Recent reports about the security of mobile phone payments has raised red flags on the next hot payment channel.  Encryption on GSM calls has already been hacked and various researchers have released findings and tools that might encourage cyber crime.  Well, maybe not exactly the motive, but a GSM encryption codebook – a “how-to” guide to break GSM encryption – has been released by a team of German researchers.  Their goal was not to assist cyber criminals, but to encourage stronger security protocols for mobile technology.  Continue reading "Can You Trust Mobile Phones With Your Money?"

The EMV Standard

In the UK, the migration to EMV technology has reduced fraud in face-to-face transactions since EMV adoption in 2003.  The EMV standard operates with EMV-compliant cards (which have embedded chips instead of magnetic stripes) and EMV-compliant POS terminals.  The chips require a PIN entry for a secure EMV transaction.  The acronym EMV is derived from the initial letters of Europay, MasterCard, and Visa, all of whom cooperated to create the technology standard.  MasterCard merged with Europay in 2002.  JCB and American Express have since joined the organization as well.

EMV is a perfect example of two-factor authentication, where two different factors are required to complete a transaction, and has been referenced as a key solution for secure, fraud-resistant transactions.   Continue reading "Where Are We With Payment Security?"