Comments
Redefining the US Payment System
Newest First  |  Oldest First  |  Threaded View
KBurger
50%
50%
KBurger,
User Rank: Author
7/10/2014 | 11:03:22 AM
Re: Fragmentation
Interestingly, thanks largely to the Target card breach, the mag strip is finally being discredited in the US. The EMV chip capability that Bruce discusses has been widely used in Europe but has been resisted in the US largely because of the fragmentation everyone in this chain has noted. So it looks like if anything is going to possibly unite banks, merchants & card companies it may be around security -- but probably less because of great insight into consumer needs, and more because no one wants to be the next Target.
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/10/2014 | 9:47:34 AM
Re: Fragmentation
One of the main impediemnets to accomplishing this, is that since the U.S. is such a large country, there are so many competing bank/mobile oeprator interests. In smaller countries, where there's a few big banks that have most of the business, and/or not as many mobile operators present, it's easier to set up mobile payments schemes. 
ChrisMurphy
50%
50%
ChrisMurphy,
User Rank: Apprentice
7/10/2014 | 9:37:56 AM
Re: Fragmentation
We need the smartphone equivalent of the magnetic card strip -- a technology that's universally accepted at point of sale that any financing provider can access. (Though, as long as we're dreaming, lets' make it a wee bit more secure than magnetic card strips.)
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
7/10/2014 | 7:51:57 AM
Re: Fragmentation
That's true — i just went to my local bagel shop and they have a mobile payment option, but I don't really see the utility of setting it up since this is the only place I could use it. They tried to eliminate credit cards in favor of it but it didn't take and so I can still use my card. Universal is good!
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
7/10/2014 | 6:44:11 AM
Fragmentation
There are many options for banks, as you point out, and mobile might be the most obvious one to jump on right now. However, the lack of consensus between banks, mobile network providers, mobile phone makers, retailers and so on creates a huge problem.

Many consumers would love to pay for things by waving their smartphone over a device, or transmitting a payment from their e-wallet of choice. The problem is, however, that without any clear direction from all of the parties in the payments chain, customers don't know what to do. Even if they have an e-wallet, they still need to carry cards for most of the retailers who don't offer any of the new types of payments in their brick and mortar locations.

Do you see any movement (in any direction) that would give customers some guidance? When will banks/retailers/mobile players start to align?


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.