GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
Skyscraper Ad

Saturday, October 21, 2017

Experts bring insights, rigor to data breach pandemic

R eports of a second security breach at Hyatt Hotels and orchestrated attacks against Wi-Fi networks highlight the need for enhanced protections, security analysts say. Security consultant and author Brian Krebs of KrebsonSecurity, reported Oct. 17, 2017, that hackers infiltrated Hyatt's payment systems between March 18, 2017 and July 2, 2017. An earlier breach in 2015 had compromised 250 Hyatt properties in 50 countries, including 5 U.S. locations, he noted.

"Organized crime groups (most notably the Carbanak gang) have been targeting customer service and reservations specialists at various hospitality chains with tailored social engineering attacks that involve well-aged fake companies and custom malware," Krebs stated.

Lisa Baergen, Marketing Director at NuData Security Inc, noted that the travel and leisure industry, like so many consumer-facing sectors, has repeatedly proven to be extremely vulnerable to breaches. "This latest concerning breach is just one more reason why companies such as Hyatt must adopt more advanced security and authentication measures based on trusted identity, and consumers must diligently, routinely check their credit files for suspicious credit applications and consider freezing their credit profiles," she said.

Wi-Fi networks vulnerable

Drawing attention to another area of concern, the Krack exploit revealed that cybercriminals are exploiting vulnerabilities in WPA2 security by inserting a decryption key into secure Wi-Fi networks to steal banking credentials and finance data, analysts stated, urging banks, merchants and other organizations to keep router patches and settings up to date and implement multilayered security solutions to protect customers and gain their loyalty and trust.

"The best way to do this is through broad adoption of multilayered solutions including behavioral biometric authentication," Baergen said. "This approach means that users are authenticated based on their online behaviors, which makes them tremendously resistant to impersonation – so the usability of the data behind the authentication process is nulled, and the organizations and institutions adopting this approach won't be defrauded."

Chad Horton, Senior Director of Penetration Testing at SecurityMetrics, said Wi-Fi-enabled, connected devices routinely broadcast their network IDs while looking for a connection, making it easy for criminals to spoof an individual's home, office or coffee shop network. "Always take note of the SSID and name of the wireless network," he said. "Man-in-the-middle attacks fool your computer into connecting to a rogue network. Always look for the SSL lock, because many attacks will prevent your browser from connecting through SSL."

Connected devices at risk

Horton said device manufacturers and mobile network operators can also do more to protect connected devices and workstations. "Android can be a treacherous ecosystem for consumers to navigate, because the OS is controlled by your cellphone provider and you're at their mercy for software updates," he noted. "You may not be able to get the latest upgrade. When people call their mobile carriers about a patch, they frequently hear, 'we'll get to it.' The next Android updates are due out Nov. 6, 2017, almost a month behind schedule. iOS devices and Nexus phones that are supported by Google, generally receive better updates and support."

Dr. Steven Murdoch, Innovation Security Architect at VASCO Data Security and Principal Research Fellow at University College London, stated that manufacturers often do not fix vulnerabilities in older products, particularly those that aren't being actively promoted. "It is likely that the vulnerability will persist for years, through to end-of-life and up to disposal, in products such as Android smartphones and [Wi-Fi] routers," he said. "This unfortunate situation has led to calls for hardware manufacturers to prominently state how long they will continue to supply security updates for products they sell."

PayPal goes mobile with Venmo POS play
Thursday, October 19, 2017

P ayPal Inc. is launching a mobile assault on the retail POS. The online payments giant just proclaimed that consumers can now use their Venmo accounts to initiate mobile payments at millions of merchant locations where PayPal payments are accepted.

PayPal stated that over 2 million merchants now accept PayPal payments at their checkouts, including big-box merchants like Home Depot and Foot Locker, and over 7 million people use of Venmo, a mobile person-to-person (P2P) payment app especially popular with millennials. In a statement posted on Oct. 17, 2017, PayPal Chief Operating Officer Bill Ready said consumers can now use their mobile devices to initiate Venmo payments "almost everywhere PayPal is accepted."

Ready said merchants will find the new payment option "very appealing," as they "can reach a new audience of shoppers, many of whom skew millennial and engage with Venmo multiple times throughout the day."

