Mobile Payments: Why The Cloud Life is More Insecure

Posted on April 12, 2012 by tyfonepr

4/11/2012 – Guest post written by Siva G. Narendra

Consumers use payment cards with merchants in the real world and in the virtual world. The real world, of course, existed before payment cards were invented, and so had to fit within the expectation of merchants transacting based on physical proof of the consumer’s money, be it paper or plastic. These ‘what you have’ factors of authentication are carried by the consumer in his or her physical wallet.

“The advantage of a mobile wallet is that your information is securely stored, decentralized inside the smartcard chip, released only by your password and readable only by the bank who issued your account. Such decentralized mobile wallets make even the recent major hack on a third party Visa/Mastercard credit card processor highly unlikely. Centralized cloud-based digital wallets, on the other hand, have serious limitations when it comes to minimizing potential massive loss,” points out Yankee Group’s Holland.

“The advantage of a mobile wallet is that your information is securely stored, decentralized inside the smartcard chip, released only by your password and readable only by the bank who issued your account. Such decentralized mobile wallets make even the recent major hack on a third party Visa/Mastercard credit card processor highly unlikely. Centralized cloud-based digital wallets, on the other hand, have serious limitations when it comes to minimizing potential massive loss,” points out Yankee Group’s Holland.

  • A thief will have to steal one Mobile Wallet at a time…vs. a thief can hack the Cloud once to steal millions of “wallets” or accounts (e.g. Zappos).
  • When you lose your Mobile Wallet you will likely notice within 15 minutes vs. You may not know that your data was lost from the Cloud until charges show on your bill, in some cases weeks later.
  • Smartcard security (the same as DoD uses) in Mobile Wallets vs. “Just trust us” security in the Cloud

In contrast, the virtual world was created after payment cards were in use – it was a clean slate in terms of setting merchant-consumer interaction expectations. The virtual world, by choice, was built to not rely on physical proof. Payment proof relied purely on a ‘what you know’ factor of authentication, such as 16-digit card number or username and password that was mapped to one or more card numbers. This mapping is stored in the cloud and it is referred to as the Digital Wallet.

The challenge with the Digital Wallet is that the cloud creates a high concentration of card numbers, producing a perfect target for thieves. These card numbers can be stolen remotely and cloned instantly – all in a single hacking event. Remote stealing of a high concentration of card numbers from physical wallets in the real world is virtually infeasible.

“Criminals will always choose the weakest link. Many digital wallets are coming to market, some from companies with no experience in physical world payments. A well-placed hack on a weak cloud wallet could reap billions of dollars internationally,” says Nick Holland, senior analyst at Yankee Group.

The payment industry dealt with this dramatic risk difference by making the cloud transaction fee (card not present) more expensive than the card present, real world transaction fee – on average 70% more expensive.

That is why, when I read the recent Forbes.com guest article written by Prashanth Ranganathan titled “Mobile Payments: Life Is More Secure In The Cloud,” I could not help but rearrange the title to more accurately reflect reality. Life Is More Secure In The Cloud should be rearranged as The Cloud Life is More Insecure.

It is worth noting that, as per the U.S. census bureau at the end of 2011, online transactions amounted to less than 5% of total transactions. Mobile phones are always online, and unlike your computer, mobile phones are always on you and therefore used for both online (5%) and real world (95%) transactions. Merchants cannot tolerate an increase in fraud or increase in transaction fees in the real world should cloud-based, card not present transaction be the method of choice for Mobile Wallets.

While Ranganathan took one step forward in articulating well that physical Mobile Wallets are not the same as virtual Digital Wallets, he subsequently took two steps back in explaining how centralized storage of accessible information in the cloud is somehow more secure than distributed storage of information inside a secure mobile device. To quote Ranganathan: “A Mobile Wallet refers to when the actual mobile phone becomes the wallet” and “Digital Wallets exist in the cloud…sensitive financial information is stored in the cloud, not on the actual device.” To add some missing pieces of information – in the case of a Mobile Wallet, financial information is stored inside a smartcard chip, akin to what Department of Defense employees use. So it is as secure as it gets – and each consumer carries their information with them, just like the physical wallet of today. Visa and MasterCard have fostered smartcard chip technology globally and recently have set a timeline for merchant adoption completion by 2015 in the U.S., along with merchant incentives for adoption starting in 2012.

