Remember my post of last december on an clear retailer action to attack credit-cards and interchang fees? It's now been three months since and the branche organisation for hotels/restaurants (Horeca Nederland) now brings in the boss himself. In what is in spirit and text almost a similar letter, Jeu Claes states in the Financieele Dagblad that credit-cards cost too much. Which goes to show that the retailer strategy is to keep on reminding the public, over and over, on stuff that appeals to the public, but essentially leads to only one thing: lower cost to the retailers themselves.
Which is their good right of course, but it is a bit double-hearted when actually one of the main strategies of Horeca Nederland to attract more members is to offer a serious ,5 % discount on average credit-card fees with major acquirers.
Wednesday, February 28, 2007
Tuesday, February 27, 2007
Equens to trial German-Dutch link between POS-systems
Equens, the former Interpay and TAI, was in the news today. A brief article in De Telegraaf mentions that Equens will hook up the German and Dutch POS-switching services directly, rather than via the international card networks. This is a trial now, but may become market reality later. A number of similar trials from Germany to Italy and Spain are also running.
For Equens this is a logical move as it has German and Dutch banks as its customer and it may want to use a single technology/protocol rather than continue operating two similar ones. But also the Commission and ECB may be happy. The linking of domestic POS-networks, which started out as the Berlin Gruppe, has their warm support (or anything else for that matter which could countervail the 'US-oriented' Visa and Mastercard).
For Equens this is a logical move as it has German and Dutch banks as its customer and it may want to use a single technology/protocol rather than continue operating two similar ones. But also the Commission and ECB may be happy. The linking of domestic POS-networks, which started out as the Berlin Gruppe, has their warm support (or anything else for that matter which could countervail the 'US-oriented' Visa and Mastercard).
Friday, February 23, 2007
And the credit-card enquiries continue...?
US Senator Dodd convened his first hearing as Chair of the Senate Banking Committee in the US and put credit-card practices on the agenda... so it seems enquiries continue and the complex interchange fee discussion once again gets the spotlight.
Thursday, February 22, 2007
Business model behind price of illegally obtaining account data: $400...
This interesting post by Guillaume Lovet, spotted by Ian Grigg, explain the business case for criminals obtaining personal data for bank accounts.
All of the following phishing tools can be acquired very cheaply: a scam letter and scam page in your chosen language, a fresh spam list, a selection of php mailers to spam-out 100,000 mails for six hours, a hacked website for hosting the scam page for a few days, and finally a stolen but valid credit card with which to register a domain name. With all this taken care of, the total costs for sending out 100,000 phishing emails can be as little as $60. This kind of ‘phishing trip’ will uncover at least 20 bank accounts of varying cash balances, giving a ‘market value’ of $200 – $2,000 in e-gold if the details were simply sold to another cybercriminal. The worst-case scenario is a 300% return on the investment, but it could be ten times that.
All of the following phishing tools can be acquired very cheaply: a scam letter and scam page in your chosen language, a fresh spam list, a selection of php mailers to spam-out 100,000 mails for six hours, a hacked website for hosting the scam page for a few days, and finally a stolen but valid credit card with which to register a domain name. With all this taken care of, the total costs for sending out 100,000 phishing emails can be as little as $60. This kind of ‘phishing trip’ will uncover at least 20 bank accounts of varying cash balances, giving a ‘market value’ of $200 – $2,000 in e-gold if the details were simply sold to another cybercriminal. The worst-case scenario is a 300% return on the investment, but it could be ten times that.
Wednesday, February 21, 2007
Ministry of Finance confirms: no difference in execution time between banks and former Postgiro
Our Ministry of Finance was asked in Parliament whether or not the fact that it had moved its payment contract from Rabo to ING/Postbank had resulted in longer execution times. Not a strange question, because since day and age (about 90 years) the execution time of payments between (former) postgiro to banks looked like 2 days while the reverse route could be done in 1 day. This is due to technical booking conventions (when is the beginning of a new booking day....) applied by the different institutions
Yet, the Ministry of Finance now informs Parliament that as of mid 2005/2006, due to changes in the interbank clearing and settlement cycles, the payment execution time from and to former postgiro (ING) and vice versa is equal. Whilst there have been some complaints of companies with the Tax Authority that execution times differed, those companies were unable to delivery any hard proof or information to the Tax Authority, backing those claims.
