March 4th, 2016 by Elma Jane
A number of financial institutions are beginning to implement biometric authentication. They started to replace traditional knowledge-based passwords with biometric authentication.
A British multinational banking is introducing biometric tests for its customers in U.K., letting account holders access online banking using their fingerprint or voice. If you’re using phone-banking services you can register your voiceprint with the company instead of using a regular password. A special voice biometrics technology will analyze a customer’s voice when they call the bank.
Customers using Apple’s Touch ID will be able to access their accounts on their mobile phones using their fingerprint.
Customers in the U.S., Canada, Mexico, Hong Kong, and France will have the technology by the end of the year. Other markets will follow in 2017 and 2018. The British multinational banking and financial services company have nearly 50 million retail banking customers around the world.
Posted in Best Practices for Merchants, Financial Services Tagged with: account, bank, banking, biometric, customers, financial, financial institutions, financial services, mobile, online, retail
February 23rd, 2016 by Elma Jane
Cardless ATM’s Could Help Push Mobile Wallet Adoption
The mobile wallet will be the payment method in five to 10 years.
Cardless ATM transactions is a great way to introduce smartphones as payments devices. It could help with the adoption of mobile payments and wallets. Mobile Smart Phones will become the piece of plastic and cards will be a thing of the past…
A multinational banking corporation intends to use (NFC) near-field communication for its service. It will let customers leverage NFC technology on their smartphones to authenticate at the bank’s ATM without a debit card.
An NFC cardless ATM transactions could be compatible with Apple Pay which uses NFC technology.
Benefits:
Speedier ATM cash withdrawal takes about 15 seconds without the debit card compared with 60 to 90 seconds with a debit card, whether it’s a chip or magnetic-stripe transaction.
Safer ATM transaction. No physical connection between the phone and ATM, skimming device to intercept the transaction is gone.
The barcode represents the time of day and what terminal the transaction is taking place at. Everything is tokenized.
Cardless ATM transactions are interesting and an appropriate evolution.
Posted in Best Practices for Merchants, Near Field Communication, Smartphone Tagged with: banking, cards, debit card, Mobile Payments, mobile wallet, Near Field Communication, nfc, payments, transactions
November 19th, 2015 by Elma Jane
Cyphort Advance Malware Defense, the next generation Advanced Persistent Threat (APT) defense company, recently analyzed the top financial malware threats cybercriminals are using to target electronic payment systems. This will raise awareness of the dangers they present.
Most dangerous financial malware threats of 2015:
Zeus – Since debuting in 2007, this malware has infected tens of millions of computers worldwide. Financial service professionals consider it to be the most severe threat to online banking.
SpyEye – This Trojan horse has infected 1.4 million computers worldwide. Banking information is stolen using a keylogger application, and the bot can take screenshots of a victim’s machine.
Torpig – This botnet is spread using a Trojan horse called Mebroot. Torpig steals targeted login credentials to access bank accounts. It is difficult to detect because it hides its files and encrypts its logs.
Vawtrak – This a relatively new Trojan that can spread itself via social media, email and file transfer protocols. Its unique feature is that it can hide evidence by changing the balance shown to the victim.
Bebloh – This malware targets login credentials to intercept online transactions and breach financial systems.
Shylock – Attacks European banks via Man-in-the-Browser exploits. Worldwide, it has infected 60,000 computers using Microsoft Windows.
Dridex – Malicious code is executed via email attachments and Microsoft Word documents that contain macros that can download a second-stage payload, which can then download and execute the Trojan.
Dyre – Relies on malicious PDF attachments that can exploit unpatched versions of Adobe Reader. The email subject line will be misspelled and read “Unpaid invoic” or contain the attachment “Invoice621785.pdf.” Once the document is opened, Dyre can obtain bank account credentials.
Financial malware has been around for more than a decade, it is quickly evolving in sophistication, to make sure your organization is protected from financial malware, Cyphort recommends the following:
- Keep system and applications patched.
- Educate employees to be careful when visiting websites with popups. If a person does need to go to such a site, do so from a non-Windows platform.
- Adopt a new defense paradigm that continually monitors, diagnoses and mitigates attacks.
