Tuesday, December 13, 2011

Sequent Launches Neutral NFC Platform to Accelerate Mass Adoption

Breakthrough Software Platform Resolves Incumbent Technology and Business Barriers

SAN FRANCISCO, CA, Dec 13, 2011 (MARKETWIRE via COMTEX) -- Sequent Software, a leading provider of near field communication (NFC) software and services, has launched an NFC services platform that lets any mobile operator, card issuer, or application developer deliver a rich mobile payment consumer experience. The platform accelerates NFC commercialization that seamlessly integrates consumer transactional capabilities, such as payments, with mobile devices.
"Today, we're launching a solution that unlocks the potential of NFC," said Drew Weinstein, Sequent's Chief Executive Officer. "Our platform was built from the ground up to capitalize on the evolution of the physical world to the mobile world. We don't have to play by the same rules as the legacy providers and our technical innovation and business model reflect this."
The center of the platform is Sequent's Secure Element Management platform that allows secure element owners, often mobile operators, the ability to onboard and manage a consumer's accounts into a mobile device. Unlike other providers, Sequent focuses on the management of those accounts, not the issuance of the account level data. Sequent makes NFC more valuable to mobile operators by supporting any secure element form factor, and flexibility by supporting all issuer types; payment, transit, loyalty, and more.
Sequent's Issuer Plug-in works in tandem with the platform to expedite a card issuer's ability to use NFC. The Plug-in is standards-based, giving issuers the ability to maintain their existing issuing systems, while provisioning account data over the air to mobile devices. The combination of the Secure Element Management platform and the Issuer Plug-in allows Sequent to offer a truly neutral solution to the market -- allowing mobile and issuing parties to focus on their core businesses.
The Sequent platform is enhanced with a mobile wallet, understanding that both mobile operators and issuers are equally concerned with a positive consumer experience. The Sequent Wallet provides a discrete branding environment for issuers and mobile operators, as well as integrated application functionality so the consumer enjoys a richer experience than their physical wallet.
About Sequent Sequent provides a neutral platform that unlocks the potential of NFC for consumers and the mobile and issuing industries. Sequent's solution consists of on-device middleware and services allowing participants to focus on their core business while providing value-added, mobile-centric capabilities that result in rich consumer experiences. The company has one of the highest concentrations of mobile and payment experts within a single firm dedicated to enabling NFC services. Sequent executives have led the deployment of many of the world's most significant NFC trials, and have worked on mobile and payment strategy for brands like AT&T, VISA, and ViVOTech. Sequent's investors include Opus Capital and SK Telecom Ventures. For more information, please visit http://www.sequent.com/ .

Google Wallet stores too much unencrypted data in a rooted device--report

image from itgawker.com
CNET:  Google Wallet does a good job of storing passwords but doesn't encrypt the entire credit card number, balance, and other information, a research firm said today after testing the application on a rooted device.
Data that is stored on the device in various SQLite databases in unencrypted form also includes name on the card, the last four digits of the credit card, card limit, expiration date, transaction dates, and locations, ViaForensics said in a report titled "Forensic security analysis of Google Wallet."
In addition, the application created a recoverable image of a credit card that could provide fodder for a social engineering attack, according to the report, which was a high-level analysis of Google Wallet--"the first real payment system leveraging NFC [near field communication] on Android."

ViaForensics gives a report card of sorts to Google Wallet, noting that it securely stores passwords but doesn't encrypt other data that could be used in a social engineering attack.
ViaForensics gives a report card of sorts to Google Wallet, noting that it securely stores passwords but doesn't encrypt other data that could be used in a social engineering attack.
(Credit: ViaForensics)

