“Cyberschizophrenia” in the US Government

US SchIn the last few days, the US Government both mandated and rejected the same method of cybersecurity.

It’s called Second Factor Authentication, specifically a One Time Passcode (OTP) sent by Short Message Service (SMS). So, together, its a “SMS OTP,” which is basically what happens when you receive a 4 to 6-digit security code to your  cell phone as a text message after you enter your username and password.  You must enter this security code (ususally) on the same screen where you entered your username and password as an extra factor of security to complete online registration and/or to sign in to an account.  The shorthand for all of this is sometimes referred to as MultiFactor Authentication, or MFA.

First, on July 30, the Social Security Administration (SSA) mandated the use of MFA:

We take our responsibility very seriously and, with that commitment, have always provided my Social Security account holders with the option of an extra layer of security: to receive a security code via a cell phone text message to complete online registration and every sign in. This type of process—requiring more than a username and password to access information—is referred to as multifactor authentication, or MFA.

On July 30, 2016, we implemented mandatory MFA to comply with Executive Order 13681, which requires federal agencies to provide more secure authentication for their online services. (SOURCE: https://www.ssa.gov/myaccount/MoreInformationAboutMFA.html on 8/3/2016)

Of course, since a few  Americans have a Continue reading

New Book Released Today With Simple Tips for Everyday Online Security

DIGITAL HABITS Final FRONT ONLYTired of all of the rules that you have to follow everyday just to be online?  The internet was easier once, but now it seems like we spend half of our computer time worrying about hackers, thieves, viruses, and other online traps.

It’s time for a new approach.  It’s time for intuitive, reasonable habits to replace onerous mandatory rules. It is time for simplicity to replace complexity, and for confidence to replace fear.  These habits are behavioral, not technical.  And they are easy, so you can continue to do them on a regular basis.

Most importantly, its time for an easy-to-understand explanation of the online traps that we are all trying to avoid.  It’s like a bear trap in a strip mall – the person who set the trap doesn’t mind that they probably won’t catch many bears because of the volume of people who will be ensnared just because they are passing by.  But if you know where to look, the traps are easy to avoid.

Read this book to avoid common online traps with simple daily habits.

For a free chapter, click here (we will ask for your email address so we can send it to you).  Or, to purchase the book in paperback, or Kindle, click here.  For Apple iBooks, click here.

Second Stagefright Attack (Averted?)


Vulnerability in Picture Files

A serious vulnerability was discovered today with a common picture file type called “Tagged Image File Format, or TIFF.  It is an older type of file, but you probaly have many of then somewhere in your computer right now.  Every now and then, a new way to hack a computer is discovered before any bad guys figure it out. Thankfully, that happened in this case.

The vulnerability was reported yesterday by Tyler Bohan of Cisco Talos.   He said: Continue reading

Seven Myths About New Credit Card Fees

schropfer2.jpgIt’s been called a “Surcharge,” “Swipe Fee,” “Credit Card Fee” “Interchange,” or a “Checkout fee.” Until today, retailers were not allowed to pass these fees on to their customers. If you heard about it in the news, you may have the impression that you will have to pay 4% more for everything starting today. That is a myth, and it is not the only one:

Myth 1: A law creating new credit card fees became effective on January 27, 2013.

No new fees were created today, just the question of who pays those fees. Also, no new laws were created today either. Here is what actually happened:

For over 50 years, retailers have paid fees of about 1.5% to 3% to credit card companies (and others) every time a customer paid with a Visa or MasterCard. Also for the last 50 years, Visa and MasterCard had a rule prohibiting retailers from forcing their customer to pay those ‘checkout’ fees. Visa and MasterCard dropped that rule, effective today.

Why did they do that? Continue reading

Top 8 Features of Square-Starbucks Launch


Starbucks Mobile (Photo Credit: Techhive.com)

Square launched at Starbucks today, and it is an interesting step forward in the world of mobile commerce – not just for Starbucks, but for other Square retailers.

For all of the good and not-so-good features of Square’s new app, remember that it is Square’s “Model T Ford.” They are just getting started in the world of feature-rich apps for consumer use. Also, integration with traditional POS systems is new for Square. Overall, this is a good start that Square will use as a foundation for future development. Here are the eight key elements of Square’s new smartphone app, including its use at Starbucks:

1) IT WORKS: The fact that this system functioned on launch day is remarkable, given Starbucks’s 7,000 stores have been working on this implementation for only three months. There is always the possibility of a major software problem with the product launch on such a large-scale. But, software glitches did not happen with Square & Starbucks. [Do you have information to the contrary? Just comment on this article.]

2) SECURITY AT STARBUCKS: So far, Starbucks is using Continue reading

Over 50 New Mobile Commerce Events

signature on phoneLooking for a sign that the mobile commerce space is growing? Take a look a the swelling number of conferences on our updated calendar of mobile commerce events.

It includes over 50 new events scheduled over the course of the next twelve months. In addition, some events that were rescheduled due to Hurricane Sandy are also included. This includes the NFC Payments USA Conference that has been rescheduled to December 10 and 11 because of the hurricane.

Predicatively, the volume of conferences falls off dramatically after December 11 for the holiday season, but picks back up by late January 2013.

Continue reading

WSJ Reports ISIS Launch Date is October 22, 2012

Wall Street Journal reports ISIS Launch Date will be October 22, 2012

A rumor that has been circulating for several days appears to have been confirmed: the Isis mobile wallet will launch in its two test cities (Austin and Salt Lake City) on Monday October 22, 2012. The rumor received some credibility when the Wall Street Journal reported it today. Also, the twitter account @paywithisis, which is unverified but appears to be legitimate, tweeted this today, “It’s official: We’re launching in Austin and SLC on Oct. 22”

It is important to note that the Isis web site has no press releases regarding an October 22 launch date as of today.

The WSJ article reports the following: Continue reading