security

PhoneSwipe Is a Scam

PhoneSwipe provides an example of how consumers lack protection from online e-commerce scams, thus demonstrating the need for auditable, delivered transaction receipts.

Read More

The Technology of Web Virtualization

Web Virtualization is a cloud technology that sits between you and the internet or your intranet delivering an interesting set of security, compliance and experience enhancing applications.

Read More

Turning Paper Delivery Back On

This week I turned paper delivery back on for T-Mobile and all my credit card statements. I didn’t do this to save the US Postal Service from extinction. I did it because these businesses’ statement ePickup services weren’t delivering an adequate level of service. I call their electronic statement services ePickup because instead of delivering the statements they send you an email notice telling you to go pick up your own statement. Read more about ePickup in my previous post.

Read More

Fat Fingered Financial

Sophos ran an article this morning describing how “two typosquatting sites, Wikapedia.com and Twtter.com, have been forced offline and fined £100,000 ($156,000) each by a UK telephone regulatory agency.”

Read More

Stupid Password Rules

I covered passwords in enough detail in this post. You’d think most companies would have got the message by now and the only companies with stupid password rules would be those with legacy sites. You’d think.

T-Mobile

Today T-Mobile introduced their new stupid password rules:

  1. Must be at least 8 characters long
  2. Must contain both letters and numbers
  3. Must contain both uppercase and lowercase letters
  4. Cannot contain spaces or special characters (!, @, $, %, \’)

Sigh.

Read More

Solving e-delivery: Solutionscape

This is part four of a series on e-delivery:

<%- partial_page(‘_partials/edelivery-index.html’) %>

In my previous post I looked at the requirements for an e-delivery solution. That post hinted at the need for standards so that businesses could future-proof whatever solutions they adopt. I discussed the existing cloud-centric solutions in a bit of detail in my post Statement E-Delivery is Broken. In this post I dig a little deeper and look at what constraints and trends businesses should consider and how they should future-proof their solutions.

Read More

Solving e-delivery: fundamental requirements

This is part three of a series on e-delivery: <%- partial_page(‘_partials/edelivery-index.html’) %>

You are a bank, biller, health care provider, insurer, payroll or other businesses. You currently do not have a way to push confidential documents and messages to end users and to notify your customers (users) of new content or messages.

How do you send messages and documents to the user, and make them aware that they have new content? For a message solution to work you need to make notifications available to the user in a place that your customer frequents. You don’t send the actual message or document via email because of security and reliability issues. Instead you are putting the message or document on your own web site and, for important content, sending users an e-pickup notice via email. But content is only retrieved when users get around to it, which in many cases never happens.

Read More

Statement E-Delivery is Broken

This is part two of a series on e-delivery: <%- partial_page(‘_partials/edelivery-index.html’) %>

It’s year end and like millions of other households I am rounding up all our electronic records for reconciliation and tax purposes. Much of our information is still best or only presented in paper or as PDF statements. Beyond this fact, many of us would prefer to have access to offline copies of our records that we can archive, quickly navigate, cross reference and be sure to retain beyond when a particular account is still active.

Businesses are pushing for electronic delivery of these statements, bills and tax documents, but e-delivery is broken. In fact {“ what businesses today are calling e-delivery is actually e-pickup “}, and true e-delivery doesn’t actually exist! The onus is on us to visit the 20 or more web sites where our content is stored, then manually retrieve, save and organize this content. No wonder so many people are not willing to turn off paper!

Read More

Why do banks still have no way to send us confidential messages?

This is part one of a series on e-delivery: <%- partial_page(‘_partials/edelivery-index.html’) %>

We’ve crossed into 2012 yet banks and health care are still putting us through contortions to retrieve confidential electronic messages. Why? Paper and FAX were the accepted practice in the old days, but when it comes to electronic delivery there really is no push delivery replacement. E-mail sounds kind of like the right solution, but it’s not secure.

Read More

Careful when handling consumer trust

I recommend the article Identity & Trust: The Keys to the Game in Winning the Hearts (and Wallets) of the Consumer by Allison Cerra. Allison comes from a telecom background and had an early perspective on the value of what she calls the 3Ps. These are presentation (how a consumer constructs and manages an ideal image of himself), protection (data privacy) and preference (helping a consumer make choices). She speaks of the gold mine of opportunity in targeting experiences and applications for consumers.

Read More