Protegrity Unveils 2012 Security Predictions

SOURCE: Protegrity
December 13, 2011 09:05 ET
Coming Year Will Bring Focus on Value-Based Data Security and Increased Adoption of Tokenization Technologies
STAMFORD, CT--(Marketwire - Dec 13, 2011) - The scale and frequency of data breaches in 2011 trended upwards despite high levels of spending on data security. 2011 also saw an increase in attacks focused on personally identifiable information (PII), such as email addresses and location, in addition to financial data. These data breaches and new, creative attacks clearly signal the need for a different approach to data protection in 2012. Based on its engagements with more than 200 global enterprises, Protegrity USA, Inc., a leading provider of end-to-end data security solutions, today unveils its enterprise security predictions for the coming year.
Topping the list is Protegrity's prediction that enterprises will recognize security is about more than compliance and start to move away from the knee-jerk, "pay what it costs" approach. Security measures will begin to be evaluated in much the same way as other company expenditures, with cost vs. benefit ratios top of mind. These moves will be driven at least in part by an increasing number of security-related class action suits and new legislation focused on data protection in the U.S. and Europe, as well as the ever-present need to be sensitive to expenses.
"In 2012, we will see progressive companies evolving their security approach from focusing on the bits and bytes of data protection to securing information across the entire customer relationship cycle," said Suni Munshani, CEO of Protegrity.
Specifically, Protegrity expects to see:
  • End-to-end data protection - Instead of protection practices that focus on certain types of data (for example, contents of data warehouses, point of sale, or data in transit), organizations and vendors alike will develop and support practices to secure the end-to-end customer data lifecycle. As a result, cost metrics will begin to focus more on "cost per customer" than on cost per amount or type of data.
  • Mobile Payment Protection - Data must be protected regardless of the customer's location and the devices used to access it. Because of this, tokenization will begin to emerge as critical for mobile payment protection, given its far lower vulnerability to opportunistic "drive-by" data theft. The meaningless symbols used in tokenization to replace credit card and other payment data have no value to cyber thieves.
  • Data in the Cloud - If cloud data can't pass standard audit tests, the cloud will become less and less attractive as a storage medium to enterprises managing customer and other personally identifiable data. Security concerns could be the reason cloud hits a wall in 2012.
  • Decline in log monitoring as a security strategy - Monitoring is clearly neither cost effective nor useful as a security tool, as a large percentage of enterprises with breaches in 2011 were monitoring for unauthorized activity at the time of the attack. Proactive methods such as tokenization and predictive behavioral analysis will replace monitoring in 2012.
"Tokenization will become more attractive to service businesses such as hospitality, where PCI compliance is widely required but where the appropriate resources to do a comprehensive job of protecting data are often lacking," says Ulf Mattsson, CTO of Protegrity. "Because tokenization can reduce the scope of compliance by 50 percent or more, the savings can be significant for these businesses."
About ProtegritysHeadquartered in Stamford, Conn., Protegrity provides high performance, infinitely scalable, end-to-end data security solutions that protect sensitive information across the enterprise from the point of acquisition to deletion. The company's award-winning software products span a variety of data protection methods, including end-to-end encryption, tokenization, masking, and monitoring and are backed by several important data protection technology patents. Currently, more than 200 enterprise customers worldwide rely on Protegrity's comprehensive data security solutions to enable compliance for PCI-DSS, HIPAA and other data protection mandates while protecting sensitive data, brand, and business reputation. For more information, please visithttp://www.protegrity.com.

New Sage ISV Program Gives Software Developers Access to an Integrated PCI Compliant Payments Environment Without the Cost

