Wednesday, January 27, 2010

Verified by Visa "Fraught with Security Problems" say Cambridge Researchers

PC World (and other's) are reporting that (according to Cambridge researchers) both Verified by Visa and MasterCard Secure Code don't provide adequate security.  They also argue that for "buying" into the system, merchants are less liable for fraudulent transactions and that some banks, such as RBS are shifting the liability to consumers.  Nice.   Speaking of nice...The Register had this to say:

A widely deployed system intended to reduce on-line payment card fraud is fraught with security problems, according to University of Cambridge researchers.

The system is called 3-D Secure (3DS) but known better under the names Verified by Visa and MasterCard SecureCode. Implemented and paid for by e-commerce vendors, the systems require a person to enter a passwordor portions of a password to complete an on-line purchase.

As a reward for investing in the systems, merchants are less liable for fraudulent transactions and are stuck with fewer chargebacks. But banks such as the Royal Bank of Scotland are now holding consumers to a higher level of liability if fraudulent transactions occur using either system, said Steven J. Murdoch, a security researcher at the University of Cambridge.

That is despite what Murdoch and security engineering professor Ross Anderson contend are several flaws with 3DS. They wrote a seven-page paper on the topic, which Anderson presented on Tuesday at the Financial Cryptography and Data Security conference in Tenerife on Spain's Canary Islands.

One of their main points is how 3DS is integrated into Web sites during a transaction. E-Commerce Web sites display 3DS in an iframe, which is a window that brings content from one Web site into another. 

The e-commerce Web site connects directly to a bank, which solicits a person's password in the iframe. If the password is right, the transaction is complete. But the researchers argue that since there's no URL displayed with the iframe, it's difficult to tell whether it's genuine or not.

Continue Reading at PC World

Here's More: (gotta love the title)

Verified by Visa bitchslapped by Cambridge researchers

Secondary credit card security systems for online transactions such as Verified by Visa are all about shifting blame rather then curtailing fraud, Cambridge University security researchers argue.

The 3D Secure system - branded as either Verified by Visa or MasterCard SecureCode - has become a ubiquitous extra line of security for many online transactions, with over 200 million cardholders registered. The number of merchants who insist that users submit an additional password and re-submit a CVV code in order to authorise a transaction makes it hard to shop online without using the technology.

Lloyd Constantine Forbes Interview: Visa and MasterCard Case

Lloyd Constantine, of Constantine and Cannon, the law firm who sued Visa and MasterCard for Antitrust violations and author of Priceless: The Case that Brought Down the Visa/MasterCard Bank Cartel,  speaks with the Forbes Video network about the $3 Billion Visa and MasterCard Antitrust case. 

Lloyd Constantine Forbes Interview: The Modern Monopoly

Lloyd Constantine, of Constantine and Cannon, the law firm that brought down the Visa/MasterCard Bank Cartel speaks about "The Modern Monopoly"

No Major PCI DSS Revision Expected in 2010

By Robert Westervelt, News Editor

27 Jan 2010 |

PCI Security Standards Council general manager Bob Russo said the next revision of the Payment Card Industry Data Security Standard (PCI DSS), due in October, will contain clarifications but no major changes to the standard.

End-to-end encryption is a catchphrase because at a certain point along the line, the data needs to be decrypted.

Bob Russo,

general manager, PCI SSC

"There won't be any surprises," Russo said. "We're more likely to see guidance documents."

Encryption, virtualization and the use of more secure payment terminals are expected to gain more attention. Those topics have been the focus of several special interest groups managed by PCI SSC and a study of emerging technologies to help shape future versions of the standard, Russo said. The organization is also ruminating Chip and PIN technology, though no PCI DSS revisions are anticipated on the issue in 2010.

PCI DSS related information:
PCI QSAs, certifications to get new scrutiny: The PCI Security Standards Council now has a team of five reviewing PCI assessments for inconsistencies and has increased funding for its QSA oversight program.

PCI Council issues priority tool for compliance: A PCI compliance tool walks companies through the compliance process by meeting six milestones set by weighing risk and threat factors.

Heartland breach highlights PCI limitations: The benefits of complete PCI and the necessity of full compliance are now being widely questioned, says Eric Ogren, principal analyst, The Ogren Group.

