September 4th, 2014 by Elma Jane
EMV, which stands for Europay, MasterCard and Visa, and is slated to be mandated across the United States starting in October 2015 and automated fuel dispensers have until October 2017 to comply. Unlike magnetic swipe cards, EMV chip cards encrypt data and authenticate communication between the card and card reader. Additionally, chip card user is prompted for a PIN for authentication.
Why are those dates important? Companies lose $5.33 billion to fraud today, with card issuers and merchants incurring 63 and 37 percent of these losses, respectively. Under the EMV mandate, merchants who do not process chip cards will bear the burden of the issuer loss. By accepting chip card transactions, merchants and issuers should see a reduction in fraud.
Overcoming Barriers to EMV Adoption
Given the significant barriers to EMV adoption, it may be tempting for merchants to meet minimum requirements for accepting EMV payments. However, medium to large retailers should also consider the bigger picture of customer security and peace of mind.
Some key critical success factors for a payment initiative of this size include:
Business Continuity Architecture: As with all payment systems, it is imperative to have the EMV system running at all times. The solution should preferably have Active-Active architecture across multiple data centers and have a low Recovery Point Objective (the point in time to which the systems and data must be recovered after an outage).
Cost Benefit Analysis: Take a top down approach and decide accordingly on the scope of the analysis. This will ensure that decisions on scope are made on basis of quantitative data and not just qualitative arguments.
Phased Approach: To overcome time or cost overage in a project of this scope and complexity, retailers should try using an iterative approach for development. The rollout can be divided into multiple releases of six to seven months, which will provide the opportunity to review, capture lessons learnt, and improve subsequent releases.
Proactive Monitoring Alerts: Considering the criticality of business function carried out by EMV, tokenization and payment gateway, a vigorous supervising environment must be defined to perform proactive and reactive monitoring. It should take into consideration the monitoring targets, tools, scope and methods. This will provide advance visibility to the failure points and better ensuring maximum system availability.
Resilience Testing: Typically in a software project, the testing is limited to the unit, integration, performance and user acceptance. However, due to the critical nature of the applications and systems involved, robust resiliency testing is vital. This will ensure that there are no single points of failure and the system remains available when running in error conditions.
Stakeholder Identification: This is a key step to ensure that you have varied perspectives from all departments and their support. It will keep your organization from being blindsided and reduce the risk of disagreements in later stages of the program. Key stakeholders should include Store Operations, Card Accounting, Loss Prevention, Contact Center and IT & Data Security.
Organizations should adopt a five step approach to implement a secure, robust and industry-leading payment solution:
Encryption – Point to point encryption will ensure card data is secure and encrypted from the point of capture to the processor. Usually, merchants use data encryption that is not point to point, rendering their organization vulnerable to data breaches. Software encryption is the most common form of encryption, as it is easily installed and quires little or no hardware upgrades; however, it is less secure, may expose encryption keys, and is prone to memory scanning attacks. Hardware encryption is considered more secure but requires more costly terminal upgrades. Hardware encryption is designed to self-destruct the keys if tampered, but is not well-defined as very limited headway has been made in this space.
Tokenization – Build a Card Data Environment (CDE) that will host a centralized card data storage solution. Only limited applications with firewall access and capability to mutually authenticate via certificates can access CDE and receive card data. The rest of the applications will have tokens which are random numbers. This architecture will ease the merchant’s burden with existing and emerging PCI Data Security Standards.
Payment Gateway – Perform a risk assessment on the current payment gateway and identify gaps in functionality, manageability, compliance, scalability, speed to market and best practices. Determine the alternatives to mitigate the risks. Some of the important aspects of a leading payment gateway solution are support for all forms of credit, debit, gift cards and check transactions. Its ability to work with any acquirer, in-built encryption abilities, support for settlement and reconciliation must also be kept into consideration.
Settlement, Funding and Reconciliation – A workflow-based system to handle chargebacks and the automation of chargeback processing will greatly reduce labor-intensive work and enhance the quality of data used for settlement and reconciliation. Upgrades to the existing receipt retrieval system may be needed.
Card fraud is on the rise in the U.S., and merchants are the primary target for stealing information. With the EMV deadline just over a year away, the responsible retailer must take steps to prepare now. Although EMV implementation might seem overwhelming to merchants, they should start their journey to secure payments rather than wait for a looming deadline. Solutions such as data encryption and tokenization should be used in combination with EMV to implement a robust payment solution to better protect merchants against fraud. By proactively adopting EMV payment solutions, merchants can stay ahead of the regulatory curve and better protect their customers from fraud.
Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: authentication, automation, card, card data, Card Data Environment, card fraud, card issuers, card transactions, CDE, chargeback, chargeback processing, check, check transactions, chip, chip cards, credit, customer, customer security, data, data breaches, data encryption, data security, debit, EMV, emv chip cards, EuroPay, fraud, gateway, Gift Cards, host, integration, magnetic swipe cards, MasterCard, Merchant's, payment, payment gateway, payment solution, payment systems, PCI, PCI Data Security Standards, PIN, processor, retailers, Security, software, swipe, terminal, tokenization, tools, visa
August 29th, 2014 by Elma Jane
High risk credit card processing is electronic payment processing for businesses deemed as HIGH RISK by the MERCHANT SERVICES INDUSTRY
The high risk segment of payment processing has become more important as banks and ISO’s have begun to tighten up their credit restrictions and underwriting policies. Businesses are classified as high risk primarily because of their product or service and the way they go to market. In merchant services, risk is related to CHARGEBACKS or customer disputes.
The more likely a business to have chargebacks, the higher risk the business. For instance, online businesses selling a weight loss product through a free trial offer, is more likely to have chargebacks than a retail store selling the same weight loss product.
Merchants are often unaware their business falls into the high risk category when they first start shopping for a merchant account. Getting a high risk merchant account can be difficult.
These providers have more stringent requirements and the application process is longer compared to traditional merchant account providers.
High risk businesses should expect to pay higher rates and fees for payment processing services. As a general rule of thumb, merchants should count on paying at least more than a traditional merchant account. Most high risk merchant accounts also require a contract of at least 18 months, whereas low risk providers offer accounts without cancellation fees or contracts.
ROLLING RESERVES are also a big part of high risk credit card processing. Most high risk merchants have some sort of rolling reserve placed on the account, especially new accounts without any processing history. A Reserve refers to an account where a percentage of the funds from transactions are held in reserve to cover against any chargebacks or fees that the processor may not be able to collect from the merchant. This is similar to a security deposit, but merchants don’t have to pay it up front. Reserves are a pain point for many small high risk merchants, but they are definitely necessary and without them, processors would not accept any high risk merchants at all.
What Businesses Are High Risk?
As mentioned earlier, businesses are usually classified as high risk due to the product or service they offer, however merchants with severely damaged credit or a recent bankruptcy can also be considered high risk. Below are just of the few common high risk merchant categories:
Adult Websites
Cigars & Pipe Tobacco Online
Collection Agencies
Credit Repair
Debt Consolidation
E-Books & Software
Electronic Cigarettes
Firearms – Online
High Ticket & High Volume
Medical Marijuana Dispensaries
Multi Level Marketing & Business Opportunities
Nutraceuticals like weight loss supplements, cleansers etc.
Penny Auctions
Sports Betting Advice
Ticket Brokers – Online Tickets
TMF Merchants
Travel & Timeshare
Unfortunately this list is growing and some credit card processing companies even classify any start up Internet business, that doesn’t have extensive financials to be high risk. With the recent economic recession in the United States, there has been an increase in these start up Internet ventures. People are either looking to supplement their income or start their own business instead of looking for work.
How To Protect Your Business
Accepting credit cards is the single most important part of most online businesses. Unfortunately, many successful businesses go under after having their merchant account shut down. High risk merchants should always be cognizant of their merchant account and pay attention to chargeback percentages. Below are some tips for high risk merchants looking for payment processing solutions.
Be Upfront: Make sure your processor knows exactly what you sell and how you market the product/service. If they don’t accept your business type, keep shopping for a new merchant account provider. Many merchants will try to fly under the radar by not revealing all their products or fully disclose their marketing methods to the processor. This is a bad move, the processor will eventually find out the details about your business. This is usually from doing an audit on your transactions and contacting your customers.
Negotiate Every 3 Months: Credit card processing companies underwrite applications based on previous processing history. If there is no previous history, the account is riskier and the terms offered are usually more expensive and restrictive. You can always re-negotiate your rates, reserves and other contract terms with your current processor. Once they have 3 months of history to evaluate, they may be able to offer you a better deal. Three months of history is the magic number for most processors. If you applied without the previous history and were declined, there is a chance the same processor will approve your application if you provide 3 months of previous statements.
