On the web:

• Trustev Tackles E-Commerce Identity Fraud With An Online Fingerprint Made From Social Signals And More - TechCrunch - "Trustev … has developed a product to tackle online fraud using an algorithmic system of social signals, behavioral data and transaction history…"
• PayPal expands further into stores, but Wal-Mart holds out - Reuters - "PayPal's expansion into brick-and-mortar stores gives the company access to a market that is roughly ten times the size of the online payments sector..."
• Payments Network Dwolla Raises $16.5 Million Series C From Andreessen Horowitz & Others, Expands To San Francisco- TechCrunch - "The legacy payments networks in existence today are bogged down with outdated technology, slowing progress…"
• Payment Services Firm Qiwi Eyes $100 Million In IPO - Investors.com - "Qiwi is a leading provider of next-generation payment services in Russia and the Commonwealth of Independent States."
• RetailNext Raises $15 Million More to Track Your Every In-Store Move - PE Hub - "Our focus is on taking analytics happening online and providing it to physical retailers."
• It's Time for Better Online Authentication Solutions - Portals and Rails (FRB Atlanta) - "Improving authentication techniques and requiring their use are critical to better mitigate online account takeover risks."
• The Elephant in the Payments Room - American Banker - Jon Matonis - "Disruption in the unit of account is the way to disrupt the payments space."
• 4G will boost mobile payment uptake, says MasterCard - V3 - "The rise in 4G networks will help usher in a new wave of innovative mobile payment services for businesses to offer customers…"
• Chase Visa deal and SDWOANAF: where potential and confusion meet - Mobile Payments Today

On the wires:

• The UnionPay Travel Prepaid Card Launched by The Bancorp - "Though the card is targeted to those planning to travel to Asia, the card will be accepted within the US wherever UnionPay cards are accepted."
• ROAM Releases RP350x: World’s First PCI-PTS certified Chip and Signature Mobile Card Reader - "The reader provides a low cost solution for enabling Chip and Sign payment acceptance…"
• VeriFone Enables Channel Partner Success with New EMV-Capable, Portable and Mobile Payment Solutions - "VeriFone is committed to enabling channel partner success in a rapidly evolving market by providing EMV-capable, portable and mobile solutions…"
• TriSource Solutions Introduces First End-to-End Merchant Aggregation Processing Solution During ETA - "The increased functionality of our merchant acquiring platform can get PSPs and PFs up and running in record time…"
• Leaf Announces a Better Way to Sell Merchant Credit Card Processing - "Leaf’s open approach to payments offers a seamless reseller option for our partners to empower their sales teams with a new, competitive solution…"

Over on our Payments Views, Glenbrook's George Peabody shares his observations about the confluence of EMV chip card migration, mobile devices and authentication in the US market.

While EMV injects dynamic data into the payment message (as well as clear text PANs), it is an otherwise mostly static, single purpose platform. Compare that to the mobile device, which combines static data (SIM serial number, etc.) with recognizable configuration profiles for device fingerprinting, context-specific dynamic data such as location plus application-specific PIN or biometric entry. And that all happens before the payment transaction takes place.

The FIDO Alliance today announced several new members - including Google, NXP and CrucialTec as board members, Entersekt and Fingerprint Cards as founding sponsors, and Allweb Technologies, Check2Protect, Crocus Technology, Diamond Fortress Technologies, and Insyndia Global as associate members.

The FIDO Alliance is an industry consortium focused on introducing "the first standards-based open specifications for overcoming password dependency with universal strong authentication."

"We are very pleased to count these outstanding global leaders among the ranks of the FIDO Alliance," said Michael Barrett, FIDO Alliance president and PayPal Chief Information Security Officer (CISO).

"FIDO is compelling to those who can lead and affect change, because the open FIDO specifications promise to restore trust with stronger security that also simplifies the user experience and ensures privacy. By overcoming the limits of proprietary authentication methods, FIDO opens up a vast marketplace for strong authentication where FIDO enabled devices and services interoperate. We encourage all who require secure user authentication, and those who provide various methodologies to join us on a very fast track to FIDO universal strong authentication."

