Google Wallet suspends prepaid credit cards in wake of security hack; appolicious advisor

Google takes step to make Wallet more secure; REUTERS

Zappos.com hit with breach, lawsuit; The Green Sheet 

Visa Exec Slams PayPal In-Store Payment Service; The Wall Street Journal

INSIDE Secure chosen by leading Smartphone manufacturer; Press Release

FTC to review mobile payments; NFCNews

iovation Stopped 50 Million Online Fraud Attempts in 2011, Biggest International Offender: Ghana; Press Release

Is the United States payments industry following in the footsteps of the Netherlands? Portals & Rails

2012 Threats: Are You Ready? Huff Post Tech

Security must evolve with m-commerce, says expert; Experian QAS

Google Wallet stores unencrypted data; finextra

Study Shows Merchants Still Store Massive Amounts of Unprotected Card Data; Digtal Transactions

Mobile Fraud: The Next Frontier; Press Release

PreCash Announces PreCash Secure Payment Services; Press Release

Remote deposit capture: If you expand it, will fraud come? Portals and Rails

28 Indicted in Theft of Steakhouse Patrons’ Credit Card Data; The Wall Street Journal

Evidence for PCI’s effectiveness in the fight against fraud; Portals & Rails

Despite the PCI Council's best efforts and laudable goals, the effectiveness of its data security standard, PCI DSS, is frequently questioned. This standard is sometimes disparaged as expensive and ineffective. One critic has even decried the standard as a "false god." Such criticisms have stuck in part because it is difficult to know how many breaches would have occurred if it weren't for the PCI standard, and supporters have essentially been left to argue a counterfactual. The PCI Council has long maintained that no organization that has been breached has been found to have been compliant at the time of the breach, but the claim has never been fully validated. (Read More)

Card Fraud Expert Pushes Case for Chip Cards; Credit Union Times

Even though many financial institutions in the country have not yet begun to implement smart chip technology in their card issuing, an expert in card fraud has urged they start to do so. (Read More)

International Fraud Awareness Week is here; Portals & Rails

According to the Association of Certified Fraud Examiners (ACFE), organizations worldwide lose roughly 5 percent of annual revenues to fraud. That's huge. A theme that we return to again and again in Portals and Rails is the fact that technology is making our livesundefinedincluding the ways we transact consumer paymentsundefinedmore efficient and secure. But these new technologies also offer fraudsters new and sometimes better ways to perpetrate crime. (Read More)

Bank Fraud Still Costing Plenty; eSecurity Planet

Since U.S. laws put the onus on banks to assume liability, consumers and some businesses tend to think their exposure amounts to little more than a temporary inconvenience while they await new debit cards. But that isn’t really the case. (Read More)

Federal Agencies Turn a Watchful Eye on Third-Party Payments Providers; Digital Transactions

Already the subject of new debit card regulations, the payments industry is coming in for more scrutiny from the federal government. A Federal Trade Commission official told attendees at a merchant-acquiring conference on Thursday that the government has formed a task force to monitor third-party payment-services providers. The feds’ goal is to prevent fraudulent merchants from getting merchant accounts and to shut down such merchants as quickly as possible if they defraud consumers. (Read More)

Experts Debate the Security of EMV; Bank Systems & Technology

While many in the financial industry acknowledge that the EMV standard is not 100-percent secure, some say it may be the best option available for securing POS payments. (Read More)

Security concerns continue to hamper UK m-payments take-up; finextra

Only 17% of Brits want to use their mobile phones as wallets, with security concerns the chief reason for reticence, according to a survey from Intersperience. (Read More)

Fiserv Survey Shows Anti-money Laundering Technology Remains Investment Priority for Financial Institutions; Press Release

Research indicates that the market is moving more actively toward a single platform approach to satisfy both AML and anti-fraud needs. According to the survey, firms anticipate increased technology budgets for both AML and fraud detection. (Read More)

High-impact events in a warming world: Business continuity planning for retail payments; Portals & Rail

Which will be the first to reopen after a major disaster: your financial institution or the local Waffle House? In some cases, you may be able to order your hash browns smothered, covered, peppered, and chunked before electricity is restored to your usual ATM. (Read More)

PCI update addresses holes in wireless security; The green Sheet

Commenting on the release of an update to the PCI DSS Wireless Guidelines Information Supplement, security experts agreed that securing wireless payment networks is possible but more difficult than securing hardwired networks. (Read More)

AsiaPay partners with Smart for safer online payments; openPR

Filipinos will soon have a convenient, efficient and more secure option to purchase goods and services from their favorite online merchants. (Read More)

Visa Europe extends CodeSure family with Matrix Display card; Press Release

Visa Europe, Europe’s leading payment system, today launched the CodeSure Matrix Display card, the latest addition to its CodeSure card range. (Read More)

Board of Governors of the Federal Reserve System Frequently Asked Questions- Regulation II

Frequently Asked Questions About General-Use Prepaid Cards and Circumvention and Evasion (Read More)

Skrill announces acquisition of payolution; Press Release

Acquisition adds new invoice payment options and risk security capabilities to further differentiate Skrill’s product offering to online merchants. (Read More)

PriceTravel Selects Accertify to Protect Its Online Travel Platform Against Fraud; Press Release

Signing Highlights Accertify's Rapid Growth in Latin America and Continued Commitment to this Region. (Read More)

Using data mining to catch suspected financial wrongdoers; FED Portals and Rails

The seemingly inconsequential disclosure of a phone number or ZIP code to a store clerk can ultimately end up far away from where it was first shared, especially if it is used for data mining purposes. Data mining is the use of computer-based analytic tools that sift through large collections of data searching for patterns based on statistical techniques. Often times, data records containing personal identifiers are compiled from many sources and transferred to third parties for data analysis. (Read More)

First Data Selects Trusteer to Help Financial Institutions Comply with New FFIEC Guidance for Online Banking Security; Press Release

Trusteer Fraud Prevention Architecture to be Available with First Data Internet Banking Platform. (Read More)

PCI SECURITY STANDARDS COUNCIL RELEASES PCI DSS TOKENIZATION GUIDELINES; Press Release

Merchants to benefit from guidance on how tokenization solutions may ease PCI DSS compliance efforts. (Read More)

ROAM Data takes number one market position for secure mobile phone card reader solutions; Press Release

Has shipped 300,000 encrypted readers that prevent card fraud demonstrated at the Blackhat security conference last week. (Read More)

Visa Announces Plans to Accelerate Chip Migration and Adoption of Mobile Payments; Press Release

Visa dynamic authentication roadmap will reduce fraud and enhance international acceptance. (Read More)

Securing mobile commerce; TODAY on Sunday

Business boundaries are no longer defined in terms of physical space. The increasingly "extended" enterprise has introduced new security concerns. Retailers are opening their networks and data to partners, suppliers and mobile workers, rather than containing information and securing the perimeter with the objective of business flexibility and agility - and eventually, competitive advantage. (Read More)

MERRIMACK VALLEY FINANCIAL CRIME NETWORK & IAFCI – INTERNATIONAL ASSOCIATION OF FINANCIAL CRIMES INVESTIGATORS

2011 FINANCIAL CRIMES Workshop September 29th

Neural Technologies implements solution for mobile payments fraud in Africa; Press Release

Neural Technologies has implemented its Minotaur solution to manage mobile payments fraud at a leading African mobile telecoms operator. (Read More)

BillGuard Warns You About Questionable Credit Card Charges; lifehacker

BillGuard is a free service designed to solve the problem of possibly overlooking hidden fees, billing errors or fraudulent transactions on your credit cards. It scans and analyzes your card transactions and alerts you if they match charges others have flagged as questionable. (Read More)

Memento Helps Financial Institutions Meet New FFIEC Guidance; Press Release

Memento Inc., a leader in Enterprise Fraud Management solutions, today announced that their award winning Enterprise Platform helps financial institutions meet the layered security guidelines as issued in the June 2011 supplement to the FFIEC’s 2005 Authentication in an Internet Banking Environment. (Read More)

ACH ALERT Granted Patent for Fraud Protection System; Press Release

ACH Alert announced today it has been granted a patent for its fraud mitigation system. (Read More)

BillGuard's 'Anti-Virus' For Bills And Credit Cards Is Now Completely Free For Users; TechCrunch

When BillGuard presented their innovative service at TechCrunch Disrupt earlier this year, the startup received fairly positive feedback from the panel of judges, which included well-known investor Fred Wilson. (Read More)

Guardian Analytics Launches Managed Fraud Monitoring Service; Security Week

Guardian Analytics, a provider of behavioral analytics-based fraud prevention solutions, today announced a fraud monitoring solution delivered as a managed service, designed to allow institutions to enjoy the benefits of fraud prevention software without the need for increased staff or training. (Read More)

AFS signs multi-year fraud detection deal; Trade Arabia

Bahrain-based Arab Financial Services (AFS), a leading provider of electronic payment services, has signed a multi-year renewal agreement for RiskNet Issuer with The ai Corporation, a leader in fraud detection solutions. (Read More)

A New Report from Aite Group; From Mag Stripe to Malware: Card Security Risks in 2011; Press Release

After years of uncertainty, the payments industry is confident that EMV will be adopted in the United States. (Read More)

OpenWay and Thales: Proactive Approach to Security; Press Release

OpenWay, the international vendor of WAY4 card management, channel banking and transaction switching software, has partnered with Thales to integrate its WAY4 platform with the Thales payShield 9000 host security module. In addition OpenWay has joined Thales eSecurity’s Alliance for Solution and Application Providers (ASAP) program for the ongoing sharing of knowledge and solution support. Such advanced partnership results in proactive protection against security threats. It benefits all banks and processors who use Thales host security modules in their WAY4-powered processing of e-commerce transactions. E-commerce volumes will grow significantly by 2014 both in US and Western Europe, as Forrester predicts. (Read More)

Symantec: Android and iOS differ widely on security; Rethink Wireless

Both are built from the start for secure access, unlike PCs, but both have vulnerabilities for enterprise users. (Read More)

PCI SECURITY STANDARDS COUNCIL UPDATES MARKET ON MOBILE POSITION; Press Release

Fact sheet and statement to help merchants and developers identify and design applications to process payment transactions within the scope of the PCI standards (Read More)