Prepare For The Worst: All high risk merchants should keep at least 2 active merchant accounts, from different providers. You never know when underwriting guidelines might change, or you may have an influx of chargebacks. Having a backup account or even multiple back up accounts is a good idea. Many high risk providers offer a load balancing gateway, which allows for multiple merchant accounts to be integrated into one payment gateway. This way you can spread transactions across multiple accounts, through one shopping cart/gateway.
Posted in Best Practices for Merchants Tagged with: account, account providers, accounts, banks, card, chargebacks, contract, credit, credit card processing, credit restrictions, customer, customers, deposit, electronic payment, fees, financials, gateway, High risk credit card, High Ticket & High Volume, ISOs, low risk, marketing, merchant, merchant account, merchant services, multiple accounts, payment gateway, payment processing, processing services, processing solutions, processor, product, Rates, reserves, retail store, risk, ROLLING RESERVES, Security, security deposit, service, shopping cart, statements, terms, TMF Merchants, transactions, travel, underwriting
August 28th, 2014 by Elma Jane
Merchants are still using pedestrian passwords that crooks can easily break, security company Trustwave has found. Of the nearly 630,000 stored passwords that Trustwave obtained during penetration tests in the past two years, its technicians were able to crack more than half in just a few minutes and 92% within 31 days. Even though adding new information about weak passwords or ongoing malware investigations gets frustrating because the same problems facing the financial and payments industries persist, it does not surprise Trustwave researchers. For a lot of software or hardware developers, their main concern is availability of the service. They want to make sure their POS is available and running to accept credit cards, often at the cost of a lot of security controls. It is difficult to implement security and to do it correctly.
Trustwave recommends longer passwords with more characters, rather than shorter ones with letters and numbers. A longer password that is a phrase not easily figured out is better than a shorter, complex password. These findings have been added to an online version of the 2014 Trustwave Global Security Report. To accommodate the fast changing nature of security threats, Trustwave is regularly updating its research and making the information available to consumers and payments industry stakeholders on the company’s site. The criminals stealing data are a constantly moving target. It no longer made sense for those interested in our research to have to wait a year to see new statistics. Having access to updated security reporting should be helpful to merchants. They can see how trends are tracking over time, instead of constantly having to go online to see what is relevant to them or rely on the trade groups to keep them informed. This provides one switch to keep them in the know, so there is some value there and it’s a smart move on Trustwave’s part. Since the new Payment Card Industry security requirements call for security measures to be embedded in software development lifecycles, there is some utility in Trustwave’s new approach to sharing research information.
Trustwave said the trend of businesses detecting breaches continues to rise, with 29% of businesses doing so in 2013 compared to only 9% in 2009. Trustwave compiled that data from 691 post-breach forensics investigations conducted in 2013. The report also indicated e-commerce breaches are increasing, with 54% of all breaches targeting e-commerce sites in 2013, compared to only 9% in 2010. More regions, including the U.S., being in various stages of converting to EMV chip-based cards for card-present transactions fuels the criminals’ shift to e-commerce fraud. Additionally, the company is working with law enforcement officials after discovering a control center of eight servers behind what is being called Magnitude, an exploit kit of Russian origin that has led to thousands of attacks and millions of attempted malware attacks globally.
Posted in Best Practices for Merchants, Payment Card Industry PCI Security, Point of Sale Tagged with: breaches, card, card-present transactions, company, credit cards, data, e-commerce, EMV chip-based cards, financial, fraud, Global Security, hardware, industry, Malware, Merchant's, online, passwords, payment, Payment Card Industry security, payments, payments industries, POS, Security, servers, software
August 27th, 2014 by Elma Jane
Backoff malware that has attacked point of sale systems at hundreds of businesses may accelerate adoption of EMV chip and PIN cards and two-factor authentication as merchants look for ways to soften the next attack. Chip and PIN are a big thing, because it greatly diminishes the value of the information that can be trapped by this malware, said Trustwave, a security company that estimates about 600 businesses have been victims of the new malware. The malware uses infected websites to infiltrate the computing devices that host point of sale systems or are used to make payments, such as PCs, tablets and smartphones. Merchants can install software that monitors their payments systems for intrusions, but the thing is you can’t just have anti-virus programs and think you are safe. Credit card data is particularly vulnerable because the malware can steal data directly from the magnetic stripe or keystrokes used to make card payments.
