The United States has moved one step closer to supporting an online real-time payment system with the approval of a same-day ACH plan put forth by NACHA – the Electronic Payments Association. The automated clearing house system (ACH for short) is an electronic payment system created in the 1970s. It operates in a store-and-forward, batch settlement mode in which final settlement lags the initiation of transactions by at least one day, often two days. The ACH is perhaps best known as the mechanism used for direct deposit of payroll. It also supports business-to-business applications (such as payments to merchant accounts for settled card transactions and large-dollar trade payments) and numerous consumer-to-business payments (bill payments and online purchases among them).

read more

The Internal Revenue Service confirmed reports of a wide-scale attack on one of its web portals, describing the incident as "a sophisticated effort" involving "unauthorized access" to numerous taxpayer accounts. The agency did not directly refer to it as a security breach. A statement issued May 26, 2015, indicated identity thieves had used the Get Transcript web portal to obtain approximately 100,000 consumer records, initiating an estimated 15,000 fraudulent tax refunds.

read more

The deadline for PCI 3.0 mandatory compliance is fast approaching. If you and your merchants are compliant that's good news. The bad news: the odds are against ongoing compliance. That's why card data security needs to be a multifaceted undertaking. "PCI, EMV, point-to-point encryption – all of these things have to be done together," said Don Brooks, Senior Security Engineer at security services company Trustwave. These days EMV (short for Europay, MasterCard and Visa, the technical standard for chip cards and chip-reading terminals) is garnering much attention, with its looming October 2015 deadline for compliance.

read more

Denton, Texas-based specialty retailer Sally Beauty Holdings Inc. revealed on May 15, 2015, that the company had suffered its second security breach in less than two years. The publicly traded company, with approximately 4,800 stores worldwide and annual revenues of $3.8 billion, withheld details on the recent attack but confirmed it is fully cooperating with ongoing investigations. Sally Beauty President and Chief Executive Officer Chris Brickman, who replaced the company's outgoing CEO, Gary Winterhalter, in February 2015, declined to speculate on details of the intrusion, deferring to the ongoing forensics investigation. He did, however, encourage customers to monitor payment card and bank accounts for suspicious activity.

read more

Google Inc. is widely rumored to have near-term plans for incorporating a buy button into its mobile search pages, according to mainstream media reports that began circulating on May 15, 2015. Retail analysts suggest that the development would mark a strategic shift for the search engine, moving it from a neutral position to head-to-head competition with retailers and e-commerce marketplace giants such as Amazon.com Inc., eBay Inc. and Alibaba.com.

read more

The Southeast Acquirers Association held its 14th annual conference April 20 to 21, 2015, in New Orleans with a balanced blend of exhibits, entertainment and presentations. The two-day event included networking, presentations, seminars and entertainment in a city known for hospitality, music and world-class cuisine. Leading industry processors, manufacturers, vendors, leasing companies and technology startups convened in the exhibit hall. Monday evening's opening reception was followed by a Bourbon Street pub crawl led by a live jazz band. Show highlights included an ETA Certified Payments Professional seminar, an array of contests and an eclectic mix of guest speakers.

read more

In a four page ruling issued May 7, 2015, United States District Court Judge Paul A. Magnuson blocked a preliminary injunction filed by a group of small banks and credit unions against a settlement proposed by MasterCard Worldwide and Target Corp. The plaintiffs' claimed the settlement terms provide insufficient compensation for losses resulting from Target's 2013 security data breach, which compromised approximately 40 million credit and debit cards and 70 million consumer email and physical addresses. Plaintiffs included Mutual Bank in Whitman, Mass.; Village Bank in St. Francis, Minn.; CSE Federal Credit Union in Lake Charles, La.; First Federal Savings of Lorain in Lorain, Ohio; and Umpqua Bank in Roseburg, Ore., a subsidiary of Umpqua Holdings Corp. The claimants stated that smaller financial institutions lack the reserves and infrastructure to effectively deal with the increasingly frequent and wide-scale attacks against retailers. Breach-related costs include credit and debit card reissuance, reimbursement of fraudulent charges and preventive maintenance such as free credit screening services to customers potentially affected by data breaches.

read more

Two nonprofit cyber security information sharing services revealed they had formed a strategic alliance May 11, 2015. The Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Retail Cyber Information Sharing Center (R-CISC) will continue to provide threat information sharing and cyber security intelligence to their respective communities. The partnering organizations anticipate their collaborative efforts will result in a 360 degree view of the emerging threat landscape from financial institution and merchant perspectives. Combined technological and analytic capabilities are expected to enable the partners to leverage core competencies and enhance existing advisory services to help banks, credit unions and merchants react quickly to the evolving threat environment.

read more

Apple Pay's expanding footprint will soon include relationships with Discover Financial Services and Best Buy Co. Inc., according to separate announcements on April 27, 2015. These developments suggest Apple Inc.'s former rivals are succumbing to its strong momentum in the mobile payment space. Discover was excluded from Apple Pay's launch in October 2014. And payments analysts believe Best Buy, a charter member of Merchant Customer Exchange (MCX), is disregarding MCX membership terms that reportedly preclude use of other mobile wallets.

read more

Payment professionals from around the world gathered at New York's Columbia Business School on May 1, 2015, to explore the evolving payments landscape. The fourth annual Digital Financial Services & Emerging Payments Summit was organized by the Columbia Institute for Tele-Information, a university-based research center focused on strategy, management, and policy issues in telecommunications, computing and electronic mass media. The conference, co-sponsored by the International Telecommunications Society, and Telecom Italia, featured 35 speakers from six countries with diverse views on how digital payment technologies impact developed, developing and emerging economies.

read more

A group of community banks and credit unions filed a motion on April 27, 2015, to address what its members believe are inequities in Target Corp.'s $19 million data breach settlement with MasterCard Worldwide, which Target disclosed on April 15. The group is appealing the court's decision calling for issuers participating in the settlement to release all legal claims against Target. The claimants assert that proceeds from the settlement inadequately compensate them for card reissuance and other breach-related costs.

read more