SOURCE: Sage North America
December 12, 2011 10:28 ET
MCLEAN, VA--(Marketwire - Dec 12, 2011) - Sage North America today announced an expansion of the Sage Development Partner Program for its Sage Payment Solutions division. The program enables an independent software vendor (ISV) to offer integrated, Payment Card Industry (PCI) compliant credit card, debit card, and ACH payments within their on-premises or Web-based software products. ISVs who integrate their products to the Sage Exchange integrated payments platform will remove those products from the scope of the Payment Application Data Security Standard (PA-DSS). Sage Exchange provides full compliance with the PA-DSS.
Integrating their products to Sage Exchange will also allow ISVs to increase the security of those products, as well as create a seamless payments environment for their customers. Payments processed through Sage Exchange can automatically flow into an accounting or ERP (enterprise resource planning) system to help businesses get paid faster and spend less time manually entering and reconciling payments data.
"We're providing ISVs of every size the ability to offer their customers an integrated payment experience, which streamlines the customer on-boarding process and eliminates manual data entry of their incoming payment transactions," said Greg Hammermaster, president of Sage Payment Solutions. "Additionally, integration to Sage Exchange removes the ISV's solutions from the scope of PCI (PA-DSS) saving them from the cost and complexities of coding to the riggers of PCI. Customers are an ISV's most prized asset, and providing a secure and compliant payments environment is important to the overall offering."
Sage Development Partners will receive a software development kit (SDK), including documentation and a complete testing environment. Additionally, the Sage Payments professional services team will help determine the best integration method to meet their needs and get them up and running. After the integration is complete, all certified Sage Payment Solutions development partners' product(s) will be listed on Sage's Partner Solution Source, an online search engine designed specifically for third-party solution providers, and reaches thousands of customers, prospects, and business partners on an annual basis.
For more details about or to register for the new Sage Development Partner program for ISVs, please visit http://www.sagepayments.com/Developers or call 866-646-3392.
Sage has been providing businesses and organizations with electronic payment systems for more than 20 years. The company allows more than 155,000 merchants to accept multiple forms of payment, including credit and debit cards, electronic checks, Check21, gift and loyalty cards, and automatic recurring payment. Sage Payment Solutions provides a wide range of secure standalone and integrated payment processing solutions, including Sage Exchange, Sage Virtual Terminal, Sage Mobile Payments, and Sage Patient Payments. Visit Sage Payment Solutions online atwww.sagepayments.com, or follow them on Twitter at http://sagepayments.com/twitter and on Facebook at http://sagepayments.com/facebook.
About SageSage is a leading global supplier of business management software and services for small and midsized businesses. The Sage Group plc, formed in 1981, was floated on the London Stock Exchange in 1989 and now employs more than 12,300 people and supports more than 6 million customers worldwide. For more information about Sage in North America, please visit the company website at www.SageNorthAmerica.com.

Smart Card Market Forecast to 2014

irish rail smart card
Image by 1541 via Flickr

NEW YORKDec. 13, 2011 /PRNewswire/ -- Reportlinker.com announces that a new market research report is available in its catalogue:
The global smart card industry has been witnessing dynamic changes for the past few years, and these, in turn, have created significant opportunities for the market participants. New and attractive growth prospects are being witnessed due to EMV (Euro pay, MasterCard, & VISA) migration, Long Term Evolution (LTE) deployment across the globe, and government support. Moreover, the entry of innovative smart card devices in the market will further strengthen the overall industry in the long run.
According to our research report "Smart Card Market Forecast to 2014", the global shipments of smart cards are estimated to reach around 6.1 Billion units in 2011, growing at the rate of around 11% over previous year. A major chunk of this market is captured by four companies, namely Gemalto, Giesecke & Devrient, Oberthur, and Morpho. Though telecom sector is still the major user of smart cards, other sectors, such as financial services and healthcare are also expected to augment the rate of usage.
Furthermore, the huge demand for smart cards will be seen in emerging markets as some of the key manufacturers in these regions are expanding their market reach. Increasing penetration of 3G, and renowned focus on payment transaction will give a further boost to the momentum. In addition, the liability associated with EMV standard is also driving many banks to issue smart cards. Backed by such positive factors, the global smart card shipments are expected to post a double digit growth (CAGR of around 12%) during 2011-2014.
Contactless technology is the buzzword in the global smart card industry. Increasing demand for contactless smart cards is mainly being fuelled by Near Field Communication (NFC), mass transit projects and e-passports. The volume of secure microprocessor contactless smart card shipment is likely to grow at a CAGR of around 22% during 2011-2014. At the applications front, financial services sector is the key user of contactless smart cards, and e-passports and other identification (ID) applications hold the prominent position in the government sector.
The report is an outcome of an extensive research and in-depth analysis of the global smart card market. It took into account almost all the key aspects of the market. The report is categorized on the basis of industry applications in sectors, like telecom, transport, public sector and financial services, and country wise developments in the smart card sector. The report also investigates the current market trends, and analyzes their impact on the future performance of the industry. Moreover, with a focus on the competitive environment, the report provides a comprehensive description of strengths and weeknesses of the market leaders. Overall, the report aims at providing clients with an optimum source of knowledge and statistics on the smart card industry.
1. Analyst View
2. Research Methodology
3. Introduction to Smart Cards
4. Market Overview
5. Industry Application
5.1 Telecom
5.2 Transport
5.3 Public Sector
5.4 Financial Services
6. Country Level Analysis
6.1 US
6.2 Canada
6.3 India
6.4 China
6.5 Japan
6.6 South Korea
6.7 Malaysia
6.8 Australia
6.9 UK
6.10 Germany
6.11 Spain
6.12 UAE
6.13 Qatar
6.14 Oman
6.15 Bahrain
6.16 South Africa
7. Key Industry Trends and Drivers
7.1 Multiple Applications Access
7.2 Increasing Use of EMV Standard
7.3 Growing Security Concerns
7.4 Development of Smart Card Standard
8. Key Players Analysis
8.1 Gemalto N.V.
8.2 STMicroelectronics
8.3 Oberthur Technologies
8.4 Giesecke & Devrient
List of Figures:
Figure 4-1: Global - Smart Card Shipment (Billion Units), 2009-2014
Figure 4-2: Global - Forecast for Smart Card Shipment by Application (%), 2014
Figure 4-3: Global - Secure Microprocessor Contactless Smart Card Shipment (Million Units), 2009-2014
Figure 4-4: Global - Secure Microprocessor Contactless Smart Card Shipment by Application (%), 2011
Figure 5-1: Global - Smart Card Shipment in Telecom Sector (Billion Units), 2009-2014
Figure 5-2: Global - Smart Card Shipment in Transport Sector (Million Units), 2009-2014
Figure 5-3: Global - Smart Card Shipment in Government/Healthcare Sector (Million Units), 2009-2014
Figure 5-4: Global - Smart Card Shipment in Financial Services (Million Units), 2009-2014
Figure 6-1: US - Number of Contactless Payment Cards in Circulation (Million Units), 2009 & 2012
Figure 6-2: India - Number of Smart Cards in Circulation (Million Units), 2009-2014
Figure 6-3: China - Number of Smart Cards in Circulation (Billion Units), 2009-2014
Figure 6-4: Japan - Number of Smart Cards Issued (Million Units), 2009-2014
Figure 6-5: South Korea - Smart Card Shipment (Million Units), 2009-2014
To order this report:

Verizon Loses -- Again -- to ActiveVideo in Patent Infringement Case

Ordered to Make First Royalty Payment in $250 Million Case

SAN JOSE, Calif.Dec. 13, 2011 /PRNewswire/ -- Verizon Communications (NYSE: VZ) yesterday lost yet another decision in United States District Court in the ongoing patent infringement case that was brought against the company by ActiveVideo Networks™. 
Judge Raymond A. Jackson, United States District Court Judge for the Eastern District of Virginia, denied a motion by Verizon seeking to stay the monthly royalty payments imposed by a November 23 court injunction, and directed Verizon to make the first monthly payment on December 16, as indicated by the injunction.
In four separate decisions, Verizon has been found liable for up to $250 million in damages, supplemental damages, interest and royalties for its infringement of ActiveVideo intellectual property.  The November 23 injunction ordered Verizon to make the first of monthly sunset royalty payments of $2.74 per subscriber per month by December 16.  In addition, the injunction issued onNovember 23 ordered Verizon to terminate FiOS Video-on-Demand service on May 23, 2012, if it cannot offer the service without unlawfully using ActiveVideo technology.
In rejecting Verizon's latest effort the court held as follows: "Staying the royalty portion of the injunction would serve no legitimate purpose. It would merely provide Verizon the freedom to continue to infringe without any recourse to the prevailing Plaintiff."
"We continue to be mystified by Verizon's insistence on litigating this matter, and are grateful that the Court once again has recognized the merits of our arguments," said Jeff Miller, president and CEO of ActiveVideo Networks.  "I want to make it clear that we will do everything necessary to continue to prevail in this case, should Verizon continue in its ongoing act of piracy, and we will not hesitate to demand that FiOS VOD, widgets and any other infringing services be terminated on May 23 if our rights remain violated."
ActiveVideo filed suit against Verizon in May, 2010, after its patent protections and ability to do business were compromised by a Verizon suit against Cablevision Systems Corp., an ActiveVideo customer.  The ActiveVideo suit alleged that the Verizon FiOS television service infringed four patents for technology created, owned and used by ActiveVideo. The patents, which are fundamental to interactive television services such as video on demand, include: 
  • United States Patent No. 6,034,678, titled "Cable Television System With Remote Interactive Processor;"
  • United States Patent No. 5,550,578, titled "Interactive And Conventional Television Information System;"
  • United States Patent No. 6,100,883, titled "Home Interface Controller For Providing Interactive Cable Television;" and
  • United States Patent No. 6,205,582, titled "Interactive Cable Television System with Frame Server."
A jury in the United States District Court for the Eastern District of Virginia found that Verizon infringed all of the asserted claims.
Having pioneered cloud-based delivery of VOD and interactive television, ActiveVideo has a substantial and fundamental portfolio of patents dating back to the early 1990s.  The ActiveVideo CloudTV™ platform is currently deployed with major cable system operators, including Cablevision.  It offers solutions for video on demand navigation, interactive games, and many other interactive services. 
ActiveVideo is represented by the law firm Morgan Lewis.
About ActiveVideo Networks 
ActiveVideo Networks™ has created CloudTV™, a cloud-based apps platform that enables the fast and flexible development and deployment of personalized navigation interfaces and other advanced user experiences for television service providers.  Using the CloudTV platform, service providers can deliver navigational mosaics, advanced advertising, TV apps, games and multi-screen pairing solutions to any set-top box, CI+ enabled television, mobile device, and broadband-connected CE device. ActiveVideo Networks is based in the heart of Silicon Valley, with offices in Los Angeles and Hilversum, the Netherlands. For more information, visit www.activevideo.com; find us at www.facebook.com/ActiveVideoNetworks; follow us at www.twitter.com/activevideo  view our videos at www.youtube.com/AVCloudTV.