PCI DSS changes take place on a two-year revision schedule, with the last major update released in 2008. The organization gathers about four months of feedback from council members followed by a meeting of its Board of Advisors in which any proposed changes are put in place. A draft revision of the new standard is due in May, and the organization will gather any remaining feedback at its community meetings in September. The updated PCI DSS standard would be finalized and made public by mid-October, along with any revisions made to the Payment Application Data Security Standard (PA DSS), Russo said. A revision to the PIN Entry Device Security Requirements, also maintained by the organization, is due in April.

Rather than a major PCI DSS revision, this year the council expects to release guidance documents to help merchants being bombarded by vendors with new card data protection technologies.

A topic deserving further study is end-to-end encryption, Russo said. Robert Carr, CEO of Heartland Payment Systems Inc., which announced last year that it suffered a massive breach as a result of a SQL injection flaw, has been pushing the industry to adopt more comprehensive encryption measures. Heartland has worked with Voltage Security Inc. to develop its E3 secure payment system. But Russo said the term "end-to-end encryption" hasn't been clearly defined and added that tokenization, a facet of a payment strategy being introduced by EMC Corp.'s RSA security division and payment processing giant First Data Corp., introduces similar security issues.

"End-to-end encryption is a catchphrase because at a certain point along the line, the data needs to be decrypted," prompting key management questions, Russo said. "Key management introduces a whole new series of issues that could cause you to be less secure."

Russo said he doesn't expect an end-to-end encryption special interest group will study the issue. Instead encryption within the payment process will be addressed when other technologies that affect the payment process are identified and studied. The Virtualization Special Interest Group, due to recommend guidance in March on protecting card data within virtualized environments, will address the role of encryption as well, Russo said.

"Unfortunately there are so many different technologies that merchants may have started down the path with that we need to be careful and study them before prescribing them in the standard," Russo said.

SearchSecurity radio:
Chip and PIN technology is also gaining increased attention among the card brands, Russo said. A special interest group is studying Chip and PIN, which is popular in Asia, Europe and being phased in at payment terminals in Canada.

The technology replaces the magnetic strip on the back of a card with an embedded microchip and adds a four-digit PIN to confirm a payment. The issue is being pushed by lawmakers. At a congressional subcommittee hearing on the adequacy of PCI DSS to protect cardholder data, several lawmakers called on the industry to move forward with Chip and PIN to reduce data theft and bolster the protection of transactions.

"The rest of the world is using some form of Chip and PIN so we can't ignore it," Russo said. "It's an enormous endeavor and implementing this poses huge costs."

Commercial versus Consumer Mobile Banking

Why banks should offer business customers a different mobile banking application than consumers

--(BUSINESS WIRE)--In today’s economic environment, it is critical for financial executives and business owners to have full access to financial information at all times and through multiple channels, including mobile. Many banks recognize commercial mobile banking as a growing trend, but are still slow to roll out the service to business customers. For banks offering mobile banking to businesses, most have simply re-packaged consumer applications for business use, but consumer applications do not provide businesses with the added functionality and enhanced security capabilities required.

Nick Holland, senior analyst with Aite Group, said in a recent report1, “Small businesses are looking for a host of extra functionalities above and beyond the requirements of vanilla mobile banking, such as wire approvals and positive pay. Banks will be looking to monetize small-business mobile banking, and an offering that does not justify end-users paying for the service is unlikely to receive implementation.”

Online Banking Solutions (OBS)
recently launched the industry’s first-ever commercial mobile banking offering, Messenger Mobile Service, a new mobile channel to support commercial banking transactions for banks’ business customers. In addition to TEXT/SMS notifications, users can view account balance, transaction information and special reports; initiate account-to-account transfers, pre-defined payments or payment batches; and receive service alerts, payment advices and urgent notifications. Messenger Mobile Services provides a mobile banking channel with applications for iPhonetm and Blackberrytm smart phones.


Joe Spatarella, VP Sales & Marketing for OBS, can discuss why banks should offer business customers more than a consumer mobile banking application, and explain what sets a commercial mobile banking application apart from one designed for consumers.


Spatarella is available immediately for commentary.