With that as background, let us compare the real security of Digital Wallets versus Mobile Wallets by using the “lost my phone” example of Ranganathan. He explains in the case of a Mobile Wallet, if you lose your phone and the thief makes transactions using your phone it would almost be impossible to tell if it was really you. However he fails to mention that in the case of the Digital Wallet, you really don’t even have to lose your phone and a thief can still steal your information from the Cloud to make transactions. So, it would not only be just as impossible to tell if it is really you, worse, you would not even know (at least for some time) that your information has been compromised.

“Hacking one mobile wallet at a time is not lucrative business for thieves compared to hacking accounts by the thousands, or even millions, in one go as is the case with cloud based digital wallets,” adds Holland.

So, in summary, when one compares the physical and distributed Mobile Wallet with the virtual and centralized Digital Wallet we conclude the following:

Cloud based mobile wallets – secure or insecure – you decide

(Original post featured on Forbes.com – http://www.forbes.com/sites/ciocentral/2012/04/11/mobile-payments-why-the-cloud-life-is-more-insecure/)
Did you like this? Share it:
Posted in 2012 | Leave a comment

RTN Federal Credit Union Selects Tyfone to Deliver Next Generation Mobile Banking Services

Posted on March 13, 2012 by tyfonepr

Tyfone’s flexible mobile banking solution will give RTN FCU members improved mobile banking services and provides integrated path to NFC

PORTLAND, Ore. and WALTHAM, Mass.– March 13, 2012 – RTN Federal Credit Union (RTN FCU), serving communities in suburban Boston, Massachusetts, will provide its members a comprehensive suite of mobile wallet services and mobile financial services powered by Tyfone’s next generation mobile banking solution. Tyfone’s mobile banking services will be integrated directly into RTN’s Fiserv hosted XP2 core.

“Our members tell us that mobile banking is a must-have service, and after a thorough review of mobile banking providers, RTN chose Tyfone because of their ability to connect to the XP2 core, allowing us to provide mobile features relevant to their increasingly digital lifestyles,” said Christopher White, Senior Vice President of Operations for RTN. “Tyfone’s mobile banking solution makes it possible for RTN to quickly and painlessly build a high caliber mobile banking service with more features than our largest competitors, and with a roadmap for expanded mobile financial services that will provide even more benefits to our members. Tyfone’s Fiserv core integration also gives RTN the ability to offer unique features right out of the box, such as account aggregation and the ability for our members without online banking to participate in mobile banking.”

Tyfone’s mobile banking platform was designed to increase bank profitability in part to bring banking customers and their financial institutions closer together by making banking possible from any place, any time. This added convenience grows the number of transactions and other activities made by each customer, and makes it easier for financial institutions to keep customers and stem attrition.

Tyfone’s multi-mode next generation mobile banking service leverages the strengths of each mode (SMS, App, mobile Web) for an efficient and intuitive user experience. In addition to standard mobile banking features such as checking balance, account history review, fund transfers, branch and ATM location lookup, customizable alerts, Regulation D counter and bill pay, Tyfone’s next gen mobile banking offers: account aggregation, mobile remote deposit capture (mRDC), iCashe Mobile Wallet and the ability to enroll and customize mobile banking via a mobile device (with no computer or online banking account necessary).

Tyfone integrates with the Fiserv ASP services that RTN FCU subscribes to including the XP2 core, online banking and bill pay services. These services were initially provisioned by Credit Union On-Line, CUOL, which was purchased by Fiserv in 2011.

“RTN is a very technology savvy credit union with a comprehensive mobile strategy,” said Mark Miyamoto, director of mobile banking at Tyfone. “Tyfone makes it possible for RTN to deliver leading edge mobile banking technology to its members while making security and convenience top priorities. With the integration of Tyfone mobile banking, RTN will now be able to offer mobile banking to 100 percent of its client base. RTN benefits by creating a self-servicing member while avoiding the cost of another online banking account. Furthermore, the ability to enroll and manage mobile banking without a computer expands the potential market for mobile banking adoption.”