Password Security Remains Weakest Link Even After Data Breaches; eWEEK.com

Despite repeated reminders to select strong passwords and not to reuse them across Websites and services, online users continue to be frighteningly lax in their password security, according to a recent analysis of leaked passwords. (Read More) 

Court Favors EMI in Fraud Suit; Bank Info Security

Eighteen months after Michigan-based Experi-Metal Inc. sued its former commercial bank accountholder, Comerica Bank, a U.S. District Court in Michigan has favored the commercial customer. Now Comerica Bank must reimburse EMI more than $560,000 for the funds it lost after the bank approved fraudulent wire transfers that totaled more than $1.9 million. (Read More) 

Secure POS Vendor Alliance Releases Requirements for the Post Manufacturing Stage of a Payment Device; Press Release

The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom (NYSE: HYC), Ingenico S.A. (EURONEXT: ING) and VeriFone (NYSE: PAY) announces the release of standards for the post manufacturing stage of a secure payment device. The new guidelines require that a payment device be properly handled from the moment it is produced to the moment it is loaded with customer keys. (Read More) 

The Tuesday Podcast: Inside The Credit Card Black Market; NPR Planet Money

If you know the right people undefined and if you can get other criminals to vouch for you undefined you can go online and buy huge bundles of stolen credit cards. (Read More)

EMVCo Publishes ‘A Guide to EMV’ as Adoption of the Payment Standard Continues to Increase; Press Release

EMVCo, the EMV® standards body collectively owned by American Express, JCB, MasterCard and Visa, has launched a paper entitled ‘A Guide to EMV’ to provide an overview of the EMV Specifications, processes and the role of the technology within the context of the wider payments industry. The publication, which can be downloaded from www.emvco.com, coincides with the release of EMVCo’s latest deployment figures which state that 40 percent of total payment cards and 71 percent of terminals in circulation globally are based on the EMV standard. (Read More)

25% of Mobile Network Operator survey respondents not PCI DSS compliant; realwire

A survey conducted by Vesta Corporation, a global pioneer and leader in electronic payments, has revealed over a quarter of Mobile Network Operators (MNOs) are not compliant with the Payment Card Industry Data Security Standards (PCI DSS). A further 35% of respondents did not know that financial penalties could be levied for non-compliance by the card associations. (Read More)

ROAM Data Adopts New Visa Mobile Payment Security Best Practices; Press Release

Mobile Payment Pioneer Is First To Announce It Follows All Best Practices Unveiled By Visa On April 27^th. (Read More)

The dilemma of measuring fraud in the U.S. payments system; FED Portals and Rails

Growing up, I was fascinated with books about animals, particularly those focusing on totally unique and strange Australian animals. Kangaroos, wallabies, duck-billed platypuses, and spiny echidnas caught my fancy because they were unique, existing nowhere else on the planet. Perhaps one reason I am so fascinated with the U.S. payments system is that it is totally unique and replicated nowhere else in the world. (Read More)

PAYMETRIC RELEASES DATA INTERCEPT SOLUTION FOR SAP® CUSTOMERS; Press Release

Thieves Swipe Debit Card Data; The Wall Street Journal

Banking on .bank for Security; BANK INFO SECURITY

BREMER BANK SELECTS MEMENTO ENTERPRISE PLATFORM FOR DETECTING AND MANAGING CROSS CHANNEL FRAUD THREATS; Press Release

Accurate Analytics, Innovative Data Management, and Efficiency Cited as Key Factors in the Selection Process (Read More)

Visa Security Summit Focuses on Success in Reducing Fraud and Need for Ongoing Investment to Maintain Momentum; Press Release

Visa Inc. (NYSE: V) opened its fourth Global Security Summit today with a keynote address by chief enterprise risk officer Ellen Richey, in which she applauded the collective progress in making electronic payments more secure from criminals. While acknowledging this important success - achieved through closer industry cooperation, coordination with law enforcement and technological advancements - Richey also warned of future challenges that will require all stakeholders to more rapidly adopt "smarter" technologies and better application of risk-management intelligence. (Read More)

NetSpend Selects Actiance’s Socialite SaaS Platform to Ensure Compliance and Security of Social Media Channels; Press Release

Actiance, enabling the safe and compliant use of unified communications, collaboration and Web 2.0, today announced that NetSpend (NASDAQ: NTSP), one of the country's leading providers of general-purpose reloadable prepaid debit cards, has deployed its Socialite platform. NetSpend selected Socialite for its granular controls of popular social networks, like Facebook and Twitter, and its quick-to-deploy, software-as-a-service (SaaS) configuration. (Read More)

American Express Takes Aim at Identity Thieves With ID Protect Premium; Press Release

As Costs and Time to Recover from Identity Theft Rise, New Service Helps Consumers Fight Fraud (Read More)

TNS Unveils New TNSPay Capabilities; Press Release

One of the World’s Most Widely Used Payment Services Adds Additional Security and Fraud Features (Read More)

PhoneFactor Launches Replacement Program for RSA SecurID Tokens; Press Release

PhoneFactor Offers RSA Customers Impacted By Recent Breach a Program to Expedite Deployment of a Secure Two-Factor Alternative (Read More)

Corporate Account Takeover a New Payments Fraud Threat, AFP Survey Shows; Press Release

For seventh year, survey shows B2B payments fraud high, with checks remaining an easy target (Read More)

Ethoca Partners with NCFTA, Launches FraudStop Service; Press Release

New PCI Certified service that not only helps online merchants reduce fraud losses but also enables them to contribute to research analysis and preventing future frauds. (Read More)

Merchants Still Far From PCI Compliant; ETA

Merchants have made a lot of progress toward PCI Compliance, but if findings from a leading compliance firm are any indication, there still is a long way to go. (Read More)

PCI Delist Move Threatens Mobile Payment Security; StorefrontBacktalk

The PCI Council this week confirmed that it has quietly delisted “multiple” mobile payment applications, although the council didn’t specify a number. This comes as the PCI folk are trying to formulate a mobile strategy, which is likely to take quite a few more months to resolve. Given that retailers can’t put their mobile plans on hold, this puts merchants in a very awkwardundefinedand potentially very insecureundefinedplace. (Read More)

MoneyGram Reveals Strong Results from New Fraud Prevention Tool; Press Release

Software system identifies transactions at high risk for being fraudulent; Since May 2010 MoneyGram has protected customers from losing approximately $22.5 million in fraud. (Read More)

eWise Creates Secure Vault Payments Marketing Advisory Council to Accelerate Growth of New Payment Type; PYMNTS.com

Payments® Marketing Advisory Council with support and participation from NACHA undefined The Electronic Payments Association. Secure Vault Payments is an alternative payment option that offers convenience and security for consumers, allows institutions to receive money faster, and helps keep costly and wasteful paper out of the system. (Read More)

Why U.S. issuers might be reluctant to adopt the EMV standard, FED RPSF Portals and Rails

A hot topic for Portals and Rails and the Retail Payments Risk Forum has been the replacement of magnetic-stripe cards with chip-and-pin cards in the United States. In fact, a recent industry blog labeled my colleague Rich Oliver "the first U.S. banking industry executive to publicly declare that a U.S. migration to the EMV payments standard is inevitable." (Read More)

Credit Card Security: Too Much of a Good Thing? The Wall Street Journal

Used to be, cardholders got hit with a freeze only when they did something really unusual, like buying diamonds in Zimbabwe. But lately, banks seem a little quick on the trigger. While they guard their specific strategies like state secrets, consultants say that these days you might get the freeze if you use the wrong ATM or download an app. (Read More)

ACI Worldwide and Integrated Research Launch Payment Service Management for Fraud Prevention; Press Release

Manage Availability and Performance of ACI Proactive Risk Manager (Read More)

Third-party service provider risk and the Unfair and Deceptive Acts and Practices rule; Portals & Rails

Financial institutions and other financial service providers commonly provide products and services through arrangements with third parties. (Read More)

TNS Launches Enhanced Payment Gateway Service in UK and Ireland; Press Release

An enhanced version of the TNSPay gateway service is being launched in the UK and Ireland by Transaction Network Services (Read More)

Gains made in reducing identity theft, but significant fraud losses still loom; Portals & Rails

Was it a mere coincidence that the day following the release of Javelin Strategy & Research's 2011 Identity Fraud Survey Report, CNBC aired American Greed: Operation Get Rich or Die Tryin'? This show examines Albert Gonzalez's hacking into computer networks of retailers (most notorious, TJX Companies) and a payment processor (Heartland Payment Systems) and the subsequent extensive fraud using compromised credit and debit card information. (Read More)

Can mobile address the rising tide of fraud in card-not-present transactions? FED Retail Payments Risk Forum

Combating fraud in credit and debit card payments is a challenge for all payment system participants, from the banks that issue the cards to the merchants that accept those cards as payments for goods and services. (Read More)

VeriFone’s VeriShield Total Protect Integrated with ISD’s Card Data Security Suite; Press Release

ISD Provides Merchants with Integrated End-to-End Encryption and Tokenization (Read More)

Visa Europe and Foregenix join forces to deliver PCI cardholder data discovery education programme; Press Release

Series of independent webinars will begin in February 2011 (Read More)

ThreatMetrix Partners with ActivIdentity to Add Device Identification Capabilities to Their 4TRESS™ Authentication Appliance; Press Release

ThreatMetrix Fraud Network Enables ActivIdentity Customers to Validate Returning Customers Without the Use of Physical Credentials (Read More)

CardNET Brings VeriFone’s VeriShield Total Protect to Dominican Republic; Press Release

Largest Card Processor in Country Ensures it is the Most Secure with VeriFone’s Card Data Encryption Solution (Read More)

Ensuring security of payment systems a big challenge: RBI; DNA

Reserve Bank of India's deputy governor KC Chakrabarty today said ensuring security of payment systems and protecting customers' funds is the biggest challenge before central banks and payments systems operators. (Read More)

Banks May Soon Require New Online Authentication Steps; CIO

The Federal Financial Institutions Examination Council (FFIEC) could soon release new guidelines for banks to use when authenticating users to online banking transactions. (Read More)

Cisco Issues PCI Compliance Pulse Survey Findings – Results Reveal Changing Views on Data Security Compliance; Press Release

Study Highlights Surprising Attitudes on Compliance, Standards Adoption, and Challenges Meeting PCI DSS Requirements (Read More)

