Certificates & Industry membership Internal Newsletter of ...of smart digital security. MK Smart...

MK World of Cards ©2020 MK Group

Certificates & Industry membership

[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513

Editor-in-chef: Ms. Phan Thi Quynh Hoa – MD of MK Group

Note: All information and images in this internal magazine were collected and edited from various reputed sources by MK Group and used for knowledge-sharing purposes only.

| Email: [email protected]

Internal Newsletter of MK Group

- Issue #50 | March 2020

❖ MK Smart is ready to integrate

CIPURSE application into

contactless smart cards,

compliant to CALYSO standards

❖ Banks, fintech firms promote

cashless payments during

epidemic

❖ Contactless payments tripling

by 2024

❖ 60% of Australians to use

fingerprint payments in five

years

❖ 30 million cards from Wawa

breach turn up for sale on dark

web

❖ EMV doesn’t have to mean a

boost in e-commerce fraud

Headlines

MK WORLD OF CARDS




On 14 February 2020, MK Smart received the certificate of CALYSO

Network Association (CAN) for the 3rd time. With this certificate, MK Smart

continues to use the resources of CNA to develop international

contactless transportation ticketing which is compliant to CALYSO

standards using CALYSO standards’ transport ticketing.

28 January 2020 – Calyso Networks Association (CAA) and OSPT has

anounced their collaboration to drive the adoption of open standards in transport

ticketing. The goal of the cooperation program is to achieve convergence

between their respective open standards - CAPYPSO® và CIPURSE™ -

syplyfing the choice and integration options for public transport operators

(PTOs) while bring time and cost efficiences to the entire transport ticketing

value chain.

Since 2017, MK Smart has been a member of OSTP Alliance and has

successfully integrated CIPURSE application to our smart cards. In addition, MK

Smart is capable to intergrate both CALYPSO and CIPURSE into VCCS chip

cards, EMV cards.

MK Smart is a leading smart card manufacturer in South East Asia with over 17

years of experience in the field of smart card and card solutions with orientation

of smart digital security. MK Smart manufactures and supplies contact,

contactless, dual interface smart cards to finance & banking sector, SIM card for

telecommunication, ID cards for businesses and government ect.

Calyso was bon in 1993 from a partnership between the Paris transit operator

RATP and Innovatron, a company owned by the French smartcard inventor,

Roland Moreno. The key features of the scheme were patented by Innovatron.

Most Eupropena transit operators from Belgium, Germany, France, Italy in the

following years. The fisrt use of the techonology was in 1996. Calypso is the

contactless electronic ticketing standard allows amny smart card manufacturer

to paticipate in transport ticket projects.

MK Smart is ready to integrate CIPURSE application into contactless smart cards,

compliant to CALYSO standards

OSTP Alliance is a member-driven association working to develop and maintain

the CIPURSE ™ Specification, which offers and advanced foundation for

developing highly secure, interoperable and flexible mobility solutions across

multiple use cases. Currently, number of its members are nearing 100 companies

and continue to expand. CIPURSE is now considered the open standard for the

transport ticketing industry, with deployments and projects worldwide./.




Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, today announced

the nShield® Issuance Hardware Security Module (HSM), designed exclusively to help create an integrated

ecosystem for security, simplicity and serviceability for the company’s payment card systems and secure issuance

environments.

Banks, bureaus, payment and identification card issuers manage ever larger volumes of card holder and financial

data. Their challenge is to secure that data, while keeping pace with evolving compliance requirements. Entrust

Datacard will integrate nShield Issuance HSMs to enhance operational efficiency and security for its high-volume

card issuance solutions and instant issuance systems. Building on its acquisition of HSM market leader nCipher

Security, the nShield Issuance HSM enables Entrust Datacard to deliver an end-to-end secure issuance and key

management solution for its financial and government card issuance solutions.

The Entrust Datacard solution supports high transaction rates, making it ideal for high-volume issuance

environments, where throughput and uptime is critical. High cryptographic capacity allows the FIPS 140-2 Level 3

certified nShield Issuance HSM to perform vital functions for financial and identification issuance, including EMV

data preparation, key generation and data protection, while ensuring that it keeps pace with evolving EMV security

standards and key and certificate requirements, such as contactless card profiles.

