The European Commission has signed off on new rules that they say will make it more secure for consumers purchasing goods and services from European Union members.

According to a Monday (Nov. 27) report by Reuters, the rules will update the European Union’s payment services law, requiring two security features for online merchants instead of a single password or just credit card details when making a purchase in person. Merchants must be able to accept a password, PIN code, card, mobile phone, iris scan or fingerprint scan. The exemptions for contactless payments of more than 50 euros will remain in place.

In addition, account holders must also give third parties permission to access their data and the new rules prevent FinTechs from obtaining data by using a customer’s security credentials, known as screen scraping. Removing that capability was a nod toward banks that have been bristling at the notion of forcing that customer data to be shared with FinTechs. On the other hand, banks must provide access to FinTechs by adapting the existing customer interface online or by creating a new interface for FinTechs, a win for the FinTech firms.

“These new rules will guide all market players, old and new, to offer better payment services to consumers while ensuring their security,” said Valdis Dombrovskis, European Commission vice president, in a statement.

The new rules will take effect on Jan. 13, with some of the security measures not binding until September 2019. The European Banking Federation shared its thoughts on the new rules in a recent statement.

“At a time when cybersecurity becomes increasingly important, the EU risks introducing a system for online payments that is potentially harmful for bank account holders and the banks that offer these accounts,” the organization said.

The European Commission says that these rules aim to boost eCommerce for all European Union countries, thus fueling growth across its member countries.

The new rules aim to boost eCommerce for all European Union countries and thus fuel growth in the bloc.

– pymnts.com –

Ten percent of U.K. adults (approximately 5 million people) have canceled a payment card within the last year due to attempted cyberfraud, according to a new study.

The current figure represents an increase of a half-million cardholders from 2016, according to the price comparison website comparethemarket.com. The most frequent point at which fraud takes place is during the payment process.

In a survey of 2,000 adults, the price comparison website found not only that accounts are being hacked, but also that significant amounts of money are being stolen from these accounts in many cases.

Of the 37 percent of survey respondents who reported having money stolen from accounts, the average amount taken was 544 pounds (approximately $725).

Despite this, only 12 percent of people whose accounts were hacked in the last 12 months have changed their debit or credit card provider, compared with two-thirds (68 percent) who have not considered, or have no intention of changing accounts.

Comparethemarket said that the regularity of fraud is becoming a worrying trend, as more than one third (35 percent) of those hacked in the last year have been victims of card fraud previously.

(Atmmarketplace)

On 31st October 2017, MK Group was  granted the  license for trading civil cryptography products of Prim’X high-grade encryption solutions for organizations, individuals in the fields of finance, insurance, telecommunication, transportation, education, electricity, communications, construction, petroleum, technology and state agencies.

MK Group was licensed to provide 05 following encryption solutions from Prim’X (France) to civil sectors in Vietnam:
• ZoneCentral protects files and folders wherever they might be. Depends on information infrastructure of organizations, ZoneCentral will encrypt fixed and mobile workstations, file servers with flexible and robust configuration.
For encrypted files, only authorized and identified users have access.

• Cryhod is an anti-theft encryption solution for laptops, which allows encryption of entire disks and/or partitions of all mobile workstation of organizations. The solution allows users to have free choice of authentication method: password or certificate, thereby making it more flexible and easier to deploy.
Cryhod hard disk encryption solution will shield your business from the risk of theft or loss or disclosure of stored information when the laptop is stolen, especially for people travelling a lot.

• ZonePoint is an ideal solution to secure all documents by the encryption of all documents placed in SharePoint libraries and managing the need-to-know. This solution allows companies to manage the security of their documents by specifying an encryption policy for their document libraries on Microsoft SharePoint. In addition, organizations can use SharePoint server on the Cloud without worrying about the risk of data loss.
ZonePoint is the ideal choice for organizations that want to share encrypted data internally or with external partners.

• Zed! is equipped with the ability to encrypt files to ensure security when exchanging files. The advantage of the solution is the capability to transfer entire file structure without the limitations of storage. With different access key formats, Zed! uses the key, either in the form of passwords, agreed upon with a correspondent, or in the form of RSA certificates (certificate files or LDAP directory).
The outstanding feature of Zed! is the password wallet managed by Zed! to assist the sender to create a password for the specific correspondent, in case the sender has no certificate. This makes the deployment of the solution simpler and more convenient.