Mary York

Media Contact for OBS


About Online Banking Solutions (OBS):

Founded in 2002 by a management team that pioneered Web cash management and business banking technology, launching two successful financial technology companies, Online Banking Solutions (OBS) provides next-generation Online Messenger multi-channel reporting, transaction and file delivery services to banks including seven of the top 50 U.S. financial institutions. Private, profitable and based on the philosophy of over servicing clients, OBS offers financial institutions the extensiveness of a large-scale technology provider, but the tenacity of an agile, service-driven organization. For more information, visit

1 Editor’s Note: “The ROI of Small-Business Mobile Banking,” September 2009, Aite Group

TIO Networks to Provide Bill-Pay Kiosks to Best Buy

Vancouver, British Columbia, -- TIO Networks Corp., (TSX.V-TNC), North America’s leading multi-channel expedited bill payment processor today announced a strategic alliance with Best Buy Co., Inc. (NYSE:BBY) to roll out self-service bill payment and financial service kiosks to Best Buy Stores across the United States.

The first kiosk systems have already been rolled out and activated in the Phoenix, Las Vegas, Atlanta, and Miami markets. Best Buy customers in these markets can now make expedited bill payments on their wireless, utility, cable and other accounts through the touchscreen and Internet enabled kiosks.

The cash and debit accepting kiosks are positioned strategically in each store to offer Best Buy’s wireless customers convenient access to wireless and other bill payment services.

TIO bill payment is a fast, secure and convenient way to access bill payment accounts, view balances without the need to have account information present and pay bills in cash. Payments are made by feeding the cash directly into the TIO terminal’s note acceptor. Once the payment is accepted, TIO uses an Internet link to ensure timely posting of the payment. Best Buy customers can navigate through TIO applications in either English or Spanish and complete financial transactions by either printing or emailing their receipt to an email address of their choice.

“We are thrilled to provide the retail chain with the largest volume of wireless customer activations the opportunity to offer bill payment services as an extension of the wireless services”, said Hamed Shahbazi, Chairman and CEO of TIO Networks. “Consumers who pay bills in person have traditionally tended to pay such bills in the same location where they acquired their phones. With this initiative, Best Buy now offers a full complement of expedited bill payment services for the nation’s largest wireless operators.”

About TIO Networks Corp.

TIO is the leading multi-channel expedited bill payment processor serving the largest Telecom, Wireless, Cable and Utility bill issuers in North America. With over 20,000 location endpoints to its processing network, TIO symbolizes fast, convenient and secure access to expedited payment services.

Source: Company press release.

Online Banking Up 24% in Korea

Use of Internet banking in Korea rose 24.8 percent in 2009 from a year earlier as more people went online for financial transactions, the central bank said yesterday.

Online bank transactions reached an average of 28 million per day last year, compared with 22.4 million in 2008, according to the Bank of Korea. The number is based on online users checking financial records, transferring funds or taking out loans.

The total value of Internet banking transactions came to 29.5 trillion won ($25.4 billion) per day, up 28.9 percent from a year earlier. The number of Internet banking subscribers registered online with 17 local banks, the state-run Korea Post and HSBC Holdings grew to 59.2 million as of the end of last year. The figure has grown by double digits since 2005, the BOK said.

The majority of transactions were conducted via computers, wireless handsets accounted for 6.1 percent of the total. Transactions via mobile platforms jumped 62.7 percent on-year to an average 1.72 million per day, the central bank said.

Nearly nine out of 10 households in Korea have access to cheap broadband Internet. The nation’s computer usage is among the highest in the world. Yonhap

Blippy: Do You Really Want Your Card Transactions Showing Up as a Blip on the Bad Guys Radar Screen

When Blippy, which lets you twitter credit/debit card purchases rolled out earlier this month, my eyes rolled as well. Maybe because I still don't get Twitter. Somebody Tweets "I'm at Peet's" and frankly, it won't be more interesting finding out how much they spent there and what card they used. Who cares? Answer: The bad guys!

Social networking sites have been identified as a nesting ground for purveyors of malware and phishing techniques, thus financial information gathering. It isn't difficult for them to round up needed information, but why make it easy for them by signing up to have your purchases show up as "blips" on the bad guys radar screens? I was waiting for someone else to see the naked emperor before saying anything. Cyveillance has spoken...

, could be a valuable tool for cyber criminals, warns Cyveillance.