Heartland Payment Systems’ E3 End-to-End Encryption MSR Wedge Facilitates Elimination of PA-DSS Scope for Developers’ Payment Applications and Reduces PCI Scope by up to 69 Percent for Merchants; Press Release

Leading PCI QSA finds a properly deployed E3™ wedge solution is one of the most effective data security controls available today and provides significant scope reduction for merchants and POS developers. (Read More)

ClickandBuy Selects Voltage Security to Address PCI DSS Compliance and PII Data Protection Requirements; Press Release

Leading Global Online Payment Processor Will Use Voltage Tokenization Solutions to Protect Confidential Customer Card and Payment Data (Read More)

Genesco reports payment card criminal intrusion; Chain Store Age

The retailer took immediate steps to secure the affected part of its network (Read More)

PCI QSA Determines Heartland Payment Systems’ E3™ End-to-End Encryption Protocol Can Reduce Payment Card Industry Scope by Up to 79 Percent; Press Release

Assessment Finds a Properly Deployed E3 Solution Can Significantly Mitigate the Risk of Data Compromise and is One of the Most Effective Data Security Controls Available to Merchants Today (Read More)

'FRIENDLY FRAUD' A HASSLE FOR YOU, TOO; MSNBC

The next time you call your bank to dispute a fraudulent credit card charge, get ready for some extra hassle. (Read More)

The continuing challenge of workplace fraud in financial services; FED Press Release

Is it true that most economic crimes are committed by insiders? Yes, according to a worldwide study on workplace fraud that the Association of Certified Fraud Examiners' (ACFE) conducted. (Read More)

Shoppers to pay for their goods through the M-PESA service; Prepaid MVNO

In a milestone that is set to re-define the shopping experience, Kenyans can now pay for their goods at supermarkets using the M-PESA service. (Read More)

New Javelin Report on Mobile and Online Identification; Press Release

Online and Mobile Device Identification: Is Your Online Authentication Security Strategy Ready to Go Mobile? (Read More)

PCI Security Council releases Version 2.0 of the PCI Data Security and Payment Application Data Security Standard; Press Release

Feedback from global stakeholders shapes revisions; new standards and website ease implementation for merchants. (Read More)

First Data and VeriFone Collaborate on Data Security Solution; Press Release

Leaders in Payment Card Security Work Together to Offer Complementary TransArmor and VeriShield Technologies to Multi-lane and Petroleum Merchants. (Read More)

DNS – Who's Meeting the Standard: Verizon Releases PCI Compliance Report; The DNS Zone

In its new publication entitled, “Verizon Payment Card Industry Compliance Report,” Verizon focuses on the state of compliance with the Payment Card Industry Data Security Standard (PCI DSS). (Read More)

Over one billion EMV cards now active; finextra

Over a third of the world's payments cards - around one billion - are now EMV with two thirds of terminals - 15.4 million - also on the standard designed to secure transactions at the point-of-sale. (Read More)

ReD predicts major jump in U.S. fraud; The Green Sheet

A new study from payment security firm Retail Decisions Inc. (ReD) indicates card-not-present (CNP) fraud levels are rising in the United States but declining in the United Kingdom - trends that might be correlated. (Read More)

What the eCommerce World Can Expect in 2011; American Chronicle

American Chronicle  As the world climbs out of the global recession, eCommerce is projected to enter a period of strong growth in 2011. The hottest trends will be mobile phone ...(Read More)

In Accepting Mobile Payment, Merchants Face Higher Fraud Risk; MobileBanker

Merchants accepting payments by mobile phones had the highest card-not-present fraud volume in 2009, a Javelin Strategy and Research survey found. (Read More)

Finance apps riddled with security holes - Veracode; finextra

More than half of software applications developed by banks, third party suppliers and cloud service providers contain security weaknesses that would leave them vulnerable to attack by hackers, according to research by software analytics firm Veracode. (Read More)

The PCI Lessons From Google’s Employee Data Breach: Storefront Backtalk

When Google this month fired a programmer for using the search giant’s database to investigate an intriguing teenager; it showed that even the most sophisticated and respected technology brands can have a trusted employee go rogue.  (Read More)

Mexico deploys nationwide voice identification; planet biometrics

Law enforcement agencies across Mexico now have the capability to use an automatic voice identification system as a crime fighting tool. The voice biometrics system - supplied by Russian company, Speech Technology Center - is able to identify speakers by comparing their speech samples to a database of existing voiceprints. (Read More)

EFTEX JOINS PAYMENTS INDUSTRY LEADERS BY GAINING PCI DSS COMPLIANCE

Australian payments processor, EFTEX, has significantly boosted its credentials as an industry leader by achieving PCI DSS compliance. This endorsement of EFTEX’s security procedures and policies comes on the back of Third Party Processor accreditation from MasterCard and Visa earlier this year. (Read More)

Western Union Hosts Fifth Annual Anti-Money Laundering & Anti-Fraud Conference; Press Release

ENGLEWOOD, Colo., Sep 14, 2010 (BUSINESS WIRE) -- The Western Union Company (NYSE: WU) is hosting its fifth Annual Anti-Money Laundering & Anti-Fraud Compliance Conference from Sept. 13 to Sept. 16 in Denver. (Read More)

Cybercriminals Creating Nearly 60,000 Fake Websites to Trick and Infect Users Each Week, Reports PandaLabs; The Wall Street Journal

Three-month investigation shows eBay and Western Union together account for nearly half of all malicious sites exploiting brands - Targeted brands strongly correlate with financial transactions and companies storing sensitive consumer data. (Read More)

U.S. has been slow to adopt safer credit card technology; statesman.com

The U.S. is a technology laggard when it comes to credit cards, and experts say international fraud rings are starting to notice. (Read More)

Friend and Foe? Combating E-Commerce 'Friendly Fraud'  E-Commerce Times

“Many merchants feel that friendly fraud is impossible to detect or prevent. The fact is, there are ways to reduce friendly fraud -- and committing to reduce friendly fraud gives you the added benefit of reduced refund rates.” Tricia Philips (Read More)

Best Practices for Data Field Encryption to Protect Cardholder Information in Transit and Storage; VISA Press Release

Cardholder data security continues to be an important issue for all stakeholders in the payment system. (Read More)

ThreatMetrix Opens European Data Center to Support Fast-Growing Global Customer Base; Press Release

Expanded Investment in Europe Translates Into Unprecedented Reliability, Increased Performance, and Faster and More Accurate Fraud Screening (Read More)

Do Pay-By-Smartphone Systems Put Consumers At Risk? The Consumerist

As smartphones like the iPhone or Droid become more popular and more sophisticated, developers are finding new ways for consumers to use these mobile devices to replace existing items like airplane boarding passes, coupons and now credit cards. (Read More)

Bank Combats Fraud by Forcing PIN Debit; NACS Online

In three states Bonneville Bancorp has removed the option of signature debit, thereby admitting that PIN debit is in fact a more secure method of debit card payment. (Read More)

Apple, PayPal Dodge Questions About Ongoing iTunes Scam; MacNewsWorld

PayPal and financial institutions linked to the service apparently are reimbursing consumers for unauthorized charges made to iTunes -- sometimes thousands of dollars -- but neither PayPal nor Apple has much to say about how the scammers are perpetrating the ongoing fraud, or what -- if anything -- can be done to stop them. PayPal directs queries to Apple, while Apple issues its usual stock security response. (Read More)

Up-and-coming mobile technologies raise payment security concerns; Internet Retailer

Retailers should apply same protections to m-commerce as to e-commerce, experts say. (Read More)

Innovation: Mobile malware develops a money bug; New Scientist

“It's a common tale in the computing world: once you achieve popularity you become a target for hackers. And so it was for Android, Google's smartphone operating system.” Gareth Morgan (Read More)

Zeus Trojan Targets Online Banking, Steals $1 Million from British Accounts: Bank Systems & Technology

A sophisticated new Trojan has over the summer caused some $1 million in losses for a British bank by targeting online banking. And it's being billed as the "most dangerous Trojan virus ever created." (Read More)

Security Vendors Turn Focus to Smartphones: eWeek

As recent acquisitions have shown, mobile security is an area of growing interest for enterprises, with remote management and data protection capabilities at the top of the list. (Read More)

Changes to PCI Data Security Standard leave questions unanswered: COMPUTERWORLD

A new version of the PCI Data Security Standard scheduled for release later this year is likely to attract more attention for what it leaves unaddressed rather than what it changes, analysts say. (Read More)

Latest Jailbreak Shows it’s Time to Secure Mobile Commerce: Mobile-Financial.com

Mobile Commerce should get used to security breaches.  They’re a sign of mobile going mainstream. The mobile ecosystem needs to develop security strategies like the computing industry did in response to viruses and phishing. (Read More) 

Mobile Security’s Becoming a Big Deal For CIOs: Retail Banking Insights

Safety’s at the center of mobile device management at bank IT shops, particularly when it comes to access management and worries over hacking, according to a new Forrester report. (Read More)

Security: Top Hacks, Breaches and Compromises of 2010 (So Far): eWeek

This has been a busy year for both hackers and computer forensic specialists. Whether it was the 4 million usernames and e-mail addresses swiped in a hack of The Pirate Bay or AT&T's Website hack that exposed the e-mail addresses of iPad 3G owners, the first six months of 2010 are a reminder of the realities of today's IT security landscape. (Read More)

That Cute Android Wallpaper May Be Sending Your Data to China: E-Commerce Times

What's a nice app like "My Little Pony" doing in Shenzhen? Delivering the personal information of millions of Android users to a mysterious website, that's what. (Read More)

Apple iPhone, iPad Security Goes Into the Toilet and Down the Tubes: CBS BNET

Citi Discloses Security Flaw in Its iPhone App By SPENCER E. ANTE, The Wall Street Journal

Citigroup Inc. said its free U.S. mobile-banking application for Apple Inc.'s iPhone contained a security flaw and advised its customers to upgrade to a newer version that corrects the problem. (Read More)

Credit Card Numerology: The Luhn Formula; By Eva Norlyk Smith, Ph.D., CreditCardGuide

Do you ever wonder if it would be possible for someone to create a counterfeit credit card, by making up a credit card number and producing a fake credit card with the number encoded in the magnetic stripe? (Read More)

Fraudsters Like Virtual Goods; By BEN WORTHEN, The Wall Street Journal

Fast-Growing E-Commerce Segment Seems More Vulnerable to Cyber Criminals; (Read More)

vWorker Selects ThreatMetrix Fraud Network to Fight Fraud on Its Online Marketplace; Source: ThreatMetrix

