Card-Processor Breach Hits MasterCard, Visa
3/30/12 The Wall Street Journal
Global Payments Inc., which processes credit cards and debit cards for banks and merchants, has been hit by a security breach that has put some 50,000 cardholders at risk, according to people with knowledge of the situation. The full extent of the breach couldn't be determined, one of the people said. It wasn't immediately clear if cardholders have been hit by fraudulent transactions. Representatives of Global Payments, based in Atlanta, couldn't be reached for comment.
MasterCard, VISA Warn of Processor Breach
3/30/12 Krebs on Security
VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers. In separate non-public alerts sent late last week, VISA and MasterCard began warning banks about specific cards that may have been compromised. The card associations stated that the breached credit card processor was compromised between Jan. 21, 2012 and Feb. 25, 2012. The alerts also said that full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards.
Will EMV Really Happen in the U.S.?
Commentary by: Steve Elefant, Of Counsel
That is the question that many in the payments value chain – banks, acquirers, issuers, processors and merchants are asking themselves. EMV, which stands for EuroPay, MasterCard and Visa, was developed and deployed in 1994 in Europe because Europe had unreliable and expensive telecommunications to do online authorization. EMV provided the ability to secure the card and process many transactions offline. In the U.S. we had quite the opposite of Europe; inexpensive and reliable telecommunications, nearly all transactions are online / real-time (which take advantage of things such as risk scoring and consumer alerts from the brands), which is why EMV was never used here. As of Q3 2011, there were more than 1.34 billion EMV compliant chip-based payment cards in use worldwide according to EMVCo.
Click here to read more.
Plastic Cards Not On Their Death Bed
3/29/12 ISO & Agent
With mobile-payment technology advancing quickly, the demise of plastic payment cards might seem near. But that’s not so, experts agree. With the U.S. Census Bureau estimating 183 million credit cardholders and 188 million debit cardholders in the U.S. alone in 2011, it’s easy to understand why most experts can’t envision an end to such a standard. “I have never heard any widespread discussion amongst bankers about looking to reduce plastic card issuing in the future."
EBay Promotes Mobile Veteran Marcus to PayPal President As POS Thrust Gains Steam
3/29/12 Digital Transactions
EBay Inc. on Thursday named long-time telecommunications entrepreneur David Marcus as the new president of its PayPal Inc. e-commerce payments unit. Marcus, who as vice president of mobile at PayPal has been shaping the San Jose, Calif.-based processor’s strategic shift into physical-world payments, succeeds Scott Thompson, who left PayPal in January to become chief executive of Yahoo Inc. John Donahoe, chief executive of eBay, announced the appointment in a blog post on PayPal’s Web site. “David’s just the right leader for PayPal,” Donahoe says in the post.”
Larry Summers and the Technology of Money
3/28/12 MIT Technology Review
Larry Summers has examined the role of money in society through many lenses. He's been chief economist of the World Bank, secretary of the U.S. Treasury, and lead economic advisor to President Barack Obama during the financial crisis; his views shaped the recovery effort. Less well known is that Summers is also a technologist at heart. Last year he joined the San Francisco venture capital firm Andreessen Horowitz as a special advisor, and he is on the board of Square, an online currency startup.
Banking Regulator Calls for End of ‘Too Big to Fail’
An annual report from a regional Federal Reserve bank is typically a collection of banalities and clichés with some pictures of local worthies who serve on the board. And so it is with this year’s annual report from the Federal Reserve Bank of Dallas, whose pages are graced by the smiling, stolid portraits of board members who run local companies like Whataburger Restaurants. But the text is something else entirely. It’s a radical indictment of the nation’s financial system.
Prepaid Cards Set Good Example for Simpler Disclosures
Despite all of the new powers at their disposal, regulators continue to emphasize simplified and standardized disclosure as a critical tool to ensure consumers get a fair deal. The Consumer Financial Protection Bureau has applied behavioral research and design thinking to the creation of model mortgage forms, sharing a series of prototypes on its website and seeking feedback. Last month, the bureau shared a sample penalty fee box for disclosing overdraft fees on bank statements.
Consumers Upbeat About Economic Signs
3/27/12 The Washington Post
Americans’ rosy outlook about the U.S. economy remains resilient as they focus on the good in the barrage of conflicting economic news. A widely watched barometer of consumer confidence barely budged in March after last month hitting its highest level in a year. Americans continued to be upbeat in March despite mixed economic signs. The stock market is up, but so are gas prices. Unemployment is falling, but home prices also are declining.
How About A Little Service Provider Responsibility Here, PCI-Wise?
Among all of the PCI requirements, there is one that reflects a fundamental unbalance. That requirement is 12.8.2, which requires all merchants to: “Maintain a written agreement that includes an acknowledgement that the service providers are responsible for the security of cardholder data the service providers possess.” This is great, but it places the entire burden on the merchant. Where is the corresponding req that a service provider actually agrees to deliver that written acknowledgement?
