NEWS AND INSIGHTS
BLOG
Category:
Feds Seize 36 Criminal Carding Sites
April 27, 2012 - 08:24:09
Category: All

By Doug

Yesterday, as part of a two year investigation with the cooperation or international law enforcement agencies, the FBI seized three dozen 'carding' websites used to sell credit card data stolen during computer breaches or 'hacks.'   

Carding sites are very common on the internet which speaks to the number of breaches that occur.  Statistics tell us that about 90% of breaches in which credit card data is compromised occur to small businesses.  

Although PCI DSS compliance is not a guarantee that a business cannot be breached, reaching and maintaining PCI compliance is one of the tools that can help prevent it.

The article can be found here.


Posted by: By Doug
0 Comments


McDonald's and my mobile phone
April 26, 2012 - 16:32:06
Category: All

By Nathan Wright

True payments story: Yesterday I tried to use Google Wallet with my NFC-capable phone at a McDonald's. I pulled out my phone, entered my PIN and checked my funds--plenty available. The phone recognized the terminal and started sending data, and the terminal was ready to accept a contactless credit card payment. The cashier was impressed and told me how cool my phone was...
 
...and then Google Wallet threw an error and the transaction stopped. I reached for my leather wallet and paid with cash, just like the other two times I've tried to pay with my phone. In my experience, NFC payment is 0 for 3 and cash is still batting 1000.
 
I know Google Wallet works fine for some people, and I'll probably give it another shot before long. I'll also look into AT&T, T-Mobile and Verizon's Isis wallet when it rolls out, but I'm not sure what the future holds for NFC phone payments.
 
What do you think? Are phone payments over NFC ever going to be mainstream, or are they just a fad?   Please share your thoughts or experiences!

Posted by: Nathan Wright
0 Comments


What keeps you up at night?
April 24, 2012 - 14:45:38
Category: All

That was the title of a session at last week's Electronic Transaction Association (ETA) annual conference. The consensus response was the ever present risk of fraud and security breaches.  As a lead member on the Best Practices Committee of the ETA, Wind River Financial has a long and active history of promoting data security in the payments industry and merchant community.

But while there is no silver bullet to prevent fraud, the risks can be mitigated, and you can rest more comfortably, if you employ a multi faceted security program.  A program that often times is simply based upon industry best practices: enforcing security policies, conducting background checks, securing physical and digital data (receipts, reports, files, etc), utilizing network firewalls and conducting periodic scans.

A high profile breach like the credit card data compromise that occurred at Global Payments made national headlines recently and served as another wake up call to the industry. So regardless if you are already awake at night worrying about fraud, or needed a wake up call to remind you that security is an ongoing event, now is a good time for a security audit. Take the opportunity to review your data security program and renew your commitment to act as a guardian of your customers' sensitive data.

Suggested steps include:

  • verify your hiring policy includes background checks

  • validate that your external payment partners and processors are PCI compliant

  • confirm your internal systems and networks (which are in, or connected to, the payment stream) are PCI compliant

  • ensure your networks are being scanned periodically by a certified scanner (remember you want to scan your network before a hacker does!)

  • analyze your payment procedures to identify if credit card data is being stored - and follow general guidelines - if you don't need it, don't store it; but if you do need it, encrypt it or tokenize it. (read more about tokenization)

    •  

And most importantly, if you do find any holes or weak links in your security policies, commit to closing or reinforcing those vulnerabilities before they are compromised...so we can all sleep better.
 

 


Posted by: Dennis
0 Comments


eCommerce Left Behind
April 11, 2012 - 14:26:09
Category: All

 

Since the Durbin Amendment regulating debit interchange took effect on October 1st, 2011, most eRetailers are not realizing the benefits. An Internet Retailer survey recently revealed only 14.6% of 254 online merchants say they're paying lower fees on debit card transactions; 17.7% say they're paying more and 67.7% say their fees have not changed in the past year (Click here to view article). Why is that?

eRetailers may not be seeing the benefits of the Durbin Amendment since many processors are not passing on the savings as intended by the law, and instead are keeping the extra interchange for themselves. At Wind River Financial, we pass 100% of the Durbin Amendment savings down to our merchants, leading the industry with 100% of our online merchants paying lower fees (Click here for the Debit Calculator)!  Why else might eRetailers not be realizing the benefits of Durbin?
Some businesses transitioning to eCommerce will simply use the credit card processor recommended by the web developer. Web developers often recommend processors to leverage prior integration work with other clients, or because of undisclosed referral fees. In any event, there are alternatives, just as there are other critical factors involved in the selection process. Business owners are ultimately responsible for the credit card processing, and thus will select a processor based upon service, support, security, and fees. eRetailers that take an active role in the credit card processor selection, can ensure they are working with a processor that will pass along the Durbin Savings…rather than run the risk of being left behind!
So, if you have any eCommerce projects on the horizon, make sure to give your relationship manager a call at 1-800-704-7253 to discuss how we can work with your web developer and the many online payment solutions we offer at Wind River Financial.

By: Amanda Block


Posted by: Amanda Block
0 Comments


Recent Press on Global Payments Breach
April 04, 2012 - 09:25:43
Category: All

By Dan DeBraal

Recent Press on Global Payments Breach
Global Payments has been in the press recently due to a breach of its systems that occurred in January and February. Reports vary, but it is believed somewhere between 1.5 and 10 million card numbers were stolen off of the Global system. The reports go on to say that Global has been dropped from the VISA listing of certified PCI-DSS compliant processors. http://www.usatoday.com/tech/news/story/2012-04-02/global-payments-visa-breach/53940764/1
Some have confused this de-listing as meaning that Global can no longer process credit cards. Others have incorrectly interpreted this de-listing to mean that customers can no longer use their VISA cards at merchants processing with Global. Neither of these is true. Global is still processing credit cards and customers should be confident and safe using their Visa (and other credit cards) when making purchases.
The payments industry takes great steps to protect and secure credit card data. However, we all know that thieves will continue to try and breach these systems. Our industry is designed to mitigate these breaches and protect consumers from liability and loss. It is imperative that merchants use best practices when handling credit card data, stay PCI complaint, and don’t store card data if at all possible. See more information on security on Wind River Financial’s web site in the Client Resource Library under PCI Security  www.windriverfinancial.com or feel free to call us to discuss your questions or concerns.

Posted by: Dan DeBraal
0 Comments


Blog Archive

 < 1 2 3 4 >  Last ›


Subscribe to Blogs:    RSS    By Email