Posted in Best Practices for Merchants Tagged with: bank, banking, electronic payment systems, financial, financial service, financial systems, online transactions, payment
September 11th, 2014 by Elma Jane
Every year Americans take more than 59 million trips abroad. Yet many of us don’t know which questions to ask regarding the use of credit cards. Before you hit the road, let your card issuer know where and when you’ll be traveling, so it doesn’t mistake those overseas charges with fraudulent activity. Start asking some questions below:
Does my card charge a foreign transaction fee? Because these fees can run as high as 3% and can be quite costly.
Does my card have an EMV chip? A smart chip widely used in Europe and other places. Contact your credit card provider and see if they can provide you at no cost a chip-and-PIN card if you don’t already have one. Most of the card companies are moving this way, but typically you have to request it.
Does my card offer any travel perks? You may want to inquire about additional coverage your card may provide you when you’re abroad such as insurance for accidents, lost luggage or auto collision.
How can I get cash overseas? Reach out to the bank or credit card provider and find out what relationships they have in the local market you’re traveling to. This will be helpful for avoiding ATM fees. Additionally, if you need to access cash from your credit card, they’ll be very helpful if you do it through a banking institution that has a relationship with your provider.
Will my card be accepted at my destination? Thirty to sixty days before traveling contact your bank or credit card provider and ask some important questions. Find out if their card is going to be accepted or if there will be any restrictions for it to be used abroad.
The best thing to do is to have a plan before you travel. Know how to minimize your fees and protect your credit cards. Then you can enjoy your adventure.
Posted in Uncategorized Tagged with: atm, ATM fees, bank, banking, banking institution, card, card issuer, chip, Chip and PIN, chip-and-PIN card, credit card provider, credit cards, EMV, EMV chip, fee, fees, foreign transaction fee, institution, PIN, provider, transaction, transaction fee, travel
June 17th, 2014 by Elma Jane
BioCatch, an Israeli startup that uses behavioural biometrics to authenticate visitors to banking and e-commerce sites, has raised $10 million in a funding round. BioCatch aims to eliminate passwords and authentication dongles for online banking and shopping, replacing them with a system that recognizes users by how they physically use their computer or tablet. The firm’s technology collects and analyses over 400 bio-behavioral, cognitive and physiological parameters based on how people type and move a cursor around to create unique profiles for visitors to sites.
In addition, the system creates invisible challenges for visitors to sites. For example, when a user moves the cursor towards a button, they are deliberately knocked slightly off course and subconsciously have to correct in what the company says is a way unique to them. This, argues BioCatch, is more secure than traditional authentication methods, demonstrating an 80% reduction in false positives for detecting the same amount of fraud. It also significantly reduces friction for the customer because the system automatically kicks in when they visit a site using the technology. BioCatch says that it has signed up several unnamed banks and e-commerce sites, and that it will use the new funding to push on in North American and Europe as well as to expand R&D efforts. Funding will also allow to continue strengthening BioCatch offering and expand global reach in strategic markets, while keeping the world’s largest and most influential institutions safe and secure.
Posted in Best Practices for Merchants, e-commerce & m-commerce Tagged with: banking, banking and e-commerce, behavioural biometrics, BioCatch, biometrics, computer, e-commerce, funding, online banking, R&D, tablet
May 19th, 2014 by Elma Jane
Keeping your business’s finances in order doesn’t have to take all day. Bookkeeping is a necessary for small business owners, but it’s a time-consuming chore.
If you use QuickBooks for payroll, inventory or keeping track of sales, there are several timesaving shortcuts you can utilize to make bookkeeping easier.
Time-saving tips for getting the most out of QuickBooks in the least amount of time. Help you spend more time building your business and less time using QuickBooks.
Download data whenever possible. Even after factoring in initial setup time, downloading banking and credit card activity directly into QuickBooks is a huge time saver. Doing this will minimize the chance of human error and enable you to record activity faster than if you did it manually.
Make the Find feature your friend. Using the Find feature is the most efficient way to locate a particular invoice in QuickBooks. Those who usually open the form and click Previous until the form appears on the screen know how tedious this process can be. The Find tool will search for almost any transaction-level data, depending on your filters.
Memorize transactions. QuickBooks has the capability to memorize recurring transactions (invoices, bills, checks, etc.) and set them for automatic posts daily, weekly, monthly, quarterly and annually, eliminating the need to enter the same transaction into the software every month.
Use accounts payable aging. Use this feature for a snapshot on who you owe money to and manage your cash flow more efficiently.
Use accounts-receivable aging. Use this feature for a snapshot of information on who owes you money, how much you are owed and how long the individual has owed you.