Tyfone provides a ready-made path to extend mobile financial services to include contactless payments and other branded digital wallet services with additional value realized as the financial ecosystem evolves to accommodate the digital wallet. Tyfone’s fully integrated solution (banking to wallet) enables more features between the two. One example is Tyfone’s recently launched iCashe mobile wallet, which provides a simple way for mobile bankers to purchase and deliver gift cards while generating revenue for the financial institution. Finally, a fully branded solution provides valuable branding with every NFC payment and banking transaction, which is invaluable to financial institutions.

Tyfone Mobile Banking™ is built on top of the company’s u4ia® mobile financial services platform that also enables contactless payments using near field communications (NFC) and strong authentication ID management, providing banks with a multi-faceted roadmap for offering comprehensive digital wallet and payment services.

Banks and credit unions interested in the Tyfone mobile banking platform can get more information by visiting http://www.tyfone.com/product-mobile-banking.html.

Tyfone leads the industry in secure mobile services with its u4ia® software platform, companion hardware including SideTap™ memory card and 40 issued/pending patents. For more information on Tyfone’s patents visit: www.tyfone.com/patents.

About RTN Federal Credit Union

For over 66 years RTN Federal Credit Union has been dedicated to its philosophy of providing members with high quality and personal service. With over 38,000 members and over $700m in assets, RTN is a full service credit union that will help you and your family save money and establish financial security. We offer many low and no cost programs such as online banking, direct deposit, and competitive rates on savings, loans and mortgages as well as lifetime memberships.

About Tyfone

Tyfone connects money and mobility using the industry’s only unified mobile platform for banking, payments and secure identity. Tyfone’s mobile banking solution is the first to provide financial institutions a seamless path to mobile payments with its iCashe™ mobile wallet. iCashe allows banks to generate revenue while providing customers a compelling mobile payment experience on any device both in the store and in the cloud. For more information visit www.tyfone.com.

Tyfone and u4ia are trademarks of Tyfone, Inc. All others names are the property of their respective owners.

# # #

Did you like this? Share it:
Posted in 2012 | Tagged , , , , | Leave a comment

CoVantage Credit Union Deploys Tyfone Mobile Wallet Services to its Members

Posted on February 7, 2012 by tyfonepr

Tyfone’s mobile banking solution brings next generation mobile banking features including mobile banking for non-online bankers and account aggregation to CVCU members

PORTLAND, Ore. and ANTIGO, Wisc.– February 7, 2012

CoVantage Credit Union (CVCU), serving 17 counties in Wisconsin and Michigan, today announced the availability of Tyfone mobile wallet services to its members. CVCU teamed with Tyfone to bring mobile wallet services which include Symitar Episys core integrated mobile banking, enhanced strong ID authentication mobile security and a path to NFC contactless payment technology to its more than 66,000 members.

Tyfone’s multimode mobile banking solution offers a complete range of features delivered to banking customers via mobile application, mobile websites or text messaging. In addition to standard mobile banking features such as checking balance, account history review, fund transfers, branch and ATM location lookup and customizable alerts, Tyfone’s next gen mobile banking offers:

  • Mobile banking for non-online bankers: Most mobile banking solutions are simply an extension of online banking. To ensure all CVCU members can take advantage of mobile banking, a key feature of Tyfone Mobile Banking is its ability to offer mobile banking to 100 percent of a bank or credit union’s customer base, and not limit mobile banking only to those customers subscribed to online banking services. Members can enroll and manage their banking direct from their mobile phone without needing to be an online banking member. CVCU will see additional value by creating a self-servicing member while avoiding the cost of another online banking account.
  • Account aggregation: Another key feature unique to Tyfone’s Episys core integrated mobile banking solution is the ability to aggregate accounts so a user can view and manage multiple accounts with just a single login. This account aggregation feature allows a customer to see multiple CVCU accounts, (i.e., personal, business and jointly held accounts), in a single mobile banking session. While other mobile banking services require a unique login to manage each respective account, Tyfone Mobile Banking enables a more efficient and easier user experience.
  • ORCC Bill Pay: Tyfone’s integration with Online Resource’s (ORCC) bill payment services will give CVCU members the ability to create and manage payees, and schedule and edit bills as needed.
  • Mobile remote deposit capture: CVCU plans to add the mobile remote deposit capture (mRDC) feature to their mobile banking offering in Q2 of 2012. This will allow members to use a mobile phone’s onboard camera to photograph a check and remotely deposit the funds using the mobile banking service.