“Entrust Datacard has pioneered secure card issuance for more than 50 years,” said Dan Good, vice president of

Bureau Solutions at Entrust Datacard. “Integrating the nShield Issuance HSM into our centralized and instant card

issuance solutions is the next step in our mission to provide our customers with the complete solutions, trust and

peace of mind they need.”

Designed exclusively for Entrust Datacard centralized and instant card issuance solutions, the nShield Issuance

HSM features:

• Secure Remote Management – Remote administration kit – featuring an nShield Trusted Verification Device

– facilitates the remote management of the HSM, including firmware updates other maintenance tasks

without having to visit the data center.

• Flexibility – nCipher’s unique Security World architecture is closely integrated with Datacard® Adaptive

Issuance Key Manager Software, ensuring seamless HSM failover and load balancing for maximum program

availability.

• High Serviceability – Each HSM features field-serviceable dual hot-swap power supplies and fan tray, with

spare parts available.

(Entrust Datacard)

Entrust Datacard Creates Integrated Security Ecosystem

for its Secure Issuance Systems with Exclusive Hardware

Security Module (HSM)




Trong năm 2016, các nhà sản xuất thẻ đã sản xuất 6,43 tỷ thẻ thanh toán trên toàn cầu, tăng

3,6% so với năm 2015. Thẻ thanh toán được thống kê bao gồm thẻ trả trước, thẻ tín dụng và

thẻ ghi nợ của MasterCard, Visa, UnionPay và thẻ ATM nội địa; thẻ American Express, Diners

Club, Discover, JCB, RuPay, Maestro; thẻ thanh toán bán lẻ, xăng dầu, y tế, hàng không, đỗ

xe và các loại thẻ thanh toán khác. Sự tăng lên trong sản lượng thẻ EMV đã dẫn đến việc

giảm số lượng thẻ từ được phát hành thời gian.

Trong lĩnh vực Thẻ thanh toán, 8 vị trí dẫn đầu danh sách vẫn không thay đổi so với năm

2015. Tổng số lượng thẻ của 8 “đại gia” này đạt 3,7 tỷ thẻ thanh toán, giảm 9,1% so với năm

2015.

Một trong những điểm nhấn ấn tượng của bản báo cáo lần này chính là MK Smart – thành

viên của MK Group đã được “xướng tên” là một trong những công ty có sự tăng trưởng ấn

tượng trong lượng thẻ sản xuất trong năm 2016 (tăng 58,2 triệu thẻ), tiếp theo đó là Toppan

Printing (tăng 27,5 triệu thẻ), Rosan Finance (tăng 11,7 triệu thẻ).

Theo xếp hạng của Nilson, MK Smart đứng trong TOP 15 về tổng sản lượng thẻ thanh toán

trong năm 2016 với 59 triệu thẻ, vượt qua DZ Card Thái Lan, trở thành nhà sản xuất thẻ lớn

nhất khu vực Đông Nam Á. Ngoài ra, khi xét riêng về thẻ thanh toán thương hiệu Visa và

MasterCard, MK Smart vươn lên vị trí thứ 8 trên bảng xếp hạng. Trong năm 2016, tổng sản

lượng thẻ sản xuất của MK Smart là 167 triệu thẻ với hơn 60% sản lượng được xuất khẩu

sang Nhật Bản và nhiều nước Châu Á, Châu Mỹ La tinh.

Sau 14 năm phát triển, MK Smart đã vươn lên trở thành một trong những cái tên tuổi lớn

trong ngành công nghiệp Thẻ, sánh với những nhà sản xuất thẻ lâu năm tại các quốc gia phát

triển như Gemalto, Oberthur, Giesecke & Devrient, đưa vị thế của Việt Nam trở nên đậm nét

hơn trong bản đồ các quốc gia sản xuất thẻ lớn trên thế giới.

MK Smart được thành lập năm 2003, là thành viên của Tập đoàn MK. Hiện nay MK Smart là

công ty hàng đầu Đông Nam Á trong lĩnh vực sản xuất thẻ thông minh phục vụ ngành viễn

thông (thẻ SIM), tài chính ngân hàng (thẻ từ và thẻ chip), các cơ quan, tổ chức và doanh

nghiệp. MK Smart là công ty Việt Nam duy nhất sở hữu công nghệ và kinh nghiệm về thẻ

chip, sản xuất thẻ SAM, công nghệ mã hóa và bảo mật.

