34 Results
Stephen Wilson Managing Director at Lockstep Consulting
Online computing represents probably the first new platform in thirty years. Not since the PC have we seen a whole new hardware-software-solution-product environment emerge. It's understandable that there's a mad land grab for app-driven market share. But you'd think that the rush to market would be moderated by a realisation that we ought to b...
03 August 2012 /security /payments
The Australian Payments Clearing Association (APCA) releases card fraud statistics every six months for the preceding 12m period. For the first time in many years, Australian card fraud has grown in all categories. The ratio of Card Not Present fraud to all fraud remained steady at just under three quarters. An up-turn in skimming and counter
17 July 2012 /security /payments
It's terrific that merchants are increasingly pushing back on PCI-DSS. It really is high time we shifted the emphasis from ad hoc stop gap compromise measures, onto tackling the real problem: the replayability of account data. Credit card numbers are a bit like nitroglycerine: handle them with great care or they'll blow up! The slightest slip-up,...
13 January 2012 /security /payments
A few months ago, the Australian banking consortium BPAY announced the cancellation of its promising and well funded account portabilty MAMBO. What does this mean for the even more audacious plans for federated identity in banking? The US government's National Strategy for Trusted Identities in Cyberspace (NSTIC) envisions using university studen...
13 December 2011
The Atlanta Federal Reserve's Cindy Merritt -- assistant director of the Retail Payments Risk Forum -- offers a refreshing, plain talking critique of the PCI-DSS regime. She goes to the heart of the matter; the rewards for organised crime are simply so vast that a process and audit based security regime like PCI-DSS doesn't stand a chance. PCI (li...
02 June 2011
Visa's digital wallet seems to take a different path from 3D Secure. If it's "digital" I wonder if it's interoperable online and how might it work over Internet? The digital wallet will store Visa and non-Visa payments accounts and support NFC through payWave, letting customers complete transactions online, with their mobile, on social ne...
11 May 2011 /payments
It's been over a week and a zillion blog posts and tweets have already circulated about the PlayStation Network breach. Yet one security issue has yet to be canvassed. I'm more than a little surprised. Sony advised its customers: "If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we ar...
27 April 2011
RSA's public response to the compromise of its famous SecurID One Time Password is curious. On the one hand, it's admirable to have disclosed that they've been 'hacked'; on the other hand, their public releases have been short on details, and some corporate customers who have enjoyed private briefings say they're none the wiser. By way of count
21 March 2011 /security
The National Strategy for Trusted Identities in Cyberspace (NSTIC) released by the Whitehouse last month, is a proposal for a new “ecosystem” of diverse Internet IDs. It is the latest incarnation of Federated Identity, where identification established with one service provider can be re-used with other services. In the words of Whitehouse cyber...
26 January 2011 /security
Why is digital identity so tricky? The past decade is littered with earnest initiatives that failed to meet expectations (like the Australian Trust Centre) or consortia that over promised and under delivered (such as Liberty Alliance). Now we have the Open Identity Exchange which is said to reflect an "ecosystem" of identity provide
25 August 2010
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.