Entries tagged with “Risk”.


Chances are good the apps you provide your customers as well as the apps you use as a consumer are vulnerable. In the recent State of Application Security Report, Arxan, mobile security experts, surveyed over 1,000 consumers and app security professionals from four countries. One of the most significant insights from the report was the following:

“While the majority of app users and app executives indicate they believe their apps to be secure, nearly all the apps assessed, including popular banking and payment apps and FDA-approved health apps, proved to be vulnerable to at least two of the OWASP Mobile Top 10 Risks.”

Other highlights from the report include:

● Consumers and app executives believe their mobile health and finance apps are secure.
● The majority of mobile health and finance apps contain critical security vulnerabilities.
● The security and safety risks are real and significant.
● Most consumers would change providers if they knew their apps were not secure.

The full State of Application Security Report can be downloaded here.

If your business was lulled into complacency about the incidence of payment fraud, there’s a trend you should be aware of. Between 2009 and 2013 actual and attempted fraud rates slid to 60%, but in the past couple of years have since risen dramatically. Recent research from the Association of Financial Professionals indicates that 73% of companies experienced actual or attempted payment fraud in 2015. That’s up 11% from 2014 and 13% from 2013.

What’s behind these changes? What forces and dynamics are fueling this uptick in payment fraud?

Sophisticated fraudsters - The modern cybercriminal is intelligent, collaborative and connected. This new breed of criminal is often highly educated and works in loosely knit, but highly effective collaborative networks with other expert technologists, intermediaries and in some cases corrupt government agencies. The stereotype of the young, hoody wearing loner in toiling away in the dark basement is no longer relevant. Today’s criminals function more like white collar professionals than the stereotypical IT geek. The level of expertise, the fluid and multidimensional style of attack and the speed at which they work makes the modern cybercriminal a very worthy adversary.

More payment options = more openings – One of the wonderful things about emerging payment technologies is how they have made so many more payment options available. Consumers now have a multitude of choices for completing transactions on mobile devices within a browser, via an app, in a retail location or with a myriad of other options. This creates convenience for consumers, but also creates more opportunities for thieves to find a point of entry.

Offshore threats – A massive proportion of cyberattacks originate outside the United States. The nature of these attacks make them difficult to track, but even when tracked to their source, if that source is in another part of the world there may be very little legal action that can be taken. Every country treats these matters differently, enforcement can be impossible in some situations even when the individuals or groups committing the crimes is very clear.

Soft targets – In many cases we as users are our own worst enemies. Many attacks focus not on penetrating complex, highly-secure environments but instead exploit basic gaps consumers unknowingly leave wide open. Things like social media profiles with limited privacy protection or mobile phone settings that passively broadcast personal information to anyone with the limited knowledge to pick up the signals. Sending sensitive personal information through email, text or other unsecured channels also provides an easy target. Use different, and secure, passwords for different applications and when it comes to handling of any financial information use a trusted, secure, well-established partner.

ProPay has been protecting consumers and businesses for many, many years and understands this new wave of attacks. Be sure you, and your business are protected.

For more information, call 888.227.9856 or email sales@propay.com. Visit www.propay.com.

It’s a constant business struggle, providing a seamless, low friction customer experience while protecting those customers and your business from an ever-changing array of advanced cybercriminals. ProPay® Guardian Cybershieldsm makes it easy to provide the experience and protection your customers and business need.

Sophisticated cybercriminals work hard to “hide in plain site” by disguising their activities as typical transactional activity. ProPay Guardian Cybershield uses the Global Trust Intelligence Network, a massive source of data about trusted and untrusted internet personas to sift through huge volumes of activity and information and differentiate legitimate activity from potential fraud. The Network does all this without creating interference or difficulty for legitimate customers.

ProPay Guardian Cybershield utilizes a suite of differentiated features and technologies that include cookie-less tracking, geo-location, a powerful rules engine as well as data and breach protection solutions. This impressive group of technologies makes it possible to keep up with the rapidly changing tactics of global cybercriminals.

The business value of reducing fraud requires no explanation. No business wants to suffer the financial and reputational damage from security or fraud issues. Beyond the direct impact of fraud, there are other significant expenses. Manual review processes consume valuable human and technology resources and can create frustrating customer experiences which may result in customer losses. Reducing process friction through an automated solution can minimize cost to the business and streamline customer experiences. ProPay Guardian Cybershield can impact these key areas.

Consumer trust and confidence is the foundation for a strong digital customer relationship. ProPay Guardian Cybershield is an intelligent effective way to improve both customer experience and protection from fraud.

For more information visit www.propay.com, email sales@propay.com or call 888.227.9856.

Many cyber security breaches result from the lack of security that credit cards with magnetic strips provide. Since these cards are most common in the U.S., your business has to take steps to protect your financial data.

The alternative to using a magnetic strip is a credit card with an encrypted chip. Yet while these cards are popular in most European countries, they’re not quite as common in the States.

Unfortunately, cards with magnetic strips are more likely to result in security breaches. According to a recent Consumer Reports article, it’s important to secure your financial data to make up for the magnetic strips:

“Contributing to today’s security problem is the fact that the magnetic stripe on payment cards is easily counterfeited. MasterCard claims that the new cards with an encrypted chip (EMV cards) have reduced counterfeiting by 60 to 80 percent. Virtual wallets, such as Apple Pay, Google Wallet, and Softcard, which use your smart phone to make payments, also provide better security than magnetic stripes.”

The problem is that Apple Pay and Google Wallet are relatively new options for consumers. You can’t just expect all your customers to switch to a virtual wallet overnight. Instead, you have to take immediate steps to protect your business from cyber security breaches.

One way to do this is to use a secure payment processor for all credit card transactions. Payment processors come with security features that help protect your financial data. So even if all your customers use credit cards with magnetic strips, your data will be safe.

Until Americans start using cards with encrypted chips, businesses will remain responsible for protecting their financial data. If your company deals with credit cards often, then you should consider buying a new payment processor for added security.

To talk more about cyber security breaches, or anything else, please contact us. Thanks.

A recent security breach of one of the largest American banks was not the result of sophisticated software or malware. Instead, the data breach that exposed the information of 76 million households and 8 million small businesses came down to an overlooked server and insufficient security controls.

Details of an investigation into the hack traced the breach to a neglected server as the hackers’ entry point.

That breach could have been avoided with a relatively simple fix – two-factor authentication. Double authentication requires users to enter a second, one-time password in order to gain access to the system. That second password can be provided by a text message to a phone or another device, such as a key fob.

While breaches of retailers have made headlines and are immediately recognizable to consumers, the latest bank breach should be even more disconcerting. That’s because banks retain more sensitive financial information for their customers and banks are supposed to have more robust security compared to retailers.

To learn how to avoid similar vulnerabilities in your business we invite you to contact us here at ProPay. Our team of experts stays up-to-date on industry news and how to support your business in having the most robust payment processing security system available.