Tag Archives: Security

Say Bye to Swipe-and-Sign Credit Cards!

7 Feb

chip and pinOctober 2015, has chosen to say bye to the swipe-and-sign of a credit card transaction.

Beginning from the next year, in all major countries where people do insert card into a slot and enter a PIN number, now won’t signing those credit card receipts. The reason behind this major step is to stop the world’s credit card fraud and brought more and more attention to the recent large-scale theft of credit card data from retailers.

In the Senate Judiciary Committee meeting in U.S., executives told the senators that once the country act on the new system- which includes credit cards embedded with a microchip containing security data- these kinds of hacking attacks will be much more difficult to pull off.

The changeover is coming through: both MasterCard and Visa, and both have set October, 2015 as an important deadline in the switch. But why has it taken this long, and how will the changeover work for card users and businesses?

Talk with MasterCard’s company expert Carolyn Balfany about new payment system, known as EMV that will end up swipe-and-sign and starting chip-and-PIN. Here’s what she had to say.

She said by answering the question “Why U.S. has taken so much longer to accept it?”, firstly there were higher fraud rates in some markets and they wanted to make this move to combat fraud. Secondly this system can operate in offline mode– the card and the terminal can authorize a transaction independent of communication with the bank’s systems.

By answering about the “liability shift” she said:

 Whenever card fraud happens, we need to determine who is liable or responsible for the costs. When the liability shift happens, what will change is that if there is an incidence of card fraud, whichever party has the lesser technology will bear the liability.

So if a merchant is still using the old system, they can still run a transaction with a swipe and a signature. But they will be liable for any fraudulent transactions if the customer has a chip card. And the same goes the other way – if the merchant has a new terminal, but the bank hasn’t issued a chip and PIN card to the customer, the bank would be liable. This way, we’re not shifting fraud around within the system; we’re driving fraud out of the system.

“How will it actually happen?” while answering she said still lot of work on this that has already happened. For merchants, the terminals and equipments are available to accept the new cards. Banks already issued cards with the chip to customers who travel abroad. Mostly consumers know how to use it. Overall some media coverage and awareness is required to explaining the system and all the benefits, and obviously how to use it.

While answering our last question about benefits other than security, she said:

With keep in mind that it is the establishment of technological platform for the next generation of payments and not only limited to chip and PIN cards, it also includes things like contactless payments at same level of security. Now account can be resident in multiple places with tag affixed to your phone or on your key ring.

This article is originally posted on The Wall Street Journal.

Advertisements

Why Windows Phone Is The Safest Platform Among All?

20 Dec

windows phone

According to software security company F-Secure security Chief Mikko Hypponen, Microsoft’s Windows Phone platform is the safest mobile operating system available to businesses, he further told Windows Phone 8 is presently the safest mobile operating system here.

Although Apple’s iOS is also commonly known as being safe, exactly as safe as BlackBerry for business use, while Android remains a haven for cyber criminals. It seems that F-Secure is giving the “safest” award to Windows Phone 8 at the moment.

At the moment Windows Phone is the safest, there are­­­ thousands of malware for Blackberry and more malware for the iPhone and without a doubt progressively on Android. Interestingly, Hypponen anticipated that “Windows Phone is safest mobile operating system; due to its restrictive development policy should protect it from criminals for the foreseeable future. We’ve seen no malware at all targeting the platform. You want a safe & secure phone? Purchase a Windows Phone.”

Meanwhile, Android receives a bashing for being the most unsafe; firstly, because of amount of malicious Android installation files, it’s almost just double after every quarter. Secondly, because of 3rd party app stores with much has less security features as the official one, Google Play. Although, Google is said to address some of the issues with 3rd party apps/stores in the new version of Android 4.2 taste as jelly bean.

“Windows Phone’s security model inside is somehow prohibitive, I think it’s aimed to take a while before we see Windows Phone being seriously targeted.

In case of Windows Phone 8, it is quite safe at the moment, probably because of not much people are using Windows Phone 8 device. If/when Windows Phone 8 takes off; it might be become a much bigger target for malware. But still my hunch says it will stay the safest.

Posted By: Pooja Runija

Password is Dead! What Next For Security?

25 Oct

passwordsPasswords command our lives nowadays; they are part and package of investing time on the web. There are currently such a large number of applications, services, apparatuses and sites that requires us to log into our protected record utilizing a password that the sheer number of pass-phrases we need to recollect has spiraled totally crazy. What’s more it is dependably prudent for the best level of security to utilize a totally diverse password for every site and services.

 Clearly this is a gigantic security issue; assuming that somebody figures out how to work out that your Gmail password is ih4ve4b4dmemory and utilizes it to enter your email, they’re presumably set to attempt the same password for Facebook, Twitter and whatever possible online services you want to envision.

passwords_1

 You’ve probably recognized that when you log into a site that requires you to enter a username and password, your web browser helping offers to recall that it for you. This leads us onto the second alternative for us absent minded sorts. Of course… utilize an absurdly long and muddled password — Chrome will recollect that it for you so you never need to enter it again. Incredible!

chrome-save-password

 Then again you will interface a mobile to your record and when you head off to log in, a check codes will be conveyed to you through SMS. Your record will be unavailable until you have given this data.

So it’s clear that something better is required. Basically everybody has a mobile phone, yet this is not a perfect method of authentication. What do you do if your phone is lost or stolen? We have to consider something else. A mobile phone appears to be a great method of Identifications because something that most individuals have with them more often than not.

Apple, with the launch of the iPhone 5S chose to utilize something else that you have with you as a method of recognizable proof. It’s nothing especially new, yet the new iPhone’s unique mark onlooker is an intriguing security strategy, and it’s the kind of thing that we have to put more thought into.

iphone 5s

iPhone 5s features a fingerprint reader which could be adopted elsewhere.

The fingerprint spectator and NFC devices are at present being utilized to control access to mobile phones, yet there is no excuse for why this ought not be augmented into different regions, for example website security. Expanding amounts of individuals are beginning to understand the confinements and security issues connected with accepted passwords.

The mission explanation is honestly simple:

We push client authentication that doesn’t require us to recollect anything. We’re finding more approaches to utilize the Internet, and we need better approaches to recognize ourselves. It ought to be not difficult to log into each site we utilize now and to enlist at each new site we need to include. We decline to depend on our remembrances for security, and rather demand gauges that make it simple to stay safe and keep our information private.

nfc device

NFC devices such as the Nymi bracelet could offer an alternative to passwords.

How would you feel about passwords? Is it accurate to say that they are something you have gotten used to, or do you finds them a fundamental abhorrence that you’d get a kick out of the chance to replace? Do you surmise that two- or three -variable verification is the route ahead or is there any importance?

Posted By: Pooja Runija