Industry experts agreed. "Venmo has a social feed where consumers can share their most recent purchases with friends and family, which will essentially expose merchants to potential shoppers and give them a new platform for engaging with current customers," Ayoub Aouad, Research Analyst at BI Intelligence, wrote in a recent post. And using the new mobile payment feature doesn't require any new integrations, he noted.

Casey Gannon, Vice President of Marketing at mobile commerce platform provider Shopgate described the move as "an irresistible checkout incentive" for Venmo users. "Venmo, the ubiquitous mobile payment app for the coveted millennial shopper segment, as an in-app payment option will provide real value for retailers looking to increase conversions within this demographic," Gannon said.

Making P2P a moneymaker?

Venmo is a P2P payment app that PayPal obtained when it purchased Baintree in 2013 for about $800 million. Baintree, a payment gateway, had purchased Venmo just a few years earlier for about $26 million, according to published reports.

P2P payments have become wildly popular with U.S. consumers. Aite Group LLC estimates Americans will make $1.2 trillion in P2P payments this year alone. P2P payments, once dominated by PayPal, have become a highly competitive market, however. Bank initiatives, like Zelle, along with numerous nonbank competitors that include Facebook, Google and Square, all are vying for some of this P2P action.

But P2P payments don't generate much in the way of revenues, as most providers charge consumers little or nothing to make payments to family and friends. Merchants, on the other hand, are accustomed to paying for electronic payment acceptance . "Hypothetically, if retail sales [through Venmo] equaled half of P2P payment volume in Q2, and PayPal charged its normal 2.9 percent transaction fee, the company would've seen $116 million in transaction fees," Auouad wrote.

Venmo has stiff competition. Zelle, for example, boasts a potential user base of 85 million bank accountholders, and Apple is said to be readying P2P payment support for its mobile app, Apple Pay. But Auouad suggested the combination of PayPal's payment network and Venmo's social feed could provide the company with strategic advantage.

Ready brought this up in PayPal's official statement as well. He wrote that "the Venmo social feed represents an entirely new way for merchants to increase awareness and open new purchase opportunities." And he said the move already has prompted "some of the largest and most influential U.S. merchants" to inquire about accepting Venmo mobile payments.

iPayment supports, promotes Small Business Saturday
Wednesday, October 18, 2017

i Payment Inc. launched a multichannel initiative Oct. 11, 2017, designed to help small and midsize businesses (SMBs) leverage Small Business Saturday. Created by American Express Co. in 2010, the one-day event has steadily grown year-over-year, increasing consumer spend in local communities across America.

The 2016 Small Business Saturday Consumer Insights Survey estimated 112 consumers participated in the one-day event. Retail analysts expect small merchants to outperform last year's numbers Nov. 25th, when the event will take place in all 50 states and Washington, D.C., iPayment representatives stated.

Jenn Reichenbacher, Vice President, Marketing at Westlake Village, Calif.-based iPayment, said the Small Business Saturday movement has made a meaningful difference for numerous U.S. SMBs by helping them remain competitive and driving incremental sales throughout the holiday season. "Our small business customers are always looking for new promotional opportunities and tools to help them compete against both big-box and online retailers, and American Express does a phenomenal job of giving these businesses the tools they need, while making it easy," she stated.

Tools, resources, support

Reichenbacher also noted that AmEx has been an outstanding partner, and iPayment is reciprocating by providing a series of promotional tools and marketing materials for reseller partners to share with their SMB customers. The company's Small Business Saturday marketing materials include free point-of-purchase materials, advertising and support to augment a range of marketing materials offered by American Express, she stated.

Following are additional resources AmEx provides to SMB owners to help them promote their businesses:

Putting SMBs on the map

The Small Businesses Administration estimates that small businesses created 63 percent of new, private-sector jobs in 2014. AmEx created the Shop Small Map, an interactive resource designed to highlight the growing small merchant segment and show customers where to find participating brick-and-mortar businesses that accept AmEx cards. The company reported 2.4 million visitors searched the map 8 million times in 2015.

