Rss

    Archives for : Banking & EFTPoS

    Is there a risk of someone listening or stealing the information from a contactless card?

    One risk with contactless cards is the ability for the card to be activated when it enters a reader’s RF range without the owner being aware of it. To prevent a contactless card activation without the card owner being aware of it, the application can be configured to always ask for the owner’s authorisation (password, PIN or biometric) before providing any user information or processing on the user’s behalf.

     

    e level of security of communication required between the contactless card and the reader must be defined as part of the system design and security controls must put in place so that un-invited listeners cannot intercept the data in any meaningful way. For example, all of the contactless technologies can use data encryption to protect data on the card and during transmission; this helps to ensure that, if information is intercepted, the information cannot be used by the recipient. It is important that all of the application’s requirements be understood and defined prior to any technology selection and implementation so that the appropriate security features are designed into the system.
    Additionally, the contactless chip is designed to self destruct if anyone tries to hack into it.

    RFID Cloning Documents and Images

    Images of RFID Tags

    RFID Cloning

    Interesting LinksÂ

    http://www.smh.com.au/news/technology/lost-in-transit-no-more/2006/11/30/1164777706811.htmlÂ

    http://www.timesonline.co.uk/article/0,,2-2302505,00.html

    http://en.wikipedia.org/wiki/RFIDÂ

    http://www.workpermit.com/news/2006_08_04/rfid_technology_cloned.htm

    http://www.guardian.co.uk/idcards/story/0,,1950226,00.htmlÂ

    Vulnerabilities in First-Generation RFID-enabled Credit Cards

    from: http://prisms.cs.umass.edu/~kevinfu/papers/RFID-CC-manuscript.pdf

    RFID-CC-manuscript.pdf

    This is a great article, worth a read.

    Visa Competes with Payment Systems

    27 September 2006
    Kommersant International

    The New System will be Offered to 20 Banks<br>Yesterday, at a press conference dedicated to the five-millionth visa card issued by Sberbank, Visa International representative Oliver Hughes announced that a project introducing a system of card-to-card money transfers in Russia has launched its third stage. The project, called Visa Money Transfer (VMT), is now being tested in six Russian banks. Also yesterday, Rosbank announced its intention to participate in the trial. Twenty credit organizations have expressed interest in joining the program, of which ten will be included in the project within the next year. The trial phase of the program will last another six months, after which the VMT system is expected to be unveiled in its full form. The VMT system allows any Visa cardholder to electronically transfer or receive funds to or from another Visa cardholder via an ATM transaction. To make the transaction, all that is needed is the other cardholder’s card number. Though the company “at this point is not positioning the new service as an alternative to the system of traditional money transfers,” VMT promises to be competition for that system. The only restriction is that the laws of the Russian Federation permit such transfers to be made in Russia only in rubles. Market analysts believe that the success of the system will depend on Visa’s commission policies. Bank commissions for transfers stand at around 1%, and if Visa’s commission is more than 0.5%, it is predicted that banks will find it hard to do business within the project. According to some sources, the commission earned by the bank whose client sends the transfer will be 1% of the transfer sum. The bank whose client receives the money will make $0.48 on each transaction. The commission charged by the payment system will be $0.05 + $1. Many Russian banks have expressed interest in the project, but most for now are observing the program’s development from the sidelines, preferring to judge for themselves its power to attract customers. http://www.kommersant.com/photo/75/DAILY/2006/180/KMO_032838_00111_1h_t75.jpg
    http://www.kommersant.com/photo/512/DAILY/2006/180/KNN_001535_00046_1m.jpg
    http://www.kommersant.com/photo/512/DAILY/2006/180/KMO_073625_00010_1m.jpg
    http://www.kommersant.com/photo/512/DAILY/2006/180/KMO_069500_00019_1m.jpg

    © 2006 ZAO Kommersant Publishing House. All rights reserved.

    New e-Commerce and Payment Technologies Company

    Recently I came across a new e-Commerce company called EFT Networks, which seems to have an exciting future in the Global Payments Market.

    It looks like they have a good mix of consulting and solution design.

    www.eftnetworks.com

    Services

    Electronic Payment

    Designed to enable both credit card and direct debit, EFT Networks electronic payment solutions work effectively across multiple sales channels—including Web, Contact Call Centre, IVR and EFTPOS. Manage your payment processing system in-house or outsource, depending on your business needs.

    Global Payments

    International commerce requires fully integrated global payment and risk management solutions. Requirements span the gamut of payment acceptance considerations from accepting local payment types, pricing in local currencies and dynamically updating prices with changes in exchange rates (dynamic currency conversion), authorising and settling in multiple currencies, to managing fraud and compliance issues such as tax and export regulations. EFT Networks offers a single interface to the global payment network to handle all of these considerations as your business grows.

    ICE – Reporting & Management

    The EFT Networks Enterprise Business Center gives you a single, easy-to-use interface for managing and configuring payment processing services.

    ICE caters for each area of the payment transaction cycle from authentication, authorisation, settlement, dispute resolution and reconciliation – enabling our clients to reduce transaction costs, eliminate fraud, minimise risk, maximise cash flow and increase profitability.

    Integrations

    EFT Networks provides flexible and secure payment and risk management integrations in to host and legacy systems as well as industry-leading software.

    Using industry standards and protocols, our solutions can be customised to suit your exact business requirements

    Products

    ICE (Intelligent Communications Exchange)

    At the core is our Intelligent Communications Exchange (ICE) which enables all known transaction enablers from EFTPOS to eCommerce to be routed directly to a client’s bank without intervention for real time acceptance and authentication.

    The EFT Networks ICE operates under a philosophy of total System and Physical redundancy delivering the highest uptime rates possible, whilst the transaction network is protected using Solid State and Application Firewalls on all points of ingress and egress.

    Every transaction processed through EFT Networks is encrypted using 128 bit Secure Socket Layer (SSL) encryption and submitted for authorisation through EFT Networks “Secure Virtual Private Network” (SVPN).

    Our commitment to security is also reflected in our swift compliance with Card Schemes security initiatives such as VerifiedByVisa and MasterCard SecureCode.

    EFT Networks comprehensive suit of online reporting tools combined with daily transaction reports will ensure that our clients always have access to up-to-date management information allowing Business Managers to make quick and well-informed business decisions. The decision making process is simplified even further with the power of daily reports that are customised to be imported into most existing legacy systems.