Use classes. Classes can be very helpful to track income and expenses by department, location, separate properties or other meaningful breakdowns of your business.
Use QuickBooks on the go with remote access. Remote-access methods include QuickBooks Online, desktop sharing and QuickBooks hosting on the cloud, which allows you to take the program on the go and make changes no matter where you are.
Posted in Best Practices for Merchants Tagged with: accounts, accounts payable, banking, banking and credit card, bills, Bookkeeping, card, cash flow, checks, cloud, credit, data, desktop, desktop sharing, finances, hosting, income and expenses, invoices, online, program, QuickBooks, Remote-access, software, transaction
April 11th, 2014 by Elma Jane
Of the 17 percent of consumers who reported having had their credit card declined during a card-not-present (CNP) transactions. As many as one-third of those declines were unnecessary. The result is consumer aggravation, increased operational costs for banks and credit card companies and as much as $40 billion in lost revenue for online retailers.
TrustInsight which helps establish trusted relationships between financial institutions, merchants and online consumers conducted study. A report and infographic detailing the findings of the study found that avoidable online credit card declines lead to loss of trust for consumers, sales for merchants and increased operational costs for credit card companies and issuing banks.
Study also revealed that consumers handle credit card declines in a variety of ways all of which carried negative economic impact to at least one party in the transaction, resulting in unnecessary operating costs for banks, decreased loyalty for the credit card company and lost revenue for all. Almost half call their issuer immediately when their card is unexpectedly declined. This is a natural response. 34 percent of consumers try again another credit card, other use a different payment method and 24 percent will skip the purchase altogether or shop at a different online retailer.
No one wants to turn away business, and no one wants their business declined. The frustration and impact of wrongful declines is a real problem especially as more and more transactions occur in non-face-to-face situations.
Impact of consumer action in the face of a decline can have real and measurable effects on all parties, including credit card companies, banks and merchants manifesting itself in lost customer loyalty, lost fees and lost revenues. Creating a standard for online trust that enables credit card companies, merchants and issuing banks to better recognize trusted digital consumers and reduce the number of wrongly declined consumers avoiding unnecessary losses.
In a world where people are increasingly reliant on a variety of Internet-connected devices for everything from banking to shopping to entertainment and media, creating friction-free customer experiences and preventing online fraud are constant business challenges.
Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Financial Services, Gift & Loyalty Card Processing, Merchant Services Account, Small Business Improvement, Visa MasterCard American Express Tagged with: banking, consumers, credit-card, decline, declined, declines, different payment method, digital, digital consumers, financial, frustrate, internet-connected devices, issuing banks, loyalty, Merchant's, online credit card declines, online fraud, online retailers, shopping, transactions, wrongful declines, wrongly declined
March 14th, 2014 by Elma Jane
Merchant and Consumer Groups Seek Senate Support To Forego EMV Chip and Signature As Breach Concerns Rise
There’s no shortage of answers in trying to put a stop to hackers set on throwing chaos into the way consumers transact at the point of sale, or online for that matter. Yesterday, the Banking, Housing and Urban Affairs subcommittee on national security and international trade and finance got its chance to hear some of them.
During the hearing, William Noonan, deputy special agent in charge, U.S. Secret Service, noted the advances in computer technology and greater access to personally identifiable information online, which have created a virtual marketplace for transnational cyber criminals to share stolen information and criminal methodologies. As a result, the Secret Service has observed a marked increase in the quality, quantity, and complexity of cyber crimes targeting private industry and critical infrastructure. These crimes include network intrusions, hacking attacks, malicious software, and account takeovers leading to significant data breaches affecting every sector of the world economy.
The recently reported data breaches of Target and Neiman Marcus represent only the most recent, well-publicized examples of this decade-long trend of major data breaches perpetrated by cyber criminals intent on targeting the nation’s retailers and financial payment systems. The increasing level of collaboration among cyber-criminals allows them to compartmentalize their operations, greatly increasing the sophistication of their criminal endeavors and allowing for development of expert specialization. These specialties raise both the complexity of investigating these cases, as well as the level of potential harm to companies and individuals.
So how should the industry react to prevent further breaches? Those opinions provided during testimony at the hearing varied widely, though both consumer and merchant groups would like the card networks to give up requiring only signatures for smart card purchases at the point of sale.