The point of sale system is low-hanging fruit because a lot of businesses don’t own their own POS system. They rent them, or a small business may hire a third party to implement their own point of sale system. The Payment Card Industry Security Standards Council issued new guidance this month to address security for outsourced digital payments. EMV-chip cards, which are designed to deter counterfeiting, would gut the value of any stolen data. With this magnetic stripe data, the crooks can clone the card and sell it on the black market. With chip and PIN, the data changes for each transaction, so each transaction is unique. Even if the malware grabs the data, there not a lot the crooks can do with it. The EMV transition in the U.S. has recently accelerated, driven in part by recent highprofile data breaches. Even with that momentum, the U.S. may still take longer than the card networks’ October 2015 deadline to fully shift to chip-card acceptance.
EMV does not by itself mitigate the threat of breaches. Two-factor authentication, or the use of a second channel or computing device to authorize a transaction, will likely share in the boost in investment stemming from data security concerns. The continued compromise of point of sale merchants through a variety of vectors, including malware such as Backoff, will motivate the implementation among merchants of stronger authentication to prevent unauthorized access to card data.
Backoff has garnered a lot of attention, including a warning from the U.S. government, but it’s not the only malware targeting payment card data. It is not the types of threats which are new, but rather the frequency with which they are occurring which has put merchants on their heels. There is also an acute need to educate small merchants on both the threats and respective mitigation techniques.. The heightened alert over data vulnerability should boost the card networks’ plans to replace account numbers with substitute tokens to protect digital payments. Tokens would not necessarily stop crooks from infiltrating point of sale systems, but like EMV technology, they would limit the value of the stolen data. There are two sides to the equation, the issuers and the merchants. To the extent we see both sides adopt tokenization, you will see fewer breaches and they will be less severe because the crooks will be getting a token instead of card data.
Posted in Best Practices for Merchants, Credit Card Security, Payment Card Industry PCI Security, Point of Sale Tagged with: access, account, account numbers, anti-virus programs, authentication, Backoff, card, card networks, chip, credit, Credit card data, credit-card, data, data breaches, devices, digital payments, EMV, magnetic stripe, Malware, Merchant's, Payment Card Industry, payments, PCs, PIN, PIN cards, point of sale, POS, POS system, programs, Security, security standards, Smartphones, software, system, tablets, tokenization, tokens, transaction, Trustwave, websites
August 20th, 2014 by Elma Jane
Loyalty Rewards Program and Gift Card Processing
GIFT CARD PROGRAMS
You have received gift cards, given them as gifts, and now you want to offer them for your business. The benefits for your customers are obvious, they are easy to buy, use, and offer your customers an incredible variety of choices. As a business owner, plastic gift cards offer increased security from fraud, the ability to track sales and buying trends, and gauge the effectiveness of your promotions. Electronic gift card processing increases revenue and attracts new customers. They also reduce labor associated with traditional paper gift certificates. National Transaction offers customized gift card processing merchant services tailored to your gift card processing needs. Gift cards provide added incentives to your customers and employees. Because no cash back required, Returns stay on the card and never leave your business.
LOYALTY CARD PROGRAMS
What are your best customers worth? Reward them and keep them coming back. NTC’s programs give you the information you need to maximize the impact of every marketing dollar spent by targeting your marketing efforts toward your current customers. Whether you are implementing a new customer loyalty program or trying to make your existing program more successful. NTC will work with you to create a system that is right for you and your customers. Let us assist you in all aspects of your reward program: Design, implementation and follow through.
Posted in Gift & Loyalty Card Processing, Mail Order Telephone Order Tagged with: Brand, card, cash back, customers, Electronic gift card, fraud, gift Card, Gift Card Processing, gift certificates, Loyalty Card, loyalty program, merchant, merchant services, program, rewards, Rewards Program, sales, Security
August 11th, 2014 by Elma Jane
Tokenization technology has been available to keep payment card and personal data safer for several years, but it’s never had the attention it’s getting now in the wake of high-profile breaches. Still, merchants especially smaller ones haven’t necessarily caught on to the hacking threat or how tools such as tokenization limit exposure. That gap in understanding places ISOs and agents in an important place in the security mix, it’s their job to get the word out to merchants about the need for tokenization. That can begin with explaining what it is.