Blippy, a Spear Phisher’s Dream

This month, a service called Blippy was rolled out to the general public. In a CNN article this week, Blippy was described as a “financial version of”, where users’ credit card transactions are posted to the internet much like the short tweets that people post to twitter.

On twitter, users post up to 140 characters on any topic they wish to discuss. On Blippy, a posting displays how much a person paid for a recent purchase. In the image below for example, we see that Michael Arrington of TechCrunch paid $112.64 at Amazon for a SanDisk 16GB 60MB/s Extreme Compact Flash Card.

Example of a Blippy transaction. Click the image to see a larger version or see the original here.

CNN reporter John D. Sutter asks Blippy cofounder Philip Kaplan whether there are any dangers in posting this sort of information:

CNN: Is there any potential that this would expose someone to an attack on their financial information, or that it could be used against them?

Kaplan: I don’t — we’ve all been taught that this is just something you don’t do. As an aside, when I was a kid, we weren’t allowed to tell anybody we were going out of town, and we had timers in the house that would turn the lights on and off so it would look like we were home. But now you tweet when you’re at dinner. … You put your whole schedule on Facebook so people can like plan their robberies ahead of time. And I think the pros far outweigh the cons in that scenario. … I think the risks in actuality are very small. Similarly, I think we have this engrained thing that we’re taught, which is to not share this [financial] information, and we don’t really know why.

That’s not the right answer to the question. Information found in Blippy postings (“blips”?) can be used against them.   Let’s go back to the example in the image above.

We find:

  • a user’s name

  • the name of a business with whom they had a financial transaction

  • how much they spent

  • for certain retailers, what they bought

Great. Now let’s examine what is presented to someone when they receive an email in a traditional phishing attack, which we know to be a very profitable endeavor for bad guys. (A recent study by Cyveillance found that average attacks can cost millions of dollars in losses). It really comes down to two things:

  • The email is made to look like it comes from one’s bank or other business institution.

  • A call to action, where the recipient is asked to follow a link to a website online.

Spear phishing takes things a step further by personalizing the email sent to the potential victim. The attack may address the victim by name or phone number (see example), lending credibility to the attack and greatly increasing the likelihood that the recipient becomes a victim.

From a cyber criminal’s point of view, Blippy currently offers great information to construct a highly targeted spear phishing attack. After examining the types of purchases Blippy shows for Best Buy, consider the spear phishing attack one could construct for a hypothetical Blippy user named Johann Gonzales:

Dear Johann Gonzales,

Thank you for your recent purchase of $52.99 at Best Buy. To receive credit for your purchase in our Best Buy Reward Zone program and receive valuable discounts on future purchases, click here

Putting together such an email would require software to “scrape” information from Blippy that it would then use to send to an array of likely email addresses for Johann Gonzales, like,,,, and so on. Given that software needed to carry out such an attack is freely available online, it must be assumed that cyber criminals are preparing such an attack on Blippy users. Even if they are not yet preparing, for the sake of Blippy’s users, Blippy must plan ahead as if they are.


Currently banks reimburse users when they become victims of phishing attacks, but the financial industry often wonders at what point it becomes the victim’s responsibility for losses incurred during phishing attacks. The information that Blippy users currently provide to would-be cyber criminals gives businesses more leverage to say that they will not reimburse losses incurred in spear phishing attacks. After all, if the Blippy user practically hands the bad guys all the information they need to carry out an attack, how is it the bank’s fault? Blippy does hold promise as a way for consumers to gain information about the prices of goods and services. But it also currently provides a literal wealth of information for spear phishers. 

Class Action Lawsuit Filed Against Citizens Bank, Alleging Bank Improperly Charges Overdraft Fees, Violating Federal Law, State Law, and Its Contract With Customers

Source: Press Release

A class action lawsuit filed yesterday would require Citizens Bank to refund hundreds of millions of dollars in unlawful overdraft charges -- which Citizens Bank often charged even when the customers had enough funds in their accounts to pay for the purchase.

The lawsuit was filed in federal court on behalf of Jessica Duval, of Goffstown, New Hampshire, and other bank customers who were unfairly and illegally charged overdraft fees by Citizens Financial Group Inc. ("CFG"), for charges she made on her ATM/debit card. CFG is the parent company of Citizens Bank and Charter One Bank.