Consumer program director at the U.S. Public Interest Research Group, called for myriad of changes, citing that the greater risk from the recent breaches is less related to identity theft than it is to fraud on existing accounts, and he said it’s time for players on both sides of the transaction to focus more on protecting consumers than on managing their own risk.
Until now, both banks and merchants have looked at fraud and identity theft as a modest cost of doing business and have not protected the payment system well enough. They have failed to look seriously at harms to their customers from fraud and identity theft -including not just monetary losses and the hassles of restoring their good names, but also the emotional harm that they must face as they wonder whether future credit applications will be rejected due to the fraudulent accounts.
As a first step, Congress should institute the same fraud cap, $50, on debit/ATM cards that exists on credit cards, or eliminate the $50 cap entirely, since it is never imposed because of the zero-liability policies issuers have voluntarily have imposed. Congress also should provide debit and prepaid card customers with the stronger billing-dispute rights and rights to dispute payment for products that do not arrive or do not work as promised, just as many credit card users enjoy.
Congress should endorse a specific technology, such as EMV smart cards and if it does, require the use of PINs when initiating smart card transactions. The current pending U.S. rollout of chip cards will allow use of the less-secure chip-and-signature cards rather than the more-secure chip-and-PIN cards. Why not go to the higher-and-PIN authentication standard immediately and skip past chip and signature? There is still time to make this improvement.”
Retailers have spent billions of dollars on card-security measures and upgrades to comply with PCI card security requirements, but it hasn’t made them immune to data breaches and fraud. The card networks have made those decisions for merchants, and the increases in fraud demonstrate that their decisions have not been as effective as they should have been.
The card networks should forego chip and signature and go straight to chip and PIN. To do otherwise would mean that merchants would spend billions to install new card readers without they or their customers obtaining PINs’ fraud-reducing benefits. We would essentially be spending billions to combine a 1990’s technology chips with a 1960’s relic signature in the face of 21st century threats.
Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, Electronic Payments, EMV EuroPay MasterCard Visa, Financial Services, Merchant Services Account, Payment Card Industry PCI Security, Point of Sale, Small Business Improvement, Visa MasterCard American Express Tagged with: banking, Breach, card networks, card-security, chip and signature, chip cards, chip-and-PIN cards, computer technology, credit applications, credit cards, critical infrastructure, cyber crimes, cyber-criminals, data breaches, debit atm cards, EMV, hackers, hacking attacks, international trade and finance, malicious software, managing risk, merchant, national security, netwrok intrusions, new card readers, online, payment system, pci card security requirements, PIN, point of sale, prepaid card customers, smart card transactions, technology chips, the secret service, transnational cyber criminals, virtual marketplace, world economy
October 31st, 2013 by Elma Jane
While credit card processors and retailers have made strides to combat credit card fraud, it is still rampant across the U.S. In fact, credit card fraud jumped 17 percent between January, 2011, and September, 2012, according to the most recent data from the FICO Falcon Fraud Manager Consortium.
Debit cards obviously have better safeguard measures in place, since debit card fraud rose less than 1 percent between January, 2011, and September, 2012. Plus, the average fraud loss per compromised account fell by 3 percent.
Card-not-present (CNP) fraud is the biggest challenge by far, accounting for 47 percent of all credit card fraud. CNP fraud – which includes payments via the internet, mail and phone – grew 25 percent over the two-year period. So, where the problems with credit cards lie.
Unfortunately, CNP fraud may get worse before it gets better, in FICO’s Banking Analytics Blog. This problem may even intensify as the US moves away from magnetic stripe and toward EMV [chip] card technology. In other countries adopting chip-based authentication technology, we’ve seen counterfeit fraud decline, but as a counterbalance, fraudsters often ramp up efforts around CNP fraud.
However, there was a glimmer of light in the credit card fraud fiasco. While card fraud attempts rose, the average loss per compromised account dropped 10 percent. Plus, the ratio of fraud to non-fraud spending remained constant. “In other words, the volume of card fraud increased proportionally to the volume of consumer credit card spending.
Even though many retailers have implemented successful fraud prevention programs, Visa provides retailers with the warning signs for CNP fraud, including:
Multiple cards used from a single IP address. Orders made up of “big ticket” items. Orders that include several of the same item. Shipping to an international address. Transactions with similar account numbers.