MK Smart sở hữu 2 nhà máy sản xuất thẻ thông minh đặt tại KCN Quang Minh Hà Nội và

Khu Công nghệ cao Tp. HCM với quy mô lớn và hiện đại bậc nhất Việt Nam cũng như trong

khu vực. Với các chứng chỉ sản xuất thẻ tài chính Visa, MasterCard, JCB, Union Pay, MK

Smart được sản xuất thẻ cho các ngân hàng trong nước cũng như trong khu vực Châu Á-

TBD với chất lượng cao, giá cả hợp lý và thời gian giao hàng nhanh nhất.

To prevent the spread of the new strain of coronavirus in Viet Nam, customers are encouraged to adopt

cashless payment methods.

Some banks and fintech firms have taken the opportunity to promote the safety of cashless payments, especially

after news that the People’s Bank of China is using ultraviolet light and high-temperature ovens to disinfect incoming

cash. The bank also started replacing old notes with newly minted bills on February 4.

Nguyen Ba Diep, CEO of Momo, an e-wallet with more than 12 million users, told Viet Nam News: "Tests have

shown cash harbours a wide variety of bacteria which can be transmitted by contact. The coronavirus is spread

through normal contact, so cash is likely to be a risky source."

Diep quoted health experts as saying as 90 per cent of people in Viet Nam use cash, banknotes are sources of

pathogens and pose a threat to public health.

While e–wallets like Moca and Airpay promoted the use of online payments, some banks are following suit and

telling their customers to switch to online transactions while the epidemic continues.

On its Facebook page, SeABank told its customers to use electronic banking to check balances, transfer money

and pay bills instead of going to the bank.

Ocean Bank told its customers to use the #EasyOceanBankMobile if they did not want to go to a branch.

Le Thi Thanh Hang, deputy director of the State Bank of Viet Nam (SBV)'s branch in HCM City, told local media on

February 5 that the SBV has boosted the use of non-cash payments for a long time.

She added that passing from hand to hand, the banknotes were definitely not clean, adding: “It is advisable to

gradually switch to digital payment methods and e-commerce instead of direct exchange with each other using cash

during an outbreak.”

According to banking experts, Viet Nam, with a population of 97 million people, is a great market for fintech firms,

including e-wallets, as more than 80 per cent of the retail market uses cash.

The Department of E-commerce and Digital Economy under the Ministry of Industry and Trade reported an annual

growth of 35 per cent in the local fintech sector while the 'e. Economy SEA 2019' report by Google, Temasek

Holding and Bain & Co said that digital payments in Southeast Asia are expected to cross $1 trillion by 2025,

becoming the payment method for nearly one in two dollars spent in the region.

(Bizhub)

(Hanoitimes)

CENTRAL CARD ISSUANCE SYSTEM

• Specially designed for mid- & high-range

personalization;

• Comprehensive features: smart card/

magnetic stripe encoding, embossing, indent

printing, laser engraving, etc.

• Modular system with flexible choices to meet

specific requirements of each card program;

• Comprehensive warranty – maintenance

service.

Banks, fintech firms promote cashless payments

during epidemic




Juniper Research reports that contactless payments will triple to $6 trillion worldwide by 2024, from about $2 trillion this year, as OEM mobile wallet transactions increase and banks expand the use of contactless cards. The report found that several factors will account for the increase, including the increased use of contactless POS and public transit use in the U.S. and widespread use of mobile wallets in the Chinese market, where billions of customers use smartphone-enabled apps for shopping, funds transfer and other uses. Research analyst Susannah Hampton told Mobile Payments Today that the U.S. market has recently converted most terminals from magnetic stripe to EMV and much of the infrastructure is now in place to accept contactless payments. "Many of the newer EMV enabled point-of-sale terminals in use are compatible with contactless card payments and just require software installation or updates," she said in an email. "The additional transaction time introduced with the transition to EMV is reduced through the use of contactless cards, leading to an improved experience for cardholders." In the U.S. market, contactless transaction values are expected to rise at an even higher rate than the global market, reaching $1.5 trillion by 2024, compared with about $178 billion in 2020. Several major banks in the U.S., including JPMorgan Chase and others, announced plans to convert millions of credit and debit cardholders to cards that are contactless-enabled, which will allow significant increases in contactless use by customers not using smartphone-enabled mobile wallets. Apple Pay is expected to make up about 52% of OEM transaction values by 2024, compared with about 43% in 2020. The launch of Apple Card from Apple and Goldman Sachs is expected to have a significant impact on contactless use, as the service operates through the iPhone which is used by millions of loyal customers worldwide.

