Visa has announced plans to accelerate the migration to EMV contact and contactless chip technology in the United States. "The adoption of dual-interface chip technology will help prepare the U.S. payment infrastructure for the arrival of NFC-based mobile payments by building the necessary infrastructure to accept and process chip transactions that support either a signature or PIN at the point of sale."

"By encouraging investments in EMV contact and contactless chip technology, we will speed up the adoption of mobile payments as well as improve international interoperability and security," said Jim McCarthy, global head of product, Visa Inc. "As NFC mobile payments and other chip-based emerging technologies are poised to take off in the coming years, we are taking steps today to create a commercial framework that will support growth opportunities and create value for all participants in the payment chain."

Confident Technologies has announced 'Confident Multifactor Authentication', a new approach to two-factor authentication that delivers an image-based authentication challenge to users' mobile phones for a more secure out-of-band authentication process.

Confident Multifactor Authentication provides a completely new and highly secure way to protect online businesses and their customers from fraud and Zeus-in-the-Mobile (Zitmo) attacks, by securing the second factor and verifying that it is in fact the legitimate user in possession of the mobile device and not another person who may have stolen the user's phone or is surreptitiously intercepting the authentication text messages.

The Federal Financial Institutions Examination Council (FFIEC) has issued a supplement to the Authentication in an Internet Banking Environment guidance, issued in October 2005. "The purpose of the supplement is to reinforce the risk-management framework described in the original guidance and update the FFIEC member agencies' supervisory expectations regarding customer authentication, layered security, and other controls in the increasingly hostile online environment."

Authentify has announced that it is offering early, limited availability of its Authentify 2CHK™ service. "2CHK (spoken as '2 check') is an always-on transaction authentication service. 2CHK provides consumers with a simple and familiar way to double check their online transactions in real time via a second secure channel on their mobile devices or desktop."

On the wires:

• U.S. Credit Card Delinquencies Fall by More Than 32% Compared to Same Time Last Year
• NetSecure Technologies Introduces Enhanced Endpoint Security Product Suite
• FICO Offers Telrock Mobile Payment Apps to Help Clients Improve Customer Service and Payments
• ACCEL/Exchange Network Sets New Growth Records in 2010
• Authentify Celebrates 10 Years of Providing Phone Based Authentication Services

On the web:

• eMarketer: Mobile Payments Take Hold Around the World
• NPR: Mobile Payments Challenge Credit Cards
• Portals and Rails: Third-party service provider risk and the Unfair and Deceptive Acts and Practices rule
• Square: Square Drops Fixed Component of Swipe Pricing

Headline News is compiled by Glenbrook Partners:

• Aria Systems Raises $20 Million to Help Global 2000 Companies Monetize New Recurring Revenue Streams
• MoreMagic Certified by Western Union as a Mobile Money Transfer Vendor
• As Layaway Grows in Popularity, More Merchants Are Using eLayaway to Manage Their Programs
• New FFIEC Guidelines Likely to Address Root Causes of Online Bank Fraud
• SafetyPay Partners With JetPay to Offer Secure Online Payment Solution
• Nestlé USA Selects Data Impact to Expand Electronic Invoicing and Payments with Its Customers

• Washington Post: Retailers offer financial services to 'unbanked'
• New York Times: Letter to the Editor: Bank Overdraft Rules
• FierceMobileContent: Isis CEO: Mobile payments making 'good progress,' but no specifics yet
• SmartMoney.com: Will That Be Cash, Credit or Phone?
• Fortune: A Twitter Guy Takes on Big Banks
• SPVA Blog: Secure POS Vendor Alliance (SPVA) 2011 Board of Directors

PhoneFactor has announced support for phone-based multi-factor authentication using ISO 8583, the standard protocol that card issuers use to process credit and debit card transactions. By supporting the widely used ISO standard, PhoneFactor claims it can "authenticate card transactions in any channel, including point-of-sale, ATM, and online transactions, through a single technology implementation."

In related news, ValidSoft in the Netherlands announced the commercial availability of its four-factor authentication solution.

