Both Sides of the Mouth’ Security Analysis
May 27, 2009 by ADMIN · Comment
By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions
It was nice that Javelin Strategy and Research took the time to write about HomeATM in their analysis of Finovate Startup09, but I’m a little confused about something they say in their report.
Maybe a reader might be able to clarify what they mean, because right now I’ve got a kindova BSMS (Both Sides of the Mouth Syndrome) taste in my - for lack of a better word - mouth.
Why do I say BSMS?
Well, in the first portion of Javelin’s analysis of HomeATM, they say that our Safe-T-PIN device provides (the more secure) card present (vs. the less secure card not present) credit card transaction, and the even more secure PIN Debit transaction.
Here’s their quote:
Launched in April 2009, P2P Safe-T-PIN offers home-based “card present” credit card and PIN debit transactions online using a PCI-certified device attached to a personal computer through a USB port.
Users also could make online purchases by swiping their credit card or debit card and PIN at checkout. The device allows for secure real-time money movement with an option for delayed transactions.
Then, after stating that, the next thing they say is:
There is greater potential for HomeATM as a frequent high-value P2P solution such as a Western Union money transfer than for enabling e-commerce. Many consumers may be hesitant to swipe their ATM cards on hardware attached to their computer because of security concerns.
Therein lies my confusion.
First they state that our PCI certified device allows for “Card Present” and “Online PIN Debit” transactions, along with the statement that our device ALLOWS SECURE REAL TIME MONEY MOVEMENT, and then in their next breath they say that many consumers may be hesitant to use that very same PCI 2.0 Certified PIN Entry Device because of security concerns?
Did they possibly mean to imply that many consumers may be hesitant to swipe their ATM cards on hardware attached to their computer because they don’t want “improved” security?
Someone help me out here! I’m not being sarcastic. I’m being serious. Okay, I admit…I’m being totally sarcastic. But there’s good reason; in fact 117 good reasons. You may have noticed when you first visited the HomeATM site, there was a popup that appeared asking if you would please partake in our survey.
Well, I started the survey yesterday and already have 117 responses, and it doesn’t appear to me that very many consumers may be hesitant to swipe their ATM (or debit or credit) cards on hardware attached to their computer. In fact, 117 said they would prefer to Swipe their Card and 117 said they would prefer NOT to Type in a Username/Password.
Click below to enlarge and read two questions pertaining to whether individuals would prefer to Type or Swipe their Card information at a merchant website or Online bank:The analysis did go on to say that two of the “differentiators” enjoyed by HomeATM is that we provide “end to end encryption” and our device is PCI certified, so I’m still left confused by what they meant about many consumers being hesitant because of security concerns… chime in if you know!HomeATM Differentiators:• A HomeATM Mobile device will be available for mobile phones with Web access, allowing transactions on the go
• PCI-certified device
• Hardware-based end-to-end encryption
• 100% acceptance with all bank cards
Author’s Note: Plus our PCI 2.0 Certified PED also “encrypts” the Track 2 data and utilizes DUKPT key management as an additional layer of security.HomeATM’s Engineering Team Designed and Manufactures the World’s FIRST and ONLY PCI 2.0 PIN Entry Device Specifically Designed for eCommerce. Our device provides “Card Present” rates on credit cards and “True PIN Debit” Interchange on debit cards as well as secure 2FA authentication for online banking sites and live, “real-time” money transfer from P2P, B2B, B2P, P2B and mobile.
Stay Informed With RSS Feeds or Email Alerts Here: