RSS Feed
Latest Updates
Sep
1
What's New in Technology for September 2016
Posted by S2C Staff on 01 September 2016 05:31 PM

Technology: Update on Chip Card Technology

Back in October 2015, retailers experienced a liability shift when the onus for absorbing the cost of counterfeit transactions shifted from the banks to the individual merchants if the retailers had not migrated from swipe card systems to the newer EVM technology. Those merchants who installed EMV (chip) technology in their cash register networks by the October deadline were able to continue to enjoy liability protection from the card issuers. The ones who missed the deadline were left to do the best they could – making good on any counterfeit transactions or other thefts from scammers.

In the 10 months that followed this deadline, it has become clear to almost anyone who uses a credit card that the new EMV systems are slower than the swipe format, and that there’s often serious confusion – involving both the consumer and the employee at the cash register. The last few months have shown us the practical shortcomings of the EMV technology and have also underscored the major problems – financial and organizational – that large national retailers have encountered in making the switch.  

Some merchants were able to make a fairly smooth transition, but many weren’t. Some of the largest companies installed the new EMV – but not throughout their stores – and others found the process extraordinarily complicated, costly and time-consuming. What seemed like a good move to improve security at the cash register has, in many cases, proven to be a major headache. So where does all this leave us, what solutions do we have and what do the experts predict?

The EMV Advantage

The point of replacing the traditional swipe credit card payment system was to ramp up security. Swipe systems transmit the same card information over and over again. If cyber crooks intercept the card data, they can use it over and over again to run up fraudulent changes. EMV technology or chip technology transmits one-time/one-use encrypted data and is extremely difficult for scammers to counterfeit. (EMV is named after Europay, MasterCard and Visa, the companies that originally developed the technology.)

Status Report

Credit card companies estimate that a staggering 70 percent or more of all merchants in the United States have NOT adopted the EMV technology, choosing to cope with increased liability rather than deal with implementing a new system. Some are overwhelmed with the costs and the time required to adapt their large-scale systems. Others may have made a business decision to deal with the additional fraud risk rather than see longer lines at the cash register.

Solutions

For their part, the credit card companies and the hardware makers are working on newer, faster technology. However, any update to existing EMV systems – just like the original rollout in October 2015 – will involve lots of different parties and will be time consuming and potentially costly. Some observers think the EVM woes may deliver an unanticipated boost to the mobile payments industry. Store-specific apps (Starbucks and some fast food chains) on consumers’ cell phones are fast and secure. Other consumers don’t want to load their phone with multiple payment apps and they prefer options like Apple Pay or Android Pay, which have integrated payments with stores’ loyalty programs. In the fast-paced world of payment technology, it remains to be seen who will win market share. As things stand with EMV still evolving, smartphone payment technology may well be emerging as the winner.

 


Read more »



Aug
3
What's New in Technology for August 2016
Posted by S2C Staff on 03 August 2016 09:07 AM

Technology: Biometrics = Better Banking Security?

Earlier this year, one of the world’s largest banks, The Hong Kong Shanghai Banking Corp. (HSBC), announced the largest rollout of biometric security technology in the U.K. with a voice and fingerprint authentication system that will encompass some 15 million customers. The HSBC biometric security technology will give its customers access to fingerprint authentication using readers built into iPhones loaded with HSBC banking apps, and the bank also will utilize Nuance Communications voice recognition technology, which uses 100 distinct identification factors to identify a speaker.

Why Biometrics?

Biometrics involves using the unique aspects of human beings – fingerprints, retinas, voice patterns and facial features – as identifiers for security systems developed to authenticate identity. Of course, the idea is not new. The police have been using fingerprints in investigations for more than 100 years, but consumer-level biometric verification systems have not made great strides until recently. Our increasing use of the internet, smart phones and other devices to make purchases, manage financial transactions and access our personal data has required all of us to use and protect a variety of passwords – passwords that cyber crooks increasingly are able to hack. Financial companies have been at the forefront of the development of biometric systems and have been seeking customer opinions and exploring biometric authentication as a viable replacement for trouble-plagued password authentication.

Will Biometrics Take off Here?

In the United States, response has been mixed. Some industry pundits argue that biometrics are inherently public and no more secure than passwords – they note that fingerprints can be “lifted” and that high resolution photos can be taken of people without their permission. In the public sector, law enforcement has embraced biometrics with Homeland Security and the U.S. Customs and Border Patrol working together to collect iris scans and foreigners’ fingerprints to add to the FBI’s national database.

Issues involving privacy and consent have yet to be settled. Currently in 48 states, it is legal for people or organizations to use software to identify you using images taken in public without your consent. In Texas and Illinois, such images may not be used for commercial purposes. The use of biometrics remains largely unregulated, and Washington has not clarified the question of consent or determined how to regulate the industry.

Last year, an effort to develop a voluntary code of conduct for facial recognition technology, which was spearheaded by the National Telecommunications and Information Administration, failed to achieve any consensus. The industry remains self-regulating, and some private sector industry leaders regard the whole topic as a can of worms.

Finally, some experts note that hackers are already finding ways to spoof biometric identification, and that biometrics may be no more secure than passwords and PINs. Others wonder if the tradeoff – privacy for convenience – might turn out to be too high a price to pay.

 


Read more »



Jul
4
What's New in Technology for July 2016
Posted by S2C Staff on 04 July 2016 05:49 PM

Security Reminders Courtesy of Zuckerberg

Being an acknowledged leader and innovator in social media doesn’t provide immunity from cyber attacks. It has been reported that Mark Zuckerberg, head of Facebook, recently experienced hacking of both his Twitter and LinkedIn accounts. Cyber thieves continue to up their game, and regardless of whether you are a high-profile billionaire or an ordinary citizen, you need to be mindful of the same security basics.

Speculation abounds on how hackers got into Zuckerberg’s account, but a common reason people are hacked is user complacency. We all know what we should be doing, but sometimes it is easy to get a little lax or lazy. In Zuckerberg’s case, it appears he may have overlooked some basic privacy safeguards – namely not using a two-step authentication process and possibly failing to use different passwords for different websites.  

Interestingly, a recent Instagram posting (Facebook owns Instagram) by Zuckerberg provided sharp-eyed viewers with clues to some steps he might have taken to thwart a certain type of Peeping Tom cybercrime. The photo showed Zuckerberg sitting a desk with a laptop in the background. The webcam and the microphone on that laptop appeared to have been covered by tape.

What’s the point of putting tape over webcams and mics? Odd though it may seem, several prominent public figures have said they do this, too. Hackers have been known to install malware that allows them to switch on the computer’s camera and microphone. In other words malware known as a Trojan can turn the user’s laptop into a bugging device with a camera, allowing a hacker to gain access to sensitive business information and intellectual property. Some users have had their privacy violated by hackers stealing personal photos, which crooks and extortionists post on the Internet. This type of voyeurism activity usually targets young women.

What to Do

  • Follow basic security steps – buy quality antivirus software and keep it current; use a firewall; don’t click on dubious links in emails.
  • Unplug the webcam on your desktop.
  • On a laptop, covering the camera is your best option. Covering a mic will be less effective.
  • Mac users see a green light when the webcam is recording. However, this can be bypassed by a Trojan interloper so blocking with tape may be a better solution.
  • Ironically, there are rumors that Facebook has the ability to listen in on conversations and view videos made by users. This alleged privacy breech is purportedly used to gather data useful to advertisers. Facebook has strenuously denied this. If you are determined to block Facebook’s access to your mic, go to Settings in iOS to de-select Facebook. On an Android device, go through Settings to Personal to Privacy to App Permissions to Mic, where you can de-select Facebook.

We might not all have the high profile of a Zuckerberg, but we are liable to the same risks. If a few simple bits of tape will help protect you from a virulent type of Trojan, why not do a little DIY to protect your personal privacy.


Read more »



Jun
2
What's New in Technology for June 2016
Posted by S2C Staff on 02 June 2016 08:37 PM

Technology: New Payment Options - Smart Cards Versus Smart Phones?

Things have changed at grocery store checkout lanes and retailers everywhere. Initially, Oct. 1, 2015 was the date initially established for the majority of liability for credit card fraud to shift from banks to merchants – or to the party using the least secure technology. While this effort to crack down on credit card fraud encouraged merchants to install new smart chip technology at the point-of-sale did not result in a massive change over by the October deadline, we now are seeing more chip-enabled terminals in use and more consumers using smart cards. Another type of secure payment using smart phones, which debuted in the United States at about the same time as the smart-chip technology rollout, is making headlines, too. Here’s how these two new payment systems stack up.

