Anti-Phishing with Two Factor Authentication
By John B. Frank, Strategist with HomeATM ePayment Solutions
According to research firm, Gartner, banks, online payment organizations and other financial institutions are bearing most of the financial cost of phishing attacks. (A survey of nearly 4,000 US consumers revealed a 40% increase in the number of phishing victims in 2008 over the year before to five million.) “The findings underline the fact that the war against phishing is far from over,” said Avivah Litan, analyst at Gartner. Yes, the very same Avivah Litan who says “never” enter your PIN on the Internet unless it’s hardware based.
Security Risks Accompany New Technologies
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
RSA and IDG released two new research studies that examine the far-reaching security implications of promising technologies such as cloud computing, virtualization, social networking and mobile communications, and explore the pivotal business risks and rewards they represent to organizations worldwide.
Data Sniffing Trojans Hit European ATMs
By Dan Goodin in San Francisco for the Register UK
The malware logs the magnetic-stripe data and personal identification number of cards used at an infected machine and provides an intuitive interface for retrieving the information using the ATM’s receipt printer, according to analysts from Spider Labs, the research arm of security firm Trustwave. Since late 2007 or so, there have been at least 16 updates to the software, an indication that the authors are working hard to perfect their tool.
Online Banking’s Innate Security Flaws
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
According to research firm, Gartner, banks, online payment organizations and other financial institutions are bearing most of the financial cost of phishing attacks. (A survey of nearly 4,000 US consumers revealed a 40% increase in the number of phishing victims in 2008 over the year before to five million.)
‘Both Sides of the Mouth’ Security Analysis
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
Launched in April 2009, P2P Safe-T-PIN offers home-based “card present” credit card and PIN debit transactions online using a PCI-certified device attached to a personal computer through a USB port. Users also could make online purchases by swiping their credit card or debit card and PIN at checkout. The device allows for secure real-time money movement with an option for delayed transactions.
Comparing Apples To The “Real Deal”
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
iCan’t help but cringe (the first time iLaughed) every time I see that iPhone commercial, you know the one that shows somebody entering their credit card iNformation iNto an iPhone. Are they freaking iNuts? iDon’t Get iT. Here’s why: When you do that you are entering your valuable credit card iNformation iNto a “BROWSER.” Any guesses as to why they call iT a browser? iF anyone said: “Because hackers can browse for iNformation on iT” congrats! So here’s my beef: “Where’s the Security?
3DES, DUKPT & E2EE Explained
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
“End-to-end encryption would be most effective if data was encrypted from the time a card was swiped at a POS until it reached the card issuer, similar to the way personal identification numbers (PINs) currently are encrypted according to card brand standards.”
HomeATM: First Ever Web PCI 2.0 PED Cert
From HomeATM Press Release:
The significance of this feat is that bank/military grade encryption of financial data from beginning to end is now affordable to the masses. The Safe-T-PIN™ also allows authorized secure person-to-person (P2P) money transfers in real-time. “We are proud of our engineering team and extremely excited to provide a cost-effective solution to those who can least afford fraud and risk,” said Ken Mages, CEO.
