Web Vulnerability

San Mateo-based SecurityFocus.com says it was made aware late last week of a number of e-commerce sites with major database holes. Citing a Russian source, SF says all of the sites had security weaknesses that were so blatant that it is conceivable that their data has already been compromised. With a few simple database commands, verified by SecurityFocus.com, almost anyone could get into the site’s databases and extract web content, credit card, credit card owner, passwords, and even company information such as employee records, salaries, social security numbers and personal information. The revelation follows the publicity of the ‘Maxus Credit Card Pipeline’ fraud reported on last week. SF estimates the average cyber criminal could easily compromise 20 to 30 small e-tailor sites in one night, given the current weakness in Internet security.


VisionPLUS 8.0

PaySys International announced Friday the release of ‘VisionPLUS version 8.0’, its integrated credit card management software. ‘VisionPLUS’ combines retail, bankcard, and consumer loan billing and administration in one system. New enhancements in version 8.0 include: field expansion; new statement display options; currency conversion; single customer view; dual currency processing; direct debit payment methods; VISA purchasing card support; delinquent interest control; ability to issue temporary limit increases; cardholder relationship; enhancements; loan processing; and payment hold capability.


Lackluster FUSA

As expected Bank One reported this morning that all of its businesses performed within targeted ranges, except its First USA credit card unit. Total credit card revenue for 4Q/99 was $648 million compared to $907 million for the third quarter. Compared with the year-ago quarter, Bank One’s average commercial and consumer loans increased 10% and 11%, respectively, while FUSA credit card loans grew 4%. The most significant causes of the declining margin were the lower margin on credit card loans, reflecting customer attrition and lower late fees, and modestly higher funding costs. Credit card fee revenue declined $92 million, or 21%, almost entirely due to an $85 million decrease in net securitization gains. There were net maturities of credit card securitizations totaling $1.7 billion in the 1999 fourth quarter. Credit card managed net charge-offs increased to 5.45% in the fourth quarter from 5.33% in the prior quarter, and 4.79% in the year-ago quarter. Delinquency (30+ day) dropped to 4.57% for 4Q/99 compared to 4.74% for 3Q/99, however it was higher than 4Q/98’s 4.47%. At the end of 4Q/99 Bank One/First USA has $69.3 billion in managed card loans and 64.2 million cardholders. Card volume for 4Q/99 was $37.5 billion. For complete details on Bank One/First USA’s 4Q/99 statistics visit CardData ([www.carddata.com][1]).

[1]: http://www.carddata.com


GE Aussie Corp Card

To extend the business travel and purchasing card products and services available to its customers, GE Capital has signed an agreement with Commonwealth Bank of Australia to support large multinational corporations with operations in Australia.

Through the alliance, Commonwealth Bank of Australia will provide Australian Dollar-denominated MasterCard corporate charge cards, statements and other in-country cardholder services. To streamline global program management, GE Capital will serve as the primary contact for corporations taking advantage of the program.

“We have chosen Commonwealth Bank of Australia due to their strong banking network in Australia and their outstanding Business Card track record. This partnership is in line with our alliance strategy to issue cards in local currencies with local cardholder support for our multinational clients,” said Jeffery R. Dye, senior vice president, GE Card Services.

Nick Kennett, Chief Manager Cards at the Commonwealth Bank, said, “The Commonwealth Bank will work closely with GE Capital and its corporate clients to develop mutually beneficial card programs. We will be able to provide considerable expertise throughout the program analysis and implementation phases and thereafter with customer service excellence.”

Commonwealth Bank of Australia will develop the ability to report card transaction data in a format that allows consolidation of global spending data via GE Capital’s Synergy 200O(TM) reporting system. Consolidation of global data allows multinational companies to have a better understanding of how their travel dollars are spent. This data consolidation leads to more effective vendor negotiations and policy compliance, ultimately driving savings to a company’s bottom line.

The Commonwealth agreement is one in a series of alliance agreements reached by GE Card Services. These alliances complement GE Capital’s existing capabilities to issue and support cards denominated in U.S. and Canadian dollars, Euro, Pound Sterling, and Irish Punts.

Commonwealth Bank of Australia has been issuing commercial cards in Australia since 1991, and has achieved over 40 percent annual growth over the last three years. Commonwealth Bank of Australia also manages the largest banking network in Australia, and is Australia’s largest credit card issuer.

GE Card Services develops and markets corporate bankcards designed for medium- and large-sized, multinational companies and organizations. It also creates and operates private label credit card programs for retailers across North America.

GE Capital, with assets of over US$300 billion, is a global, diversified financial services company with 28 specialized businesses. A wholly owned subsidiary of General Electric Company, GE Capital, based in Stamford, Conn., USA, provides equipment management, mid-market and specialized financing, specialty insurance and a variety of consumer services, such as car leasing, home mortgages and credit cards, to businesses and individuals around the world. GE is a diversified manufacturing, technology and services company with operations worldwide.