The biggest challenge that ISOs will see and are seeing, is this lack of awareness of these threats that are impacting that business sector. Data breaches are happening at small businesses, and even if merchants get past the point of accepting that they are at risk, they have no clue what to do next. Tokenization converts payment card account numbers into unique identification symbols for storage or for transactions through payment mechanisms such as mobile wallets. It’s complex and not enough ISOs understand it, even though it represents a potential revenue-producer and the industry as a whole is confused over tokenization standards and how to deploy and govern them.
ISOs presenting tokenization to merchants should echo what security experts and the Payment Card Industry Security Council often say about the technology. It’s a needed layer of security to complement EMV cards. EMV takes care of the card-present counterfeit fraud problem, while tokenization deters hackers from pilfering data from a payment network database. The Target data breach during the 2013 holiday shopping season haunts the payments industry. If Target’s card data had been tokenized, it would have been worthless to the criminals who stole it. It wouldn’t have stopped malware access to the database, but it would been as though criminals breaking into a bank vault found, instead of piles of cash, poker chips that only an authorized user could cash at a specific bank.
A database full of tokens has no value to criminals on the black market, which reduces risk for merchants. Unfortunately, the small merchants have not accepted the idea or the reality and fact, that there is malware attacking their point of sale and they are being exposed. That’s why ISOs should determine the level of need for tokenization in their markets. It is always the responsibility of those who are interacting with the merchant to have the knowledge for the market segment they are in. If you are selling to dry cleaners, you probably don’t need to know much about tokenization, but if you are selling to recurring billing or e-commerce merchants, you probably need a lot more knowledge about it.
Tokenization is critical for some applications in payments. Any sort of recurring billing that stores card information should be leveraging some form of tokenization. Whether the revenue stream comes directly from tokenization services or it is bundled into the overall payment acceptance product is not the most important factor. The point is that it’s an important value to the merchant to be able to tokenize the card number in recurring billing, but ISOs sell tokenization products against a confusing backdrop of standards developed for different forms of tokenization. EMVCo, which the card brands own, establishes guidelines for EMV chip-based smart card use. It’s working on standards for “payment” tokenization with the Clearing House, which establishes payment systems for financial institutions. Both entities were working on separate standards until The Clearing House joined EMVCo’s tokenization working group to determine similarities and determine whether one standard could cover the needs of banks and merchants.
Posted in Best Practices for Merchants Tagged with: account numbers, bank, billing, card, card brands, card number, card present, Clearing House, data, data breaches, database, e-commerce, EMV, emvco, fraud, ISOs, Malware, Merchant's, mobile wallets, network, payment, Payment Card Industry, Security, smart card, target, tokenization, transactions
June 13th, 2014 by Elma Jane
A couple of teenage boys spent one school lunch break last week hacking into a Bank of Montreal cash machine.
After finding an old ATM service manual online, Matthew Hewlett and Caleb Turon decided to head to their nearest BMO machine at a Safeway store in their hometown of Winnipeg, when the boys tried to get into the system they were asked for a password. Taking a punt on a commonly used default, they were shocked to see their attempt work. Instead of trying to clear the machine out, the pair made their way to the nearest BMO branch to flag the security risk but, staff did not believe them. So both went back to the ATM and got into the operator mode again, then started printing off documentation like how much money is currently in the machine, how many withdrawals have happened that day and how much it’s made off surcharges. The teenagers even changed the machine’s greeting screen from Welcome to the BMO ATM to Go away. This ATM has been hacked. When they returned to the BMO branch with documentation of their hack, the branch manager vowed to contact security. The bank has since taken steps to prevent a repeat but insists that customer data was never at risk.
Posted in Credit Card Security, Payment Card Industry PCI Security Tagged with: atm, Bank of Montreal, cash machine, customer data, hacking, password, Security, security risk
June 9th, 2014 by Elma Jane
Some American banks and financial institutions, like JPMorgan Chase, American Express and Citi, have already issued credit cards with new security technology. Other banks will do so by the end of the year. Often referred to as E.M.V. (short for Europay, MasterCard and Visa) or chip-and-PIN, these new cards use a combination of an embedded microchip and a personal numeric code to authorize payment transactions. Depending on the card issuer, some cards may have the chip but require just the old-fashioned signature instead of a PIN.