Amex: Mobile Payments 4-6 Years Away from Tipping Point
The payment space is in an extremely transformational period but the widespread adoption of mobile payments may be four to six years away, according to comments from American Express executives. At a dinner in San Francisco, Dan Shulman, group president of enterprise growth, spoke about the exciting opportunities and challenges of this brave new world of payments. As payments shift to a pure digital experience, companies like American Express have to double down on its technology assets and think more like a Google or Facebook than a traditional finance company.
Visa Appoints Retail Veteran to Lead Its Credit and Debit Product Business in North America
Visa Inc. today announced the appointment of Kevin Knight as the company’s Head of Credit and Debit Products, North America. In this role, Mr. Knight will be responsible for managing development and growth of Visa’s consumer credit, debit and small business product suite. Mr. Knight joins Visa from Nordstrom, one of the nation’s leading fashion specialty retailers, where he most recently served as president of Nordstrom’s credit division and chairman of Nordstrom FSB, the company’s bank subsidiary.
Top Secret Visa Data Center Banks on Security, Even has Moat
3/26/12 USA Today
Somewhere on the eastern seaboard prisons are easier to enter than Visa's top-secret Operations Center East, its biggest, newest and most advanced U.S. data center. The 8-acre facility looks like any other industrial park in a sleepy suburb. But the serene setting masks hundreds of cameras and a crack team of former military personnel. Hydraulic bollards beneath the road leading to the OCE can be quickly raised to stop an intruding car going 50 mph.
MasterCard Introduces New Tool that Predicts the Potential for eCommerce Fraud in Real Time
Ecommerce merchants have a new tool at their disposal to help mitigate the risk of fraud in online transactions, with MasterCard’s introduction of Expert Monitoring Fraud Scoring for Merchants. The new tool enhances merchants’ insight into card behavior beyond a merchant’s website or a cardholder’s shopping cart. The service provides merchants with a predictive fraud score for Card-Not-Present transactions in real time to measure the likelihood that a transaction is fraudulent.
Google Closing The Loop With New “Offer Rewards” Program
Google has for a long time been looking for ways to connect the dots between online ads and offline transactions, where most conversions take place, to provide marketers with a more complete picture of ad performance. Click to Call is one example off this effort. Google Wallet is another. However the data Google collects through Wallet is incomplete. Starting this weekGoogle is testing a more comprehensive approach to offline purchase tracking that involves consumers registering a credit card to receive automatic rewards— enabling tracking from the online promotion to offline redemption.
The Small Business Authority Releases the February 2012 SB Authority Index
3/26/12 Newtek Business Services
Newtek Business Services, announced the release of the SB Authority Index for February 2012 reaching 111.18 points. The SB Authority Index is up .71% from January 2012. The growth was led by Newtek's proprietary merchant processing volume and approved SBA lending volume. The index, up 7.85% in the last twelve months, has now been on the rise for 28 consecutive months. President and CEO, Barry Sloane said, "The index indicates continued and positive momentum at a moderate pace."
Why Banco Popular is Changing Its Name and Digital Strategy
Banco Popular, the $37 billion-asset holding company based in Hato Rey, Puerto Rico, has been rebranding in the U.S., shifting its image from that of a Hispanic bank to a community bank that serves everyone. At the same time, it's digitizing its U.S. presence to better serve its existing smartphone-savvy audience and to compete with large banks in its metropolitan markets. "Over the years, as we grew, we ended up with a diverse customer base; about 50% of our customers are not Hispanic.
Groupon Buys FeeFighters to Support Merchant Community
Three-year-old business services provider FeeFighters has been acquired by daily deals giant Groupon for an undisclosed sum.“Our goals have always been to help small businesses run more efficiently, and by teaming up with Groupon, a pioneer in local e-commerce, we are able to execute on that goal even better than we were as an independent company,” FeeFighters co-founder and CEO Sean Harper said Friday in statement.
Square Card Case is Now an Improved 'Pay with Square'
Square has delivered a few improvements (and a new name) to its mobile payment service. The application formerly known as Card Case has been rebranded "Pay With Square," the company announced today. Square hasn't said why it changed its mobile app's name, but the branding appears to make it clearer to users what they should do with the app. Card Case was, after all, a cryptic name for a mobile-payment solution.
Food Trucks: Where Mobile Payments Meet Mobile Food
In the past, food trucks were cash-only operations. But today, they wield tablets and smartphones capable of accepting credit card payments and e-mailing receipts to customers at the point of sale. “We figured that given our price point, we were going to have to accept credit cards from the beginning,” Doug Povich, co-owner and operator of the Red Hook Lobster Pound Truck says. “People really get excited when they come to the truck and see us using the latest technology. It's not the typical POS that they see in a restaurant.”
How to Secure the Cloud
3/29/12 Bank Info Security
Cloud computing continues to be a hot topic for organizations, says Entrust's David Rockvam. What issues should be top-of-mind when using the cloud, and how can organizations ensure security? "How you get there is going to be really important," says Rockvam, Entrust's CMO and GM of its Certificate Services business. Whether organizations are outsourcing and using cloud-based applications like Salesforce.com, or putting their own internal applications into the cloud, "You have to make sure you're securing the cloud."