(ATMmarketplace)

Contactless payments tripling by 2024




Apple’s mobile wallet is growing very fast and taking a chunk of card payments around the world with it. Apple Pay

accounts for about 5% of global card transactions and is on pace to handle 1-in-10 such payments by 2025,

according to recent trend data compiled by Bernstein, a research firm. “There are indeed plenty of reasons to worry

that Apple may attempt to disrupt the payments ecosystem,” Bernstein analysts wrote in a research note.

As iPhone sales plateau, Apple is manoeuvring into its services division, which includes Apple Pay. The unit

generated $12.7 billion in revenue in the last three months of 2019, a 17% increase from a year earlier. The

company’s payments ambitions have the benefit of a massive cash hoard, years of experience in card transactions,

and a vast customer base consisting of hundreds of millions of iPhone users.

The digital payments race is an immense opportunity, representing about $1 trillion in revenue around world. Visa

and Mastercard process more than $14 trillion of payments each year and are still growing as more transactions

go online, flow through apps, and as consumers in many parts of the world use cash less often.

Apple Pay users store their credit and debit cards on the wallet and use it to make contactless payments with

biometric security through their phone’s NFC tech. In the US, contactless payments are forecast to increase to

$1.5 trillion in 2024, up from $178 billion this year.

Apple CEO Tim Cook is aiming to give the wallet an extra boost by linking it to cash backs through the company’s

credit card. Apple Pay revenue and transactions more than doubled in its last fiscal quarter, Cook said recently in

a conference call with analysts, and the wallet is becoming more widely available for train and bus commuting

around the world, with rollouts in Chinese cities like Shenzhen and Guangzhou coming this spring.

Apple Pay probably won’t pose a challenge to the card giants anytime soon. While the tech company could, in

theory, create its own network that runs outside the card systems, Bernstein argues that Apple still needs the card

networks, which are ubiquitous and trusted. Visa and Mastercard, meanwhile, are used to dealing with partners

(traditionally large card-issuing banks) with the kind of scale that even Apple Pay could muster.

The same may not be true for other wallets. “Apple Pay is indeed one of the long-term competitive threats to

PayPal,” Bernstein analysts note. For now, PayPal has a commanding lead in the world of online checkouts, and

also benefits from network effects that have been building up since the turn of the century. But Apple and PayPal

could end up competing for the same turf in the coming years.

(paymentscardsandmobile)

Apple Pay set to account for 10% of all global card

transactions by 2025?




Ủy ban Quốc phòng và Nội vụ (PDIAC) thuộc Nghị viện Uganda đã yêu cầu Chính phù nước này đầu tư lớn để triển khai

chương trình phát hành hộ chiếu điện tử (ePassport). Theo PDIAC, Uganda sẽ cần phải đầu tư ít nhất 28 tỷ Shilling (khoảng

7,8 triệu USD) để thiết lập cơ sở hạ tầng ban đầu phục vụ hoạt động sản xuất hộ chiếu điện tử. Kinh phí cho toàn bộ dự án

sẽ vào khoảng 100 triệu USD. Dự án phát hành hộ chiếu điện tử, do Cơ quan Quản lý Công dân và Nhập cư Quốc gia của

nước này phụ trách, theo kế hoạch đã phải được triển khai từ tháng 1/2017, tuy nhiên dự án đã không thể thực hiện được

vì lý do thiếu vốn./.

