Wire Connected

AllTrust Networks, a developer of biometric solutions, has announced that they have implemented their Paycheck Secure biometric check cashing solution in all 11 Pro’s Ranch Markets grocery store locations.

The Paycheck Secure system enables users to scan their fingerprint to authenticate their identity for cashing a check at an automated kiosk. The system’s implementation has resulted in positive customer feedback as well as employee feedback that are now saving time on manual check processes. In addition to the Paycheck Secure system, AllTrust has provided Pro’s with their national negative database to provide better fraud control.

GlobalPlatform, the specification body for smart card infrastructure, has published a white paper to explain how its existing technology can add value to biometric match-on-card solutions from research and development cost-savings and improved time to market, to compliance with industry security requirements.

“The GlobalPlatform Value Proposition for Biometric Match-on-Card Verification,” targets government officials, project managers and consultants advising on the implementation of biometric match-on-card programs, alongside smart card technical audiences. It discusses how current GlobalPlatform specifications deliver the required security and privacy to enable the deployment of a secure, interoperable and flexible biometric match-on-card solution.

GlobalPlatform on-card access control technology is also discussed within the white paper. This function can facilitate the delivery of multiple applications on one card, with each application able to securely utilize the match-on-card biometric in a flexible way without having to become biometric aware.

The document is free to download from here.

Just coming off of Earth Day in April, most of us are looking for ways to be greener and changing the lighting in our homes is just one of those ways.  This past week, NYC was home to Lightfair International 2009, which is the largest lighting trade show and conference in the world.  One of the exhibitors at Lightfair, Philips, unveiled some new ideas about “green” lighting that may soon find their way into our homes. 

Philips previewed a 600-lumen A-shape LED bulb for consumers that will be able to replace traditional 40-watt incandescent bulbs.  The LED bulb offered is five times as efficient as the incandescent bulb.  That is slightly more efficient than a 40-watt equivalent CFL bulb, which requires 10-watts.  Also, LEDs do not have CFL’s safety issues.  As you likely already know, CFLs have a small amount of mercury in them, which means they must be recycled and extra care most be taken when one breaks. 

As a bonus, with all the money you’ll save on electricity, you might be able to spring for that new gadget you’ve been eyeing, say perhaps, the Kindle 2.

Duke Energy has announced that the company will build up to 400 “Mini” solar power plants in North Carolina over the next two years, which when completed will power up to 1300 homes with green energy. The $50 million project will involve the installation of solar panels on the roofs and grounds of homes, schools, office buildings, shopping malls, warehouses and other industrial plants.

Once the project is complete, the energy harnessed will not be directly used by the building which carries the panels, but will be sent to the grid from where the energy will be transported to customers. The company will own and maintain the panels and the electricity generated during their expected lifespan of 25 years. To get the panels installed, the company will be paying a rental fee to the property owners, which will be based on the amount of land and roof space used. Residents of North Carolina can fill out an online application form, requesting the company to install the panels on their land.

The Information Commissioner has expressed concern that electronic patient records are not secure enough following the revelation that Lanarkshire NHS patient data was found on a hard drive purchased on eBay.

Speaking to Channel 4 News, Information Commissioner Richard Thomas said that the recent spate of data losses had prompted talks with the NHS on how to ensure adequate privacy practices are in place.

"As we move towards electronic health records across England we do have anxieties. We talk very closely with the NHS to ensure that they are taking security seriously but they've got to be very vigilant indeed to get security right," he said.

The two disks from Lanarkshire NHS trust contained patient data relating to radiology and x-rays, including thumbnails of x-rays and sensitive correspondence.

In a statement, NHS Lanarkshire said the disks were disposed off through an external supplier in 2006, a policy that would now be ended.

"In this instance the hard drives had been subjected to a basic level of data removal by the company and had then been disposed of inappropriately. This was clearly in breach of contract and was wholly unacceptable," said the statement.

A study, funded by BT and Sims Lifecycle Services, also found sensitive information from companies such as Ford, Laura Ashley and Nokia on disks purchased on eBay.

The financial services industry has long been a hotbed of technology innovation, but as the sector struggles to recover from the credit crunch and budgets are tightened, the strategic imperatives for its IT leaders are changing.

