April 20th, 2015 by Elma Jane

With each year comes a new set of security risks businesses need to be aware of. The threats that have seen the most growth over the last year include point-of sale (POS) malware, malware traffic within secure and encrypted HTTPS websites and attacks on computer systems designed to control remote equipment.

Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed. Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.

The large number of highly publicized POS breaches last year has heighted the need to make sure that businesses that use these devices are properly protecting them.

Malware targeting point-of-sale systems is evolving drastically, and new trends like memory scraping and the use of encryption to avoid detection from firewalls are on the rise. To guard against the rising tide of breaches, retailers should implement more stringent training and firewall policies, as well as reexamine their data policies with partners and suppliers.

For many years, businesses thought using a secure HTTPS Web connection protected them from a security breach. That no longer appears to be the case. While the increased number of businesses moving to a more secure Web protocol is a positive trend, hackers have identified ways to exploit HTTPS as a means to hide malicious code. Since the malware transmitted over HTTPS is encrypted, traditional firewalls fail to detect it.

Just as encryption can protect sensitive financial or personal information on the Web, it unfortunately can also be used by hackers to protect malware. One way organizations mitigate this risk is through SSL-based Web-browser restrictions, with exceptions for commonly used business applications to avoid slowing company productivity.

Several identified trends and predictions for the coming year, including the following:

Android will remain a main target for hackers. More sophisticated techniques will be developed to hinder Android malware researchers and users by making the malware hard to identify and research.

As wearable technology becomes more prevalent, expect to see malware start to target these devices.

Digital currencies, including Bitcoin, will continue to be targeted.

More organizations will enforce security policies that include two-factor authentication, which will likely increase the number of attacks on these technologies.

 

Posted in Best Practices for Merchants, Credit Card Security, Mobile Point of Sale, Payment Card Industry PCI Security, Point of Sale Tagged with: , , , , , , ,

August 4th, 2014 by Elma Jane

Run through a non-profit organisation, Stellar is a decentralized protocol for sending and receiving money in any pair of currencies, be they dollar, yen or bitcoin. The system works through the concept of gateways that let people get in and out of the network. Users hold a balance with a gateway, which is any network participant that they trust to accept a deposit in exchange for credit on the network. To cash out, a user invokes the promise represented by a gateway’s credits, returning them in exchange for the corresponding currency.

Like Ripple, Stellar comes with its own built-in digital currency, which will be given away for free to people who sign up via Facebook, to nonprofits and to current bitcoin and Ripple holders. Initially there will be 100 billion ‘stellars’ (five per cent of which will be kept back to fund the nonprofit) with the supply increasing at one per cent a year. Although stellars will have a market-determined value, their main purpose will be to provide a conversion path between other currencies. This means that when two parties exchange money through the distributed exchange, stellars sit in the middle. Example, a user might submit a transaction which converts EUR credits to stellar and then converts those stellar to AUD credits. Ultimately, the user will have sent EUR, the recipient will have received AUD, and two exchange orders will have been fulfilled.

Developers are being invited to jump in and work with the open-source code and build applications on top of Stellar. The project has secured the backing of payment industry darling Stripe, which has handed over $3 million in exchange for two per cent of stellars. Stellar is highly experimental, but it’s important to invest effort in basic infrastructure when the opportunity arises. Stellar could become a much better substrate for a lot of the world’s financial systems.

 

Posted in Internet Payment Gateway Tagged with: , , , , , , , , , , , , ,

January 21st, 2014 by Elma Jane

A “cryptocurrency” is a peer-to-peer, decentralized, digital currency. Cryptocurrencies offer the potential for merchants to one day break the stranglehold of credit card processing fees. Cryptocurrencies are a disruptive technology that should be actively followed and considered. After all, online commerce is itself a disruptive technology.

Bitcoin

Bitcoin’s high cryptographic security allows it to process transactions in a very efficient and inexpensive way. You can make and receive payments using the Bitcoin network with little or no fees, and without a merchant account. Payments are made from a wallet application, either on your computer or smartphone, by entering the recipient’s address, the payment amount, and pressing send. To make it easier to enter a recipient’s address, many wallets can obtain the address by scanning a QR code or touching two phones together with NFC technology. Market Cap: $10.6 billion (12.1 million coins).

Bitcoin is the first implementation of a cryptocurrency, which was first described in 1998 by Wei Dai and specified by Satoshi Nakamoto in 2009, establishing a decentralized form of money that uses cryptography to control its creation and transactions. New Bitcoins are generated by a competitive and decentralized process called “mining,” the process of spending computing power to process transactions, secure the network, and keep everyone in the system synchronized together. The number of new Bitcoins created each year is automatically halved over time until Bitcoin issuance halts completely with a total of 21 million Bitcoins in existence.

Feathercoin – is based on Litecoin’s Scrypt-based hashing algorithm for GPU mining, rather than requiring Bitcoin’s expensive ASIC mining hardware. Feathercoin uses advanced checkpointing to provide additional security through a form of centralization without having to redistribute the Feathercoin software. At mining completion, 336 million coins will be produced. Market Cap: $11 million (26.2 million coins).