Yet, the Ministry of Finance now informs Parliament that as of mid 2005/2006, due to changes in the interbank clearing and settlement cycles, the payment execution time from and to former postgiro (ING) and vice versa is equal. Whilst there have been some complaints of companies with the Tax Authority that execution times differed, those companies were unable to delivery any hard proof or information to the Tax Authority, backing those claims.
Tuesday, February 20, 2007
EU to investigate Visa interchange fee...
Payments news picked up quickly on the news that EU Competition Commissioner Neelie Kroes said on Monday her staff would take a close look at some of Visa's business practices and interchange fee next year, when an antitrust exemption for the credit card company runs out. Now that at the end of the year a previous exemption ends, the Commission feels it is time to reconsider its stance. Mastercard is already under investigation by the way.
So, will this the dog really bite?
Perhaps it will and perhaps interchange fees will be re-assessed (or further lowered), but politicians should realize that this sort of gallery play would only lead to more visible price hikes for the consumers. Which will demonstrate to the public that Europe (and pro-active European thinking) will make life more expensive. And I am not sure if that is a message one would like to send out in times of constitutional crisis...
So, will this the dog really bite?
Perhaps it will and perhaps interchange fees will be re-assessed (or further lowered), but politicians should realize that this sort of gallery play would only lead to more visible price hikes for the consumers. Which will demonstrate to the public that Europe (and pro-active European thinking) will make life more expensive. And I am not sure if that is a message one would like to send out in times of constitutional crisis...
Monday, February 19, 2007
Ministry of Finance comforts the public: paper based bill payment (acceptgiro) will not disappear due to SEPA
Today the Ministry of Finance responded to questions in parliament with respect to the possible disappearance of the acceptgiro from the Dutch payments landscape. The Minister of Finance Zalm (who is scheduled to make place next Thursday for Labour Bos, who didn't win the recent elections but got his party into the government anyhow) explains that there are no bank plans to abolish the acceptgiro. Banks will keep the product alive as long as there is demand. Which should be a comfort to the public.
Reason for MP van der Vlies to ask those questions was that one day a newspaper hinted in its headlines at a possible phasing out of the acceptgiro (paper based bill payment). Yet, if anyone would have cared to read the article itself, that would have made a lot of difference. Because in the original article ABN AMRO chief Mol merely explained that Dutch banks introduced a new digital form of acceptgiro, which essentially would make life easier for customers (who now type in the 16-digit identifier of the acceptgiro in their Internetbanking appliaction). Furthermore he explained that the product would coexist for a long time with the paper based acceptgiro.
Still, the media hype was quite impressive. Anyone now googling for the words 'einde acceptgiro in zicht' will get more than 70 hits describing the wrong news. And perhaps that's the most striking element of this incident. The news was actually no news at all. What would be news (and in fact quite worrying) is the speed and carelessness with which the media reacted when covering this 'hot news'. Apparently everone copy-pasted each other, with hardly anyone taking the time and effort to check the facts.
So that's another incident in the books where media try to please the public by striking the 'those evil-banks do nothing in the interest of the customer'-chord once again. It may be actually quite the opposite, but the endurance of the acceptgiro won't be likely to lead to 70 hits in Google....
Reason for MP van der Vlies to ask those questions was that one day a newspaper hinted in its headlines at a possible phasing out of the acceptgiro (paper based bill payment). Yet, if anyone would have cared to read the article itself, that would have made a lot of difference. Because in the original article ABN AMRO chief Mol merely explained that Dutch banks introduced a new digital form of acceptgiro, which essentially would make life easier for customers (who now type in the 16-digit identifier of the acceptgiro in their Internetbanking appliaction). Furthermore he explained that the product would coexist for a long time with the paper based acceptgiro.