The class action lawsuit alleges that these charges violate federal and state law, as well as the contractual relationship the bank has with its customers. The lawsuit seeks certification of a class action on behalf of Citizens Bank and Charter One Bank customers who were improperly charged overdraft fees or who received insufficient disclosures about such overdraft fees.

"While the federal government has begun to regulate overdraft fees, Citizens Bank and other banks continue to abuse customers and improperly charge overdraft fees. Moreover, customers must be compensated for bank practices that caused hundreds of millions of dollars in improperly charged fees," said Hassan Zavareei, a partner at the Washington, D.C.-based law firm Tycko & Zavareei LLP, which represents the plaintiff.

"Citizens Bank manipulates the posting of transactions to incur $37 overdraft fees on accounts, and customers cannot stop the bank from making arbitrary decisions that their accounts have been 'overdrawn.'

The bank punishes customers and their families with these charges, causing further pain for families already stressed by the poor economic situation," Zavareei said. Citizens Financial Group, Inc. ("CFG") is a $151 billion commercial bank holding company. It is headquartered in Providence, R.I., and, through its subsidiaries, has more than 1,500 branches and approximately 3,500 ATMs and approximately 22,600 employees. Its two bank subsidiaries are RBS Citizens, N.A. and Citizens Bank of Pennsylvania. They operate a 12-state branch network under the Citizens Bank brand in Connecticut, Delaware, Massachusetts, New Hampshire, New Jersey, New York, Pennsylvania, Rhode Island and Vermont, and the Charter One brand in Illinois, Michigan and Ohio.

The complaint alleges that Citizens Bank/Charter One manipulates debit transaction posting to cause overdraft fees even when there are sufficient funds to pay for a certain purchase. Citizens Bank uses several different methods to cause a customer to incur an overdraft fee even when her account has never been overdrafted.

The complaint also alleges that Citizens Bank directly violates the terms of its account agreement by allowing purchases and withdrawals even when a customer has an insufficient balance. For example, one contractual provision states that the bank will not allow withdrawals when there are insufficient funds. In fact, the class action alleges that the bank does allow withdrawals on insufficient funds even at its own ATMs -- and it does so without any prior warning to the customer. According to the complaint, the bank does this for the sole purpose of charging its own customers an overdraft charge.

The complaint also alleges that Citizens Bank has not allowed its customers to opt out of "overdraft protection," as recommended by Federal regulators.

The lawsuit is captioned Duval v. Citizens Financial Group, Inc. and has been filed in the Northern District of Illinois.

Copies of the complaint may be obtained from Hassan Zavareei at Tycko & Zavareei LLP.

SOURCE Tycko & Zavareei LLP

New Online Shopping Data Shows 23 Percent of Consumers Will Shop Online for Valentine’s Day

According to the eBillme Online Spending Index, 9 Percent of Consumers Will Spend More Online Than Last Year and 57 Percent Plan to Purchase Something Other Than Flowers or Chocolates

RYE BROOK, N.Y.--(BUSINESS WIRE)--Twenty-three percent of consumers plan to shop online for Valentine’s Day gifts, with 9 percent indicating they will spend more money online compared to last year. This represents an increase in online shoppers over the 2009 Valentine’s Day holiday. Further, the majority of consumers will shop for gifts other than the traditional flowers and chocolates.

This is according to the eBillme Online Spending Index, a quarterly survey conducted by Javelin Strategy and Research. The Index polls 1,200 consumers to measure projected online spending for the quarter and the influencing factors. According to the Q1 Index, consumers plan to spend an average of $236 online, which is in line with spending levels from Q1 2009.

This quarter, consumers were also asked if they have decided what purchases they will make for Valentine’s Day. Overall, 47 percent of respondents do not know what to purchase for their loved ones.

Fifty percent of males are unsure about Valentines Day gifts for her.

Forty-five percent of females are unsure about Valentines Day gifts for him.

Consumers who are married or living with their partners responded with more uncertainty.

Consumers become more certain about what to purchase with age. Consumers 65 years old and over responded with more certainty than consumers in the younger demographics.

“Valentine’s Day is an opportunity for retailers to build on holiday sales,” says Samer Forzley, Vice President of Marketing for eBillme. “The number of consumers planning to shop online for Valentine’s gifts and spend more than last year is encouraging news for the eCommerce industry. It’s interesting to see that consumers are looking towards more non-traditional gifts this year but are still in the dark about they will be purchasing. For e-tailers, this means there is still time to market and capture these undecided sales.”