ThreatMetrix Helps Protect the Integrity of the vWorker Brand, Its Ratings System and Ensures That Their Transactions Are Secure (Read More)

Hong Kong's Cashless-Payment Operator Under Fire; BY JEFFREY NG, The Wall Street Journal

The operator of a Hong Kong cashless payment system has come under fire after it reversed itself and admitted to selling the personal data of nearly two million customers to business partners, sparking public demands for better regulation of how personal information is handled. (Read More)

Banks anti-fraud measures a top concern for US customers; Source: DeticaNetReveal

Detica NetReveal® and Ipsos MORI survey illustrates account-fraud as top-of-mind for nearly 50% (Read More)

A Bad Week for Higher Ed Security Breaches; Source: The Security Blog

This past week has been a bad one for security breaches in Higher Ed. A few days ago I read about the University of Hawaii - Manoa data breach affecting about 53,000 people. (Read More)

Kansas City Federal Reserve White Paper

The Changing Nature of U.S. Card Payment Fraud (Read More)

Investor, TJX settle suit over data theft; By Hiawatha Bray, The Boston Globe

TJX Cos., which owns the T.J. Maxx and Marshalls discount retail chains, has settled an investor lawsuit related to the theft of millions of its customers’ credit card numbers. (Read More)

Credit Card Hackers Visit Hotels All Too Often; By JOE SHARKEY, The New York Times

HERE’S something that the struggling hotel sector prefers not to spotlight: it is a favorite target of hackers. (Read More)

Heartland ramps up first end-to-end encryption; By Ellen Messmer, Network World

 Heartland Payment Systems, the victim last year of a massive data breach of sensitive card data, vowed after that devastating event to develop new security gear based on end-to-end encryption between itself and its merchants to prevent such a breach from occurring again. That's now taking shape, but slowly. (Read More)

TNS Helps Industry Strengthen Payment Transaction Security; Source: TNS

Transaction Network Services (NYSE:TNS) is playing an increasing role in helping acquirers and merchants protect sensitive cardholder information as payment transaction security continues to be a major issue for everyone involved in the industry. (Read More)

Do You Know Where Your Employee’s Smartphone Is? New Unisys-Sponsored Research Shows IT Organizations Are Playing Catch-Up With Rapid Growth of Consumer Technologies in the Workplace; Source: UNISYS

New global studies reveal organizations are not adequately prepared to manage, support and secure consumerization of IT in the enterprise (Read More)

New PCI DSS Guide for Merchants; Source: PCI DSS Compliance Blog

The guide is intended to provide simple and quick information security steps for small to mid-size merchants that accept credit and/or debit cards as a form of payment. (Read More)

Chip-and-PIN fraud gang jailed; By Tom Espiner, ZDNet

A gang of four Londoners have been jailed for a Chip-and-PIN fraud operation which netted £725,000. (Read More)

Square Suspends Reader Shipments To Deal With Credit Risk And Fraud Issues; Source: mocoNews.net

When Twitter co-founder Jack Dorsey unveiled his latest start-up, Square, in December critics harped that the company, billed as a mobile payments solution that would disrupt the traditional credit card processing world, didn’t get how complicated the payments space is, or how risky. Now, it appears, Dorsey has admitted as much. (Read More)

iovation Partners with Failsafe Payments to Expand Fraud Protection for Merchants; Source: iovation

PORTLAND, Ore.- June 17, 2010 – iovation, provider of the world’s first device reputation service for preventing online fraud and abuse, today announced a partnership with Failsafe Payments to protect merchants and merchant service providers (MSPs) using Certo Payment Gateway. (Read More) 

Leading Colombian Payment Processor and Aggregator Pagosonline Drives South American Business Expansion Using ThreatMetrix to Control Online Fraud; Source: ThreatMetrix

By Helping to Reduce Customers' Fraud Rates, Pagosonline Improves Its Corporate Brand Image and Ability to Sell More (Read More)

June 14, 2010

10 of the Top Data Breaches of the Decade; How Does iPad Security Breach Compare to Others? By KI MAE HEUSSNER,  ABC News

The Internet cried foul last week when news broke that an AT&T security breach exposed the e-mail addresses of at least 100,000 owners of Apple's iPad 3G. (Read More)

June 14, 2010 Press Release

FIS to Acquire Compliance Coach, Inc. Source: FIS

Deal Positions FIS as Premier Provider of Regulatory Compliance Services  (Read More)

June 10, 2010

One Man's Quest To Foil Hackers; By Maureen Farrell, Forbes.com

Identity fraud costs $54 billion a year. Robert Carr aims to alleviate some of that pain. (Read More)

June 10, 2010

Computing with Secrets, but Keeping them Safe; By Tom Simonite, Technology Review

A cryptographic method could see cloud services work with sensitive data without ever decrypting it. (Read More)

June 9, 2010

Mobile banking: Threshold of concern, threshold of alarm and the zone of comfort; By Jan Chipchase, CGAP

Not all transactions are created equal: the very last dollar in your wallet has a higher value than when there’s a stack of notes; an online transaction completed at home has different security implications than one completed in an internet cafe. Service designers have long recognized the need for extra checks and balances for ‘risker’ transactions - and these are typically reflected by levels of authentification. From a user’s perspective we’ve found it useful to frame transactions in terms of thresholds of concern and thresholds of alarm. (Read More)

June 8, 2010 Press Release

Elavon Expands its Powerful Suite of Security Solutions; Source: Elavon

Elavon, a wholly owned subsidiary of U.S. Bancorp (NYSE: USB) and a leading global payments provider, has chosen to extend its comprehensive security solutions suite by adapting technologies from Semtek and Voltage Security to include end-to-end encryption capabilities for its acquiring and gateway solutions. Additionally, Elavon has developed advanced tokenization schemes that will allow merchants to securely access card data for future transactions. (Read More)

June 7, 2010 Press Release

Gemalto Achieves Additional MasterCard Accreditation With its Consulting Services; Source: Gemalto

Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announced receiving MasterCard accreditation for its Gemalto Consulting Services. As the first digital security company to join the MasterCard M/Chip Accredited Third Party program, this accreditation officially endorses Gemalto’s consulting capabilities and its vendor-independent services in contact and contactless deployments worldwide. (Read More)

June 1, 2010 Press Release

MagTek Responds to the SPVA's Recently Published E2E Guidelines; Source: PR Leap

MagTek, Inc., a well known leader in payment security, today responded to the Secure POS Vendors Alliance and its published guidelines on the application of encryption technology (E2E) to payment card data used for retail financial transactions. The guidelines establish an auditable set of requirements that can be used to validate cardholder data security across the many entities that participate in the transport of payment card data. (Read More)

June 1, 2010

Is U.S. Ready for Chip & PIN? Source: BankInfo Security

EMV Chip Cards Are Here, But Debate is About Security Vs. Cost (Read More)

May 28, 2010 Press Release

Top Tier Merchants and the Challenge of Card Data Security; Source: Mercator Advisory Group

New insight into the issues posed by PCI and card number security for merchant category leaders provides guidance and cautions. (Read More)

May 25, 2010 Press Release

PhoneFactor and Fiserv Partner for Phone-Based Multi-Factor Authentication; Source: PhoneFactor

New Option for Secure User Authentication will be Available through the Corillian Online Banking Solution from Fiserv. (Read More)

May 25, 2010 Press Release

ID Analytics Secures Identity-Based Fraud Detection Patent; Source: ID Analytics

Company Receives Third Patent from U.S. Patent and Trademark Office for New Detection System and Method Using Historical Identity Records (Read More)

May 25, 2010 Press Release

VeriFone Offers Payment Security Monitoring Service to Foil Criminals; Source: VeriFone

VPAS - VeriFone PED Authentication Service – Detects Presence of Rogue Devices Installed to Hijack Payment Data Information. (Read More)

May 19, 2010 Press Release

Heartland Payment Systems® and MasterCard Agree to $41.4 Million Intrusion Settlement: Source: Heartland Payment Systems

Company has now reached breach-related settlements with three major card brands. (Read More)

May 12, 2010 Press Release

VeriSign and Bank Associates Merchant Services Bring Extended Validation SSL to More Merchants: Source: VeriSign

BAMS to Now Offer VeriSign EV SSL With E-Commerce Processing Solutions (Read More)

May 11, 2010 Press Release

ID Score® Account Takeover Accurately Pinpoints Account Takeover at Any Point in the Customer Lifecycle; Source: ID Analytics

New Solution Incorporates Comprehensive Assessment of Identity Risk to Reduce Fraud-Related Expenses and Minimize Customer Friction (Read More)

May 4, 2010 Press Release

SoundBite Communications Introduces Real-Time, Interactive Fraud Management Solution for Card Issuing Banks; Source: SoundBite

Leading Issuing Bank Implements Solution to Enhance Fraud Resolution Efficiency and Effectiveness (Read More)

May 4, 2010

Former Con Man Helps Feds Thwart Alleged ATM Hacking Spree; By Kevin Poulsen, Threat Level

A North Carolina grocery worker is being held without bail in Houston on attempted computer hacking charges after inadvertently partnering with an undercover FBI agent in an alleged citywide ATM-reprogramming caper. (Read More )

May 3, 2010

P2P Payments: What You Need to Know;  Early-Adopters Discuss Security Considerations Behind New Trend; By Linda McGlasson, Bank Info Security

U.S. banking institutions are quickly adopting the new, simple payment solution called "Person-to-Person" for customers to send money to family and friends via email or text message. At the top of the list for reasons to deploy this new mobile payments solution: Customer convenience. (Read More)

April 30, 2010 Press Release

ONLY UNIVERSAL ID KEY SYSTEM WILL MAKE FRAUD CRIMES A THING OF THE PAST; Source: Visual Security International Limited

These details show why ONLY the proposed ID KEY system will reduce all fraud crimes to virtually ZERO simply by making outdated signature and PIN systems reliable. (Read More)

April 29, 2010

RBS chief victim of credit card fraud; Source: WalesOnline

Banking chief Sir Philip Hampton has been a victim of credit card fraud, he revealed. (Read More)

April 28, 2010 Press Release

Entrust Brings Strong Authentication to Mobile Devices - Versatile Authentication Platform Secures Consumer and Enterprise Environments; Source: Entrust