Litecoin – is based on the Bitcoin protocol, but differs from Bitcoin in that it can be efficiently mined with consumer-grade hardware. Litecoin provides faster transaction confirmations and uses a mining proof-of-work algorithm to target the regular computers with GPUs — graphics processing unite — most people already have. Litecoin provides a mining algorithm that can run at the same time on the same hardware used to mine Bitcoins. The Litecoin network is scheduled to produce 84 million currency units. Market Cap: $731 million (23.9 million coins).

Megacoin – raises the most red flags among this list of cryptocurrencies. Launched just six months ago, fifty percent of the total coins have been mined. Upon mining completion, only 42 million coins will exist. Its branding might lead an investor to believe it is associated with billionaire Kim Dotcom’s Mega.co.nz, but there is no connection. If you are interested in monitoring the fate of the more speculative cryptocurrencies, this is one to watch. Market Cap: $15.3 million (21.2 million coins).

Namecoin – is based on the Bitcoin source code. A cryptocurrency, Namecoin also acts as a DNS, a decentralize domain name system to buy, register, configure, and sell domains. The first project using Namecoin is the .bit domain. Market Cap: $44.4 million (7.4 million coins).

Peercoin –  is a cryptocurrency project forked from Bitcoin that strives to achieve energy efficiency and increased security. Like other cryptocurrencies, initial coins are mined through the more commonly used proof-of-work hashing process. However, unlike other coins, as the hashing difficulty increases over time, users continue to be rewarded with coins generated by the additional proof-of-stake algorithm. Unlike most cryptocurrencies, Peercoin does not have a fixed money supply. Market Cap: $90.1 million (20.9 million coins).

Primecoin – is the first cryptocurrency with non-hashcash proof-of-work. Primecoin’s proof-of-work is based on searching for prime number chains, providing potential scientific value in addition to minting and security for the network. Similar to Bitcoin, Primecoin enables instant payments to anyone, anywhere in the world. It also uses peer-to-peer technology to operate with no central authority. Primecoin is also the name of the open source software that enables the use of this currency. Market Cap: $13.8 million (3.5 million coins).

ProtoShares – are used to mine Distribute Autonomous Corporation (DAC) backed cyrptocurrencies while they are still in development by Invictus Innovations. DACs are essentially automated businesses that perform services. And so ProtoShares are stakes in future cryptocurrency platforms. Cryptocurrencies under development are BitShares for asset trading and DomainShares for domain services. Protoshares will achieve a maximum supply of approximately 2 million coins in 2 years. BitShares money supply will be about 20 million coins. Market Cap: $23.1 million (1.1 million coins).

Quark –  is a cryptocurrency that focuses on enhanced security, using nine separate rounds of encryption and six different algorithms. Quark is mined by CPU only, with 247 million mined in the first six month and then an additional 1 million units mined every year. Quark coin will continue to release coins in perpetuity at an inflation rate of .5% per year. Market Cap: $47.4 million (246.3 million coins).

Worldcoin – seeks to become the cryptocurrency of choice for merchants and consumers for their everyday transactions. Transactions are fully confirmed in about 60 seconds. Due to frequent block generation (30 seconds), the network supports more transactions without a need to modify the software in the future. At mining completion, 265 million coins will be produced. Market Cap: $20.6 million (35.2 million coins).

Posted in e-commerce & m-commerce, Electronic Payments, Financial Services, Internet Payment Gateway, Mobile Payments, Near Field Communication Tagged with: , , , , , , , , , , , , , , , , ,

November 22nd, 2013 by Admin

As we move to smartphones and tablets as payment methods security and privacy concerns are a real issue. With recent NSA leaks shedding light on our data and the access others have to it, we have to consider security, privacy and health implications. This year alone e-commerce transactions on smartphones and tablets during the holiday season are set to grow by 15%. Although tablets, not smartphones will drive the bulk of that growth, smartphones are set to overtake mobile-commerce payments over the next 5 years. Tablet payments in the U.S. alone are expecting to reach $26 billion in transactions. Currently tablets are more convenient for m-commerce due to their size, but as far as the future of electronic payment processing, smartphones are where it’s at.

The smart merchant sees this coming and realizes frictionless transactions increase sales. The more comfortable and less complicated a transaction is for a customer, the better. Smartphones, tablets, PCs, laptops and more can already process electronic transactions from credit and debit cards, gift cards, electronic checks and more. Money movement is easier than ever and more convenient than cash. Cash is king however in situations where internet connectivity and power are an issue. In India for example, a poor electric grid makes power outages a common occurrence. During natural disasters, when resources are badly needed, power outages or severed internet communications mean no electronic transactions can be processed. So physical currency remains a must, in the future we may see payment technology evolve to where digital money like crypto currency (BitCoin) may be stored on the device itself similar to having cash. As these electronic payment systems evolve, merchants need to position themselves to accept what their market prefers to transact with.

The smart citizen also sees this coming and has concerns that things like a National ID program being established may compromise their privacy.
As an extreme example of electronic transactions, a nightclub in Spain used subdermally implanted RFID chips in a woman that allowed patrons to pay for food and beverages without a credit card.

Posted in e-commerce & m-commerce, Electronic Check Services, Electronic Payments, Gift & Loyalty Card Processing, Merchant Services Account, Near Field Communication, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,