Still, the media hype was quite impressive. Anyone now googling for the words 'einde acceptgiro in zicht' will get more than 70 hits describing the wrong news. And perhaps that's the most striking element of this incident. The news was actually no news at all. What would be news (and in fact quite worrying) is the speed and carelessness with which the media reacted when covering this 'hot news'. Apparently everone copy-pasted each other, with hardly anyone taking the time and effort to check the facts.
So that's another incident in the books where media try to please the public by striking the 'those evil-banks do nothing in the interest of the customer'-chord once again. It may be actually quite the opposite, but the endurance of the acceptgiro won't be likely to lead to 70 hits in Google....
Saturday, February 17, 2007
Bunch of skimmers caught by Amsterdam police
De Telegraaf mentioned last week that Amsterdam police caught abunch of skimmers and dismantled their lab. So despite all moves to EMV the skimming danger is still out there.
Friday, February 16, 2007
How the US pays... changing business models
Payments news links to this research report on the way the US population pays:
The Pew survey finds that nearly three-in-ten adults (28%) say the most common way they
take care of their regular monthly bills is by an online or electronic payment. A bare majority (54%) mostly uses checks, and a small minority (15%) mostly uses cash.
The survey also finds that at or near the top of the public’s list of regular expenses are cable or
satellite television service (78% of adults say they pay such bills every month); cell phone service (74%) and internet connections (65%). These information age staples either didn’t exist or were in their infancy a generation ago.
While we already know that payment patterns vary per country, there is an interesting conclusion here. Within one generation a whole generation gets used to new cost items in the household. And all this happens to such an extent that the new items (internet) are deemed to be equivalent to basic household cost; a necessary thing. And, most interesting, no-one complains and all take this new direct pricing business model for granted.
Let's have a look at the Netherlands. Ten years ago there was free internet access (dial-up) for everyone. And now the business model shifted in technology terms to ADSL and in fee-terms to monthly fees of at least 20 euro. And there's no one complaining about the fact that ISPs first hooked up the population to Internet and then started charging for it.
Yet, a similar and far more gradual change in the payments business model (accounts for free in the 1960s, which slowly evolves to a situation of a 30 € a year account fee nowadays) is still part of the collective memory. And banks are almost unable to make any fee move without all the politics and public getting agitated or finding this outrageous. Still, if we were to look at the actual budget items of a household, we find that by choosing an ISP that charges € 3 less per month, a household would be able to cover its direct payment expensesof that whole year.
Shouldn't we conclude that (perceptions of) bank fees are not a matter that lend themselves for rational analysis?
The Pew survey finds that nearly three-in-ten adults (28%) say the most common way they
take care of their regular monthly bills is by an online or electronic payment. A bare majority (54%) mostly uses checks, and a small minority (15%) mostly uses cash.
The survey also finds that at or near the top of the public’s list of regular expenses are cable or
satellite television service (78% of adults say they pay such bills every month); cell phone service (74%) and internet connections (65%). These information age staples either didn’t exist or were in their infancy a generation ago.
While we already know that payment patterns vary per country, there is an interesting conclusion here. Within one generation a whole generation gets used to new cost items in the household. And all this happens to such an extent that the new items (internet) are deemed to be equivalent to basic household cost; a necessary thing. And, most interesting, no-one complains and all take this new direct pricing business model for granted.
Let's have a look at the Netherlands. Ten years ago there was free internet access (dial-up) for everyone. And now the business model shifted in technology terms to ADSL and in fee-terms to monthly fees of at least 20 euro. And there's no one complaining about the fact that ISPs first hooked up the population to Internet and then started charging for it.
Yet, a similar and far more gradual change in the payments business model (accounts for free in the 1960s, which slowly evolves to a situation of a 30 € a year account fee nowadays) is still part of the collective memory. And banks are almost unable to make any fee move without all the politics and public getting agitated or finding this outrageous. Still, if we were to look at the actual budget items of a household, we find that by choosing an ISP that charges € 3 less per month, a household would be able to cover its direct payment expensesof that whole year.
Shouldn't we conclude that (perceptions of) bank fees are not a matter that lend themselves for rational analysis?
Wednesday, February 14, 2007
Nice articles on SEPA at GT-news
I hadn't visited the GT-news site for a while but was pleasantly surprised with a number of good articles on SEPA. The site does require registration but doesn't charge. So those who register may appreciate articles such as:
- SEPA Direct Debit Delay: Time to Review Your SEPA Strategy!