Entrust IdentityGuard Mobile enables strong enterprise authentication while protecting against latest malware threats. (Read More)

April 28, 2010 Press Release

BillMyParents Uses ThreatMetrix to Stop Fraud While Facilitating and Protecting Teen Online Spending; Source: ThreatMetrix (Read More)

Leading Online Teen Payments Solution is Able to Take More Orders with Less Friction While Determining Who Is and Who Isn’t a Fraud Threat

April 28, 2010 Press Release

Media Alert: nuBridges’ Gary Palgon to Instruct IT Pros on Data Security Challenges; Source: Nubridges

nuBridges information security expert Gary Palgon will address three timely data security challenges that IT professionals are facing throughout the extended enterprise at COMMON 2010 at the Hilton Orlando. Palgon will discuss how a new data security standard, tokenization, can be used alone or to augment encryption to protect cardholder and personally identifiable information in an IBM i-centric organization; how today’s secure B2B gateways and Managed File Transfer technology can help companies to create a data exchange infrastructure that will ensure compliancy with current and future data security regulations; and why being compliant with data security mandates and laws doesn’t ensure security. (Read More)

April 26, 2010

India is no. 3 haven for hackers; By Debjoy Sengupta, ET Bureau

KOLKATA: India may be poised to become a software superpower by 2020, but it has already emerged as one of the top three spawning grounds for Web-based attacks. (Read More)

April 23, 2010

Blippy’s Response To Credit Card Data Breach: “It’s A Lot Less Bad Than It Looks”; By Jason Kincaid, TechCrunch

Earlier today, VentureBeat detailed a major Blippy privacy breach that exposed user credit card information to search engines. The breach appears to have occurred on a small scale undefined Blippy believes that only four users had their credit cards compromised undefined but the fact that it happened at all is unsettling. After all, Blippy’s service asks users to entrust it with their credit card information (and in some cases, their credentials for online services) undefined it is of paramount importance that Blippy keep that data secure. (Read More

April 22, 2010 Press Release

2010 Payments Fraud and Control Survey; Source: Association for Financial Professionals

B2B payments fraud is still a threat to US organizations, but many are employing fraud control measures to keep it at bay. A majority of organizations experienced attempted or actual payments fraud in last year. However, most now employ measures to combat these threats, using a combination of account-level solutions and services provided by their banks. The 2010 Payments Fraud and Control Survey is underwritten by J.P. Morgan. (Read More)

April 22, 2010 Press Release

Latest Release of Kount Complete Propels Fraud Control Technology Forward; Source: Kount Inc.

New version of powerful fraud-fighting solution gives merchants additional tools to stay ahead of fraud. (Read More)

April 20, 2010

Lesser-Known Vulnerabilities of Mobile Payments By Penny Crosman, Bank Systems & Technology

I recently read the following sentence in an email and was alarmed: "Hackers can extract cryptographic keys from smart-card enabled credit cards and payment devices by monitoring the card's power consumption while in use." It turns out that this vulnerability was discovered in the mid-1990s. "There are elements of it that have been reasonably well solved by the payments industry and there are elements where the story is not yet finished," says Benjamin Jun, vice president of technology at Cryptography Research, which originally discovered the power-based fraud, which is technically known as DPA, for Differential Power Analysis. Jun spoke to Bank Systems & Technology this afternoon in a phone interview. (Read More)

April 20, 2010 Press Release

Vindicia Changes Market Dynamics of PCI Compliance; Hosted Order Automation Eliminates PCI Burden and Delivers Millions in Savings for Online Merchants; Source: Vindicia

Vindicia today announced the availability of its new Hosted Order Automation (HOA) capabilities as part of the Vindicia CashBox™ solution. By using HOA in CashBox, online merchants are able to completely offload PCI compliance to Vindicia while maintaining complete control over their customers' buying experience. HOA allows merchants to accept credit cards on their own order pages, maintain complete control over their customer data, and create a compelling online experience for their customers without ever touching a credit card and subjecting themselves to PCI regulations.  (Read More)

April 15, 2010

New PCI Changes: Network Segmentation, One-Way PAN Hashing; By Walter Conway, StoreFrontBackTalk

When the new version of PCI becomes the law of the card-processing land in October, it will include new rules and clarifications on a wide range of key retail payment complaints. Among the top changes, according to PCI officials, are: a requirement that retailers must perform extensive searches for cardholder data across all their networks and systems; clarification on strong one-way hashing of PANs; a move to a three-year PCI lifecycle; clarification on what constitutes acceptable network segmentation; new wording on what constitutes cardholder data; and the applicability of PCI for card issuers. (Read More)

April 15, 2010 Press Release

Top 3 Israeli banks roll out customer facing Voice Biometrics technology by PerSay;  Source: PerSay Voice Biometrics

Voice Biometrics is poised to become mainstream authentication technology for remote services and applications (Read More)

April 13, 2010

Ingenico and Element Form a Strategic Partnership to Secure End-to-End Transaction Processing; Source: The Wall Street Journal

Partnership Benefits Merchants and Software Providers by Reducing the Scope, Risk, and Cost of Implementing and Maintaining PCI DSS Controls (Read More)

April 12, 2010

Man-in-the-Middle Attacks Against SSL; By Matt Blaze, Schneier on Security

A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much. (Read More)

April 9, 2010 Press Release

MICROS Partners with Trustwave to Offer its Clients Additional PCI Compliance Tools; Source: TrustWave

Additional Layer of Security Enhances Existing Tokenization Solution to Help Manage PCI DSS Compliance (Read More)

April 8, 2010

Italy central bank orders stop to new AmEx cards; By FRANCES D'EMILIO, Associated Press

ROME undefined Italy's central bank on Thursday ordered a stop to the issuance of new credit cards by American Express in the country until the company can improve compliance with laws combating money laundering and usury. (Read More)

April 8, 2010

Cloud security best practices foster rapid deployments; By Laura Smith, CIO News

Other companies have shied away from cloud computing because of security concerns, but the Sun National Bank subsidiary of Sun Bancorp Inc. has taken a pragmatic approach to taking advantage of the cloud's potential for rapid deployment. That approach isn't just a matter of connecting routers and VPNs, the bank's CIO said, but a detailed series of cloud security best practices for partner evaluation, risk assessment and contractual negotiation. (Read More)

April 6, 2010 Press Release

ThreatMetrix to Showcase Leading Online Fraud Detection Solutions at April 13 – 15 Electronic Transactions Association Annual Meeting and Expo in Las Vegas; Source: ThreatMatrix

ThreatMetrix™, a fast growing provider of fraud detection solutions that do not require personally identifiable information (PII), today announced that it will be exhibiting in Booth 856 at the 2010 Electronic Transactions Association (ETA) Meeting and Expo, April 13 – 15, at the Mandalay Bay & Casino, Las Vegas, Nevada. (Read More)

April 6, 2010 Press Release

Heartland Payment Systems and OpenBook Bring State-of-the-Art Data Security to Lodging Industry; Source: Heartland Payment Systems

Heartland Payment Systems(R) and OpenBook(R) -- a division of Yellowstone Hotel Systems -- plan on delivering secure payments to the hotel and lodging industry by integrating Heartland's E3(TM) end-to-end encryption solution with OpenBook's property management software. Heartland is one of the nation's largest payments processors and the American Hotel & Lodging Association's official preferred provider of card processing, check management, payroll and tip management services.  (Read More)

April 6, 2010

Visa reports rise in retail terminal key-logger attacks; By Gill Montia, Banking Times

Visa has recently alerted its transaction processing members and their clients to an increase in keylogger attacks involving retailers. (Read More)

April 6, 2010

Oyster card upgrade underway; Source: ContactlessNews

Transport for London, issuer of the popular Oyster Card, is in the process of upgrading to new, more secure cards. (Read More)

April 1, 2010 Research

Data Security Top Concern for Merchants Yet First Data Survey Finds Many Merchants Unaware of Consequences, Solutions; Source: First Data

First Data recently conducted a survey asking merchants about data security. Not surprisingly, it is a universally important issue: More than 80% of small and mid‐size merchants described themselves “very concerned” about payment card security. But these merchants’ experiences with data violations differ vastly, as does their understanding of the consequences of a breach. (Read More)

March 26, 2010

TJX hacker Gonzalez gets 20 year jail term; Source: finextra

Computer hacker Albert Gonzalez has been sentenced to 20 years in prison for masterminding a string of cyber-attacks on retailers, including TJX, which resulted in the theft of tens of millions of payment card details (Read More)

March 25, 2010

Heartland Preps for Its Big End-to-End Encryption Rollout; Source: Digital Transactions

Merchant acquirer Heartland Payment Systems Inc.’s sales force will begin selling the company’s new end-to-end encryption system in the second quarter following testing that began last June, the company says. Heartland also says several terminal manufacturers are integrating the technological protocols of its system, which was developed by Voltage Security Inc., into their own hardware. (Read More)

March 26, 2010

TJX hacker Gonzalez gets 20 year jail term; Source: finextra

Computer hacker Albert Gonzalez has been sentenced to 20 years in prison for masterminding a string of cyber-attacks on retailers, including TJX, which resulted in the theft of tens of millions of payment card details (Read More)

April 1, 2010 Research

Data Security Top Concern for Merchants Yet First Data Survey Finds Many Merchants Unaware of Consequences, Solutions; Source: First Data

First Data recently conducted a survey asking merchants about data security. Not surprisingly, it is a universally important issue: More than 80% of small and mid‐size merchants described themselves “very concerned” about payment card security. But these merchants’ experiences with data violations differ vastly, as does their understanding of the consequences of a breach. (Read More)

March 30, 2010

Card Fraud in the United States: The Case for Encryption; Source: Aite Group

The card industry should focus on encryption technologies, cutting off the source of card data for criminal networks. (Read More)

March 29, 2010

U.K. online credit card fraud to be handled by specialist team; Source The Thrifty Scot

Over recent years a rising number of people have started to go online in order to conduct their financial affairs, using the Internet to do everything from their day to day banking to dealing with their credit card accounts. (Read More)

March 26, 2010

Security flaw found in new chip credit cards; Source: 3news.co.nz

A British university has identified security flaws in new chip and Pin credit cards that banks in New Zealand are about to introduce. (Read More)

March 26, 2010

Leader of Hacking Ring Sentenced for Massive Identity Thefts from Payment Processor and U.S. Retail Networks; Source: U.S. Department of Justice