Headline News is compiled by Glenbrook Partners:

• Prepay Nation And Lime Announce Strategic Partnership

• FierceMobileContent: Apple Adding Mobile Wallet Services to iPhone and iPad
• CIO.com: Banks May Soon Require New Online Authentication Steps
• San Diego News: BillMyParents Helps Monitor Kids' Credit Card Spending

Headline News is compiled by Glenbrook Partners:

• New Aite Group Report on US Mobile Payments Market
• Moneybookers Group Rebrands to Become 'Skrill'
• Major Retailers Add PhoneFactor to Protect Credit Card Data
• Elavon to Market VeriFone’s PAYware Mobile Solution for iPhone
• UMB Bank to use ACH Alert To Protect Business Accounts from ACH Fraud (PDF)
• New VRL Financial Report on Prepaid in Sub-Saharan Africa
• AllTrust Networks' Check Database Now Available via Web Browser
• Voltage Security and PwC Form Joint Business Relationship for Information Risk Management
• PayPal to Use Axiomatics’ Intelligent Access Management Solution

• MIT Technology Review: When Mobile Phone Payments Go Social

Equifax has announced that it has acquired Anakam. "With the combination of Anakam's Identity Suite and Equifax's eIDverifier, the company will be able to provide a single, integrated platform for two-factor identification as well as no-touch, risk-based identity verification and identity proofing."

The UK Payments Council and Accenture have introduced a new modelling tool to help banks and businesses select authentication technologies for secure customer interactions online. "The tool, which can be loaded onto your PC, identifies the best suited authentication option based upon the specified requirements and will help banks and businesses make sense of the sheer variety of customer authentication options on offer." READ MORE »

Gemalto has announced that it has completed the acquisition of Todos AB from investors led by 6AP, a fund belonging to the Swedish National Pension system. Terms of the transaction were not disclosed. Headquartered in Gothenburg, Sweden, and employing 80 people worldwide, Todos AB is a provider of strong authentication solutions for internet banking. READ MORE »

Google, PayPal, Equifax, VeriSign, Verizon, CA, and Booz Allen Hamilton have announced the formation of the Open Identity Exchange (OIX), a non-profit organization they say is "dedicated to building trust in the exchange of online identity credentials across public and private sectors. With initial grants from the OpenID (OIDF) and Information Card Foundation (ICF), OIX has been approved as a trust framework provider by the United States Government to certify online identity management providers to U.S. federal standards for identity assurance." READ MORE »

USAA has announced that it is giving its mobile users "faster, more secure mobile logon access to their banking, insurance and investment accounts through its new quick logon and authentication security software." Instead of a three-step process of username, password and PIN, USAA members will be able to access their accounts through a secure four-digit PIN. To enable the capability in its USAA Mobile App, it has teamed with VeriSign to use VeriSign's Identity Protection Service (VIP) for authentication. READ MORE »

Gemalto has announced that it has acquired Valimo Wireless, a mobile authentication company based in Helsinki, Finland. The terms of the transaction were not disclosed.

According to Gemalto, "Valimo has pioneered the use of two-channel, two-factor authentication based on Public Key Infrastructure (PKI), combining an over the air platform (OTA) with a software client in the SIM to generate a legally binding electronic signature, any time, any place. Valimo enables mobile phone users to securely authenticate themselves, digitally sign documents and confirm legally binding transactions simply by entering a self-chosen passphrase or a PIN code. Valimo Mobile ID solution facilitates secure online banking, mobile payments, governmental services, electronic and mobile commerce, and identity and access rights management for enterprise applications." READ MORE »

Arcot has announced a new EMV authentication solution for cardholders to authenticate "Card Not Present" transactions using their mobile phones. According to the company, the new solution -- ArcotOTP -- lowers the cost of providing EMV authentication and increases the convenience for cardholders on the go. READ MORE »

MasterCard has announced the launch of a solution that harnesses the mobile phone as a form factor for its Chip Authentication Program. According to MasterCard," the initiative focuses on enabling consumers to authenticate their banking and online transactions through their own mobile phone with solutions from three leading industry vendors." READ MORE »

Ten industry leaders — Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi, Privo and Wave Systems — have announced "they will support the first pilot programs designed for the American public to engage in open government — government that is transparent, participatory, and collaborative. This open identity initiative is a key step in President Obama's memorandum to make it easy for individuals to register and participate in government websites — without having to create new usernames and passwords. Additionally, members of the public will be able to fully control how much or how little personal information they share with the government at all times."