- SEPA: The 2010 Challenge
and read realistic assessments like:
SEPA is only a small step in a long journey. Unless other conditions for doing business within the eurozone, such as tax and legal harmonization, and reducing administrative burdens are met, it will be very difficult to convince clients to convert to the new payment products and achieve the critical mass by 2010.
Hear hear !
- SEPA Direct Debit Delay: Time to Review Your SEPA Strategy!
- SEPA: The 2010 Challenge
and read realistic assessments like:
SEPA is only a small step in a long journey. Unless other conditions for doing business within the eurozone, such as tax and legal harmonization, and reducing administrative burdens are met, it will be very difficult to convince clients to convert to the new payment products and achieve the critical mass by 2010.
Hear hear !
Mobile phone as payment tool at POS and for remittances
GSM announced that the worldwide use of mobile phones for payments at point of sale is the aim of a new initiative announced by the GSM Association (GSMA), the global trade organization for mobile operators. The announcement is a sort of spin-off from the 3GSM conference. During which conference operators also announced their ambitions to be more active in the remittance market: "By exploiting the extensive reach of the mobile networks, the programme will complement existing local remittances channels and make transferring money internationally significantly more affordable. "
And still there are regulators around that claim that the mobile phone is not a payment instrument but merely a communication tool that is only incidentally used for payments...
I always wonder, don't those regulators have kids that spend 50% of their pocket money on payment via mobile phone? And don't they try it out for themselves?
Last week I joined the crowd here in the Netherlands and sent an SMS to vote for X6; a womens group running up in the Dutch X-factor (sort of Idols). Of course I got a response thanking me for the vote, but also another invitation to send in another SMS to increase my odds for winning a free ticket to next weeks' live show.
And then, this sms was again followed up by another quiz-question inviting me to sms the right answer and once again increase my odds. I was quite curious how many questions they had for me. The answer: 5 more questions (and as I flunked one, that meant 6 more SMS's costing 0,60 euro). And only one of those sms-es had a warning: don't sms too much.
So much for my contribution to the more than 1 billion euro revenue for Dutch data services (2006).
And still there are regulators around that claim that the mobile phone is not a payment instrument but merely a communication tool that is only incidentally used for payments...
I always wonder, don't those regulators have kids that spend 50% of their pocket money on payment via mobile phone? And don't they try it out for themselves?
Last week I joined the crowd here in the Netherlands and sent an SMS to vote for X6; a womens group running up in the Dutch X-factor (sort of Idols). Of course I got a response thanking me for the vote, but also another invitation to send in another SMS to increase my odds for winning a free ticket to next weeks' live show.
And then, this sms was again followed up by another quiz-question inviting me to sms the right answer and once again increase my odds. I was quite curious how many questions they had for me. The answer: 5 more questions (and as I flunked one, that meant 6 more SMS's costing 0,60 euro). And only one of those sms-es had a warning: don't sms too much.
So much for my contribution to the more than 1 billion euro revenue for Dutch data services (2006).
EPSO newsletter 46 is out
Monday, February 12, 2007
Russian site (Rabo-phishers) now taken down
Having been out there all weekend, the Russian website is now gone. What's left is the following message in Russian:
"Result of service of inquiry:Incorrectly generated URL Protocol:http Host: NULL Path:/ Probably site required by you does not answer or time of inquiry has expired. Check up correctness of a writing of the address or try to repeat inquiry.
It is not excluded, that the specified domain is absent in a configuration file a web-server."
"Result of service of inquiry:Incorrectly generated URL Protocol:http Host: NULL Path:/ Probably site required by you does not answer or time of inquiry has expired. Check up correctness of a writing of the address or try to repeat inquiry.
It is not excluded, that the specified domain is absent in a configuration file a web-server."
Saturday, February 10, 2007
Rabo subject to phishing attack
Since yesterday afternoon, Rabo informs its customers on the website, that there is a phishing mail running over the Internet. Of course customers are urged not to fall for the trick. Tweakers net notes that the link went to a Russian site (but is already taken down). Yet, when clicking on the fraudulent link I noted that it was up and running again.