Posted in Digital Wallet Privacy, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Payment Card Industry PCI Security Tagged with: account, analytics, authentication, banking, big ticket, card-not-present, chip card, chip-based, cnp, counterfeit, credit-card, debit cards, EMV, fraud, fraudsters, international, internet, magnetic stripe, mail, non-fraud, orders, payments, phone, prevent, processors, retailers, safeguard, spending, transactions, visa
October 24th, 2013 by Elma Jane
Reflecting recent research that concludes mobile payment adoption remains low, Total System Services Inc. (TSYS) issued results from a survey that confirm consumers prefer banking applications other than payments for their mobile devices.
While reinforcing the dominance of debit and credit cards as payment mechanisms, the TSYS 2013 Consumer Payment Choice Study revealed that mobile devices are used as a tool for ancillary financial services, such as checking account balances and accessing discounts and rewards.
“For now, the hype largely remains hope for mobile from a payments standpoint,” the survey said. “On a relative basis, consumers would overwhelmingly prefer to have the ability to use their smartphone to monitor transaction activity or prevent fraud versus using their mobile phone as a form factor in a transaction.”
Columbus, Georgia-based processor TSYS found in its third annual survey that, out of 1,000 consumers surveyed online in the summer of 2013, 40 percent of respondents were interested in using mobile devices to instantly stop illegitimate transactions. Additionally, 37 percent indicated that the ability to view in real-time the transactions made with debit and credit cards was also an important feature.
Receiving instant offers and promotions from stores being visited (33 percent); temporarily blocking and unblocking purchases using certain bankcards (29 percent); and paying for purchases using reward/loyalty points (28 percent) rounded out the top payment-related uses for smartphones.
At the bottom of the scale was to pay for purchases with mobile wallets (25 percent) and to use credit or debit card-funded prepaid accounts for the same purpose (22 percent). “Industry observers regard mobile payments as an assumed eventuality,” TSYS stated. “Our survey results indicate that consumers are presently more interested in increased non-payment functionality on their mobile device.”
But the processor remains optimistic about the promise of mobile payments. “We believe that as the infrastructure matures and the ability to use mobile payments becomes more widespread, this trend will change,” TSYS said.
Prepaid undermarketed?
In addressing the role of prepaid cards in the payment mix, TSYS expressed surprise that prepaid cards are apparently not being marketed aggressively by financial institutions. The processor noted that major banks jumped into the prepaid card industry in 2012 to offer general-purpose reloadable (GPR) prepaid cards as checking account alternatives.
But TSYS found that just over 10 percent of survey respondents indicated they had received GPR card offers from their banks. TSYS attributed that low percentage to the fact that the survey respondents were by default credit and debit card users, while GPR cards are primarily targeted to individuals without access to credit or debit cards.
Regardless, survey respondents aged 35 and younger accounted for 64 percent of those who had received such offers. “It could be that the younger demographic on average represents a less profitable checking relationship for banks, or that banks perceive them to be more receptive to the offering,” TSYS said.
Steady goes debit and credit
Consumer payment preferences in 2013 remain relatively unchanged from previous years, according to TSYS. Debit still trumps credit as the preferred payment instrument overall, with both methods being favored by every eight of 10 survey respondents. Debit is still the clear winner when it comes to supermarket shopping and gas purchasing, while credit is preferred when dining out and shopping in department stores. But when it comes to fast food cravings, cash is still king.
On the opposite end of the spectrum, and also consistent with TSYS’ 2012 report, only 11 percent of respondents said being able to set up text message alerts for account balances and transactions was most valuable, and a mere 6 percent valued the ability to register payment cards in mobile wallets.
However, credit tops debit for online purchases, TSYS said. Further of note is that PayPal Inc.’s digital wallet service rivals debit online, with both payment methods favored by roughly one-fifth of respondents. But for small-dollar purchases, like coffee and donuts, cash remains the preferred payment vehicle, despite innovative mobile schemes offered by companies like Starbucks and Dunkin’ Donuts.
Posted in Credit card Processing, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Gift & Loyalty Card Processing, Internet Payment Gateway, Mail Order Telephone Order, Merchant Services Account, Mobile Payments, Smartphone Tagged with: account, adoption, applications, banking, checking, consumers, credit cards, debit, devices, discounts, financial services, form factor, general-purpose, gpr, infrastructure, low percentage, mechanisms, mobile, mobile wallets, non-payment, offers, online, payment, payment related, phone, prepaid, processor, profitable, promotions, real-time, reloadable, reward/loyalty, rewards, smartphone, transaction, tsys