The Online Spending Index is released quarterly by eBillme, the most secure payment option online that enables consumers to pay with cash using online banking and walk-in locations. eBillme offers consumers buyer protection features including satisfaction guarantee, best price, in-transit protection, and fraud protection, in addition to cash-back rewards through the eBillme Rewards program.

For more information or to receive the full findings from this quarter’s Index, please contact Samer Forzley at

About the Index

The Index is based on data collected from an online consumer survey deployed quarterly starting in August 2008, with a sample size of 1,209 respondents. The survey targeted U.S. adults (age 18 +) and was based on representative proportions of gender, ethnicity, and income as compared to the overall U.S. online population. Overall margin of sampling error is ±2.8 percentage points at the 95 percent confidence level.

The next Index will be released in April 2010. Data from the Index will be posted on the eBillme Web site at eBillme

eBillme™ is the most secure way to pay online and the only online payment solution that extends the convenience of online banking to the merchant’s checkout process. The service enhances security for online shoppers, and enables merchants to increase sales while reducing transaction costs. No financial data is exposed and the payment transaction is securely transferred from the customer’s bank to the retailer’s bank. Consumers can shop online, by catalog or through call centers, and pay for their purchases at their bank, credit union, or bill pay portal using the security and convenience of online banking or by paying the bill at over 75,000 walk-in locations. For more information, please visit or eBillme’s Online Debt-Free Shopping Mall at

22nd Annual Card Forum and Expo

22nd Annual Card Forum & Expo

22nd Annual Card Forum & Expo

Events over the last year changed the entire payments industry landscape — regulatory and legislative activism, shifting consumer attitudes and behaviors, extraordinary loss rates, and the corresponding need to reduce expenses and increase productivity. But change is inevitable. Organizations have been presented with business model overhauls before, often times stimulating new opportunities.

This year's 22nd Annual Card Forum & Expo, May 16-18, 2010 at the Hyatt Regency Grand Cypress in Orlando, FL, features advice and lessons learned from industry veterans, carving a path for both recovery and growth following one of the industry's greatest upheavals.


Special Limited-

Time Offer:

SAVE $200 off the

current rates if

you register by

February 5th and use




Our Keynote Panel Session will feature seasoned executives who have successfully led companies through tremendous change and who will share lessons learned, the challenges each has faced over the course of their careers, and how lessons from the recent past can help the industry adapt to the new environment.

What We've Learned from the Great Recession, and Challenges Past


Daniel J. Frate

Executive Vice President, Retail Banking

PNC Financial Services

Daniel J. Frate leads the Products and Alternative Channels group for the Retail Banking business line. This includes consumer and business deposit products, consumer and business lending products, the online channel and emerging technologies, payment products and telephone banking.

His experience of more than 20 years in the banking industry includes serving as President of U.S. Bancorp's payment systems business and as the company's senior consumer risk officer. Prior to his current position at PNC, he served as vice chairman and executive vice president of National City Corporation, leading the Retail Banking business line, including the branch network, direct lending, deposits, retail services, direct banking, credit card, insurance, customer strategy, channel management, business banking and National City Mortgage.

Siddharth N. "Bobby" Mehta

CEO & President, TransUnion &

Former Chairman and CEO, HSBC Finance Corporation

Siddharth N. “Bobby” Mehta is CEO and president of TransUnion and brings more than 20 years of financial services experience to the position. Before TransUnion, Mehta was chairman and CEO of HSBC Finance Corporation, one of the world's largest banking and financial services organizations. He was also the group managing director of HSBC Holdings plc, with responsibility for the strategic management of the consumer finance customer group and credit cards throughout the HSBC Group.

David D. Wesselink

former Chairman & CEO

Metris Companies Inc.

Mr. Wesselink is the retired Chairman and CEO of Metris Companies, a consumer financial services company that was acquired by HSBC in December, 2005. He joined Metris as chief financial officer in 1998, was promoted to vice chairman in 2000, and was appointed CEO in 2002. Before coming to Metris, Wesselink was with Advanta Corp., which he joined in 1993 as senior vice president and chief financial officer. Prior to Advanta, he spent 23 years at Household International. He was named HFC’s chief financial officer in 1982 and a senior vice president in 1986.

