Beginning in early 2015, the entire REDcard portfolio, including all Target-branded credit and debit cards, will be enabled with MasterCard’s chip-and-PIN solution. Existing co-branded cards will be reissued as MasterCard co-branded chip-and-PIN cards. Ultimately, through this initiative, all of Target’s REDcard products will be chip-and-PIN secured.
Target will switch their proprietary credit and debit RED cards to MasterCard chip-and-PIN
Xapo will allow you to use the innovative bitcoin payment technology by keeping alive the aging and insecure magnetic stripe payment card system:
What Xapo has done that is different is to strike a deal with MasterCard that allows it to piggy-back on the credit card provider’s widely used payment network.
Here is the definition of symbiosis:
symbiosis is the habitual living together of organisms of different species. The term is usually restricted to a dependent relationship that is beneficial to both participants (also called mutualism) but may be extended to include parasitism, in which the parasite depends upon and is injurious to its host.
Mobile payments startup lowers the merchants transaction processing fees by accumulating credit card transactions
LevelUp implements an interesting idea of accumulating multiple transactions made by the same customer and processing them as a single transaction which saves merchants' money on average transaction processing fee. I think it has a potential of being accepted by mainstream because it provides merchants with good incentive (low 1.95% fee instead of traditional 3% and up). Those fees is very important and painful issue for merchants. However, I would check what they do with debit cards - debit fees are lower than credit, debit transactions require instant settlement (so technically you cannot accumulate them), and debit segment is growing comparing to credit.
BTW, they are using basically the same mechanism (credit card + online account + scanner + barcode on mobile phone screen) as I proposed back in April 2009... Thank you for appreciating and implementing this idea!
As a "side effect", this mechanism solves the credit card security problem because the customer's mobile phone and the merchant's point of sale are exchanging data using tokens rather than actual sensitive cardholder information which never touches the merchant's store systems or customer's mobile phone during transaction processing.
Michaels card data breach, which was discovered back in January, also includes Aaron Brother stores.
After weeks of analysis, we discovered evidence confirming that systems of Michaels stores in the United States and our subsidiary, Aaron Brothers, were attacked by criminals using highly sophisticated malware that had not been encountered previously by either of the security firms. The affected U.S. systems contained certain payment card information, such as payment card number and expiration date, about both Michaels and Aaron Brothers customers.
There is information about security breach at Hess gas stations.
A total of 16 Hess gas stations are involved, including one in Fort Myers. We're talking about the Hess gas station located on 15260 McGregor Boulevard off Iona Road.
Skimming is a physical attack which is different from what's happened at Target. Special skimming devices, which are installed at the pump's MSR (magnetic stripe reader), read and accumulate the cardholder data, then send it to hackers through bluetooth or cell network. In many cases, debit pin numbers are also stolen using fake keyboards installed at pinpad or hidden video camera which is set up to monitor the pinpads' keyboard and record the keystrokes.
Isracoin: Israeli Crypto Currency
I don't know how and why, but Isracoin -- new Israeli Cryptocurrency -- is already on 5th place by market capitalization. It is partially premined, which means that there is a solid part (10%) of the total final supply that is being distributed by some group of people based on their criteria (we don't know either people or criteria). Pre-mining contradicts with basic principles of bitcoin: independance and decentralization. In addition, the national character of this currency (the name associated with Israeli state and the fact that a part of premined supply is provided only to Israeli citizens) contradicts with another basic principle of crypto currencies - globalization. At first glance, besides the national attributes, Isracoin does not have any additional special features that would motivate people to prefer it over Bitcoin, Litecoin, or other crypto currencies.
State of Bitcoin 2014
Interesting report on on various aspects of Bitcoin. Unfortunately, whether intentionally or not, the merchant acceptance figures are missing. The pdf version is available for download here.
Fallacy of Tokenization
This article in The New York Times blog is another example of fallacy of tokenization.
That is a gap that tokenization is meant to fill. The technology works behind the scenes of a digital transaction: Customers still put in their card number, but software then transforms that information into a one-time token — a randomly generated code — that is sent through the payment-processing chain. Thieves who intercept the code can do little with it without the means to unscramble the token.
This description is untrue. Tokenization does not work this way. In order to get authorization for the credit card charge, the point of sale system still needs to send the full card data (the content of magnetic track 1 or 2) to the payment processing server. Such data cannot be just "transformed into a one-time randomly generated token" because the server system must be able to recognize and process it. So the card data should be encrypted using another technology called point-to-point encryption (P2PE) which is different from tokenization. Only after the card data is decrypted and processed at the payment processor's data center, it can be tokenized using the method described above, and the resulting token can be returned to the point of sale system. There are P2PE systems that are able to produce the format-preserving encryption so the resulting encrypted data looks similar to the original input so maybe that's created a confusion. But in any case, the data produced by such system is not "randomly generated", and it's not a token, and it's done in hardware rather than software, and the system is called P2PE and not tokenization. Unfortunately, such misunderstanding and overestimation of tokenization is very common perception.
Prepaid bitcoin cards
You can send your virtual PayPal dollars and in exchange get a physical piece of plastic with bitcoin private and public keys. It can be a good gift idea for next bitcoin presentation! Note that you pay for both shipment an888id activation. Sounds like another line of service provider business is building up around bitcoin network, in addition to multiple exchanges, wallets, payment processing, mining pools, etc.
How do I use my card?
Interesting opinion on application of Beacons technology in retail. I would agree.
if it’s not executed properly, it could be interpreted as a violation of privacy
it’s highly untested, and improper execution could do more harm than good.
beacons border “on the edge of cool and creepy”