The leader of the largest hacking and identity theft ring ever prosecuted by the U.S. government has been sentenced to 20 years and one day in prison for his role in a series of hacks into a major payment processor and several retail networks, announced Assistant Attorney General for the Criminal Division Lanny A. Breuer; U.S. Attorney for the District of Massachusetts Carmen Milagros Ortiz; U.S. Attorney for the Eastern District of New York Benton J. Campbell; U.S. Attorney for the District of New Jersey Paul J. Fishman; and Director of the U.S. Secret Service Mark Sullivan. (Read More)

March 25, 2010

Heartland Preps for Its Big End-to-End Encryption Rollout; Source: Digital Transactions

Merchant acquirer Heartland Payment Systems Inc.’s sales force will begin selling the company’s new end-to-end encryption system in the second quarter following testing that began last June, the company says. Heartland also says several terminal manufacturers are integrating the technological protocols of its system, which was developed by Voltage Security Inc., into their own hardware. (Read More)

March 25, 2010

Credit card companies play security catchup; By ROELAND VAN DEN BERGH, The Dominion Post

Rising fraud and the Rugby World Cup have pushed credit card companies to ditch magnetic swipe cards in favour of more-secure chip cards from next month. (Read More)

March 25,2010

Dave & Buster's Settles FTC Charges it Failed to Protect Consumers' Information; More than 130,000 Customers' Credit or Debit Cards Compromised; Source: Federal Trade Commission

Entertainment operation Dave & Buster’s, Inc. has agreed to settle Federal Trade Commission charges that the company left consumers’ credit and debit card information vulnerable to hackers, resulting in several hundred thousand dollars in fraudulent charges. Dave & Buster’s operates 53 restaurant and entertainment complexes across the country under the names Dave & Buster’s, Dave & Buster’s Grand Sports Café, and Jillian’s. (Read More)

March 25,2010 Press Release

Heartland Payment Systems® E3TM Data Security Protocol Adopted by Leading Payments Manufacturers; Source: Heartland Payment Systems

Several of the world’s leading electronic payments system manufacturers are working with Heartland Payment Systems® (NYSE: HPY), one of the nation’s largest payments processors, to ensure their point-of-sale (POS) devices and other payments platforms offer the highest level of data security to businesses that accept credit and debit card payments. These manufacturers are integrating Heartland’s E3™ protocol, an industry-leading end-to-end encryption solution that leverages Voltage SecureData™ encryption and key management technology. End-to-end encryption is considered the most effective security method available for protecting cardholder data. (Read More)

March 24, 2010

New fraud alerts available for Wells Fargo cardholders; By PETER EICHENBAUM, Bloomberg News

Wells Fargo & Co. executive Kevin Rhein got a firsthand taste of credit-card fraud while walking on a treadmill at home in Minneapolis: An alert on his Blackberry showed his card was used to buy a $1,500 laptop in Las Vegas. (Read More)

March 24, 2010

The Spy in the Middle; are SSL certificates even more broken than we thought? By Matt Blaze, Exhaustive Search

A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much. (Read More)

March 24, 2010 Press Release

Kansas City Federal Reserve Seeks Input for Payment Card Fraud Survey; Source: NACS

The Kansas City Federal Reserve, with the assistance of NACS, has designed a study on payment card fraud that will look closely at fraud-related charge-backs imposed on merchants from all U.S. market segments. NACS is partnering with the Kansas City Federal Reserve to distribute this survey to convenience and petroleum retailers to assist in efforts to fully disclose industry costs associated with card payment, and to advocate for efficient card payment systems. (Read More)

March 23, 2010

U.S. Aims to Bolster Overseas Fight Against Cybercrime; By SIOBHAN GORMAN, Wall Street Journal

The alleged Chinese cyber attacks on Google have spurred proposals at the State Department and on Capitol Hill to establish an ambassador-level cyber security post and to tie foreign aid to a country's ability to police cybercrime. (Read More)

March 18, 2010

Security concerns may be holding back social-media apps; By: Daniel Taylor, oDesk

Social networks are all the rage among web users and developers alike – but increased social-media uptake may be held back by consumers’ security worries. (Read More)

March 17, 2010

E-Commerce Merchants Take on More Risk in Search of More Sales; Source: Digital Transactions

With the economy still shaky, some established online merchants are branching into new product lines in search of incremental revenue, and that can create problems if the merchants don’t work closely with their acquirers, Bob Nadeau, group executive at Chase Paymentech Solutions LLC, tells Digital Transactions News.  (Read More)

March 17,2010

Managing Online Payment Security, Compliance with Cloud-Based Tool; By Marisa Peacock, CMS WiRE

PCI (Payment Card Industry) compliance standards protect personal information and ensure security when transactions are processed using a payment card. Thanks to ClearPoint Metrics new PCI compliance management solution, organizations can manage PCI compliance risk more effectively, and reduce the cost of auditing and reporting. (Read More)

March 17, 2010

5 Burning Questions: Gemalto's VP & General Manager of Secure Transactions, Jack Jania; Source: PYMNTS.com

In this exclusive NEXTcast interview, Jack Jania of Gemalto sat down in the PYMNTS.com Hot Seat to discuss the 5 burning questions on risk and fraud. (Read More)

March 17,2010

30 Second Fraud Checklist for Ecommerce Merchants; Source: The Merchant Account Blog

Credit card fraud and online ordering fraud has hampered ecommerce merchants since the first credit card payment was taken over the internet. Because fraud is still successful, and because there is virtually no way to go after someone you suspect of fraud, it is still a plague to website owners trying to run a business on the internet. (Read More)

March 15, 2010

FBI: Internet Fraud Cost $559 Million in 2009; Source: eWeek.com

A new report from the Internet Crime Complaint Center, a joint effort by the FBI and the National White Collar Crime Center, found the amount of losses from cyber-crime doubled in 2009, and those between the ages of 30-49 were hardest hit. (Read More)

March 12, 2010

FBI: Internet fraud losses more than doubled in 2009- FBI report says e-mail scams, identity theft, spam causing most pain; By Layer 8 by Michael Cooney; Source: NETWORKWORLD

The Federal Bureau of Investigation's annual wide-ranging look at Internet crime found that online crime is indeed paying off - for the criminals as it cost users $559.7 million, up from $265 million in 2008. Further, the agency's Internet Crime Complaint Center (IC3) Web site received a total of 336,655 complaints about online problems, a 22.3% increase over 2008. (Read More)

March 11, 2010

Online fraud levels increase as positive signs are seen over card fraud; A decline in the amount of card fraud is a positive, but UK cardholders should remain vigilant. By Dan Raywood, SC Magazine

Figures released by the UK Cards Association showed that total fraud losses on UK cards fell by 28 per cent between 2008 and 2009 to £440.3 million – a decrease of £170 million on the previous year's total. (Read More)

March 10, 2010

Online banking fraud 'suffers increase'; Source: BBC News

Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, according to new research. (Read More)

March 10, 2010

Why debit card criminals may soon migrate from Canada to the USA; By Jonathan_Chevreau, Financial Post

My column in the FP today and various Canwest dailies -- Thieves hit my bank account -- describes the rising incidence of debit card fraud in Canada. Here's some data that didn't make it into the column but supports my contention that the rise of debit card fraud is near "epidemic" proportions. The data -- from the web site at www.interac.ca -- shows the number of Canadian debit card holders who had to be reimbursed for losses almost quintupled between 2004 and 2009.  (Read More)

March 10, 2010

Biometrics: What, Where and Why; By Mary Brandel, CSO Online

Biometrics are slowly gaining acceptance. Here's a look the most common forms and uses of biometrics and the forces shaping the market. (Read More)

March 9, 2010

Big Merchants Pay $225,000 on Average for PCI Audits, Study Says; Source: Digital Transactions

Getting an annual assessment to determine their compliance with the Payment Card Industry data-security standard costs big merchants an average of $225,000, but some pay $500,000 or more and others much less, according to a new research report by Ponemon Institute LLC. The report also says that only about 2% of card-accepting merchants fail their Payment Card Industry data-security standard (PCI) audits, but more than 40% might fail if they weren’t allowed to use “compensating controls” that often are effectively temporary fixes. (Read More)

March 4, 2010

PCI tokenization push promising but premature, experts say; By Robert Westervelt, SearchSecurity.com

Tokenization technology has the potential to protect credit card data while reducing the scope of a PCI DSS assessment, but a lack of standards and some complexity issues are cause for concern, panelists said Wednesday, at RSA Conference 2010. (Read More)

March 4th, 2010

Cyberthieves Using Bluetooth To Steal Gas Station Credit Card Data; By Evan Schuman, StorefrontBacktalk

When cyberthieves plant skimming devices inside POS PIN pads, they typically have one of two headaches. First, they have to return to the scene of the crime to retrieve the device and its stolen data, which is dangerous. If the thieves use the device to wirelessly phone the data to one of their own, it’s safer initially. But if that data is detected and examined, it could lead law enforcement right to the culpritsundefineda.k.a., problem number two. (Read More)

March 3, 2010

Is Microsoft redeeming itself on security issues? By Robert Mullins, NETWORKWORLD

When Christian Christiansen, an IDC IT security analyst, was briefed by people at Microsoft before the company launched its Trustworthy Computing initiative eight years ago, he was frank: "I told them 'You know it's going to take you 10 years to even start to change widespread customer opinion about how bad you are.'" (Read More)

March 2, 2010 Press Release

NIST Releases Guide for Applying the Risk Management Framework to Federal Information Systems; Source: National Institute of Standards and Technology (NIST)

The final publication of the Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach (NIST Special Publication 800-37, Revision 1) is now available on the National Institute of Standards and Technology’s (NIST) Computer Security Resource Center (csrc.nist.gov). (Read More)

March 1, 2010

Bank fraud rises 10% in 2009 New report reveals high risk of identity fraud; Source: Which?