On the web:

• Fed Survey Shows Growth in Mobile Banking, Payments - "Americans are increasingly using their mobile phones to access bank accounts, credit cards, and other financial accounts…"
• Bitcoin Investors Hang On for the Ride - WSJ
• Why Libertarians and gold hoarders love Bitcoins - PandoDaily - "What kind of people use Bitcoins, the digital currency designed by cryptographers to be untraceable?"
• Microsoft Account Gets More Secure - The Official Microsoft Blog - "This release enables optional two-step verification for your entire Microsoft account."
• Amazon Patent Describes A Mobile Payment System That Keeps Transactions Anonymous - TechCrunch - "The patent describes a way to sub in unique identifiers for information like name and email address…"
• Zuora: Faster Time to Commerce? Check Out Our New REST APIs - "Zuora has introduced 22 new REST API calls focused on enabling website commerce integrations."
• Authentication a barrier to online commerce for most people - Computing.co.uk - "Inadequate authentication and the plethora of user names and passwords people need to remember is a rising barrier to online commerce"

On the wires:

• NACHA’s Council for Electronic Billing and Payment to Launch Industry Evaluation of the QR Encoding for Consumer Bill Pay Guidelines - "Industry input is vital as we work to establish a single QR code specification so consumers can easily view and pay bills from a mobile device…"
• First Data Enhances its Vision Payment Solution’s Global Capabilities with VisionPLUS® Flex - "In a single platform, the VisionPLUS Flex solution supports issuing and acquiring of credit, debit, prepaid, consumer and commercial cards for private label, American Express®, JCB, MasterCard® and Visa® global brands, as well as consumer loans."
• American Express Reports First Quarter EPS of $1.15, up 7% From A Year Ago; Revenues and Cardmember Spending Rise, Credit Quality Remains Excellent - "We are off to a strong start in 2013, thanks to our ability to grow revenue in a slow growth economy, control expenses and maintain a strong balance sheet…"
• New Sign-up Process - payleven Opens Doors to Private Individuals in UK - "Today marks a major milestone for payleven on that journey as we have solved two long-standing problems faced by the payments industry- designing a simple, instant signup process and empowering individuals as merchants."
• Toshiba Integrates Isis SmartTap™ into ACE Point-of-Sale - "Integration of Isis SmartTap with the ACE POS platform can fundamentally transform the way consumers and retailers interact at the POS."
• MCX Selects Gemalto for Mobile Commerce Platform - "The initial MCX wallet, which will be primarily barcode and cloud-based, will run on Gemalto’s Allynis Mobile Payment platform."
• Fiserv Makes Real Time Person-to-Person Payments a Reality with Popmoney Instant Payments - "We believe real-time payments are increasingly important to consumers in many day-to-day situations, and that includes sending money to people they know or owe."
• ACI Worldwide Empowers Financial Institutions to Increase Efficiency of Card Issuing and Account Management - "ACI Issuer is designed to help financial institutions lower operating costs with expected reductions in new product development, long-term maintenance and infrastructure costs."
• Western Union Continues to Expand in Mexico - "We see a great opportunity to expand in Mexico through existing and new Agent relationships such as Bancoppel…"

Visa has announced plans to accelerate the migration to EMV contact and contactless chip technology in the United States. "The adoption of dual-interface chip technology will help prepare the U.S. payment infrastructure for the arrival of NFC-based mobile payments by building the necessary infrastructure to accept and process chip transactions that support either a signature or PIN at the point of sale."

"By encouraging investments in EMV contact and contactless chip technology, we will speed up the adoption of mobile payments as well as improve international interoperability and security," said Jim McCarthy, global head of product, Visa Inc. "As NFC mobile payments and other chip-based emerging technologies are poised to take off in the coming years, we are taking steps today to create a commercial framework that will support growth opportunities and create value for all participants in the payment chain."

Confident Technologies has announced 'Confident Multifactor Authentication', a new approach to two-factor authentication that delivers an image-based authentication challenge to users' mobile phones for a more secure out-of-band authentication process.

Confident Multifactor Authentication provides a completely new and highly secure way to protect online businesses and their customers from fraud and Zeus-in-the-Mobile (Zitmo) attacks, by securing the second factor and verifying that it is in fact the legitimate user in possession of the mobile device and not another person who may have stolen the user's phone or is surreptitiously intercepting the authentication text messages.

The Federal Financial Institutions Examination Council (FFIEC) has issued a supplement to the Authentication in an Internet Banking Environment guidance, issued in October 2005. "The purpose of the supplement is to reinforce the risk-management framework described in the original guidance and update the FFIEC member agencies' supervisory expectations regarding customer authentication, layered security, and other controls in the increasingly hostile online environment."

Authentify has announced that it is offering early, limited availability of its Authentify 2CHK™ service. "2CHK (spoken as '2 check') is an always-on transaction authentication service. 2CHK provides consumers with a simple and familiar way to double check their online transactions in real time via a second secure channel on their mobile devices or desktop."