(Security Document World)

Singapore thử nghiệm đăng ký cử tri điện tử bằng thẻ căn cước điện tử Singapore sẽ thử nghiệm hệ thống đăng ký bỏ phiếu mới được liên kết với thẻ căn cước thông minh. Cơ quan Bầu cử

Singapore (ELD) cho biết để đáp ứng yêu cầu của các phương tiện truyền thông, ELD sẽ thử nghiệm hệ thống quét mã vạch

ngay trên thẻ nhận dạng đăng ký quốc gia (NRIC) của các cử tri. ELD khẳng định hệ thống mới sẽ rút ngắn thời gian chờ

đợi cho các cử tri và giảm số lượng nhân viên phục vụ hoạt động đăng ký tại các điểm bầu cử. Theo ELD, cơ quan này dự

định thí điểm công nghệ đăng ký điện tử tại một cuộc bầu cử trong tương lai nhằm kiểm tra thủ tục và thu thập thông tin phản

hồi. ELD hiện vẫn chưa gọi thầu cho dự án thí điểm./.

(Security Document World)

Australia thử nghiệm công nghệ nhận dạng khuôn mặt tại

Đại hội Thể thao Khối Thịnh vượng chung Công nghệ nhận dạng khuôn mặt sẽ được sử dụng trong mạng lưới giao thông công cộng trong thời gian tổ chức Đại hội

Thể thao Khối Thịnh vượng chung 2018 (2018 Commonwealth Games) tại thành phố Gold Coast, bang Queensland, Australia

nhằm ngăn chặn nguy cơ khủng bố tại những khu vực công cộng và địa điểm thi đấu. Hệ thống nhận dạng tinh vi sẽ xác

định khuôn mặt của những kẻ tình nghi trong đám đông trên tàu, xe điện và xe buýt trong suốt 11 ngày diễn ra sự kiện. Hệ

thống này sẽ được kết nối với lực lượng phản ứng nhanh gồm cảnh sát và quân đội nhằm bảo vệ an toàn cho 1,5 triệu khán

giả tham dự sự kiện. 2018 Commonwealth Games sẽ được tổ chức tại thành phố Gold Coast, bang Queensland, Australia

từ ngày 4/4 đến ngày 15/4/2018. Cơ quan Cảnh sát Liên bang Australia chủ động đưa ra sáng kiến này bởi họ tin rằng Gold

Coast sẽ là thành phố hết sức phù hợp để thử nghiệm công nghệ do có được một hệ thống camera giám sát an ninh (CCTV)

chất lượng cao./.

(Planet Biometrics)

Mỹ: CBP kiểm soát xuất cảnh bằng công nghệ sinh trắc tại các sân bay Phó Cục trưởng Cục Hải quan và Biên phòng Mỹ (CBP), John Wagner cho biết cơ quan này sẽ triển khai chương trình kiểm

soát xuất cảnh sinh trắc bắt buộc, giúp xác định danh tính du khách nước ngoài khởi hành tại các sân bay trên lãnh thổ của

nước này. Thông báo trên được đưa ra vài tuần sau khi Bộ An ninh Nội địa Mỹ đưa ra báo cáo ước tính khoảng 629.000 du

khách tới nước này đã lưu lại quá hạn trong năm 2016 do thiếu một hệ thống kiểm soát xuất cảnh sinh trắc đồng bộ tại các

sân bay. CBP sẽ kết hợp hệ thốngnay vớiạng để hoàn thành các mục tiêu đề ra. Tuy nhiên, Phó Cục trưởng CBP thừa nhận

sẽ phát sinh một số vấn đề liên quan đến quyền riêng tư của cá nhân, đặc biệt khi sáng kiến nói trên cũng đề cập tới khả

năng áp dụng công nghệ nhận dạng khuôn mặt để chụp lại hình ảnh của các công dân Mỹ.

(Biometric Update)

Mastercard commissioned Lonergan Research, and surveyed 1,040 Australians to find out what biometric

technology they liked when it came to paying for goods and services.

Fingerprint authentication technology was the most favoured method of biometric payment, with more than

three in five saying they will use it by 2025.

Facial recognition was next, at 45%, retina or iris scan at 45%, and voice recognition at 38%.

Sthaler worked with music festival industry to develop a cashless, card-free payment system that was

available to everyone. The company developed Fingopay, using VeinID technology, in partnership with

Hitachi. Blue Star Capital PLC (LON:BLU) is an investing company with a focus on new technologies. Blue

Star’s investments include a 0.9% holding in Sthaler.

(planetbiometrics)

60% of Australians to use fingerprint payments in five

years




30 million cards from Wawa breach turn up for sale on

dark web

The payment card details of more than 30 million Americans, believed to have been stolen in a data breach

at convenience store chain Wawa, have been put up for sale on the dark web.