Smart Cards (aka EMV Cards)

EMV stands for Europay, MasterCard and Visa and, as the acronym might suggest, EMV (or smart) cards have been the norm in Europe for decades. Our traditional magnetic stripe swipe credit cards are regarded in many countries as hopelessly outdated. The advantage for merchants to shift to EMV technology are obvious – financial institutions and card issuers will continue to be liable for fraudulent charges as they have been in the past with magnetic stripe cards. Consumers benefit from the encryption built into EMV cards that better safeguards their personal data. U.S. consumers have been quick to adapt to the new cards – simply pushing the smart chip card in a slot, plugging in a password (in some cases) and waiting for approval before removing the card. Merchants are having more issues – especially with concerns that the chip technology is slower than magnetic stripe cards. In situations where high volume makes speedy transactions crucial, problems caused by the slightly slower speed may be more perception than reality. However, the negative impression has taken root sufficiently to have caused Visa to develop a software upgrade to allow consumers to dip the card into the slot and remove it immediately.

NFC (or mobile wallets, e.g. Apple Pay, Android Pay or Samsung Pay)

The technology that allows smart phones (and other devices like payment readers) to communicate when they are in close proximity is known as Near Field Communications or NFC.

NFC is simple. To use Apple Pay, you hold an iPhone 6 or Apple watch up to an NFC reader. The device is held close to the reader – not more than a couple of inches away. The transaction is recorded very quickly and, because it goes through multiple layers of encryption, it also is very secure.

All the so-called mobile wallets – Apple Pay, Android (Google) Pay and Samsung Pay – work pretty much the same way. Because they use fingerprint technology, a stolen phone can be locked down fairly easily. To find out where you can use a mobile wallet, look for the logo or a sign showing a hand with a card in front of a wireless signal. Where is this headed? Right now, many merchants accept payments using both new technologies, and manufacturers supply POS equipment that can read both. Will NFC technology supplant EMV technology? Only time will tell. 


Read more »



May
6
What's New in Technology for May 2016
Posted by S2C Staff on 06 May 2016 12:39 PM

Technology: 5 Ways to Safeguard Your Online Privacy

 

There are no fast fixes that will guarantee your online security, but here is a simple checklist that can help keep your data and your identity secure.

  1. Stay current on all software and OS updates. Updates appear frequently—always in response to some new vulnerability or malware. If you use Windows 10, go to “Settings” and then “Update & Security” to locate “Windows Update.” Turn on “Windows Defender” (unless you use a third-party antivirus program). When you’ve updated your computer and smart devices, check your browser. If you use Google Chrome or Firefox, turn on “Automatic Update” in “Settings.” Connect your iPhone or iPad to Wi-Fi, go to “Settings,” then “General” and finally “Software Update” to get updates. Android offers similar access. Authorize automatic updates through iTunes or via the App Store by activating the auto-update feature. Finally, check for updates to your Wi-Fi router and to any smart home devices like security systems or thermostat control.
  2. Use Encryption. If you weren’t sold on the power of encryption before,the FBI’s legal battle to unlock suspected terrorists’ iPhones should have made a believer out of you.  Even the best and most determined experts usually find it impossible to access encryption-protected data. Add a password or fingerprint screen to lock and encrypt your iPhone or Android phone. Use password protection and encryption for your computer and/or laptop, and use a disk utility to encrypt any external drives you use.
  3. Make your passwords strong. Many sites insist that a password includes at least one capital letter and a number. Don’t use a birthday, street address or any other series of numbers that a cyber thief might obtain easily. Two-step authentication is always best. When you try to log in, you get a notification that someone is trying to log in to your account. Often the heads-up comes with a randomly generated passcode that you then must input to finish your log-in. Apple ID, Google, Facebook and many financial institutions offer a two-step process.

    Even the best of us get lazy, but do create a different password for each site. If you do this, hackers can’t use a password they’ve stolen to unlock all of your other data. The safest way to keep track of multiple passwords is through a password manager program – the worst is to keep a printed list somewhere handy near your computer.
  4. Clear your browser data. This clears any passwords saved in your browser and probably means you will have to login to sites that used to “remember” you. When you’ve done this, activate “Do Not Track” in your browser settings, and install a program to identify and remove spy bots and trackers. If you are plagued by aggressive advertisers go to www.aboutads.info/choice. Review the list of more than 100 marketers listed there, and select those you want to remove.
  5. Find out which apps are tracking you. Apart from being a big drain on your phone’s battery, this is a major privacy issue. Go through “Settings” on your smart phone then look at “Privacy” on iPhone or “Apps” on Android to see which apps are accessing your data and/or tracking your movements. Turn off tracking access to those that have no benefit to you.

Being proactive is the key to keeping your privacy protected. Keep your software updated and use encryption and strong passwords. Cybercriminals look for easy targets; use all the tools available to you to avoid this fate.

 


Read more »




Help Desk Software by Kayako fusion