On the wires:

• U.S. Credit Card Delinquencies Fall by More Than 32% Compared to Same Time Last Year
• NetSecure Technologies Introduces Enhanced Endpoint Security Product Suite
• FICO Offers Telrock Mobile Payment Apps to Help Clients Improve Customer Service and Payments
• ACCEL/Exchange Network Sets New Growth Records in 2010
• Authentify Celebrates 10 Years of Providing Phone Based Authentication Services

On the web:

• eMarketer: Mobile Payments Take Hold Around the World
• NPR: Mobile Payments Challenge Credit Cards
• Portals and Rails: Third-party service provider risk and the Unfair and Deceptive Acts and Practices rule
• Square: Square Drops Fixed Component of Swipe Pricing

Headline News is compiled by Glenbrook Partners:

• Aria Systems Raises $20 Million to Help Global 2000 Companies Monetize New Recurring Revenue Streams
• MoreMagic Certified by Western Union as a Mobile Money Transfer Vendor
• As Layaway Grows in Popularity, More Merchants Are Using eLayaway to Manage Their Programs
• New FFIEC Guidelines Likely to Address Root Causes of Online Bank Fraud
• SafetyPay Partners With JetPay to Offer Secure Online Payment Solution
• Nestlé USA Selects Data Impact to Expand Electronic Invoicing and Payments with Its Customers

• Washington Post: Retailers offer financial services to 'unbanked'
• New York Times: Letter to the Editor: Bank Overdraft Rules
• FierceMobileContent: Isis CEO: Mobile payments making 'good progress,' but no specifics yet
• SmartMoney.com: Will That Be Cash, Credit or Phone?
• Fortune: A Twitter Guy Takes on Big Banks
• SPVA Blog: Secure POS Vendor Alliance (SPVA) 2011 Board of Directors

PhoneFactor has announced support for phone-based multi-factor authentication using ISO 8583, the standard protocol that card issuers use to process credit and debit card transactions. By supporting the widely used ISO standard, PhoneFactor claims it can "authenticate card transactions in any channel, including point-of-sale, ATM, and online transactions, through a single technology implementation."

In related news, ValidSoft in the Netherlands announced the commercial availability of its four-factor authentication solution.

Headline News is compiled by Glenbrook Partners:

• Prepay Nation And Lime Announce Strategic Partnership

• FierceMobileContent: Apple Adding Mobile Wallet Services to iPhone and iPad
• CIO.com: Banks May Soon Require New Online Authentication Steps
• San Diego News: BillMyParents Helps Monitor Kids' Credit Card Spending

Headline News is compiled by Glenbrook Partners:

• New Aite Group Report on US Mobile Payments Market
• Moneybookers Group Rebrands to Become 'Skrill'
• Major Retailers Add PhoneFactor to Protect Credit Card Data
• Elavon to Market VeriFone’s PAYware Mobile Solution for iPhone
• UMB Bank to use ACH Alert To Protect Business Accounts from ACH Fraud (PDF)
• New VRL Financial Report on Prepaid in Sub-Saharan Africa
• AllTrust Networks' Check Database Now Available via Web Browser
• Voltage Security and PwC Form Joint Business Relationship for Information Risk Management
• PayPal to Use Axiomatics’ Intelligent Access Management Solution

• MIT Technology Review: When Mobile Phone Payments Go Social

Equifax has announced that it has acquired Anakam. "With the combination of Anakam's Identity Suite and Equifax's eIDverifier, the company will be able to provide a single, integrated platform for two-factor identification as well as no-touch, risk-based identity verification and identity proofing."

The UK Payments Council and Accenture have introduced a new modelling tool to help banks and businesses select authentication technologies for secure customer interactions online. "The tool, which can be loaded onto your PC, identifies the best suited authentication option based upon the specified requirements and will help banks and businesses make sense of the sheer variety of customer authentication options on offer." READ MORE »

Gemalto has announced that it has completed the acquisition of Todos AB from investors led by 6AP, a fund belonging to the Swedish National Pension system. Terms of the transaction were not disclosed. Headquartered in Gothenburg, Sweden, and employing 80 people worldwide, Todos AB is a provider of strong authentication solutions for internet banking. READ MORE »

Google, PayPal, Equifax, VeriSign, Verizon, CA, and Booz Allen Hamilton have announced the formation of the Open Identity Exchange (OIX), a non-profit organization they say is "dedicated to building trust in the exchange of online identity credentials across public and private sectors. With initial grants from the OpenID (OIDF) and Information Card Foundation (ICF), OIX has been approved as a trust framework provider by the United States Government to certify online identity management providers to U.S. federal standards for identity assurance." READ MORE »

USAA has announced that it is giving its mobile users "faster, more secure mobile logon access to their banking, insurance and investment accounts through its new quick logon and authentication security software." Instead of a three-step process of username, password and PIN, USAA members will be able to access their accounts through a secure four-digit PIN. To enable the capability in its USAA Mobile App, it has teamed with VeriSign to use VeriSign's Identity Protection Service (VIP) for authentication. READ MORE »

Gemalto has announced that it has acquired Valimo Wireless, a mobile authentication company based in Helsinki, Finland. The terms of the transaction were not disclosed.