Earlier this week, carding forum Joker's Stash put up the details of cards issued by thousands of banks across

the US. The batch, called BIGBADABOOM-III, is from the Wawa breach, according to security experts at

Gemini Advisory.

Wawa revealed in December that malware had been installed on its point-of-sale systems nine months earlier,

affecting all of its 860 convenience stores, 600 of which are also gas stations. The stolen data includes card

numbers, expiration dates, and cardholder names.

According to Gemeni, the Joker's Stash dump involved more than 30 million cards from more than 40 US

states. Cards are being sold for about $17 a piece.

Wawa says that it is aware the card data has surfaced and that it has alerted its payment processor, card

brands, and issuers to "heighten fraud monitoring activities".

(Finextra)




EMV doesn't have to mean a

boost in e-commerce fraud

The growth of e-commerce, m-commerce and remote commerce transactions

is showing no signs of slowing down, nor is fraud.

In 2021, more than 2.14 billion people worldwide are expected to buy goods

and services online, up from 1.32 billion in 2014. The growth of card-not-

present (CNP) transactions has driven a new age of consumer convenience

but in parallel, a new age of fraud.

As EMV chip card adoption gathers momentum, with 76.7% of card-present

transactions being EMV, fraudsters are looking for an easier way in. And the

stats speak for themselves – digital fraud rates now account for 60-70% of all

card fraud in many developed countries. In fact, it was even estimated that the

gains made from savings in card-present fraud were eclipsed in 2018 by the

losses from CNP fraud. This is not only affecting approval rates but also all-

important consumer trust. So, what can be done? EMV 3-D Secure – EMV 3DS

for short – is one solution that’s leading the way in the CNP "catch up."

EMV 3DS is a messaging protocol used to identify and verify cardholders for CNP

transactions. The specification improves communication between the issuing bank, the

acquirer and the merchant. By doing more work "in the background," it’s able to streamline

the user experience, improve approval rates and reduce fraud. These features reduce online

authentication friction.

The first version of the messaging protocol was initiated by Visa and was quickly followed by

other international payment schemes. This was a fragmented and complex solution for the

industry, however. Now, industry body EMVCo has taken ownership and is managing the

evolution of the specifications.

The latest version of the EMV 3DS specifications includes new features to address the pain

points of the old protocol. These improvements aim to deliver consumers a much smoother

experience and keep transactions safe from new techniques employed by fraudsters. Let’s

take a look at the new features and how they can improve the digital retail experience.

One of the new features set to enhance the consumer experience is the support for biometric

technology that consumers have gained access to recently. Many shoppers are now familiar

with a variety of biometric authentication methods, such as facial and fingerprint recognition.

For some it is still a novelty to pay using your face, but this doesn’t mean it’s not a priority;

it’s predicted that we’ll see nearly 90% of businesses using it by 2020.




Another feature that has been added to the latest version of EMV 3DS is the

support for new use cases, including identification and verification applications,

as well as payments. While these use cases are still being explored and defined,

they could include features such as adding a new payment card to a mobile wallet

and opening a new account online. And it’s not just consumer use cases that are

being explored. In the future, EMV 3DS could even be used by governments to

authenticate citizens.

Simplifying alignment with regulatory requirements is another major bonus of

EMV 3DS, especially with an increasing number of countries mandating

multifactor authentication in CNP environments. Take Europe’s PSD2 and the

strong customer authentication (SCA) mandates, for example. Implementing EMV

3DS offers banks an opportunity to utilize the same infrastructure to process SCA

as well as EMV 3DS transactions. With more data included in the message

requests, indications such as whether Acquirer SCA or a transactional risk

analysis (TRA) have already been performed, or if a customer utilized a FIDO

authenticator, can simplify the authentication process.

Wherever in the online payments chain you sit, EMV 3DS is a compelling

authentication solution fit for the omnichannel age, especially now that it includes

these new elements. But, as with any major system upgrade, implementation

does not come without its challenges and testing requirements.

Before embarking on an EMV 3DS project – whether an entirely new system or

upgrading a legacy system – there are three key stages of testing to consider:

functional, security and integration with payment schemes.

Understanding what scope of testing falls to each stakeholder and navigating the

three stages quickly and cost-effectively can be a challenge. And it’s here where

support from a reliable testing and consulting expert on EMV 3DS can be

invaluable.

