Monday, February 9, 2009

HomeATM Client UATP Unveils New Website

UATP Unveils New Public Web Site

UATP is a global travel payment network. UATP accounts are actively issued by 15 member airlines and accepted as a form of payment for corporate business travel by more than 200 airlines worldwide.

Airlines currently issuing UATP accounts include Aer Lingus, Air New Zealand, Alitalia, American Airlines, Austrian Airlines, British Airways, Continental Airlines, Delta Air Lines, Japan Airlines, KLM Royal Dutch Airlines, Lufthansa German Airlines, Qantas Airways, Ltd., Scandinavian Airlines System, United Airlines and US Airways. For information, visit (PRNewsFoto/UATP)


WASHINGTON, Feb. 9 /PRNewswire/ -- Universal Air Travel Plan, Inc. (UATP), announced today the launch of its re-designed public web site: The new site focuses on UATP's core corporate charge card program, as well as UATP's new and successful business lines including:

"The new site offers targeted information to airlines, travel agents, corporations and travelers; it is part of our global effort to raise UATP brand awareness," said UATP President and CEO, Ralph Kaiser. "We've had significant growth in the past few years and want our brand to reflect that success; launching the new web site is just the beginning."

The new design features vastly improved navigability, enhanced internal search engine, upgraded events and press section as well as improved UATP information for Issuers, Merchants and corporate customers alike. New features to the site include information available in several micro-sites in Chinese, French, German, Japanese Portuguese and Spanish. Additional micro-sites will be added as UATP continues to expand its international reach.

UATP had a record year in 2008 with approximately US$12 billion in total charge volume.

About UATP

UATP accounts are accepted as a form of payment for corporate business travel by airlines and travel agencies worldwide. UATP accounts are issued by: Air New Zealand (ANZFF.PK), American Airlines (NYSE: AMR), Austrian Airlines (AUALF.PK), Continental Airlines (NYSE: CAL), Delta Air Lines (NYSE: DAL), Japan Airlines (JALSY.PK), Northwest Airlines, Qantas Airways, Ltd. (QUBSF.PK), United Airlines (Nasdaq: UAUA), and US Airways (NYSE: LCC). AirPlus International issues the UATP-based Company Account for: British Airways (LSE: BAY.L), Continental Airlines (NYSE: CAL), and Lufthansa German Airlines.

UATP Corporate Communications
Wendy Ward,
+1 202 626 4077

SOURCE Universal Air Travel Plan, Inc.

Comments Have Been Enabled on the HomeATM Blog

With the rising number of people visiting the HomeATM PIN Debit Payments Blog, I have decided to enable a "Comments" feature in order to make the blog more interactive.

To leave a comment, click the title of the post your wish to leave one on and the "Comments" feature will be located on the bottom of the post.

Please feel free to leave your thoughts, questions, criticisms, or ideas on how to make the blog better in the comments section. Comments will be moderated to prevent spam comments.

Melissa Antonelli, a regular contributor to the TrialPay blog, gets credit for the first (1st!) comment (left) and actually sparked the the idea that maybe I should enable comments.

Thanks Melissa for your kind words. TrialPay recently surpassed 20 million users...("TrialPay Adds 5 Million Users in 54 Days!")...maybe we can discuss how HomeATM and TrialPay can mutally benefit each other at the Retail West show here in Phoenix/February 21-23rd.

And once again, to everyone else, thanks for following the HomeATM blog and we welcome and encourage you to share any thoughts and ideas you may have...

JBF and the folks at HomeATM!

M-Cube Offers Prepaid Mobile Banking

Banking Technology reports that M-Cube, which is a part of VeriSign, is offering a Prepaid Mobile Banking Platform...

M-Cube offers mobile banking for Ryanair prepaid members | Banking Technology magazine - UK

M-Cube has launched the M-Cube M-Payments Platform, a mobile banking application for consumers using prepaid cards in the UK and Ireland. This application will be immediately available to members of the M-Cube Ryanair Prepaid Programme and should be functional across the range of M-Cube backed prepaid cards.

The Ryanair Prepaid Programme, launched in November 2008, is a mass market multi-brand prepaid programme created by a prepaid card provider in the UK and Ireland. Holders of other M-Cube backed prepaid cards will also be offered access to the mobile application.