This Keynote Panel will be moderated by Mark Van Ert, Managing Director, FG Solutions. Mr. Van Ert is a 20-year veteran of the card industry, and currently acts as the Managing Director of FG Solutions, a strategic consulting firm that focuses on the needs of consumer financial services firms.

Please check the conference website for agenda updates, news on the latest keynote speakers and sessions you won't want to miss.

Register by February 5th and save additional $200 off the current conference rates! Use PROMO CODE: SAVE200 when registering online or mention this code when you call our customer service representative at 212.803.8348.

We look forward to seeing you in Orlando in May.

Best Regards,

Emily Otani

Manager, Conference Program Development, Payments


MANA President Pushes For Interchange Fee Reform

Says rising interchange fees are hurting consumers, particularly in challenging economic times

, Jan. 26 /PRNewswire-USNewswire/ -- Following yesterday's California General Assembly's hearing on interchange fees, Alma Morales Riojas, President of MANA, A National Latina Organization headquartered in Washington, D.C., issued the following statement pushing for interchange fee reform.  Riojas says that excessive interchange fees hurt businesses but they also hurt consumers -- because many businesses are forced to pass along the fees to their customers in the form of higher prices.

"I'm encouraged that the California General Assembly is examining an issue that affects us all -- rising interchange fees.  Credit card companies and their issuing banks charge businesses, and anyone else who accepts credit and debit cards, a fee every time plastic is accepted as a form of payment.  At first glance, this hidden expense seems innocuous, but there is more to the issue than the surface reveals.

"As consumers, it's important that we have the option to use plastic.  However, the fee merchants are currently charged to offer this convenience has been steadily increasing and merchants say the fee has long passed the point of being excessive.  As a result, all consumers are paying the price, literally.  

"Conservative estimates from the Hispanic Institute report that lower income Americans transfer billions of dollars to higher income Americans every year because of hidden credit and debit card fees on goods and services of every type, including necessities of life such as gas, groceries and clothing.  

"This has gone on for far too long.  Credit card companies need to charge merchants an interchange fee rate that is more reflective of the true cost of transaction processing.

"While these fees have gone relatively unnoticed by Congress to date, I believe this issue must be addressed immediately. I urge our Senators and Representatives to take note of the issue that is being recognized in California and urge them to reform interchange fees. It's not just businesses being harmed -- it's all of us."

MANA, A National Latina Organization, is a nonprofit advocacy organization headquartered in Washington, DC.  With chapters across the country, it is the oldest national Latina membership organization in the United States.  
MANA, whose mission is to empower Latinas through leadership development, community service and advocacy, envisions a national community of informed Latina activists working to improve the quality of life for all Hispanics.  MANA also has the only national Latina mentoring program for girls 11-18, HERMANITAS®, which brings over 100 girls each year to a Washington, DC, Latina leadership institute that includes educational activities at the White House, on Capitol Hill, and at the Pentagon.

SOURCE MANA: A National Latina Organization

Open Solutions and ISS Informant Announce Alliance Partnership to Provide Fraud Detection Services

GLASTONBURY, Conn.--(BUSINESS WIRE)--Open Solutions Inc.®, a leading provider of integrated enabling technologies for financial services providers throughout the United States, Canada and other international markets, has signed a strategic partnership agreement with Richardson, Texas-based Innovative Support Solutions (ISS), by which ISS will supply its Informant fraud detection solution to Open Solutions’ core clients. The two companies have completed a commercialization process that enabled seamless integration of Informant with Open Solutions’ premier core platform, known as DNA.

The ISS Informant product is a comprehensive suite of flexible and highly customizable components. These components are specialized for real-time monitoring of security and risk management solutions for financial institutions and their clients. Informant components monitor and report on areas of government regulation and compliance, database system intrusion, internal audit policies and transaction based fraud across all member accounts. Every component is customizable to the specific requirements of the financial institution and is kept current with developing trends in fraud and identity theft.

Eric Anderson, Open Solutions’ vice president of Strategic Alliances, said, “We’re very pleased to have formed this strategic alliance with ISS and to be able to offer Informant as a DNA-integrated solution. It’s an excellent solution that offers around-the-clock protection against fraudulent transactions, and knowing it’s been through a rigorous commercialization process with DNA will provide our clients with even more peace of mind.”