Analyst IDC is predicting financial services IT spending across Europe, the Middle East and Africa this year will retreat to 2005-6 levels ­ – about $3bn (£2bn) ­ – so industry leaders will face challenges to remain competitive while juggling the threats and opportunities that come with new IT initiatives.

Modernisation in the sector is set to take place in an “incremental” fashion, according to IDC, as firms focus on rebuilding trust in risk management processes, compliance-led projects and doing more with fewer resources.

To some extent that is happening at Standard Life, where there is increased emphasis on using existing assets to create innovative solutions. According to group technology director Russell Irwin, Standard Life has initiated an “ideas jam” scheme, which collects an average of 400 suggestions a year from IT staff on how to better harness the firm’s technology.

“There is a risk that innovation [in financial services] could be stalled by the credit crunch, but you have to find creative ways of working with what is available ­ – new ideas don’t have to be something no one has ever thought about,” said Irwin.

“Wiping out innovation completely is a dangerous position to be in. During times of pressure, successful companies plan for the upturn, think smartly and tread carefully,” he said.

Innovation may take a low priority at cash-strapped firms, but resourceful CIOs will take action and continue investing despite the recession, said Darin Brumby, former director of business transformation at Nationwide.

“For smart executive teams, this is the time to take intelligent risks and move the savings from the downturn into innovation instead of just putting it aside for safekeeping and battening down the hatches,” Brumby said.

“It is not just about capturing good ideas, but looking at them quickly and in a way that will help push the business forward,” he added.

Integration and optimisation remain key focus areas for IT in financial services – ­ 61 per cent of banks worldwide polled by Capgemini said that acceleration of processes for bringing new products to market was a priority.

Firms will also need to improve client segmentation and retention, said Brumby, so investment in efficient customer relationship management systems will move up the sector’s IT agenda.

With so many demands on IT, the delivery of business-improving projects will require careful control, he warned.

“The talent that financial services firms end up keeping will be very stretched, so investing in staff is essential to drive innovation. If you don’t have skilled teams and high morale, the business will struggle to move forward,” Brumby said.

“It is also important to remember that you can’t do everything ­ – you have to make choices backed by strong governance, otherwise decisions can’t be made quickly and opportunities are missed.”

Over the coming years, financial services firms are likely to look at innovations around open collaboration, driving internal efficiencies, said JP Rangaswami, managing director of strategy and innovation at BT Design.

Previously CIO at investment bank Dresdner Kleinwort and a champion of wikis and blogs to capture staff knowledge, Rangaswami believes cultural changes will dictate the use of technology in finance.

“People are realising that having multiple ways of communicating makes sense, as well as being able to draw on a collaboration capability inherent in our staff, because human capital is scarce,” he said.

Innovations such as cloud computing and mobile payments also present opportunities, but they are not without their challenges, argued Rangaswami, which include increasing awareness and ensuring security and scalability needed to transform investment strategies.

Rangaswami is optimistic about the future of IT in financial services ­ – and elsewhere. While budgets have been trimmed, project priorities have been realigned, but there is more willingness to adopt open innovation models, he said.

“People claim that there has been a reduction in innovation, but I would say that some of the work that is taking place is under the radar, because the word innovation appears to be more risky than the process itself,” he said.

“You can’t take innovation completely out of the financial institution’s bloodstream, as those businesses thrive on change ­ – you just have to find alternative ways to be able to achieve that change.”

Firms banking on innovation in 2009

Co-operative Financial Services is undertaking a £500m IT-driven transformation with a new core banking platform that will ease integration challenges and introduce a multichannel capability.

Barclays has issued contactless cards to three million customers and is investing in a multimillion-pound branch development programme that includes use of touch-screen technology at its flagship branch in Piccadilly Circus.

HSBC has added mobile banking to its managed payments service platform, aimed at third-party banks and corporate customers. The bank said the investment in the system comes as a response to increasing demand for its outsourced payment services.

Visa Europe has several proof-of-concept projects in areas such as m-payments, contactless and security. The firm said its board demands innovation, but such projects are long-term strategies as they require customer adoption.

Innovation winners and losers

Winners

• Mobile banking – for channel expansion.
• Customer networking – niche projects to foster community.
• “Un-sexy” innovation – efficiency projects that improve customer experience and don’t grab the headlines, but aim to deliver results.
  