Using the M-Payments Platform, cardholders should be able to carry out a range of transactions directly from their mobile phones without the need to sign into their account via a computer. The services available to cardholders include:

  • Activation of a new prepaid card
  • Checking account balances
  • Obtain a mini-statement of recent account transactions
  • Top up prepaid card with funds
  • Report a prepaid card as lost or stolen
  • Live chat
  • Foreign currency transfers
  • Transfer between accounts

The M-payments application has been developed in partnership with information security experts Network Security Solutions using the firm's proprietary mobile text messaging security backbone, Xecure Message Service.

Surprise! ID Theft on Rise

ID theft on the rise, but costs down - Phoenix Business Journal:
The number of reported identity theft cases jumped 22 percent from 2007 to 2008 in the U.S., to 9.9 million, according to Javelin Strategy and Research, but the financial impact on victims has dropped.  Editor's note:  Financial impact on "individual victims" has dropped...because there's 22% more of them. 

The cost per incident -- including unrecovered losses and legal fees -- fell 31 percent, to less than $500, the San Francisco firm reports.

Identity fraud is defined as the unauthorized use of another person’s personal information to achieve illicit financial gain.

The survey says almost half of the cases are linked to stolen wallets, while only 11 percent of the victims had their identities stolen over the Internet. (Editor's Note: I expect that number to jump, maybe even double this year, until there's end-to-end encryption)  Heartland will contribute as will other breaches this year. 

We still don't know what's going on with Adele Services either. See: (Major Credit Card Hack Starting?)

Women were 26 percent more likely to be victims of identity theft.

“The good news is research shows consumers have more control than they may think and more of them are actively taking steps to protect themselves,” said James Van Dyke, president and founder of Javelin Strategy & Research, in a company statement. “Additionally, the financial industry has made significant strides to resolve fraud incidents for their customers and put stronger controls in place to limit fraud, which is lessening the impact of this crime”

Javelin Strategy & Research has been researching identity fraud for five years with 24,000 U.S. respondents involved in its survey. In October, nearly 4,800 telephone interviews were conducted to for the study.

Sorry Noca...NoCanDo

Rafe Needleman at CNET writes about a startup that is offering a new online payment system.  The problem is that users have to enter their checking account AND routing numbers via a keyboard online. 

If "noca" believes that enabling consumers to pay directly out of their checking accounts by typing their Checking Account Number (CAN) and bank routing numbers into a browser space with a keyboard they might want to revisit that idea. 

Followers of this blog undoubtedly know my stance on typing/entering any account numbers online.   Sorry...No Can Do...I'm just not the type.

Anyway...during a demo of a $10 transaction, Rafe needled the CEO about the security of the system (it asked for a mobile phone number, then called it and gave it a PIN) but the CEO, said that if it was a bigger amount, it "may have" incorporated  a tougher question.  May have?  Brilliant!

Now I don't know if the CEO (pictured on right)  was sleep walking when he did the interview, but  "PJ" Gupka, (who stated he was formerly in charge of VIsa network architecture) said that his system is more secure than Visa's

I would think that when scheduling a demo in front of CNET,  purporting your system "is more secure than Visa's" (especially with security being such a hot topic following the Heartland breach), you may want to choose the amount that actually incorporates those "tougher security measures."  At the end of the day though, if you are typing your "CAN" with a keyboard, (and your routing number) it doesn't matter how they encrypt it or what type or how many algorithms they use.  The data is fair game UNTIL it's encrypted.  It appears that it's not encrypted until it's captured, and my concern is that via a myriad of hacker inspired methodologies, it can be captured by them first.  Since the  security of a transaction is only as secure as it's "weakest" link, then this doesn't appear to be very secure at all. 

End-To-End Encryption (E2EE) is the only way to guarantee a secure transaction.  That's why Heartlands CEO is calling for it, (after a potential 100 million card breach) and more importantly, why HomeATM has provided E2EE on ALL it's transactions since January of '07.  Now I'm no security expert, I know (maybe) enough to be dangerous (to myself) but I think I'm within my rights to recommend that you don't buy the "type hype." Malware, keylogging, sniffers, bots, etc will tell you that.  Heck, Heartland got hacked and they were PCI certified.  They got nailed when they "unencrypted" the card data.  Nobody "typed" their card, oh excuse me, in this case, their checkiing account numbers online.  Sounds like a good idea 5 years ago...not today. 