According to Gemalto, "Valimo has pioneered the use of two-channel, two-factor authentication based on Public Key Infrastructure (PKI), combining an over the air platform (OTA) with a software client in the SIM to generate a legally binding electronic signature, any time, any place. Valimo enables mobile phone users to securely authenticate themselves, digitally sign documents and confirm legally binding transactions simply by entering a self-chosen passphrase or a PIN code. Valimo Mobile ID solution facilitates secure online banking, mobile payments, governmental services, electronic and mobile commerce, and identity and access rights management for enterprise applications." READ MORE »

Arcot has announced a new EMV authentication solution for cardholders to authenticate "Card Not Present" transactions using their mobile phones. According to the company, the new solution -- ArcotOTP -- lowers the cost of providing EMV authentication and increases the convenience for cardholders on the go. READ MORE »

MasterCard has announced the launch of a solution that harnesses the mobile phone as a form factor for its Chip Authentication Program. According to MasterCard," the initiative focuses on enabling consumers to authenticate their banking and online transactions through their own mobile phone with solutions from three leading industry vendors." READ MORE »

Ten industry leaders — Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi, Privo and Wave Systems — have announced "they will support the first pilot programs designed for the American public to engage in open government — government that is transparent, participatory, and collaborative. This open identity initiative is a key step in President Obama's memorandum to make it easy for individuals to register and participate in government websites — without having to create new usernames and passwords. Additionally, members of the public will be able to fully control how much or how little personal information they share with the government at all times."

These companies will act as digital identity providers using OpenID and Information Card technologies. The pilot programs are being conducted by the Center for Information Technology (CIT), National Institutes of Health (NIH), U.S. Department of Health and Human Services (HHS), and related agencies. The participating companies are being certified under non-discriminatory open trust frameworks developed under collaboration between the OpenID Foundation (OIDF) and the Information Card Foundation (ICF) per the federal government Trust Framework Provider Adoption Process. READ MORE »

MasterCard has announced that it has approved personal card readers and authentication servers from four vendors for MasterCard Advanced Authentication for Chip - a new EMV authentication solution that leverages the hundreds of millions of EMV cards already in the wallets of cardholders. According to MasterCard, "banks looking to manage the growing threat of online fraud can today deploy this best-of-breed two-factor authentication solution by working with leading providers to the payments industry: DSSS, Gemalto, Logos and Thales." READ MORE »

Gemalto has announced commercial launch of the Ezio Optical TAN, a unique optical authentication reader for online banking access that is specially designed for the German market. According to the company, "the reader, the size of a credit card, fits in a wallet along with the banking card. Users present the device in front of their computer screen and optical sensors capture the data they would normally enter from the reader keypad to carry out and sign online transactions. No software needs to be installed to use the device." READ MORE »

Acxiom has announced the introduction of a digital identity card as a beta offering for retail merchants, corporations, financial institutions and other organizations that wish to offer a privately branded identity card to their customers.

According to Acxiom, "a digital identity card allows consumers to establish new online accounts and log in to existing accounts with a unique, encrypted identity that is stored on the consumer’s personal computer. This is the digital equivalent of a privately branded identity card that is typically carried in a person’s wallet." READ MORE »

Equifax has announced "a suite of products and industry initiatives to protect consumers' identity online and enhance security for personally identifiable information. Led by Ron Carpinella, vice president of identity management and identity marketing, Equifax's "Identity 2.0" program builds a pipeline of products that make online transactions easier and more secure for consumers and businesses. The Equifax I-Card(TM) and its enhanced authentication offering, eIDverifier(R), are two of the company's initiatives." READ MORE »

VeriSign has announced its VIP Access for Mobile application is now available in the Apple iTunes App Store. The application turns the iPhone into a dynamic VIP one-time-password (OTP) credential that can be used in conjunction with a username and password to strengthen the security of online accounts. See Glenn Fleishman's review on TidBITS. READ MORE »

ThreatMetrix, a on-demand fraud detection company, has announced that it has relocated to the US from Australia where the firm had been based since its inception in 2005. "A pioneer in device identification technology, which is quickly becoming the de facto standard in online fraud detection, ThreatMetrix will operate from Los Altos, California, in the heart of Silicon Valley. The company will continue to maintain research-and-development operations in Australia." READ MORE »

iovation has announced that it "helped eCommerce companies stop more than 3.5 million fraudulent activities in 2008. Using innovative device reputation technology to identify computers that have been associated with fraud or abuse in the past, iovation enables online businesses to proactively block bad transactions before they happen to reduce fraudulent activities and other unwanted behavior across multiple industries." READ MORE »

Gemalto has announced that its Ezio Pocket Reader is "the first fully certified reader made available to the market for MasterCard Advanced Authentication for Chip. The Advanced Authentication for Chip specification allows two-factor authentication on any EMV card already in use, whether or not it has been personalized according to the MasterCard Chip Authentication Program™ (CAP)." READ MORE »