So there's still some work to do for the banks this weekend...
So there's still some work to do for the banks this weekend...
And another payment-phone innovation
Paynews reports Visa International and SK Telecom have announced plans to launch "what they expect to be the world's first contactless payment application on a universal SIM card which is personalized over-the-air.
Subscribers will be able to install the Visa Wave contactless payment application directly onto their handsets via OTA without having to visit their bank. The user simply sends a message to the bank requesting the Visa payment application. The bank then sends the application through mobile internet into the secure USIM chip. As the payment application resides on the subscribers' USIM card, they will not be restricted to making payments only from that device. SK Telecom 3G subscribers who wish to change to a new handset need only move the USIM card to the new device.
Subscribers will be able to install the Visa Wave contactless payment application directly onto their handsets via OTA without having to visit their bank. The user simply sends a message to the bank requesting the Visa payment application. The bank then sends the application through mobile internet into the secure USIM chip. As the payment application resides on the subscribers' USIM card, they will not be restricted to making payments only from that device. SK Telecom 3G subscribers who wish to change to a new handset need only move the USIM card to the new device.
IMEVRYWHR: further integration of e-cash and phoning
Dave Birch refers and comments on this article about IMEVRYWHR. A service that integrates payments even further into the mobile phone. The myGlobe IMEVRYWHR provides an integrated mobile environment where users can connect and share through a range of communication, commerce and content tools and is claimed as the first service of its kind in the world.
Wednesday, February 07, 2007
ING Direct joins US-wide Allpoint ATM network
See this article and discover how ING Direct immediately ensures itself of an ATM network in the US which is considerable in size (32.000). Neat move, which keeps costs as low as possible while better serving the increasing customer base.
Tuesday, February 06, 2007
Huge usage/trust/confidence figures for internet-banking
See the website and report of Trendbox (summarizing longitudinal market research) and find out that:
- internet penetration reaches 8 out o 10 in the Netherlands
- the average number of digital devices in the Dutch household is 12 (but customers can only name three),
- while in 2005 about 60 % of the Dutch would do Internet banking, the recent figures show that 71 % of the population does banking via the web,
- 52 % of all people on-line also buy via the web; this was 44 % last year and 25 % in 2003,
- particularly the young have started using the web; this year the usage percentage rose to 74 %,
- comparing goods/services is even more popular than shopping online (which could be the Dutch approach: a lot of looking rather than buying).
So all this suggests that without the Dutch realizing it, we have become very much digital, now trusting nd using the web for all purposes. Most likely we'll be high up in the comparative charts with the Finnish in terms of % of the population that does banking via the web.
- internet penetration reaches 8 out o 10 in the Netherlands
- the average number of digital devices in the Dutch household is 12 (but customers can only name three),
- while in 2005 about 60 % of the Dutch would do Internet banking, the recent figures show that 71 % of the population does banking via the web,
- 52 % of all people on-line also buy via the web; this was 44 % last year and 25 % in 2003,
- particularly the young have started using the web; this year the usage percentage rose to 74 %,
- comparing goods/services is even more popular than shopping online (which could be the Dutch approach: a lot of looking rather than buying).
So all this suggests that without the Dutch realizing it, we have become very much digital, now trusting nd using the web for all purposes. Most likely we'll be high up in the comparative charts with the Finnish in terms of % of the population that does banking via the web.
BBC to show how emv-chip terminals can be manipulated
BBC is about to show an item tonight on skimming from POS-terminals:
Cambridge University researchers said details could be hijacked if a card is put into a doctored payment machine. Details can then be sent wirelessly to accomplices and purchases made using a fake card with those account details.
Both APACS and Currence (the Dutch scheme owner for PIN) were asked for a comment by the media. APACS pointed out that such a scheme requires an in-store accomplice. Dutch Currence, reacted a bit clumsily on similar questions by Planet Multimedia by stating that such methods and/or cases are known but they rather not wish to disclose more details. Implying that there would be much more to it.