CoVantage, with 9 branches located throughout north central Wisconsin and upper Michigan, and over $944M in assets, has been ranked among the top credit unions in the nation for the value in services provided to their 64,000 members. CoVantage takes a proactive, yet methodical approach in utilizing technology to enhance the efficiency of its internal operations and member services making it a leading credit union in the Wisconsin and northwest Michigan area.

“CoVantage chose Tyfone because of its unique and innovative vision of the mobile channel which is echoed in its current features as well as its future road map of features including enhanced security and NFC contactless payments. Tyfone’s vision coincides with CoVantage’s long term mobile strategy, making them the natural partner to bring mobile banking to our members,” said Robert Van Abel, CIO of CoVantage. “Tyfone’s Episys core integration gives CVCU the ability to offer unique features such as account aggregation and the ability for non-online bankers to participate in mobile banking, both providing significant value for CoVantage and its members, particularly as our member base ranges from suburban to rural. We strive to make banking easier and more convenient to our entire member base and our partnership with Tyfone helps us deliver on that promise.”

Tyfone Mobile Banking™ is built on top of the company’s u4ia® mobile financial services platform that also enables contactless payments using near field communications (NFC) and strong authentication ID management, providing banks with a multi-faceted roadmap for offering comprehensive digital wallet and payment services.

“By integrating mobile banking with layered security and NFC contactless payments within a single application, Tyfone is enhancing convenience and enabling more mobile money features for CoVantage members. In coming months we will be rolling out even more mobile wallet features including mRDC and NFC contactless payments,” said Mark Miyamoto, director of mobile banking at Tyfone. “Our strategy has been to bring comprehensive and integrated mobile financial services to the market and we are happy to see innovative credit unions like CoVantage select Tyfone to power their mobile initiatives.”

To learn more about Tyfone Mobile Banking visithttp://www.tyfone.com.

About CoVantage Credit Union
CoVantage Credit Union is a $944 million financial institution headquartered in Antigo, Wisconsin. The member-owned financial cooperative serves more than 66,000 members through 10 offices located in central Wisconsin and upper Michigan.

About Tyfone
Founded in 2004, Tyfone’s corporate headquarters are in Portland, Oregon, and its Asia-Pacific headquarters are in Bangalore, India. Tyfone connects money and mobility via a highly secure, scalable and flexible mobile financial services solution tailored to meet the evolving needs of consumers, financial institutions, mobile network operators, transportation companies and retailers. Operating in any standard memory card slot, Tyfone’s u4ia® platform and its companion SideTap™ memory card comprise the world’s first patented, neutral, and comprehensive memory card-based payments solution for mobile contactless payments. Tyfone and its partners enable a suite of services including Mobile Banking, Mobile Identity Management, Mobile Remote Payments, Mobile Retail Services and Mobile Contactless Payments. For more information visit www.tyfone.com.

Tyfone and u4ia are trademarks of Tyfone, Inc. All others names are the property of their respective owners.

Did you like this? Share it:
Posted in 2012 | Tagged , , | Leave a comment

OnPoint Community CU Debuts Tyfone’s iCashe Mobile Wallet

Posted on November 29, 2011 by tyfonepr

By Robert McGarvey

Portland, Ore.-based OnPoint has announced it is the first credit union to offer iCashe Mobile Wallet, an innovative tool created by another Portland organization – technology developer Tyfone – that will let OnPoint mobile banking users purchase gift cards on their smartphones.