  

Losers

• Twitter, Facebook and Second Life projects will increasingly look like products of the first internet boom.
• Peer-to-peer lending – will remain “niche at best” in 2009.
• Advanced biometrics – will not survive spending reviews.

As Facebook has grown, the need for greater session security has increased to avoid hackers and spammers looking to exploit users. That doesn’t mean their system can’t be broken. 26-year-old Azim Poonawala has successfully built a piece of software that currently cracks Facebook sessions with the assistances of a user’s cookie information. While acquiring an individual’s personal cookie information requires a little bit of extra effort, it’s most definitely a feasible task.

As Jeremiah Grossman, Chief Technology Officer of WhiteHat Security told Elinor Mills of CNet, “The mere existence of such a tool leads me to believe that huge numbers of FB accounts are and continue to be compromised and the bad guys need to scale their access.” Honestly it’s not surprising to see that someone has compromised Facebook’s session system although it definitely required a substantial time investment.

Facebook doesn’t seem to mind about this security threat though. Barry Schnitt told CNet news that, “We have systems to detect phished or fake accounts on many different points, including at point of compromise, point of creation, point of login, and point of a spam send, among others.” If the FBController tool were to be used to mass control accounts Facebook would know. As Barry Schnitt told CNet, “Multiple accounts taking the same action, at the same time, as this tool enables, can actually make this detection easier.”

While Facebook may seem confident in their ability to protect against security holes, this will most definitely force the company to modify their session management algorithm. While most web applications will never be perfectly secure, Facebook has invested heavily in making sure users on the site are protected.

Recently there has been an increased number of phishing attacks and those attacks among others, combined with this software can compromise a large number of accounts. It will be interesting to see what measures takes to increase their security now that this software is available.

Apple Inc. has released a new television commercial showcasing a new feature of its iPhoto application: facial recognition.

The ad shows the PC character surrounded by stacks of photos and flipping through them to find one. “I’m having a very difficult time finding pictures of my friend,” he says.

The Mac character then asks if he’s going to flip through the photos individually to find them. “What other way is there?” the PC asks.

Mac then talks about how the latest version of iPhoto has Faces, a facial recognition program that enables a user to tag individuals once and then the program will automatically do it in the future. The program is free when purchasing a new Mac and $79 if users want to upgrade from an older version.

CoreStreet announced the availability of the CoreStreet FIPS-201 Suite of products to upgrade existing physical access control systems to be fully compliant with HSPD-12 and all functionality as defined in Special Publication 800-116. The company also announced that its PIVMAN products is available with Lenel and a partnership with MaxID to market PIVMAN with the company’s handheld ID readers.

Special Publication 800-116, as published by the National Institute of Standards and Technology in November, covers recommendations for the use of Personal Identity Verification credentials in access control systems.

The CoreStreet FIPS-201 Suite of products permits government agencies to upgrade system to enable the verification of PIV cards, Common Access Cards, First Responder Authentication Credential cards and Transportation Worker Identification Credential cards without requiring the replacement of the existing system. The Solution verifies these cards at assurance levels as defined in SP 800-116.

The CoreStreet FIPS-201 Suite consists of the following components:

• CoreStreet FIPS-201 F5 System: Adds PIV, CAC, FRAC and TWIC credential compatibility to an existing PACS

• CoreStreet FIPS-201 Device Developer Bundle and CoreStreet FIPS-201 Head-end Developer Bundle: Software developer kits allowing OEM vendors to build SP 800-116 compliance into their products.

The other two announcements deal with CoreStreet’s PIVMAN product. The PIVMAN Suite of software products provides solutions for several identity and access management.

The standard CoreStreet PIVMAN Solution aggregates identity and attribute information from a variety of trusted sources for access to government buildings, port facilities or disaster sites as part of the National Preparedness Framework. Through integration with OnGuard, the CoreStreet PIVMAN for Lenel Solution allows access levels configured in OnGuard to be displayed on mobile handhelds running the CoreStreet PIVMAN Client software.

Further, the CoreStreet PIVMAN for Lenel Solution retrieves audit logs from the Clients and uploads them to OnGuard for display in the Alarm Monitoring application, and for use in activities such as mustering and reporting.

Also, CoreStreet and MaxID have formed a partnership to market the CoreStreet PIVMAN Solution on MaxID’s iDLMax biometric handheld device.

« Older Entries

Newer Entries »