Join the Community

21,595
Expert opinions
43,733
Total members
390
New members (last 30 days)
147
New opinions (last 30 days)
28,567
Total comments

Latest expert opinions

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Now is not the time to go soft

Online computing represents probably the first new platform in thirty years. Not since the PC have we seen a whole new hardware-software-solution-product environment emerge. It's understandable that there's a mad land grab for app-driven market share. But you'd think that the rush to market would be moderated by a realisation that we ought to b...

/security /payments

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

How much worse can CNP fraud get?

The Australian Payments Clearing Association (APCA) releases card fraud statistics every six months for the preceding 12m period. For the first time in many years, Australian card fraud has grown in all categories. The ratio of Card Not Present fraud to all fraud remained steady at just under three quarters. An up-turn in skimming and counter

/security /payments

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Credit card numbers are like nitroglycerine

It's terrific that merchants are increasingly pushing back on PCI-DSS. It really is high time we shifted the emphasis from ad hoc stop gap compromise measures, onto tackling the real problem: the replayability of account data. Credit card numbers are a bit like nitroglycerine: handle them with great care or they'll blow up! The slightest slip-up,...

/security /payments

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Banks really know their customers

A few months ago, the Australian banking consortium BPAY announced the cancellation of its promising and well funded account portabilty MAMBO. What does this mean for the even more audacious plans for federated identity in banking? The US government's National Strategy for Trusted Identities in Cyberspace (NSTIC) envisions using university studen...

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Taking full advantage of Chip

The Atlanta Federal Reserve's Cindy Merritt -- assistant director of the Retail Payments Risk Forum -- offers a refreshing, plain talking critique of the PCI-DSS regime. She goes to the heart of the matter; the rewards for organised crime are simply so vast that a process and audit based security regime like PCI-DSS doesn't stand a chance. PCI (li...

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Do digital wallets leave 3D Secure behind?

Visa's digital wallet seems to take a different path from 3D Secure. If it's "digital" I wonder if it's interoperable online and how might it work over Internet? The digital wallet will store Visa and non-Visa payments accounts and support NFC through payWave, letting customers complete transactions online, with their mobile, on social ne...

/payments

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Is Sony PCI DSS compliant?

It's been over a week and a zillion blog posts and tweets have already circulated about the PlayStation Network breach. Yet one security issue has yet to be canvassed. I'm more than a little surprised. Sony advised its customers: "If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we ar...

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

What to do about the SecurID hack?

RSA's public response to the compromise of its famous SecurID One Time Password is curious. On the one hand, it's admirable to have disclosed that they've been 'hacked'; on the other hand, their public releases have been short on details, and some corporate customers who have enjoyed private briefings say they're none the wiser. By way of count

/security

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Are banks ready for the new identity ecosystem?

The National Strategy for Trusted Identities in Cyberspace (NSTIC) released by the Whitehouse last month, is a proposal for a new “ecosystem” of diverse Internet IDs. It is the latest incarnation of Federated Identity, where identification established with one service provider can be re-used with other services. In the words of Whitehouse cyber...

/security

Stephen Wilson

Stephen Wilson Managing Director at Lockstep Consulting

Can't we simplify digital identity?

Why is digital identity so tricky? The past decade is littered with earnest initiatives that failed to meet expectations (like the Australian Trust Centre) or consortia that over promised and under delivered (such as Liberty Alliance). Now we have the Open Identity Exchange which is said to reflect an "ecosystem" of identity provide

Now Hiring