These companies will act as digital identity providers using OpenID and Information Card technologies. The pilot programs are being conducted by the Center for Information Technology (CIT), National Institutes of Health (NIH), U.S. Department of Health and Human Services (HHS), and related agencies. The participating companies are being certified under non-discriminatory open trust frameworks developed under collaboration between the OpenID Foundation (OIDF) and the Information Card Foundation (ICF) per the federal government Trust Framework Provider Adoption Process. READ MORE »

MasterCard has announced that it has approved personal card readers and authentication servers from four vendors for MasterCard Advanced Authentication for Chip - a new EMV authentication solution that leverages the hundreds of millions of EMV cards already in the wallets of cardholders. According to MasterCard, "banks looking to manage the growing threat of online fraud can today deploy this best-of-breed two-factor authentication solution by working with leading providers to the payments industry: DSSS, Gemalto, Logos and Thales." READ MORE »

Gemalto has announced commercial launch of the Ezio Optical TAN, a unique optical authentication reader for online banking access that is specially designed for the German market. According to the company, "the reader, the size of a credit card, fits in a wallet along with the banking card. Users present the device in front of their computer screen and optical sensors capture the data they would normally enter from the reader keypad to carry out and sign online transactions. No software needs to be installed to use the device." READ MORE »

Acxiom has announced the introduction of a digital identity card as a beta offering for retail merchants, corporations, financial institutions and other organizations that wish to offer a privately branded identity card to their customers.

According to Acxiom, "a digital identity card allows consumers to establish new online accounts and log in to existing accounts with a unique, encrypted identity that is stored on the consumer’s personal computer. This is the digital equivalent of a privately branded identity card that is typically carried in a person’s wallet." READ MORE »

Equifax has announced "a suite of products and industry initiatives to protect consumers' identity online and enhance security for personally identifiable information. Led by Ron Carpinella, vice president of identity management and identity marketing, Equifax's "Identity 2.0" program builds a pipeline of products that make online transactions easier and more secure for consumers and businesses. The Equifax I-Card(TM) and its enhanced authentication offering, eIDverifier(R), are two of the company's initiatives." READ MORE »

VeriSign has announced its VIP Access for Mobile application is now available in the Apple iTunes App Store. The application turns the iPhone into a dynamic VIP one-time-password (OTP) credential that can be used in conjunction with a username and password to strengthen the security of online accounts. See Glenn Fleishman's review on TidBITS. READ MORE »

ThreatMetrix, a on-demand fraud detection company, has announced that it has relocated to the US from Australia where the firm had been based since its inception in 2005. "A pioneer in device identification technology, which is quickly becoming the de facto standard in online fraud detection, ThreatMetrix will operate from Los Altos, California, in the heart of Silicon Valley. The company will continue to maintain research-and-development operations in Australia." READ MORE »

iovation has announced that it "helped eCommerce companies stop more than 3.5 million fraudulent activities in 2008. Using innovative device reputation technology to identify computers that have been associated with fraud or abuse in the past, iovation enables online businesses to proactively block bad transactions before they happen to reduce fraudulent activities and other unwanted behavior across multiple industries." READ MORE »

Gemalto has announced that its Ezio Pocket Reader is "the first fully certified reader made available to the market for MasterCard Advanced Authentication for Chip. The Advanced Authentication for Chip specification allows two-factor authentication on any EMV card already in use, whether or not it has been personalized according to the MasterCard Chip Authentication Program™ (CAP)." READ MORE »

Authentify has announced that HSBC has deployed Authentify’s services to protect online and remote transactions from fraud. According to the company, "HSBC, the world's largest bank by asset size, is using Authentify’s services to automatically authenticate online users attempting certain transaction against HSBC accounts. The out-of-band process requires user or transaction specific details to be entered via telephone, separately from the Internet side of the exchange. The process isolates the authentication from Internet threats making it more difficult to tamper with an account even if armed with compromised identity information." READ MORE »

The Federal Trade Commission has issued a report titled "Security in Numbers - SSNs and ID Theft" recommending five measures to help prevent Social Security numbers from being used for identity theft. Principal among the report’s recommendations is that Congress consider taking action to strengthen the procedures that private-sector organizations use to authenticate their customers’ identities. READ MORE »

Visa has announced that Visa cardholders in Taiwan and mainland China are the first Visa cardholders in the world to be able to use a new mobile phone-based one-time password to authenticate themselves when they use their Visa card for purchases over the internet.

Participating in the new Visa service are Chinatrust Commercial Bank and China Everbright Bank in China. The new service utilizes Verified by Visa, an online authentication tool that provides cardholders an increased level of protection when they shop online. READ MORE »

A recent survey conducted by Unisys finds that "a majority of Americans are comfortable using common biometric technologies for authentication. More than 70 percent of respondents will trust banks and government agencies to ask them for biometric data for identity verification. Additionally, fingerprints nearly tied personal passwords as the primary preferred authentication method, 73 percent to 72 percent, respectively."