Cap One Investor Relations Director

Capital One Financial Corporation announced the appointment of Tracy Teal as Director of Investor Relations. In this role, Ms. Teal will be responsible for conducting market research and delivering the company’s strategies and global growth objectives to the financial community. She joins Janet McCabe in reporting to Paul Paquin, Vice President of Investor Relations.

Ms. Teal joined Capital One in 1996 from Coopers & Lybrand. As a CPA, Ms. Teal has structured securitization transactions for compliance with accounting standards and advised business managers and senior management on the impact of new accounting rules and policies. Since April 1999, as Corporate Finance Manager-International, Ms. Teal has supported Capital One’s international expansion by helping to structure joint ventures and alliances to optimize the company’s results.

“Tracy’s experience with our business units and global growth plans is a tremendous asset to our investor relations team,” said Paul Paquin, Capital One’s Vice President of Investor Relations. “We have assembled a team of the best in the business. Tracy is just one example of the power of hiring good people.”

Ms. Teal replaces Julie Rakes in this role. Ms. Rakes, upon her return from maternity leave, will take the lead role in developing the financial management function for the company’s Internet initiatives.

Headquartered in Falls Church, Virginia, Capital One Financial Corporation ([http://www.CapitalOne.com][1]) is a holding company whose principal subsidiaries, Capital One Bank and Capital One, F.S.B., offer consumer lending products. Capital One’s subsidiaries collectively had 20.8 million customers and $18.5 billion in managed loans outstanding as of September 30, 1999, and are among the largest providers of MasterCard and Visa credit cards in the world. Capital One trades on the New York Stock Exchange under the symbol “COF” and is included in the S&P 500 Index. For the second consecutive year, Capital One was named to Fortune’s list of “Best Places to Work.”

[1]: http://www.capitalone.com/


Top Telemarketing Frauds

The National Consumers League yesterday released its 1999 list of the ‘Top Ten Telemarketing Fraud Complaints’. Credit card offers placed #7 on the list and credit card loss protection was ranked #9. The NCL says phony promises of credit cards requiring the payment of fees in advance is the primary credit card compliant. The loss protection complaints centers around the use of scare tactics and misrepresentations to sell unnecessary insurance to cardholders. The top NCL fraud complaint: work-at-home schemes.


Big 3 Responds

Following yesterday’s FTC settlement Trans Union insisted FCRA does not contain any specific standards for telephone service levels. TU says it requires only that national consumer reporting companies include a statement on credit report disclosures sent to consumers that the company has a toll-free number at which personnel are accessible to consumers during normal business hours. TU further insisted the law does not define what constitutes “accessible.” Experian says it has already adopted new service level standards to handle the 1 million calls it receives each month. Equifax also says it has taken steps to improve compliance with FCRA. However, Equifax noted it created the credit reporting industry’s first world-class consumer call center in 1991 and also was the first to provide consumers with toll-free numbers that same year, long before it was addressed by the FCRA.


Big 3 FCRA Sins

The big three, national consumer reporting agencies agreed to pay $2.5 million to settle charges that they each violated provisions of the Fair Credit Reporting Act by failing to maintain a toll-free telephone number at which personnel are accessible to consumers during normal business hours. According to the FTC’s complaints, Equifax, Trans Union and Experian blocked millions of calls from consumers who wanted to discuss the contents and possible errors in their credit reports and kept some of those consumers on hold for unreasonably long periods of time. The FTC also alleges that Equifax and Trans Union blocked certain incoming telephone calls based upon the location of the call, including, but not limited to, area code. Each of the proposed settlements would require that the CRAs maintain a blocked call rate of no greater than 10% and an average hold time of no greater than three minutes and thirty seconds. The CRAs will be required to conduct regular audits to monitor compliance. Under the financial terms of yesterday’s settlement, Equifax has agreed to pay $500,000, and Experian and Trans Union both have agreed to pay $1 million.


MBNA & Pirates Renew

MBNA announced Thursday the renewed endorsement of the Pittsburgh Pirates for MBNA’s credit card services through 2004.

MBNA has the endorsement of 15 Major League Baseball teams with the Pirates’ renewal, and is the Official Credit Card Issuer of Major League Baseball along with more than 130 other baseball related endorsements.

The endorsements of the 15 Major League Baseball teams are an important component of MBNA’s Sports sector, one of MBNA’s fastest growing areas, with more than 550 relationships with sports organizations. Among the endorsements received by MBNA are Major League Baseball, the National Baseball Hall of Fame, the National Football League, the National Hockey League, and the National Association for Stock Car Auto Racing (NASCAR).

MBNA Corporation (NYSE: KRB), a bank holding company and parent of MBNA America, N.A., a national bank, has $72.3 billion in managed loans. MBNA, the largest independent credit card lender in the world, also provides retail deposit, consumer loan, and insurance products.