Here's the story...with some of my comments included:
A new way to pay: Noca's credit card alternative
Rafe Needleman - Rafe Needleman writes about start-ups, new technologies, and Web 2.0 products, as editor of CNET's Webware.  e-mail Rafe.

When you buy a product online and use either a credit card or Paypal, a significant percentage of your transaction cost--from 2.5 percent to 4 percent when all the fees are considered--goes straight to either the credit card processing company or to PayPal.  With so many retailers operating at such slim margins already, this is a material expense. While payment processing will probably never be free, a new company, Noca, is launching today that undercuts payment processing by an order of magnitude: It charges just 0.25 percent for transactions.  (Editor's Note:  I think they meant .0025% if it's 2.5 basis points)

Noca, CEO PJ Gupta told me, does not enable credit of any sort. Rather, it's a financial interchange platform that lets consumers pay for goods through direct checking account withdrawals.

Gupta told me he was formerly in charge of Visa's network architecture, and that Noca is built in a more efficient way. "There's no reason to use IBM servers today," as the credit card processing companies do. "There are two to three order of magnitude of inefficiencies there." (Editor's Note:  He sure likes that "order of magnitude" line, doesn't he?  I wonder to which order of magnitude his system blows away the efficiency of Visa and IBM)

He also says that Noca is more secure. Transactions are handled and encrypted by Noca's servers; merchants never see the checking account and bank routing numbers consumers enter (the same is true of PayPal transactions). Editor's Note:  The merchants are NOT the one's I'm worried's the "hackers."  If a user "types or clicks" his Credit Card, Debit Card, PIN number, Social Security Number, it doesn't matter, online, it can be had )  An additional, adaptive security comes in to play depending on the type and amount of the transaction.  (Editor's Note:  It doesn't matter, it's fair game when you type instead of swipe.)

In a live demo where Gupta was buying $10 worth of digital goods from early Noca customer Klatcher, the system asked for a mobile phone number, sent a PIN to it, and required the user to enter that PIN on the transaction form. I didn't see how that added any security at all.  
(the buyer could give out any mobile number), but Gupta told me that if the transaction had been for more money or for physical goods, the verification process "might have" incorporated Yodlee's system of challenging the buyer to produce personal information from financial records, such as selecting an accurate previous address or amount of the buyer's regular mortgage check.

To pay using Noca, get out your checkbook and copy down some numbers. (Editor's Note: Get out my checkbook?  Did I go back in time?  Copy down some numbers...yes apparently I did) 

Gupta believes that the technology he's built to link into the banks, prevent fraud, and do so cheaply is a competitive barrier. But I am surprised that his customer roster at launch is sparse--only three vendors, and probably not one you've heard of. (Editor's Note:  ya think?) There are a dozen companies evaluating the system or getting closer to launching with it, Gupta says. There will be major vendors online with Noca, "well before June 30," he promised. (Editor's Note: More proof PJ is he's even dreaming)

One downside: (Editor's Note:  That was the punchline) Noca doesn't offer chargeback or dispute arbitration services. That's between merchants and their customers. But it does give consumers far more detailed transaction statements than credit cards or bank accounts.  (I don't know how smart that is either)

The author concludes by saying that Noca is a smart company for the current economy. Credit is tight for everyone, including consumers, some of whom are losing or just throwing out their credit cards.  Noca makes online purchasing easy and secure even without credit. And its lower fees could help make goods purchased online less expensive, too. 

Editor's Note:  Smart?  I didn't read anything I tought was smart about it.  For current economy? Question: Does anyone 14-41 years old even have a checkbook anymore, (NO Checking Accounts) or remember what drawer it's in?  "Makes online purchasing easy and secure?"  Typing in all those numbers, both your Checking Account Number (CAN) AND your routing number is neither convenient, nor easy and it's definitely NOT secure.

In closing, I guess there's two ways to make my point that noca will never do online, (ndo) 1. 1.  Add the "ndo" acronym to the end of their name and it creates a whole new message: Nocando. 

Put another way  Sorry noca, but:



In closing, I woke up in a sarcastic mood this morning (again) and used this story to further demonstrate that it is not safe to type any numbers (credit card, debit card, checking account, social security, etc) into a web browser.  If noca feels I went overboard, I would welcome their rebuttal and gladly post it here.  If you have any comments, click the title of this post and a comment form will appear at the bottom of the post.  Remember...Instead of Typin'...

