PIN Crackers Nab Holy Grail of Bank Card Security | Threat Level from Wired.com
http://blog.wired.com/27bstroke6/2009/04/pins.html
movement in the banking security industry
Hackers are getting our bank security pin codes!
Hackers have crossed into new frontiers by devising sophisticated ways to steal large amounts of personal identification numbers, or PINs, protecting credit and debit cards, says an investigator. The attacks involve both unencrypted PINs and encrypted PINs that attackers have found a way to crack, according to an investigator behind a new report looking at the data breaches.
Some of the attacks involve grabbing unencrypted PINs, while they sit in memory on bank systems during the authorization process. But the most sophisticated attacks involve encrypted PINs. Sartin says the latter attacks involve a device called a hardware security module (HSM), a security appliance that sits on bank networks and on switches through which PIN numbers pass on their way from an ATM or retail cash register to the card issuer. The module is a tamper-resistant device that provides a secure environment for certain functions, such as encryption and decryption, to occur. According to the payment-card industry, or PCI, standards for credit card transaction security, PIN numbers are supposed to be encrypted in transit, which should theoretically protect them if someone intercepts the data. The problem, however, is that a PIN must pass through multiple HSMs across multiple bank networks en route to the customer's bank. These HSMs are configured and managed d
Yves & TWA (comments) say this article has some fact checking issues
According to the payment-card industry, or PCI, standards for credit card transaction security, PIN numbers are supposed to be encrypted in transit, which should theoretically protect them if someone intercepts the data. The problem, however, is that a PIN must pass through multiple HSMs across multiple bank networks en route to the customer's bank. These HSMs are configured and managed differently, some by contractors not directly related to the bank. At every switching point, the PIN must be decrypted, then re-encrypted with the proper key for the next leg in its journey, which is itself encrypted under a master key that is generally stored in the module or in the module's application programming interface, or API.The Banker Who Said No - Forbes.com
Great foresight from the guy who tried to beat the poker pros
While the nation's lenders ran amok during the boom, Andy Beal hoarded his money. Now he's cleaning up - with scant help from Uncle Sam.
Andy Beal, a 56-year-old, poker-playing college dropout, is a one-man toxic-asset eater--without a shred of government assistance. Beal plays his cards patiently. For three long years, from 2004 to 2007, he virtually stopped making or buying loans. While the credit markets were roaring and lenders were raking in billions, Beal shrank his bank's assets because he thought the loans were going to blow up. He cut his staff in half and killed time playing backgammon or racing cars. He took long lunches with friends, carping to them about "stupid loans." His odd behavior puzzled regulators, credit agencies and even his own board. They wondered why he was seemingly shutting the bank down, resisting the huge profits the nation's big banks were making. One director asked him: "Are we a dinosaur?"Yunoo. Wat weet jij over je financiën?
Another personal finance site. The company was not accepted by a Dutch bank as thay are not doing the core business, so they funded a start-up similar to wesabe or buxfer.
quash5 Ways Banks Are Using Social Media
Many banks have started using social websites to help them with everything from healing the financial industry to promoting their latest credit cards. By embracing the most popular tools available, the industry has also been embracing the best of what social media culture has to offer, and smaller, community banks seem to be leading the charge when it comes to social media innovation.FindABetterBank - A free, unbiased tool to compare banks in the US
La revolución también impacta a los mayores organismos de banca multilateral en el planeta. El Banco Mundial ha lanzado un mecanismo para compartir la información económica que ha recolectado durante 50 años, con quien quiera utilizarla para crear aplicaciones en los nuevos entornos webApparent Software blog » Blog Archive » “Is PayPal good for your microISV business?” A short PayPal horror story
If you’re selling anything and use PayPal as your only payment option, I urge you to reconsider. They can cut your oxygen supply right at peak of your success, of course “for your own protection”.Open Source Hardware Hackers Start P2P Bank | Gadget Lab from Wired.com
Getting a business loan in this economy can be more difficult than landing a reservation at French Laundry in Napa, California. Now try selling the loan officer on an open source hardware project where the blueprints will be given away. That's why the hardware hacking community is turning inwards to fund its ideas. Two open source hardware enthusiasts, Justin Huynh and Matt Stack, have started the Open Source Hardware Bank to fund hardware projects such as the microcontroller board pictured above.
an open source peer to peer bank, good coverage of their start
Getting a business loan in this economy can be more difficult than landing a reservation at French Laundry in Napa, California. Now try selling the loan officer on an open source hardware project where the blueprints will be given away. That's why the hardware hacking community is turning inwards to fund its ideas. Two open source hardware enthusiasts, Justin Huynh and Matt Stack, have started the Open Source Hardware Bank to fund hardware projects such as the microcontroller board pictured above.Goldman Sachs Under the Microscope |
A simpler bank that is easy to use. A bank that treats you with respect. No extraneous features. No hidden fees.
Neue Bank ???
via: http://ma.tt/2010/05/banksimple/