Merchant Payments Ecosystem 2015


Instant card issuanceis not soon enough for card issuers

Research from Aite Group in its latest report, Instant Gratification: The Case for Instant Card Issuance in the United States, shows that while there are more than 570 million active credit and debit cards in US cardholder pockets, average card life is shrinking, and top-of-wallet positions are threatened by the rapidly rising tide of data breaches. Financial Institutions (FIs) want… Continue reading >>

Building safer digital banking

Online banking and its younger, upstart cousin, mobile banking, have become indispensable tools for today’s time-pressured customers. With fraud attacks on digital banking systems growing however – total fraud committed in Germany in 2013 alone amounted to more than €100 million – it is understandable that consumers are increasingly skeptical about their safety. As a result financial institutions are under… Continue reading >>

RDP Bruteforcing Botnet Targeting POS Systems

There have been an increasing number of headlines about breaches at retailers in which attackers have made off with credit card data after compromising point-of-sale (POS) terminals. However, what is not commonly discussed is the fact that one third of these breaches are a result of weak default passwords in the remote administration software that is typically installed on these… Continue reading >>

Beating fraud with technology faster than the human brain

Neural networks have played an important role in the fight against card payment fraud for several decades. Once at the cutting edge of technology, their move into mainstream use in the 1990s was viewed as a near science fiction-like development. The technology they are based on allows them to learn from past experience – by monitoring legitimate customer spending behaviour… Continue reading >>

Are you staying on top of the fraud game?

With 2013 seeing a further increase in online payment fraud, maintaining consumer confidence in payment products is essential and has become that little bit more challenging. In a world of ever larger transaction volumes, the attraction for criminals is obvious. And with fraudsters often apparently one step ahead of the systems put in place to stop them, it is down… Continue reading >>

Are you checking out the fraudster’s shopping?

Merchants want consumers to have an easy, stress free shopping experience. This includes the payment part of that experience. With e-commerce sites often taking consumers to different sites to “validate their online identity”, it is not surprising that some of us will simply give up when confronted with yet another process to complete before our purchase is made. This is… Continue reading >>

Secure mobile payment adoption – ECB recommendations a step in the right direction

The noise levels around mobile payment are deafening. Just take the scramble for attention at Cartes, Paris. Despite the infatuation with mobile and proliferation of wallets and mPOS devices, the industry has yet to address consumers’ concerns over security, which remains the major stumbling block to widespread adoption of secure mobile payment. Consumer trust matters – a lot. Without a… Continue reading >>

The Cybercriminal’s Dilemma – Bitcoin: A Platform or a Target

Trusteer’s Security team has recently analysed a malware variant designed to specifically target Bitcoin information, mining and trading sites as well as other virtual currencies platforms. This Citadel variant captures screenshots of a victim’s browser when they browse the following web sites (partial list): – An informative site about Bitcoin for Russian speakers – Bitcoin mining site… Continue reading >>

Dissecting Android KorBanker

In a recent blog, FireEye identified a malicious mobile application, Android KorBanker, that installs a fake banking application capable of stealing user credentials. The top-level app acts as a bogus Google Play application, falsely assuring the user that it is benign. FireEye Mobile Threat Prevention platform detects this application as Android.KorBanker. This blog post details both the top-level installer as well… Continue reading >>