GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

EMV readiness becomes a numbers game

News

Industry Update

FTC preps for IoT opportunities, threats

Worldpay warns of online fraud spree

MCX braves upstream CurrentC launch

Trade Association News

Features

ISOs officially on ERP radar

Mobile consumer insights

Views

A defining year for payments

Dale S. Laszig
DSL Direct LLC

Risks from EMV liability shift, portfolio composition, non-U.S. cardholders

Marc Abbey
First Annapolis Consulting

Education

Street SmartsSM:
The five stages of merchant service sales

Tom Waters and Ben Abel
Bank Associates Merchant Services

Educate your customers, the EMV countdown is on

Michael Gavin
Cayan

Advances in data, automation speed FI merchant boarding

Matt Ward -Steinman
G2 Web Services

Who will take your place?

Vicki M. Daughdrill
Small Business Resources LLC

Company Profile

Unipagos

Anovia Payments

New Products

Personalized greetings, lasting relationships

SendOutCards
Deckard and Associates

Inspiration

Goal-line stand

Departments

Readers Speak

Resource Guide

Datebook

A Bigger Thing

The Green Sheet Online Edition

February 23, 2015  •  Issue 15:02:02

previous next

FTC preps for IoT opportunities, threats

The Internet of Things (IoT) is expanding, according to a Federal Trade Commission report released Jan. 27, 2015. The agency sees IoT as "devices or sensors – other than computers, smartphones, or tablets – that connect, store or transmit information with or between each other via the Internet." This poses a unique dilemma for security analysts. On one hand, these devices are a boon to consumers. On the other hand, they create millions of new points of entry for potential hackers.

In conjunction with the January report, the FTC published Careful Connections: Building Security in the Internet of Things with specific recommendations for implementing security best practices such as using point-to-point encryption and authentication technologies.

Steve Robb, Senior Vice President at Atlanta-based ControlScan sees raising the security bar as imperative. He said hackers have demonstrated the ability to gain entry through "a seemingly innocuous weak point – like an HVAC control system" to wreak havoc. "What the FTC has recommended are sound security best practices that the payments industry has been urged to adopt for years. In particular, it's critical that security be built into solutions and not just bolted on later," he added.

Payment technologies leverage IoT

The payments industry participates in the IoT's connected technologies to create thin, intelligent systems that bring real-time interactivity and complexity to commerce. Next-generation PIN pads and processing devices use radiofrequency identification, near field communication, bar codes, and quick response codes to communicate with consumers and other connected devices.

According to recent Forrester Research, U.S. mobile payments will to grow from $52 billion in 2014 to $142 billion by 2019. And Apple Pay, driving the trend toward wearable technology with Apple Watch, is expected to factor heavily into all mobile payment discussions in the coming year.

FTC urges business best practices

The FTC report raised concerns about privacy and security as the IoT grows. It used data from a workshop held on Nov. 19, 2013, in which technology executives, academics, industry trade representatives and consumer advocates brainstormed on how to protect consumers from the inherent security hazards of a hyper-connected world.

The FTC's recommended best practices include making security an integral part of the design of intelligent devices, fostering a culture of security within all participating organizations and limiting the sharing of consumer data. The agency suggested that consumer data aggregators don't always use data in consumers' best interests and may be tempting targets for hackers.

Mark Wayne, Executive Vice President at Detroit-based ANXeBusiness, said, "With new federal regulations on the horizon, the topic of security has escalated from an IT staff discussion to an executive boardroom concern." He added that it is more crucial than ever that companies create a plan to protect sensitive customer data from a breach, especially with the expansion of privacy concerns in the mobile and wireless spaces.

Smart strategies to adopt

Wayne recommended all supply chains adopt the following strategies:

The FTC would like to see improved transparency among companies that collect consumer data, by limiting the categories of data that are deemed acceptable to collect as well as by letting consumers choose how their information will be used. Current guidelines for best practice propose that companies have the option of collecting no data, only collecting data that falls into acceptable categories or "de-identifying" the data collected.

These guidelines are consistent with the FTC's 2012 Privacy Report, which stipulates the need for strong data security and breach notification, as the commission continues to explore preventive guidelines and best practices with many IoT stakeholders.

Other active FTC initiatives include the FTC Act, the Fair Credit Reporting Act and the Children's Online Privacy Protection Act; development of consumer education and business guidance; participation in efforts involving multiple stakeholders; and advocacy to other agencies at the federal, state and local level.

FTC Chairwoman Edith Ramirez voiced concern for American consumers' safety and well-being as they increasingly transact within the IoT's global footprint, currently estimated to include 25 billion connected devices.

"We believe that by adopting the best practices we've laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized," Ramirez said.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

USAePay | Impact Paysystems | Electronic Merchant Systems | Inovio