In the last two days, we have seen a lot of media coverage around Apple Pay being used for fraudulent activities by criminals with stolen identities and credit cards. The news were first reported by The Guardian. Many of the articles highlight that fraud is stemming from a back door in the activation process called the “yellow path”. The yellow path is the process by which the bank can put the card activation on hold to do additional verifications. Read more
The implementation of same-day Automated Clearing House (ACH) transactions has been getting a good amount of media attention lately. In a letter to NACHA (the Electronic Payments Association) on February 4, the American Bankers Association expressed their support for a proposal to implement same-day ACH transactions. ABA believes that widespread adoption of same-day ACH transactions represents a fundamental step to promote faster payments across the entire industry, as it would level the competitive playing field for all financial institutions while allowing account holders to benefit from expedited settlement. Read more
Fraud managers spend a staggering amount of time making sense of the data resulting from fraud intelligence tools. The newest version of our proactive fraud intelligence and brand protection solution, Detect Monitoring Service, now allows fraud managers to build customized reports with all of the anti-fraud information that Detect Monitoring Service collects, personalized to meet their specific needs. Read more
Happy New EMV Year! That’s right, 2015 marks the beginning of a big year for the retail and payment industry as it marches toward the mandatory October 1, 2015 deadline for EMV implementation in an effort to help reduce fraud in the U.S. Given some of the major retail breaches over the last year, many feel this deadline can’t come soon enough. However, this transition will be an enormous one, and many expect to see several hiccups, or in the spirit of the season, a few holiday bulbs broken, along the way. Read more
The latest release of Easy Solutions’ DetectID authentication platform has enhanced its push authentication technology to include more options and features, making it the most convenient, intelligent and trusted mobile two-factor solution on the market. The new features in this latest version include: Read more
Payment security standards like Europay, MasterCard and Visa (EMV), Host Card Emulation (HCE), and Point-to-Point Encryption (P2PE) have been given much attention and discussion this year. With Apple Pay, we now have a new hype payment security solution called Tokenization.
As IOS8 was made available last month, numerous organizations have jumped on Touch ID fingerprint bandwagon and updated with their application with Touch ID support. I think this is a step in the right direction as passwords are slowly becoming a thing of the past and have shown to be easily hacked by most hackers. Not only are passwords weak protection against breaches, they are also hard to memorize especially with volume of password a single person has to remember and the different and often complex configurations sites require today. Read more
Apple Pay went live yesterday. And while there has been much talk about how it’s going to disrupt the payment system, and how easy it will be to use, security is once again being overlooked in the urgency for speed and convenience above all else. Read more
We’ve rolled out some new updates to our DetectID product line, including updates to our push authentication to provide you with a more secure and streamlined two-factor experience. Read more about a few of the updates below:
QR Code Registration Option
DetectID now offers device registration using QR codes for soft token and push authentication. QR Code generation and delivery is supported on the iOS and Android platforms through an SDK or the DetectID app. The QR Code is scanned automatically, using the camera on the device, and the token is immediatelyimported and ready to use for receiving instant push authentication messages.
On Monday, the US-CERT (United States Computer Emergency Readiness Team) issued an updated advisory, warning that the ‘Backoff’ Point-of-Sale malware continues to evolve. And just today, UPS confirmed that it is the newest likely victim of Backoff. US-CERT has now seen five variants of ‘Backoff’, each with notable modifications, and the malware has been found in at least three separate forensic investigations. They note that the variants are largely undetected by AV vendors, and recommend that in lieu of such protection, organizations should monitor for ‘indicators of compromise’ (IOCs) to determine if they have been infected. Read more