SOURCE ActiveVideo Networks

Siftsort.com Helps to Keep Track of Your Mobile Payment Receipts - No App Required

NEW YORKDec. 12, 2011 /PRNewswire/ -- Mobile payments and virtual wallets are fast becoming a mainstream way to pay for items at your favorite store. Wand your phone and the receipt is sent to your email address. Now Siftsort.com can help you keep better track of your mobile receipts by sending them to your Siftsort.com account instead -- and best of all, no app is required. "Simply use your Siftsort.com email address instead of your personal email and the receipt is routed directly into your secure account for safekeeping," says founder Darren Conte.
Over time, these receipts fill up your email and can be hard to find later if needed for a return or exchange. "A small purchase, like a coffee, is not important, but if you buy a pair of expensive sunglasses and need to use the warranty -- you want the receipt at your fingertips. That's what we do best," admits Conte.
Siftsort.com specializes in securely organizing important documents and users can keep track of items like warranties and receipts for large purchases that may be needed -- like for an insurance claim. With the invention of mobile payments, it's now effortless to route these types of things into your account right at point of sale, sending them to your-username@siftsort.com. "As better mobile technology is developed, we can eliminate the 'laziness' factor of organizing important things," says Conte. For example, with a camera phone, you can take a picture of something important and email directly into your Siftsort.com account. "This may come in handy if you are in a car accident and need to compile evidence for your insurance company," Conte says.
Once a file is in your account, you can access it from anywhere and instantly share it via fax or email directly over the Internet. "We are more than just online storage, our unique platform can integrate with your life by connecting different types of technology -- old and new," Conte states. "You never know when you will need something or how you will need to share it -- our system is technology friendly for all users," Conte admits.
Siftsort.com is a free service and users can organize all types of important documents in their account. Data is encrypted for added security and user accounts are further protected by ten security challenge questions created by the user -- these appear in random order in sets of three at login. "Securing confidential data is our top priority so we have taken extreme care when designing our system," says Conte.
About Siftsort.com
Siftsort.com is an innovative software company that helps people securely organize, access and share critical documents. The founders have comprehensive expertise creating leading Web technology and secure document management tools for the financial services sector, in accordance with New York Stock Exchange, Financial Industry Regulatory Authority and Securities and Exchange Commission regulations.