The largest credit union in Oregon, OnPoint has more than 226,000 members and assets of $2.9 billion. It has long been a leader in offering mobile banking to members and it partners with Tyfone in delivering those services. That history made the decision to embrace iCashe easy, said Jim Armstrong, an OnPoint senior vice president.

Down the road, OnPoint said it may expand the iCashe offering by drawing upon its ability to power NFC (Near Field Communication) tap-and-pay powers on a smartphone. “Initially the NFC component is what got us excited about iCashe,” said Armstrong. “We see adding that at a later time.”

What is important about iCashe, added Armstrong, is that OnPoint’s out-of-pocket investment in getting the service up has been minimal, and he believes it has the potential to become a significant revenue producer.

“Gift cards are discounted on average 7 to 9%” – meaning a $100 gift card might cost the reseller who offers it $91 – “and so for us everything in iCashe has the potential to be upside,” Armstrong said.

Around 100 national merchants are included in the program, including Barnes & Noble, Fandango and Zappos.com.

Armstrong admitted that with iCashe “we are ahead of our members with this offering.”

That said, however, he added that although the service was launched with very little fanfare, “we were already selling gift cards within the first hour.”

Did you like this? Share it:
Posted in 2011 | Tagged , , , | Leave a comment

OnPoint Community Credit Union Partners with Tyfone to Launch iCashé Mobile Wallet Program

Posted on November 22, 2011 by tyfonepr

New service allows members to purchase and send gift cards with a smart phone

PORTLAND, Ore. – November 22, 2011 – Through a partnership with Portland-based mobile financial services firm Tyfone, OnPoint Community Credit Union today announced the launch of the iCashé Mobile Wallet program. iCashé Mobile Wallet provides OnPoint members with a simple and fun way to purchase gift cards on their mobile phones and send to anyone instantly by text message or email. OnPoint is the first credit union in the nation to offer the iCashé Mobile Wallet program to members.

Gift card recipients can use their cards in-store or online via their smart phone or with a printed copy of the confirmation email. More than 50 national retailers and restaurants are now offering the mobile gift cards for purchase, with local retail options expected to be added in the future. Current participating retailers include, American Airlines, Nike, K-Mart, Land’s End, Barnes & Noble, Overstock.com, REI and more.

“iCashé Mobile Wallet is the latest example of how OnPoint is offering the best technology and convenience services to its members,” said Rob Stuart, OnPoint Community Credit Union president and CEO. “We are happy to have a local company, Tyfone as our partner. Their commitment to providing secure and innovative mobile programs is remarkable.”

More information about Tyfone’s iCashé solution can be found at: www.iCashe.com.

About OnPoint Community Credit Union

OnPoint Community Credit Union is the largest credit union in Oregon, serving more than 226,000 members and with assets of $2.9 billion. Founded in 1932, OnPoint Community Credit Union’s membership is available to anyone who lives or works in one of 13 Oregon (Benton, Clackamas, Columbia, Crook, Deschutes, Jefferson, Lane, Linn, Marion, Multnomah, Polk, Washington and Yamhill) and two Washington counties (Skamania and Clark). More information is available at www.onpointcu.com or 503-228-7077 or 800-527-3932.

About Tyfone
Founded in 2004, Tyfone’s corporate headquarters are in Portland, Oregon, and its Asia-Pacific headquarters are in Bangalore, India. Tyfone connects money and mobility via a highly secure, scalable and flexible mobile financial services solution tailored to meet the evolving needs of consumers, financial institutions, mobile network operators, transportation companies and retailers. Operating in any standard memory card slot, Tyfone’s u4ia® platform and its companion SideTap™ memory card comprise the world’s first patented, neutral, and comprehensive memory card-based payments solution for mobile contactless payments. Tyfone and its partners enable a suite of services including Mobile Banking, Mobile Identity Management, Mobile Remote Payments, Mobile Retail Services and Mobile Contactless Payments. For more information visitwww.tyfone.com.

Tyfone, iCashé, SideSafe, SideTap and u4ia are trademarks of Tyfone, Inc. All others names are the property of their respective owners.

Did you like this? Share it:
Posted in 2011 | Tagged , , | Leave a comment