GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Cooperation spurs progress in 2012

News

Industry Update

Experts doubt SAFE WEB Act slows cyber crime

CFPB seeks to refine money transfer rules

Retailers appeal preliminary approval of settlement

Technology spurs cashless adoption

Features

AmEx, Wal-Mart, partner on prepaid debit card

Going postal with financial services

ISOMetrics:
The prognosis for payments - 2013

Selling Prepaid

Prepaid in brief

Blumenthal bill targets gift card fees, expiration dates

First ATM-dispensed, multibrand gift card program in pilot

Views

The confusing state of mobile

Patti Murphy
ProScribes Inc.

Education

Street SmartsSM:
Five predictions for 2013

Jeff Fortney
Clearent LLC

Making sense of 'sensemaking'

Dale S. Laszig
Castles Technology Co. Ltd.

No reservations about mPOS at eateries

Rick Berry
ABC Mobile Pay Inc.

Crunch time for holiday shopping data

Nicholas Cucci
Network Merchants Inc.

Subtle but crucial factors in portfolio sales

Adam Atlas
Attorney at Law

Empower your email

Brian Jones
Harbortouch

Company Profile

American Microloan LLC

New Products

POS with a higher purpose

HioPOS Plus
Regal Payment Systems LLC

More leads in less time

Press 1 Campaign
Live Reps Call Center

Inspiration

Change be with you in 2013

Departments

10 Years ago in The Green Sheet

December 23, 2002 Issue 02:12:02

Forum

Resource Guide

Datebook

Miscellaneous

2013 events calendar

Skyscraper Ad

The Green Sheet Online Edition

December 24, 2012  •  Issue 12:12:02

previous next

Experts doubt SAFE WEB Act slows cyber crime

On Dec. 4, 2012, the U.S. Congress reauthorized the U.S. SAFE WEB Act, which confers on the Federal Trade Commission broad cross-border fraud fighting powers. But payment security experts don't expect the reauthorization to have much impact on fraud and theft inflicted on the payments industry by international gangs of cyber thieves.

The act, first passed in 2006 and now renewed to 2020, allows the FTC to share cross-border cyber fraud information with consumer protection agencies in other countries, receive confidential cyber crime information from foreign consumer protection agencies, sue for acts of cyber fraud involving foreign commerce or misconduct in the United States, sue on behalf of foreign victims swindled by U.S.-based cyber criminals, and make criminal referrals for cross-border cyber criminal activity.

Cyber crime still a growing business

Julie Conroy, Research Director at Aite Group LLC, stated, "While the reauthorization of the U.S. SAFE WEB Act certainly isn't a bad thing ... it has only succeeded in addressing the tip of the iceberg in the six years since its inception."

Conroy said the wave of attacks against the payments value chain has only grown worse since the legislation passed. She expects attacks to continue to increase because "there is so little in the way of adverse consequences" for international cyber criminal gangs. "Defensive strategies are currently the predominant approach to combating the crime, and at this point, the forces of good are losing," she added. "The bad guys don't need to make a business case to deploy new and innovative attacks whereas businesses usually do."

Conroy noted that fraudsters keep a step ahead of the law by exploiting the communication challenges between law enforcement bodies in each jurisdiction and spreading their illicit activities across multiple countries.

"[W]hat is needed is an international task force, solely focused on combating cyber crime, that is empowered to cut through the red tape and act quickly to stem the tide," Conroy said. "Until there is a deterrent in the form of a real risk of capture and prosecution, we will continue to see the rising tide of cyber crime attacking the financial services value chain, and the bad guys will continue to have the edge."

Criminal cyber activity abundant in payments

Brian Krebs, a former staff writer for The Washington Post who covers computer security and cyber crime, reported Nov. 29, 2012, on his security blog, KrebsonSecurity.com, that one criminal enterprise is boldly advertising on Russian language cyber crime forums that it will assist in laundering money stolen in U.S. cyber crime schemes.

Krebs said the advertisement tells potential clients the enterprise has a network of agents in six major U.S. cities who will not only help clients steal and launder money but will also pick up high-value merchandise purchased through cyber fraud. In return, the network keeps 40 to 45 percent of the value of the theft. Krebs reported the service regularly launders $30,000 to $100,000 a day.

A white paper released the first week of December 2012 detailed the discovery of powerful malware used to infect bank systems and intercept text messages containing transaction authorization numbers.

In the report, security researchers Eran Kalige, Head of Security Operation Center at versafe Inc., and Darrell Burkey, Director of IPS Products for Check Point Software Technologies, estimated the malware helped thieves steal over $47 million from more than 30,000 bank customers in Italy, Germany, Spain and Holland.

The malware was not only able to get around banks' computer security, it was also able, once it breached banks' computers, to use banks' own systems to authenticate transfers.

More doubts and concerns

Montreal-based payment attorney Adam Atlas said he doesn't expect the act's reauthorization to have a serious impact on legitimate payment providers. "It may create more litigation for high-risk providers that service dubious merchants," he said. "The law raises more privacy issues than it does core-payment issues."

Jason Oxman, Chief Executive Officer at the Electronic Transactions Association, said the payments industry is in "the forefront of instituting self-regulatory measures" in the fight against cyber crime. He noted the payments industry was not included in several cyber security bills in the U.S. Senate this year that addressed the security needs of many other industries.

Those industries "may not have the same level of preparedness as the payments industry," Oxman said, adding that criminal activity "should be addressed by targeting the criminals, not by imposing new regulatory obligations on payments companies that already have systems and procedures in place that protect consumers and insulate them from liability for fraudulent use of their cards."

For additional news stories, please visit www.greensheet.com and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services