(paymentssource)

EMV doesn't have to mean a boost in e-commerce fraud (cont.)

The act of replacing ineffective static passwords with more complex authenticators is

much more secure and user-friendly. Implementing support for these methods of

authentication can help merchants with their aims to reduce cart abandonment. Twenty-

eight percent of U.S. online shoppers have previously admitted to quitting orders due to

checkout processes being too long or complicated and 17% said that they have

abandoned checkout because they didn’t trust the website with their credit card

information. Therefore, striking the right balance between convenience and security is

fundamental.

The increase of choice isn’t just limited to more authentication options than before.

Another new feature of the latest version of EMV 3DS enables both customers and

merchants to have greater input. Customers will be able to "whitelist" merchants with

their issuer when setting up, say, a recurring purchase. This lets banks know a full

review is not required, reduces customer prompts and can help support banks in risk-

scoring merchants.

By feeding more data elements collected from the shoppers to the issuers, merchants

can further improve the frictionless transaction experience. This increase of choice for

customers, merchants and issuers benefits all parties, as it gives customers an easier

experience and provides valuable customer data that can be used to inform the

development of new services.




Copyright© 2020 by MK Group

www.mkgroup.com.vn | [email protected] | www.facebook.com.vn/mkgroup1999

Hanoi: F11th, TTC Tower, 19 Duy Tan St., Cau Giay Dist. | Tel: (+84-24) 6266 2703

Hochiminh City: F7th, Thien Son Building, 5 Nguyen Gia Thieu St., District 3 | Tel: (+84-28) 3930 5023

Brian Honan, Chủ tịch BH Consulting, Dublin, Cộng hòa Ireland, cho biết trong 8 năm qua, ông đã liên tục đưa ra những

lời kêu gọi khắc phục 5 trường hợp bảo mật yếu kém điển hình lại Hội nghị Tội phạm mạng. Cụ thể là:

Mật khẩu yếu

Thiếu bản vá lỗ hổng

Phần mềm diệt virus lỗi thời

Thiếu sự giám sát

Sử dụng những hệ thống dễ bị tổn thương, chẳng hạn như ColdFusion, Windows XP, WordPress lạc hậu và những hệ

thống tương tự khác. Brian Honan dự báo 5 “căn bệnh mãn tính” nói trên sẽ vẫn tiếp tục hành hạ thế giới bởi vẫn còn

rất nhiều tổ chức tiếp tục sử dụng công nghệ lạc hậu.

3. Thêm nhiều nỗi lo về bảo mật điểm cuối

Một trong vụ việc nghiêm trọng nhất trong năm 2017 là sự bùng phát dữ dội của mã độc tống tiền WannaCry. Theo

Avivah Litan - Phó Chủ tịch và là nhà phân tích cấp cao của Gartner, WannaCry có thể đã bị chặn đứng nếu mọi người

được cung cấp bản vá lỗi. Tuy vậy các tổ chức vẫn phải đối mặt với thách thức từ công tác quản lý bản vá.

“An ninh điểm cuối khác với quản lý công nghệ thông tin. Điều đó có nghĩa là chúng ta luôn dễ dàng triển khai các hệ

thống nhưng sẽ gặp rất nhiều khó khăn khi chuyển đổi hệ thống sang trạng thái ngoại tuyến để tiến hành hoạt động

bảo trì hoặc dành ưu tiên cho những lỗ hổng cần phải vá lại. Và kết quả là có hàng loạt hệ thống tồn tại những điểm

yếu điển hình. Không bất ngờ khi 80% đến 90% mã độc tống tiền đã lợi dụng những lỗi chung này”, Avivah Litan cho

biết.

Để khắc phục tình trạng nói trên, theo Avivah Litan, tất cả các tổ chức cần phải sử dụng phần mềm diệt virus “mới nhất

và tốt nhất” bởi vì các thế hệ mới sẽ có khả năng phát hiện và phản ứng tốt hơn, đặt biệt là những sản phẩm dựa trên

công nghệ điện toán đám mây.

Certificates & Industry membership Internal Newsletter of ...of smart digital security. MK Smart...

Documents

Transcript of Certificates & Industry membership Internal Newsletter of ...of smart digital security. MK Smart...