Most traditional credit cards in the United States today use a magnetic strip and a customer signature to seal a deal. The information embedded in the stripe can be easily cloned, however, and signatures can be forged. The chips in the newer E.M.V. cards which encode account information when transferring it to the merchant are harder to duplicate. The PIN must be entered for each charge, which helps make the cards more secure for in-person purchases. The cards are not infallible, though, criminals have still found ways to steal PINs and make fraudulent online purchases.
With new types of credit cards come new payment terminals, and many retailers must upgrade their equipment to make it compatible with E.M.V. cards. Instead of a slot to swipe the strip, the new credit card terminals typically need a chip reader. Most merchants will probably have the new equipment in place by October 2015, when new rules about fraud liability kick in. Under these rules, the bank or the merchant could be held accountable for any fraudulent charges if one of them has not upgraded to the new system. The party with the weaker security measures must pay.
Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: account information, American banks, American Express, card issuer, cards, chip, Chip and PIN, chip reader, Citi, credit card terminals, credit cards, E.M.V., embedded microchip, EuroPay, financial institutions, fraud liability, JPMorgan Chase, magnetic strip, MasterCard, merchant, numeric code, payment terminals, payment transactions, PIN, Security, visa
June 5th, 2014 by Elma Jane
The days of salespeople peddling point of sale terminals by simply pulling hardware out of a box are numbered. That model is being replaced by integrated payments from software developers who add payment capabilities to applications that run at the point of sale, in the back office or on mobile devices.
Integrated payments are becoming common in the restaurant industry, where systems are developed to combine payment acceptance with the ability to manage orders, tables and food delivery. As integrated payments become more common, companies working in the payments industry will seek ways to offer marketing analytics. You tie that type of data to the payment mechanism and you can learn more about your business and your customers.
There is a place in the ecosystem for traditional payment acceptance, but today, when a retailer shops for a point of sale terminal or other business solutions, they expect payments to be part of the integrated bundle. Many of these systems are now delivered in a software-as-a-service model or through tablets, making them cost-effective for businesses of any size.
Integrated commerce includes mobile acceptance, offers, coupons and loyalty. It enables a merchant to buy a point of sale system for the physical store, website and mobile environment at the same time. Then the merchant can send out offers and begin running a loyalty program, while accepting NFC transactions all at once. Merchants can also review transactions from all channels directly from their offices to monitor against data breaches. With those integrated services becoming more readily available for merchants, it is not surprising that the topic comes up when executives discuss their company’s goals.
Relationships with merchants through integrated payments tend to be sticky because it is an embedded solution. You tend to get better pricing because it’s not necessarily an acquiring decision but a POS software/hardware decision and acquiring is part of that package. Payments as a service will be an important global product, selling a terminal now means selling data security, warranty and service, and numerous merchant tools.
Posted in Best Practices for Merchants, Credit Card Reader Terminal, Point of Sale Tagged with: breaches, coupons and loyalty, data, data breaches, data security, global product, integrated bundle, Integrated commerce, integrated payments, integrated services, loyalty program, marketing analytics, merchant, merchant tools, mobile, Mobile Devices, NFC transactions, payment, payment mechanism, payments industry, point of sale, POS software/hardware, Security, tablets, terminal, terminals, traditional payment, warranty and service, website and mobile environment
June 3rd, 2014 by Elma Jane
Apple announced new Touch ID API better known among the masses as fingerprint ID, which will allow app developers to use fingerprint authentication for mobile payments and other applications.
This means that in addition to protecting the mobile device itself, the technology can now be used also to secure individual applications on the device against unauthorized use. Customers could potentially use prints from different fingers to control different apps. For instance, right thumbprint for access to the device, left index finger for access to the mobile bank app within the device.
The new feature for third party software developers provides a logical progression for the removal of password protection across a range of applications, including payments.
Financial services providers who offer the convenience of a mobile application for their customers can now also offer said customers an additional layer of security for the information that application holds.
Posted in Credit Card Security, Mobile Payments, Smartphone Tagged with: app, Apple, bank, device, financial services, Financial services providers, fingerprint authentication, fingerprint ID, mobile, mobile application, mobile bank app, Mobile Payments, payments, Security, software, software developers, Touch ID API