As the eighth annual Shop Small Saturday approaches, AmEx is urging customers to make every day a Shop Small day to support the vibrant small business community, local neighborhoods and the national economy. Additional information is available at ,, and

NAC petitions Visa for DCC at U.S. ATMs
Monday, October 16, 2017

J acksonville, Fla.-based National ATM Council Inc. is urging Visa Inc. to enable dynamic currency conversion (DCC) at U.S. ATMs. The not-for-profit association unveiled a petition Oct. 12, 2017, at NAC2017, its fifth annual convention and expo, held Oct. 10-12, at Bally's Las Vegas. NAC Executive Director Bruce Renard said he is hopeful the petition will escalate the issue and convince Visa to add DCC capability to ATMs in the United States.

"NAC members are questioning why Visa is not supporting DCC at U.S. ATMs, when Mastercard has enabled this feature for years," Renard stated. "This industrywide petition is broadly supported by global providers."

Multiple benefits

NAC hosted a panel discussion Oct. 12, with payments industry leaders who shared insights on how to successfully deploy DCC at retail ATMs. Panelists included executives from Euronet Worldwide Inc., Planet Payment Inc. and Monex Financial Services Ltd.

"When you turn on these currencies at the ATM, you provide choice, transparency and convenience," said David Bishop, Regional Sales Director, North America for Euronet.

"Consumers who have the opportunity to pay in their own currency can make a more confident decision because they know exactly what they will pay," noted Melissa Jones, Senior Vice President, North America Sales and Acquirer Relationships at Planet Payment. "This positive experience will make consumers want to come back to that machine."

"Locking in real-time exchange rates provides certainty, transparency, easy budgeting and simplifies expense reporting for business travelers," added Greg Kane, Commercial Director for Monex Financial Services. "DCC creates new revenue lines, can be implemented with minimal effort and has no financial downside."

Next steps

DCC plays a crucial role in the increasingly global payments ecosystem, by offering consumers convenience and transparency and creating incremental revenue streams for ATM owners and deployers, NAC representatives noted. The current widespread usage of DCC by Mastercard cardholders at ATMs throughout the United States highlights the need for Visa to make this service available at U.S. ATMs.

NAC is encouraging retail ATM owners, operators and suppliers to sign the petition, which asks Visa to initiate and support DCC at ATMs throughout the U.S.

"The U.S. ATM industry and the millions of consumers we serve daily across America will greatly benefit from VISA making DCC available at ATMs in America on an expedited basis, and we appreciate VISA's prompt and positive consideration of this important and sensitive industry request," reads the petition's opening statement.

A full copy of the petition is available at:

NAC2017 reflects retail ATM growth
Friday, October 13, 2017

M ore than 500 attendees and 50 exhibitors gathered at Bally's Las Vegas Oct. 10 to 12, 2017, for NAC2017, the fifth annual convention and expo of The National ATM Council Inc. The not-for-profit association, formed in 2011 and based in Jacksonville, Fla., represents independent ATM owners, deployers and vendors, many of whom traveled great distances to attend the popular event.

In opening remarks, NAC Executive Director Bruce Renard welcomed new and returning attendees, encouraging them to visit with vendors, share ideas and participate in interactive workshops. "NAC is the voice of America's independent ATM providers and suppliers working to solve our industry's most pressing issues," he stated.

George Sarantopoulos, NAC Chair and CEO of Access One Solutions, added, "The ATM industry is changing, and it's important to remain relevant by looking to the future. I'm grateful for the amazing work of NAC staff, committee members and board of directors who have done so much to make our organization and industry a success."

High priority initiatives

The diversified conference included keynote presentations, workshops and break-out sessions covering a range of trending topics. NAC leaders recapped key association initiatives, including:

Positive results, outlook

Despite myriad issues facing the industry, Renard and Sarantopoulos see a prosperous future ahead for the retail ATM industry.

"As we know, events such as ours not only help us organize together to address misguided or misapplied federal government action, but also to tackle harmful local state and government proposals," Sarantopoulos stated. "The work we are doing at NAC2017 is not only to face these hurdles, but to seek new opportunities for our industry by meeting with vendors, sharing ideas with colleagues, learning about new technologies, and strengthening NAC as an organization to fight for the interests of independent ATM operators across America."

View prior breaking news

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services