CardBASE CEPS System

CardBASE Technologies (formerly CSI) and VISA International announce their collaboration in the development of advanced software solutions that will enable VISA member banks to issue multi-application chip cards. The system, based on the recently announced Common Electronic Purse Specifications, will support the Visa Cash electronic purse product. “CEPS is seen by the global smart card industry as being the unifying standard in an industry where there are various proprietary smart card schemes already in existence and is the logical evolution for the rapidly expanding smart card market”.

With CardBASE’s expertise in multi-application chip technology, Visa expects to be in a position to offer its member banks (21,000 world-wide) a competitive solution for issuing multi-application smart cards.

The CEPS product solution is being built on the proven card technology framework of CardBASE, the world-leading, distributed and secure software system which delivers a flexible and scaleable smart card e-commerce solution to member banks. The initial components offered are CardBASE Visa Cash Issuer, Acquirer and Clearing, Settlement and Administration. In addition, CardBASE will deliver a suite of CEPS Internet modules to support merchant payment and value load.

Visa is providing CardBASE with direct technical input into the design phase and will work in tandem through the development, test and certification phases of the project. The multi-application aspect of the developments will include support for the full suite of Visa Smart products including credit, debit and electronic purse. Uniquely, the CardBASE solution will support both CEPS and non-CEPS Visa Cash implementations as well as provide backward compatibility with Visa Cash cards already in circulation today.

Speaking on behalf of CardBASE, Aonghus Geraghty CEO, commented “CardBASE has believed for some time that the adoption by the card payments industry of a global standard for electronic purse would propel products like Visa Cash into a totally new and exciting dimension. The opportunity to further develop our relationship with Visa, the world’s leading organisation in card payments, is very exciting and helps ensure that CardBASE maintains its leadership position in the rapidly developing chip card market. The use of multi-application chip cards for cross-border, multi-currency payments is an area in which CardBASE has developed considerable technical expertise. The software products developed as the output of this joint project, will reflect this level of expertise in the speed, efficiency and scalability of the products.”

Mary Buckley, Senior Vice President, Electronic Purse, Visa International, said: “Our work with CardBASE will help to provide our members with more choice and flexibility when looking to implement a Visa Cash program on a multi-application smart card. By using Visa’s version of the Common Electronic Purse Specifications, CardBASE will provide products whih will be totally interoperable, offering greater convenience and utility to cardholders and strengthening the bank’s customer relationship.”


CardBASE Technologies® (formerly CSI) is a European company serving world markets from offices in Ireland, the United States and Africa. Since its foundation in 1993, CardBASE Technologies has positioned itself at the forefront of eCommerce software solutions, providing innovative smart card management systems for the Internet, Banking, Oil Distribution and Airline Treasury Management.

The CardBASE solution supports Multiple Application Smart Cards, Card Personalisation, Card Management, Transaction Processing and Settlement. CardBASE solutions have been specifically designed to support the Visa International led Common Electronic Purse Specification (CEPS), EMV and emerging Public Key Infrastructure (PKI) standards. CardBASE Technologies web address is [www.cardbase.com][1].


As the “World’s Best Way to Pay,” Visa is the leading payment brand and the largest payment system in the world with more volume than all other major payment cards combined. Visa plays a pivotal role in advancing new payment products and technologies to benefit its 21,000 member financial institutions and their cardholders. Visa has more than 70 smart card programs in 33 countries and on the Internet, with 23 million Visa chip cards, including eight million Visa Cash cards. Visa is pioneering SET Secure Electronic Transaction(tm) programs to enable and advance Internet commerce. There are over 850 million Visa, Visa Electron, Interlink, PLUS and Visa Cash cards, which generate more than US$1.4 trillion in annual volume. Visa-branded cards are accepted at over 17 million worldwide locations, including at more than 500,000 ATMs in the Visa Global ATM Network. Visa International’s web address is [www.visa.com][2].

[1]: http://www.cardbase.com/
[2]: http://www.visa.com/


Gemplus SIM Card

Gemplus and Sonera SmartTrust announced this morning they will enter the market with a ‘GSM SIM’ card, featuring digital signature and Public Key encryption. This is enabled by Sonera SmartTrust technology embedded in the Gemplus SIM card. Mobile operators using this technology with advanced SIM cards will be able to offer their customers a whole new set of secure wireless e-commerce solutions. Analysts predict explosive growth for the mobile device market in the next few years, with most predicting one billion mobile phones in use within the next three to four years.


Casino Cash Biometrics

Patrons may have to show their face to get cash at some casinos. Global Cash Access and Infonox, a Silicon Valley Internet company that develops web-based software for the financial services industry, have entered into an agreement to use Viisage Technology’s patented facial recognition technology in GCA’s new automated cashier machine. GCA’s ‘ACM’ system fully integrates ATM, credit card cash advance, check-cashing, POS debit, Western Union, patron credit markers, and one-to-one marketing opportunities. Infonox develops Internet appliances which provide transaction processing, transaction management and transaction reporting services using its proprietary middleware product, ‘Infonox Active Layer’. GCA and Infonox have also entered into an agreement with Diebold to supply the ‘ACM’ kiosk.