“Open Solutions has a reputation for innovative technology and we’re happy they recognized the innovation at work in Informant,” said Ray Seefeldt, president of ISS. “Both companies — and our clients — will benefit from the alliance, and that’s more important than ever. Gartner Group estimates that fraud losses represent roughly seven percent of a financial services institution’s gross revenue. This amount and the instances of financial fraud continue to rise more than 10 percent annually. Transaction analysis, in real-time, is a key component in reducing fraud.”

About Innovative Support Solutions (ISS)

Innovative Support Solutions (ISS) is a tactical services credit union service organization (CUSO) fully owned by Texans Credit Union. ISS provides risk management and fraud protection, operations and consulting services to financial services and related industries.

About Open Solutions Inc.

Open Solutions Inc. offers a fully-featured strategic information management product platform that integrates core processing applications built on a single centralized Oracle relational database, with Internet banking, cash management, CRM/business intelligence, financial accounting and management tools, profitability tools, wealth management, imaging, digital documents, interactive voice response, technology services, HSAs, payments and loan origination solutions. Open Solutions’ full suite of products and services allows banks, thrifts, credit unions and financial services providers in the United States, Canada and internationally to better compete in today’s aggressive financial services marketplace, and expand and tap their trusted financial relationships, client affinity, community presence and personalized service.

For more information, visit

Open Solutions Inc. is a registered trademark of Open Solutions Inc. All other company and product names may be trademarks of their respective owners. Copyright 2010 Open Solutions Inc. All rights reserved.

VoiceCash Forges Links with Dubai Based Newboard Capital
 Future Focused Firmly on Pakistan, India and Bangladesh

MUNICH--(BUSINESS WIRE)--The UAE remittance market has a volume of about $10 Billion a year. The workforce of the country includes numerous migrants from India, Pakistan and Bangladesh. To cater to them, VoiceCash Group has announced a new service to enable these expatriates to send money home more quickly and safely in comparison with existing channels.

In autumn 2008 VoiceCash received a full European SEPA Banking license establishing VoiceCash Bank in Malta. As money transfers across international borders are one of the biggest growth markets and are emerging worldwide as a significant part of the economic development process, VoiceCash Bank is an important step forward towards providing world-wide access to mobile banking.

To build and provide this service VoiceCash has retained Dubai based Newboard Capital as a strategic advisor. VoiceCash is an associate company of VoiceTrust, the global market leader in the field of authentication through biometric voice verification. It is also the main technology partner for the VoiceCash enterprises.

Newboard Capital has already structured a 17 million Euro buyout for VoiceTrust in 2007 when Dutch investor Marcel Boekhoorn acquired a majority stake in the group by buying out the original German venture capitalists.

Michael Kramer CEO of the VoiceCash Group and Corné Melissen, CEO of Newboard Capital both expressed their firm belief that the new cooperation between the companies will bring serious competition to the UAE remittance market.

About VoiceCash:

VoiceCash specializes in International Mobile Money Transfer. The VoiceCash services enable mobile users to share money with family members or friends abroad without a credit check. VoiceCash issues the first prepaid twin-card for electronic payments, a Prepaid MasterCard twin-card, in Germany. Thus VoiceCash enables cross-border mobile payment services and provides access to 28 million locations, where MasterCard is accepted. Cash withdrawals are possible at 1.5 million ATMs worldwide. The VoiceCash Prepaid MasterCard twin-card can be managed online via Internet, via mobile phone SMS commands or using VoiceTrust’s innovative and certified voice verification system. This also increases the safety level of existing user facilities. VoiceCash Bank has a European banking license. Thus VoiceCash appears as a turnkey supplier for money transfer services offering mobile operators, banks and other service providers a central processing system for worldwide mobile transactions. VoiceCash Bank is the leading service provider for International Mobile Money Transfer in Germany and one of the key players worldwide. For more information, see

VoiceCash Services GmbH & Co. KG
Geisenhausenerstr. 15
81379 Munich, Germany
Parent company:
VoiceCash Holding B.V.
PO Box 30010
6803 AA Arnheim
The Netherlands
Trade register: Arnhem, Niederlande: 09178615
CEO: Michael Kramer
VAT: NL818929492B01

Disqus for ePayment News