New data has revealed that the level of bank account fraud in the UK rose by almost 10% in 2009. According to CIFAS, the UK’s fraud prevention service, 80,105 cases of bank account fraud were filed in 2009 – compared with 72,988 cases in 2008. This increase contributes to the overall rise in identity fraud recorded by CIFAS, which saw the number of incidents increase by 32% last year. (Read More)

Feb. 26, 2010

Credit Card Crooks Like to Shop at Best Buy, Target, Amazon; By DALIA FAHMY, ABC News

Chainsaws, Rogaine and X-Box consoles: these are a few of thieves' favorite things. So don't be too surprised if you get a phone call from your credit card company asking if you've suddenly gone bald. (Read More)

February 26, 2010 

Wyndham Hotels Hacked Again; By Robert McMillan, IDG News Service; Source PC World

Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data. (Read More)

February 25, 2010

Smaller, safer, easier, smarter – Todos AB unveils new products; Source: todos

Welcome to the next generation of e-banking and e-commerce security. Todos AB unveils online authentication devices that take security, convenience, flexibility and style to new levels (Read More)

February 25, 2010

Paying at the pump could cost extra thanks to skimmers; By Josh Smith, WalletPop

We've all heard of crooks installing skimmers on ATM machines to steal debit card information, including pin numbers, but a new scheme has been uncovered that is much harder to detect and it happens at a place you might equate with highway robbery -- the gas pump. Reports have come in from across the country of debit card skimmers inside gas pumps that record your debit card number, including PIN, and send it wirelessly to a crook who then makes a fake card and helps himself to your money. (Read More)

February 25, 2010

ATM Skimming: How to Recognize Card Fraud; By Joan Goodchild, CSO Security and Risk

Criminals are increasingly turning to card skimming as a profitable way to steal cash. Would you know what to look for at your local ATM? (Read More)

February 24, 2010

Do Companies Need Fed Cybersecurity Intervention? By Richard Adhikari, E-Commerce Times

The former U.S. director of national intelligence was the latest in a long line of intel gurus telling Congress how woefully under-protected America's infrastructure is from cyberattacks. The Senate is currently mulling the U.S. Cybersecurity Amendment Act of 2009 and considering how much new regulation the government may need to introduce in the name of national security. (Read More)

February 24, 2010

The Cost Of A Breach, Heartland Style: At Least $129 Million; Might Be $229 Million; By Evan Schuman, StorefrontBacktalk

In its latest financial report, Heartland Payment Systems reported that it dropped $129 million on data breach costs last year (an incident that briefly placed Heartland on Visa’s Bad Breach Boy list). The company added that it still has a reserve of $100 million for additional expenses. (Read More)

February 23, 2010

ActivIdentity Empowers Innovative Cloud-Based Digital Identity Service; Source: CNNMoney

Company's Credential Management Solution Selected by idOnDemand to Simplify Issuance and Management of Digital Credentials (Read More)

February 17, 2010

Privacy, Security & Convenience on a Collision Course

Consumer protect yourself. That’s the big takeaway from a new report by Javelin Strategies that was supported by the Better Business Bureau found that the number of identity fraud victims in the United States has jumped by 12 percent to 11.1 million adults – the highest increase to-date since the survey started in 2003 – while the total overall fraud amount increased by 12.5 percent to $54 billion.  (Read More)

February 12, 2010 Press Release

Deluxe Unveils Comprehensive Suite of Identity Theft Protection Solutions for Financial Institutions; Deluxe Provent Helps Lower Risk, Strengthen Account Holder Relationships; Source: Deluxe Corporation

With powerful tools to help prevent and respond to identity theft, Deluxe Corporation (NYSE: DLX), a business partner to nearly 6,400 financial institutions in North America, introduces Deluxe Provent(SM) - a flexible, integrated suite of identity theft protection solutions. (Read More)

February 11, 2010 Press Release

ThreatMetrix to Demonstrate Leading Fraud Prevention Solutions for Etailers at Merchant Risk Council Conference; New Report Says 45% of Large Merchants Plan to Add Device Fingerprinting Technology Solutions in Next 12 Months; Source: ThreatMetrix

ThreatMetrix™, the fastest growing provider of device identification solutions for preventing online fraud, today announced it will demonstrate new fraud prevention solutions for etailers at the Merchant Risk Council e-Commerce Payments and Risk Conference, March 16 – 18, in Las Vegas. On display in Booth 604 will be fraud prevention solutions that extend ThreatMetrix’ leadership position in device identification, a technology that leverages the “fingerprint of a computer” to determine if an online transaction is legitimate or fraudulent. (Read More)

February 11,2010

Oxford scientists develop security protocol for m-payments; Source: finextra.com

Isis Innovation, the University of Oxford's technology transfer company, is looking for commercial partners to help develop a new cryptographic application for securing person-to-person mobile payment transactions. (Read More)

February 11, 2010

Cambridge researchers show that the Chip and PIN system is vulnerable to fraud

Steven J. Murdoch, Saar Drimer, Ross Anderson and Mike Bond, researchers at the Computer Laboratory, University of Cambridge, have shown that flaws in the Chip and PIN system allow criminals to use stolen credit and debit cards, without knowing the correct PIN. (Read More)

February 10. 2010 Press Release

Javelin Study Finds Identity Fraud Reached New High in 2009, but Consumers are Fighting Back; Source: Javelin Strategy & Research

Identity Fraud Affected 11 Million Americans in 2009; Proactive Measures by Financial Institutions, Businesses and Consumers Helped Decrease Costs; Increase in Prosecutions and Convictions (Read More)

February 9, 2010 Press Release

UK Online Fraud Report 2010; Source CyberSource

The most comprehensive guide to UK online fraud is out now and available to download. (Read More)

February 9, 2010 Press Release

Voltage Security Announces Profitable Year with Increased Momentum Across Product Lines; Over 70% Revenue Growth for Fiscal Year

Voltage Security™, the global leader in end-to-end data protection, today announced financial results for the fiscal year ending January 31, 2010. With growing market acceptance of its broad set of encryption solutions, including Voltage SecureData™, its end-to-end encryption product line for enterprise and payment applications, Voltage completed four quarters of year-over-year revenue growth, and three consecutive quarters of profitability and cash generation from operations, resulting in over 70% revenue growth for the fiscal year. The company also was cash flow positive from operations and profitable for the fiscal year. (Read More)

February 8, 2010 Press Release

ID Watchdog Announces Revolutionary New Product that Provides Instant Feedback on ID Theft

idCHECK Makes Identity Theft Analysis Quick, Easy, and Affordable for Every Individual – and is Available for Free for a Limited Time (Read More)

February 8, 2010 Press Release

Bob Carr Appointed to the Secure POS Vendor Alliance Board of Directors; Heartland Payment Systems' Chairman and CEO Joins Payments Security Leadership Group; Source Heartland Payment Systems

Heartland Payment Systems' Chairman and Chief Executive Officer Bob Carr has been elected to the 2010 Secure POS Vendor Alliance (SPVA) Board of Directors. Carr, who has been spearheading the development and implementation of secure payments processing technologies over the past year, will continue to help advance data security through his appointment as Associate Member Director. The SPVA is a nonprofit organization comprised of payments industry leaders who work with multiple stakeholders in the payment value chain to develop an end-to-end security framework and enhance the security of payment solutions. (Read More)

February 5, 2010 Press Release

Financial Services Firms Worry More about Fraud than Customer Convenience According to New Report; Trend Speaks to Growth in Credit Card Fraud and Need for New Fraud Prevention Tools; Source: ThreatMetrix

ThreatMetrix™, the fastest growing provider of device identification solutions for preventing online fraud, today announced the results of at new research report in online banking, “Trends in Online Banking: Fraud Prevention and Customer Authentication.” (Read More)

February 4, 2010 Press Release

Secure POS Vendor Alliance Launches Lab Network to Improve Security Within the Payment Industry; Third party lab certification process extends SPVA reach, provides more confidence to customers; Source: SPVA

The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom (NYSE: HYC), Ingenico S.A. (EURONEXT: ING) and VeriFone (NYSE: PAY) announces the formation of its new Lab Network, a group of labs that will participate with SPVA members, prospective members and the SPVA's Technical Working Groups on security evaluations of the SPVA implementation guidelines. Members of the Lab Network will work together to share best practices and raise the security level within the point of sale industry. (Read More)

February 3, 2010 Press Release

SAGEM WIRELESS AND UPEK PARTNER TO BRING FINGERPRINT-BASED IDENTITY CAPABILITIES TO NEW MOBILE DEVICES; Source: Sagem Wireless

Sagem Wireless, a leader in the design and delivery of customized connected lifestyle devices and services, announced today that it has formed a partnership with UPEK to bring fingerprint identity capabilities to a range of new devices that Sagem Wireless is expected to launch later this year, including new Android-based mobile devices. Sagem Wireless selected UPEK for its superior fingerprint technology, which offers industry-leading recognition accuracy, ruggedness, power efficiency, and enhanced touch-input capabilities as well as its support of a standards-based, open-platform software solution. (Read More)

February 2, 2010

Anatomy of a Data Breach; Source: SmartMoney

A data breach occurs when records containing sensitive personal information, such as names, addresses or social security numbers, are compromised. That could mean the loss or theft of a laptop; a hack into a retailer or payment processor’s database containing credit-card numbers; or a situation in which an employee with access to sensitive information sells it to a third party. (Read More)

February 2, 2010

Are chip and PIN credit cards coming? By Claes Bell, Bankrate.com

The U.K. is all abuzz about "chip and PIN," but it's not a popular pub snack or a nickname for the newest celebrity power couple. It's the credit card security system rolled out in recent years to stem a wave of credit card crime. (Read More)

February 1, 2010 Press Release

Thales payShield Cardholder Authentication safeguards credit card information for payment processors, helping reduce fraud

Thales, leader in information systems and communications security, announces that Thales’s payShield Cardholder Authentication for nShield is now available for its nShield Connect and nShield PCI Express hardware security modules (HSMs). Thales payShield Cardholder Authentication for nShield authenticates credit card users and protects encryption key transfers, safeguarding credit card information and assisting with regulatory compliance such as PCI. payShield Cardholder Authentication for nShield is already widely deployed in web-based applications for MasterCard’s Chip Authentication Program (CAP) and Visa’s Dynamic Passcode Authentication (DPA) for online banking and 3D-Secure applications such as Verified by Visa and MasterCard SecureCode for online payments. (Read More)

January 28,2010

HID Global's iCLASS® Contactless Smart Card Technology Enables U.S. Bank's Award-Winning PayID Card: Collaboration with U.S. Bank Reinforces HID Global’s Position in the Development of Converged Physical Access and Contactless Payment Solutions; Source: HID Global