• ZedMail is developed based on the basis of Zed! file encryption, suitable for all businesses and organizations with the ability to encrypt the body of the messages and any email attachments. The solution is integrated in the corporate email tool automatically and transparently without any impact on the operation of the organizations as well as email experience of users.
ZedMail is also integrated with password wallet so that ZedMail automatically generates a password for specific correspondent and stores it in a secure password wallet that manages for the user in case there are no certificates available for the email recipient.

All Prim’X high-grade encryption solutions are awarded EAL3+ certification and Standard Qualification by the ANSSI (French Network and Information Security Agency) and NATO Restricted and EU Restricted.

With the motto “Encrypt everything, anywhere and always”, Prim’X encryption solutions provide secure and efficient data encryption solution to protect organization’s data against loss, theft, disclosure and economic espionage, whether the user is at the office or on the move.

MK Group is the sole partner in Vietnam, Lao, Cambodia and Myanmar of Prim’X Technologies, the leading provider of software solutions for information system and data encryption in France.

Two years after the EMV deadline for U.S. merchants, Auriemma Consulting Group, a boutique management consulting firm, has identified six notable EMV trends:

1. Counterfeit fraud claims have declined for five consecutive quarters and are down 34 percent from their peak in early 2016.
2. EMV helped trigger a shift from fake cards to fake identities. Synthetic identity fraud was responsible for up to 20 percent of credit losses in 2016, according to Auriemma.
3. While chip fallback volume is low — less than 2 percent of transactions — fraud associated with fallback is on the rise, accounting for 24 percent of total counterfeit fraud and 43 percent of lost-and-stolen fraud in Q2.
4. The decision not to use chip and PIN in the U.S. has contributed to a 25 percent increase in lost-and-stolen fraud claims since the liability shift, which costs major card issuers $50 million annually, on average.
5. The EMV user experience has been panned as slow and confusing, and has triggered calls for contactless and mobile payments. More than half of cardholders believe mobile payments are faster than chip transactions.
6. Knowledge-based authentication is considered increasingly unreliable; more than two-thirds of card issuers now use randomly generated passwords sent to a registered mobile number or email address to validate online and mobile transactions, and many see line and voice biometrics as the next step.

Referring to the rate of its growth and sophistication, Director of Europol Robert Wainwright says cybercrime is becoming a “remorseless” force of nature behind the 4,000 ransomware attacks a day. A force, he noted, that is becoming ever more technologically sophisticated — and thus an ever-larger threat to critical parts of the financial sector.

Criminals on the web, Wainwright says, are no longer lone wolves operating alone — in many cases they are building highly specialized “conglomerations” with organized corporate structures designed to make carrying out attacks on legitimate business more friction-free. Last year, police authorities in several countries arrested a host of criminals groups that had created a “service-based economy” for the rest of the criminal market, such as providing ways to launder money or sell drugs online.

“What really concerns me is the sophistication of the capability, which is becoming good enough to really threaten parts of our critical infrastructure, certainly in the financial, banking sector,” he told Reuters.

And the systems, he noted before alluding to the WannaCry attacks over the summer, are only getting more effective. WannaCry, Wainwright said, changed the dynamic of such attacks by making the attacks bigger, deeper and more extortion-oriented. Why steal by hacking when you can use your hacking skills to get someone to just give you their funds?

“The real threat comes from a sort of exponential, remorseless increase in the scale and significance of cybercriminal capability,” Wainwright said on the sidelines of the Web Summit technology conference in Lisbon.

He further observed that there “seems to be a doubling, or tripling, of one kind of threat or another, in terms of scale.”

The problem, he noted, is that unlike other criminals, cyber criminals can do all their work “in their bedrooms,” making it difficult to find them.

“There is this sort of cybercriminal underworld that’s a lot bigger and smarter and adept than most people think,” Wainwright said. “And, against it, we still have generally low cybersecurity standards.”

– pymnts.com –