by Jim Bruene, BUX Advisors Read the original article on BUX Advisors Website. Star One Credit Union is in an enviable position. Its Sunnyvale location, smack dab in the heart of Silicon Valley, gives the credit union access to [...]
The Web Crypto v.Next Workshop focused on improving secure authentication in the Open Web Platform. We reviewed the possible integration of hardware tokens as well as other forms of authentication, with the aim of being able to replace the password with more phishing-resistant cryptographic credentials. The workshop attracted more than 70 participants, including representatives from major browser vendors, hardware token vendors, mobile phone operators, payment technologists, government eID experts, and other bodies such as GlobalPlatform, SmartCard Alliance, FIDO Alliance, and SIM Alliance.
W3C’s Web Payments Interest Group is gaining momentum in its pursuit of the integration of payments into the Open Web Platform. As part of building understanding security, and the role of the Web, I am organizing a series of interviews on Web payments. In this first interview with Tom Poole and Drew Jacobs of Capital One, and Siva Narendra of Tyfone, we open with the broad question of what the Web needs to facilitate eCommerce.
Consumers use payment cards with merchants in the real world and in the virtual world. The real world, of course, existed before payment cards were invented, and so had to fit within the expectation of merchants transacting based on physical proof of the consumer’s money, be it paper or plastic. These ‘what you have’ factors of authentication are carried by the consumer in his or her physical wallet.
[vc_row][vc_column width="1/1"][vc_column_text]The benefits of a smart card based authentication that utilizes Public Key Infrastructure and additional mechanisms for authentication and verifying higher risk transactions has been outlined in the 2005 Guidance by the FFIEC.[/vc_column_text][/vc_column][/vc_row]
Mobile commerce converges eCommerce with the more traditional and dominant physical world of commerce. This converged world of mobile seems to have a popular “new kid in town”, called Host Card Emulation (HCE). HCE is being promoted for software-based security applications, which continues to proliferate the basic problem of storing sensitive credentials in the Cloud that has been proven time and time again as inadequate.
We are at the threshold of strategic inflection point when it comes to associating one's assigned identities with one's mobile phone.
The mobile banking technology vendor Tyfone Inc. has come up with a way for consumers to install payments capabilities in their phones.
Banks are eager to turn mobile phones into payments devices using near-field communication chips that can make a handset function like a contactless payment card, but only a handful of phones have the technology today.
The mobile channel presents a great opportunity for banks to differentiate themselves, create a market niche, and build a brand.
This may seem too grandiose a strategy to consider, especially for community or midsize banks. But any bank can reap benefits as an early mover into the mobile channel.