HID Global, the trusted source for solutions for the delivery of secure identity, today announced the recognition of its iCLASS® contactless smart card technology as a key component in U.S. Bank’s award-winning PayID card program. The PayID card pilot program, which recently won the 2010 Paybefore Award for Most Innovative Program, included HID Global’s iCLASS application. PayID uses a single, all-purpose card to provide contactless physical access to secure U.S. Bank facilities, along with contactless payments and traditional magnetic stripe purchases. (Read More)

January 28, 2010

Benevolent hackers poke holes in e-banking; Source: NewScientist

ONLINE banking fraud doesn't just affect the naive. Last year, Robert Mueller, a director at the US Federal Bureau of Investigation, admitted he'd come within a mouse-click of being a victim himself. Now the extent of the problem has been brought into sharp relief, with computer scientists warning that banking culture is increasing the likelihood that customers are using vulnerable systems. (Read More)

January 27, 2010

Cambridge scientists blast 3-D Secure system ; Source: finextra.com

The 3-D Secure protocol adopted by banks and card schemes under the Verified by Visa and MasterCard SecureCode banners has been branded by Cambridge University academics as "a textbook example of how not to design an authentication protocol" by ignoring good design principles and presenting "signifi cant vulnerabilities". (Read More)

January 27, 2010 Press Release

Verisys Acquires ID Insight's AddressWatch™:  Combination of AddressWatch™ with Verisys® databases will provide another tool to improve the detection of health care fraud and abuse

Verisys Corporation, the developer of FACIS® (Fraud and Abuse Control Information Systems), has acquired ID Insight’s AddressWatch, a trusted data source of U.S. and Canadian addresses and delivery points that pose a high fraud risk. With fraud and abuse widely considered a major contributor to U.S. health care costs, Verisys will integrate AddressWatch’s suspect address data with its FACIS data records of known fraudulent addresses to create one of the largest high-risk address databases available. (Read More)

January 25, 2010 Press Release

ChosenSecurity Partners with idOnDemand. Source: ChosenSecurity

ChosenSecurity and idOnDemand today announced a partnership under which idOnDemand will use ChosenSecurity’s globally trusted digital certificates as part of its integrated smartcard offerings for physical and network environments. Digital certificates enable a wide range of trust for applications: controlling authorization and access to physical and digital assets, protecting against data leakage and supporting compliance with privacy, e-signature and other identity regulations. They provide applications with strong authentication, secure email, digital signatures and data encryption capabilities. By combining digital certificates with smart cards, enterprises get a total solution to their authentication, encryption and digital signing needs. (Read More)

January 25,2010

Different technologies vie to protect payments. Source: Digital News

End-to-end encryption, dynamic cryptograms and EMV are all options being considered to protect payment transaction data in the U.S. The goal is to prevent data breaches, such as the one with Heartland Payment Systems in 2008, and make it easier for merchants and processors to secure the information. (Read More)

January 22, 2010

NFA reveals true extent of UK’s £30 billion fraud loss

The National Fraud Authority (NFA) has released the UK's first comprehensive fraud estimate which estimates that fraud costs the UK over £30 billion a year (1). The figure is published in the National Fraud Authority Annual Fraud Indicator. (Read More)

January 21, 2010

End-to-End Encryption, Tokenization, and EMV in the US: Vendor Analysis of Emerging Technologies and Best Hybrid Solutions ; Source Javelin Strategy & Research

If the merchant’s cardholder data can be taken out of scope or rendered useless to the criminal through methods such as end-to-end encryption, tokenization or EMV, fraud liability and costs associated with PCI compliance can be substantially reduced. A recent flurry of public data breaches has heightened awareness of both the need for and the cost of PCI compliance. (Read More)

January 21, 2010

Heartland Payment Systems: Lessons Learned from a Data Breach

By Julia S. Cheney, Payment Cards Center, Federal Reserve Bank of Philadelphia

On August 13, 2009, the Payment Cards Center hosted a workshop examining the changing nature of data security in consumer electronic payments. The center invited the chairman and CEO of Heartland Payment Systems (HPS or Heartland), Robert (Bob) Carr, to lead this discussion and to share his experiences stemming from the data breach at his company in late 2008 and, as important, to discuss lessons learned as a result of this event. The former director of the Payment Cards Center, Peter Burns, who is acting as a senior payments advisor to HPS, also joined the discussion to outline Heartland’s post-breach efforts aimed at improving information sharing and data security within the consumer payments industry. In conclusion, Carr introduced several technology solutions that are under discussion in payment security circles as ways to better secure payment card data as they move among the different parties in the card payment systems: end-to-end encryption, tokenization, and chip technology. While HPS has been very supportive of end-to-end encryption, each of these alternatives offers its own set of advantages and disadvantages.  (Read More)

January 21, 2010

The Secure POS Vendor Alliance Broadens its International Reach with Five New Payment Company Members

The inaugural year of the Secure POS Vendor Alliance (SPVA) wrapped up with the same enthusiasm with which it began – capped off by the membership of five more leading payment and enterprise security companies. Joining the SPVA are Elavon, ID TECH, Independent Purchasing Cooperative, Inc. (IPC), Voltage Security, Inc., and the first Asia-based company, GHL Systems Berhad. (Read More)

January 20, 2010

Are Tokenization And End-To-End Encryption Substitutes? By Walter Conway, StorefrontBacktalk

Maybe tokenization and end-to-end encryption are just two closely related approaches that can, when properly implemented, accomplish the same thing: minimize your total PCI scope. One thing is for sure, though: Either way, you will need to bring your checkbook. (Read More)

January 20, 2010 Press Release

RSA Global Survey Reveals Confidence in Social Networking Security Shaken as Online Crime Rises. Source: EMC

RSA, The Security Division of EMC (NYSE: EMC), announced the results of its 2010 Global Online Consumer Security Survey that polled more than 4,500 consumers regarding their awareness of online threats, concerns with the safety of their personal information online and their willingness to share it, and desire for better identity protection. (Read More)

January 19, 2010

Cryptography Research Experiences Rapid Adoption of its Security Technologies in 2009; Sees Continued Growth in 2010. Source: (Read More)

The Company’s Patented DPA Countermeasures and CryptoFirewall Security Core Licensed in More Than 4.5 Billion Security Chips Made in 2009

January 19, 2010

MasterCard Submits Comments On Draft Code of Conduct. Source: Yahoo Finance

MasterCard Canada has submitted its comments on the Minister of Finance's Draft Code of Conduct for the Credit and Debit Industry. (Read More)

January 18, 2010

Visa Canada comments on the draft voluntary Code of Conduct for the Canadian Credit and Debit Card Industry. Source: Yahoo Finance

Visa Canada confirmed it will today submit a response to the draft voluntary Code of Conduct for the Canadian Credit and Debit Card Industry issued by the Department of Finance. (Read More)

January 18, 2010

A primer on identity theft. By Sharda Prashad, The Globe and Mail

Challenges small businesses face with regards to identity theft (Read More)

January 10, 2010

CRE Secure Simplifies PCI Compliance for Magento Shopping Cart Online Merchants by CRE Secure Webmaster

CRE Secure, the first cloud-based payment acceptance security platform that is fully compliant with new credit card security rules, announces the release and general availability of a drop-in module for Magento Ecommerce community edition shopping carts, a leading open source ecommerce solution.  The new Magento Ecommerce module further expands the list of leading online shopping cart integrations that CRE Secure has developed to allow online retailers and web-based applications easy connection to CRE Secure’s online payment acceptance and security services. CRE Secure using its patent pending HTML Clone™ technology isolates sensitive cardholder data from any online store or application, and greatly reduces the complexity and associated costs of achieving compliance with Payment Card Industry Data Security Standards (PCI DSS) requirements. (Read More)

December 21, 2009 Press Release

Now You Can Conduct Your Own Background Check With Acxiom’s New I-Check

If you are applying for jobs, rental property, volunteer organizations or seeking other placements, now you can get your own background check from Acxiom I-Check, a low-cost, confidential and in-depth background screening service offered by Acxiom® Corporation (Nasdaq: ACXM). (Read More)

December 8, 2009

Congress probes Visa, AmEx role in Web scam

By Greg Sandoval: cnet news

For years, baffled consumers looked to Visa, MasterCard, and American Express for answers when mysterious charges from "shadowy companies" began appearing on their credit card statements.

Read More

December 8, 2009 Press Release

Unisys Predicts 2010 Yields a Biometrics Boom While Organizations Go on the Offensive to Protect Data

BLUE BELL, Pa., December 8, 2009 – Slashed budgets and reduced staffing numbers delayed many security initiatives in 2009, but the vulnerabilities didn’t retreat and will only intensify in 2010, Unisys security experts predict.

Read More

November 30, 2009 Press Release

“Beat the Cheats” – Unisys Offers Security Tips on How to Avoid Falling Victim to Holiday-Related Scams

Unisys security experts warn of the top 10 holiday scams -- from online shopping swindles to dumpster diving for personal information. Source: Business Wire (Read More)

November 26, 2009 Press Release

The first conference call for the ATMIA ATM Security Forum is scheduled for 11 am EST Thursday 10 December 2009, which is 8 am in Los Angeles, 4pm in London, 5 pm in Brussels, 6 pm in South Africa, midnight in Hong Kong and 3 a.m (the following morning) in Sydney.

Anyone wishing to participate should contact Mike Lee mike@atmia.com

Agenda for 1st Teleconference

1. Welcome

2. Status and role of ATM Security Forum

3. Update on skimming

4. Is malware the biggest emerging threat?

5. Priorities for 2010

6. Next conference call: TBA with 2010 conference call schedule

September 30, 2009

Fiserv Unveils Latest Fraud Risk Mitigation and Anti-Money Laundering Solutions

Fiserv, Inc. (NASDAQ: FISV), the leading global provider of financial services technology solutions, today announced the availability of Fraud Risk ManagerTM 4.6, the newest version of its multi-channel fraud detection and management solution. Also available is AML Manager 4.6, the market-leading anti-money laundering solution. Both Fraud Risk Manager and AML Manager from Fiserv are designed to enhance and optimize financial institutions' financial crime risk management operations, by delivering best-in-class fraud and anti-money laundering (AML) transaction monitoring solutions, integrated with a common platform for automated alert intelligence and investigation, case management and regulatory reporting. Source Fiserv; New releases designed to optimize financial crime risk management operations