The Green Sheet Online Edition
December 22, 2008 • Issue 08:12:02
Multifactor ID for RDC
Remote deposit capture (RDC) allows businesses to scan and electronically deposit checks from the comfort of their own offices, eliminating the hassle of having to trek checks over to local banks.
From an ISO and merchant level salesperson perspective, the market for RDC is as wide as a market can be. Banks have outfitted the top 1 percent of the largest businesses with RDC. The other 99 percent or so are open season for it.
Capitalizing on that opportunity, Magtek Inc. has launched the Excella MDX all-in-one check scanner - a dual-sided, single-feed scanner plus Magtek's MagneSafe reader housed in one compact design.
Double the factor
According to Andy Deignan, Vice President, Financial Business Unit at MagTek, the MDX offers a built-in, secure mag stripe reader that incorporates MagneSafe's triple DES encryption security architecture.
MagneSafe mutually authenticates scanners at store or back-office locations with financial institutions' host applications. This way, the transmitted data is secure at both ends of the transaction and is never in the clear.
"We have the ability to encrypt the mag stripe at the read head," Deignan said. "We have the ability to mutually authenticate the check scanner itself to the bank Web site, and vice versa, because of Magnesafe.
"And we also have the ability to authenticate that it is truly Andy Deignan's bankcard present when performing this authentication."
MagTek believes the MDX addresses concerns raised by the Federal Financial Institutions Examination Council. The interagency council, which promotes standards that govern the practices of financial institutions, considers single-factor authentication inadequate in regard to electronic transactions.
Deignan said single-factor authentication would be a user name and password - information clever fraudsters can easily steal. But MagneSafe's triple DES encryption algorithm makes the MDX a multifactor authentication device, rendering cardholder information much harder to steal.
Out in front
Deignan has no statistics to demonstrate how much fraud is being perpetrated on RDC transactions. The technology may be so new that data thieves have yet to recognize its security vulnerabilities. But Deignan thinks they soon will.
"We do believe [RDC] is an opportunity for the bad guys to focus on this kind of electronic financial transaction because right now you have a lot of money traveling across the Internet through remote deposit, and there is not a lot of security that's been developed around this yet," Deignan said.
RDC does not fall under the regulations of the Payment Card Industry Data Security Standard, Deignan added. The FFIEC is working on guidelines for RDC security, but nothing has been set in stone.
It is this security gray area that MagTek addresses with the MDX. With its end-to-end encryption technology, MagTek's goal is to get out in front of the problem.
"When [fraudsters] start to go after remote deposit, that's when we believe there is a lot of opportunity there to commit fraud and a lot of opportunity there to get ahead of fraud and try and secure it before it happens," Deignan said.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.