Financial Institutions to Expand Mobile Banking, Payments in 2012 Reveals Fiserv Survey

  • Future spending focused on remote deposit capture, actionable alerts, mobile PFM tools and P2P payments
  • Respondents split on plans to support point-of-sale payments
  • Delivering applications for tablets emerging as a greater priority
BROOKFIELD, Wis.--()--Fiserv, Inc. (NASDAQ: FISV), a leading global provider of financial services technology solutions, announced today the results of a survey of the mobile banking and payment plans of top-tier financial institutions. The in-depth survey, conducted by Forrester Consulting on behalf of Fiserv in September 2011, evaluated the plans of 10 banks and credit unions that in total hold more than one-third of all U.S. deposit accounts. The results revealed that these financial institutions are moving beyond the basics to deliver increasingly sophisticated mobile capabilities. Transactional services such as remote deposit capture and mobile person-to-person payments will account for the bulk of mobile investment in 2012. However, despite a nearly unanimous commitment to expand overall mobile functionality, institutions remain split on plans to support mobile point-of-sale payments.
“As consumers gain confidence with the channel, their needs are shifting from simple functionality like account balances and ATM locators to transactions like bill payment and account transfers.”
A white paper detailing the survey results can be downloaded at http://bit.ly/vHc36h.
“After several years of technology-driven expectations, mobile banking is finally seeing sustained traction in the U.S., and banks have rolled out support broad enough to enable consumers with nearly any mobile device to access basic banking functionality,” writes co-author Brad Strothkamp, VP, principal analyst, eBusiness and Channel Strategy, Forrester Research, Inc. in the May 2011 independent report, The State of US Mobile Banking: 2011. “As consumers gain confidence with the channel, their needs are shifting from simple functionality like account balances and ATM locators to transactions like bill payment and account transfers.”
The Fiserv-commissioned survey indicates that financial institutions are moving to meet these more transactional needs by delivering more robust mobile banking and payment solutions.
More Robust Mobile Functionality a Priority for 2012
Nine out of ten of the financial institutions surveyed already have a mobile banking offering that provides basic account access, and almost all provide ATM/branch locators, transfers between accounts and bill payment. For 2012, financial institutions plan to focus on delivering remote deposit capture, actionable alerts, which allow recipients to initiate an action such as a funds transfer in response to an alert about a low balance, and additional payment capabilities. Eight of ten surveyed institutions plan to invest in some type of mobile payments in the next 12 months, with person-to-person mobile payments cited as a priority by seven respondents.
A 2012 mobile banking functionality roadmap can be viewed at http://bit.ly/vfArry.
Financial institutions are committed to providing mobile banking and payments capabilities for a range of devices, with a focus on smartphones. While none of the surveyed institutions currently offered specialized support for tablets, this was cited as a priority for 2012 by multiple respondents.
Plans Vary Widely Regarding Point-of-Sale Payments
While banks and credit unions are forging ahead in some areas, a wait-and-see attitude remains common when it comes to the headline-grabbing area of mobile point-of-sale payments. While the surveyed financial institutions demonstrated a clear understanding of what it will take to make mobile point-of-sale payments a reality, many articulated a chicken-and-egg scenario in which concerns about consumer demand and merchant acceptance are hindering greater investment from their own institutions.
Plans to provide support for mobile point of sale payments vary greatly, with two of the surveyed financial institutions currently piloting such offerings, three saying they planned to support them at some point and the remaining five saying they had no plans to support mobile point-of-sale payments in the foreseeable future.
The Non-Traditional Competitive Threat
While financial institutions view the progress of non-traditional competitors such as technology and telecommunications providers as a validation of mobile payments, and as a promotional tool to build consumer and merchant interest, the majority of the financial institutions surveyed stated that such announcements have had no or minimal impact on their own mobile payments strategy. This may put them at risk of delivering new capabilities too late.
“Most banks and credit unions are committed to delivering more robust capabilities and a better consumer experience via the mobile channel,” said Erich Litch, division president, Digital Channels, Fiserv. “Faced with a rapidly evolving market that is also being pursued by sophisticated, well-funded third-parties, it is essential that financial institutions that want to remain competitive push forward with their own mobile banking and payment strategies in 2012.”
Additional Resources:
About Fiserv
Fiserv, Inc. (NASDAQ: FISV) is a leading global technology provider serving the financial services industry. Fiserv is driving innovation in payments, processing services, risk and compliance, customer and channel management, and business insights and optimization. For six of the past eight years, Fiserv ranked No. 1 on the FinTech 100, an annual international listing of the top technology providers to the financial services industry. For more information, visit www.fiserv.com.

Disqus for ePayment News