Categories ArchivesPayments

More EMV Bypass Fun standard

So I’m sitting here in San Diego, which we all know is German for… never mind. As I pay for my lunch, I present my chip card and there is some kind of error. I know I entered my PIN correctly, but it immediately came back as failed. The bartender taught me a neat trick that I am sure we all need to be aware of as people capture magstripes and write them to new cards. “Oh, no problem on bypassing that. Just turn the card around and insert it, it will fail, and you can swipe!” The Verifone VX-675 terminal this place used detected that a card was inserted without a valid chip read, and immediately told me to ...

Continue Reading

Does Income Matter for Awareness? standard

Here’s another visualization to consider based on demographical data generated from my Consumer Attitudes Toward Breaches research (sponsored by MAC). Did income levels matter in breach awareness? It appears to have mattered, yes, but not in the way you might expect. Below is a graph that shows how consumers reported their awareness of breaches as separated by income level. When we add weights to our responses to make sure we are comparing apples to apples. What’s interesting here is that the smallest two and largest two income levels were the most aware of the breaches, while the middle three were much less aware. Do lower income segments watch their dollars more closely? Are higher income segments more likely to be ...

Continue Reading

Gender Differences in Breach Awareness standard

Over the next few posts, I’m going to show you a few more visualizations that didn’t make it in my Consumer Attitudes Toward Breaches report (sponsored by MAC). Most were omitted for brevity as they didn’t add anything material to the content already presented. Below is a graph that shows how consumers reported their awareness of breaches as separated by gender—pink for female, baby blue for male. What made this interesting to me was that even though males were generally more aware of breaches than females, but the two breaches where females were more aware (Michael’s and Target) seem to target that demographic. The respondents split the gender line at almost 50/50 (11 more females responded than males of the 1031 responses). ...

Continue Reading

Consumer’s Attitudes on Breaches? Meh. standard

Fear, uncertainty, and doubt… three very dirty words when pushing products at security and IT professionals. Commonly known as FUD, it’s one of the techniques that sales and marketing folks use to create discomfort in their targets. If I can highlight a serious problem to you (and make you think that you have this problem), I might be able to sell you my solution that will make that problem go away. In the information security product space, one of the biggest claims that vendors make is that security breaches impact your brand’s value. I once said that in front of the CFO of a large retail establishment and was quickly called out for making such a general statement (he called ...

Continue Reading

Will EMV Drive Sales to Amazon? standard

Retail and financial computer networks have almost frozen for 2015, and businesses big and small are gearing up for what will no doubt be an interesting holiday season. Does EMV chip dipping, which is not nearly as awesome as guacamole chip dipping, drive transaction times up and make lines longer for retailers? Do we see more physically abandoned shopping carts as more turn to online retailers to effortlessly complete their transactions and get back to Netflix and chilling? Let’s focus on the transaction times for a moment. Retailers with inefficient implementations of EMV terminals may end up suffering from added labor costs. In order to keep people moving through their lines, more registers will need to be open, which means ...

Continue Reading

The Cost of EMV Re-Issuance standard

It’s nearly November, and many of us in the payments space are still reeling from EMV. Nothing like waiting until the last minute to convert, right? One of the topics that has not been covered as much from a breach perspective is the consideration of the cost of re-issuance in a post-EMV world. Graves, Acquisti, and Christin (2014) published a working paper discussing some of the challenges that issuers face when it comes to the decision of re-issuance. Through their analysis they suggest investing in analytics to only re-issue when fraud losses begin occurring on lost cards. When a payment card is known to be included in a card dump from a breached merchant, issuers have a choice to make. Should they ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!