2010

Visa Canada comments on the draft voluntary Code of Conduct for the Canadian Credit and Debit Card Industry. Source: Yahoo Finance

Visa Canada confirmed it will today submit a response to the draft voluntary Code of Conduct for the Canadian Credit and Debit Card Industry issued by the Department of Finance. (Read More)

January 18, 2010

A primer on identity theft. By Sharda Prashad, The Globe and Mail

Challenges small businesses face with regards to identity theft (Read More)

January 10, 2010

CRE Secure Simplifies PCI Compliance for Magento Shopping Cart Online Merchants by CRE Secure Webmaster

CRE Secure, the first cloud-based payment acceptance security platform that is fully compliant with new credit card security rules, announces the release and general availability of a drop-in module for Magento Ecommerce community edition shopping carts, a leading open source ecommerce solution.  The new Magento Ecommerce module further expands the list of leading online shopping cart integrations that CRE Secure has developed to allow online retailers and web-based applications easy connection to CRE Secure’s online payment acceptance and security services. CRE Secure using its patent pending HTML Clone™ technology isolates sensitive cardholder data from any online store or application, and greatly reduces the complexity and associated costs of achieving compliance with Payment Card Industry Data Security Standards (PCI DSS) requirements. (Read More)

December 21, 2009 Press Release

Now You Can Conduct Your Own Background Check With Acxiom’s New I-Check

If you are applying for jobs, rental property, volunteer organizations or seeking other placements, now you can get your own background check from Acxiom I-Check, a low-cost, confidential and in-depth background screening service offered by Acxiom® Corporation (Nasdaq: ACXM). (Read More)

December 8, 2009

Congress probes Visa, AmEx role in Web scam

By Greg Sandoval: cnet news

For years, baffled consumers looked to Visa, MasterCard, and American Express for answers when mysterious charges from "shadowy companies" began appearing on their credit card statements.

Read More

December 8, 2009 Press Release

Unisys Predicts 2010 Yields a Biometrics Boom While Organizations Go on the Offensive to Protect Data

BLUE BELL, Pa., December 8, 2009 – Slashed budgets and reduced staffing numbers delayed many security initiatives in 2009, but the vulnerabilities didn’t retreat and will only intensify in 2010, Unisys security experts predict.

Read More

November 30, 2009 Press Release

“Beat the Cheats” – Unisys Offers Security Tips on How to Avoid Falling Victim to Holiday-Related Scams

Unisys security experts warn of the top 10 holiday scams -- from online shopping swindles to dumpster diving for personal information. Source: Business Wire (Read More)

November 26, 2009 Press Release

The first conference call for the ATMIA ATM Security Forum is scheduled for 11 am EST Thursday 10 December 2009, which is 8 am in Los Angeles, 4pm in London, 5 pm in Brussels, 6 pm in South Africa, midnight in Hong Kong and 3 a.m (the following morning) in Sydney.

Anyone wishing to participate should contact Mike Lee mike@atmia.com

Agenda for 1st Teleconference

1. Welcome

2. Status and role of ATM Security Forum

3. Update on skimming

4. Is malware the biggest emerging threat?

5. Priorities for 2010

6. Next conference call: TBA with 2010 conference call schedule

September 30, 2009

Fiserv Unveils Latest Fraud Risk Mitigation and Anti-Money Laundering Solutions

Fiserv, Inc. (NASDAQ: FISV), the leading global provider of financial services technology solutions, today announced the availability of Fraud Risk ManagerTM 4.6, the newest version of its multi-channel fraud detection and management solution. Also available is AML Manager 4.6, the market-leading anti-money laundering solution. Both Fraud Risk Manager and AML Manager from Fiserv are designed to enhance and optimize financial institutions' financial crime risk management operations, by delivering best-in-class fraud and anti-money laundering (AML) transaction monitoring solutions, integrated with a common platform for automated alert intelligence and investigation, case management and regulatory reporting. Source Fiserv; New releases designed to optimize financial crime risk management operations