Bottom line reality: yes, I can set up a fake shop, I can build a fake terminal and I can assume a fake identity to fraud anyone or anything I like. And yes, there may be risks out there where inside accomplices are part of the fraud. But that does not mean that all shops, passports, payment terminals are untrustworthy. Furthermore, if the unlikely yet possible situation arises of this type of fraud, banks will fully compensate the card owners.
So what's new(s)?
Cambridge University researchers said details could be hijacked if a card is put into a doctored payment machine. Details can then be sent wirelessly to accomplices and purchases made using a fake card with those account details.
Both APACS and Currence (the Dutch scheme owner for PIN) were asked for a comment by the media. APACS pointed out that such a scheme requires an in-store accomplice. Dutch Currence, reacted a bit clumsily on similar questions by Planet Multimedia by stating that such methods and/or cases are known but they rather not wish to disclose more details. Implying that there would be much more to it.
Bottom line reality: yes, I can set up a fake shop, I can build a fake terminal and I can assume a fake identity to fraud anyone or anything I like. And yes, there may be risks out there where inside accomplices are part of the fraud. But that does not mean that all shops, passports, payment terminals are untrustworthy. Furthermore, if the unlikely yet possible situation arises of this type of fraud, banks will fully compensate the card owners.
So what's new(s)?
Sunday, February 04, 2007
Data breach, the next hot thing...
Data breach is the thing to come. While Europeans are concerned about US-police and their insatisfiable hunger for SWIFT-data, the US themselves are worrily looking at the TJMaxx data breach (basically a sloppy shop owner).
It's quite interesting to note the difference. The news in Europe is all about the government that may ue personal data beyond what is necesarry. While the news in the US focuses on the financial effects and fraud as a result of the data breach. It may be just the consequence of the nature of the data breach, but would it not also reflect something of a cultural difference?
In any case, data breach may be the real hot thing of the future. It used to be straightforward card skimming. But as technology develops, the question will become how we can shield payment information and prevent misuse in later transactions in a world of continued diversification of technologies (your account number/name or an ID linked to that will be present on all sorts of devices).
It's quite interesting to note the difference. The news in Europe is all about the government that may ue personal data beyond what is necesarry. While the news in the US focuses on the financial effects and fraud as a result of the data breach. It may be just the consequence of the nature of the data breach, but would it not also reflect something of a cultural difference?
In any case, data breach may be the real hot thing of the future. It used to be straightforward card skimming. But as technology develops, the question will become how we can shield payment information and prevent misuse in later transactions in a world of continued diversification of technologies (your account number/name or an ID linked to that will be present on all sorts of devices).
Saturday, February 03, 2007
Dutch police emulating US-approach in countering criminal actions
In a similar move as the US the Dutch government is now also moving in on gambling sites. Tiscali reports that the department of Justice has sent letters to financial institutions so that they will stop doing business with those gambling sites. Supposedly this would be a violation of the Law on Gaming that we have here.
I get the impression that this is a line of reasoning where the police asks the car sales man to stop selling cars, given that those can be used to speed in traffic, or as a escape-tool for robberies.
Who crosses which line exactly ?
I get the impression that this is a line of reasoning where the police asks the car sales man to stop selling cars, given that those can be used to speed in traffic, or as a escape-tool for robberies.
Who crosses which line exactly ?
Friday, February 02, 2007
Boober.nl: Dutch peer to peer lending via Internet
Boober.nl a peer-to-peer lending service was launched today, according to planet multimedia. Undoubtedly these guys will soon be confronted with supervisors explaining that they either need a license for:
- attracting and loaning deposits,
- operating as an intermediairy
- existing in the first place.
- attracting and loaning deposits,
- operating as an intermediairy
- existing in the first place.
Retail super market tries mobile payments (NFC) with Rabobank and KPN
Continuing proof of the blending of technologies and players is the announcement by C1000, a retail supermarket chain, that it will do an NFC trial with Rabobank and KPN Mobile (see Emerce in Dutch). There will be both a payments and savings/coupons function, using NFC at the counter. The payment back-office underneath isn't clear; it might be a one-off direct debit, but that makes one wonder how the savings/coupons function is going to be managed. We'll know more at the end of 2007.