Reblog this post [with Zemanta]

On Visa, Barclays and Heartland

Barclays Trounces Forecasts, Posts Flat Net
Wall Street Journal - USA
... the disposal of its life insurance book, and booked €291 million in profits on the initial public offering of VISA and sales of shares in MasterCard. ...
See all stories on this topic
Image representing Seeking Alpha as depicted i...Image via CrunchBase
Visa Rally May Be Short Lived
Seeking Alpha - New York,NY,USA
Investors in Visa and MasterCard will argue that this doesn’t matter because these companies simply process the transactions and do not have credit risk. ...
See all stories on this topic
Recent local debit card threat noted by Midwest Bank
York News-Times - York,NE,USA
Visa and MasterCard are working proactively with merchants, who are required to make changed in the way they store customer data and are required to report ...
See all stories on this topic
Reblog this post [with Zemanta]

Internet Growth Could Double Shares of Payment Provider - Barron's

Wirecard shares could double: Barron's

NEW YORK (Reuters) - Shares of Wirecard, a German online-payment processor, have fallen to about 4.40 euros from 11.65 euros last May, but the selloff is probably an overreaction and the shares could double in value, according to Barron's.

Wirecard is not immune from the contraction in consumer purchasing but the recession could actually accelerate growth in Internet purchasing, Barron's said.

The company has about an 8 percent share of Europe's 100 billion annual online transactions and could add another 1,000 customers this year as retailers outsource their Internet payment processing to cut costs, Borge Endresen, a portfolio manager of the AIM European Small Company Fund, told Barron's. AIM owned more than 300,000 wirecard shares as of December 31.

(Reporting by Helen Chernikoff; Editing by Bernard Orr)

Reblog this post [with Zemanta]

Video: Debit Card Thefts on Rise - Consumer Reports

Consumer Reports: Debit Card Thefts On The Risk
With the economy in trouble, all kinds of theft are on the rise, including criminals who are targeting debit cards. They've found a way to steal your PIN code and your money with the help of a device called a skimmer, which they install on ATM machines. Thieves then use the stolen information to create a new card.

Your whole account could be wiped out, including money you had set aside for your mortgage, for your car payment, or for other payments.

Attorney John Campbell, who helps victims of bank-card fraud, says you're most vulnerable at places such as gas stations, convenience stores, and airports, where it's easier to install skimmers. But even at your bank's ATM, check to make sure nothing looks loose or out of place.

Fortunately, Consumer Reports says there is one simple thing you can do to get better protection. When you're making a purchase with your bank card, press "credit" not "debit." The money is still deducted like a debit, but you don't use your PIN code...and so a criminal can't steal it. And by using the "credit" option, in most cases you'll only be responsible for $50 of any loss.

Consumer Reports says another important way to protect against debit-card theft is to check your account frequently online. That way, you can spot any suspicious activity right away.

Consumer Reports has no commercial relationship with any advertiser or sponsor appearing on this Web site.

Heartland Breach Won't "Disappear"

Huge bank card scam hits Bermuda
Bermuda Sun

Hundreds of debit and credit card customers in Bermuda have been dragged into one of the world's biggest security breaches.

Bank of Bermuda and Butterfield Bank are warning customers to be on guard after cyber-crooks hacked into the computer system of an overseas payment company.  Individuals and businesses with Visa and MasterCard cards are said to be at risk from the data breach at Heartland Payment Services.  Some 'compromised customers' have already had their bank accounts closed and replacement cards with new account numbers issued.

And the island's two biggest banks are now advising all card customers to monitor their statements to look for any suspicious activity.

Tech-security experts said the breach could set a worldwide record. It is believed that the scam could be the result of a "widespread cyber fraud operation" and the stolen data could be used to make fake cards.Bank of Bermuda confirmed its customers had been affected and it was doing all it could to protect them.

Lisa Fox, head of card services at the Bank of Bermuda, said the bank was working to safeguard its affected customers by contacting them directly, closing compromised accounts and issuing replacement cards.

Robert O. Carr, Heartland's chairman and CEO, said he "sincerely regretted any inconvenience caused" by the data breach. He stressed that no personal information such as cardholder's PIN numbers, addresses or telephone numbers had been stolen.  Mr. Carr said: "We will not rest (in peace?) until we have the answers to how and why this breach occurred so we can prevent any future attacks at Heartland and elsewhere.

Full Story from Bermuda Sun

Reblog this post [with Zemanta]

Disqus for ePayment News