In the race against the machines the machines are winning

February 5, 2015 at 9:13 am Leave a comment

If today’s blog has a theme it’s how technology is continuing to evolve much quicker than our ability to properly regulate it.

Anthem breach likely to produce nervous members

Anthem Health Insurance disclosed yesterday that personal information involving tens of millions of customers have been compromised,  According to a company press release,  hackers gained   unauthorized access to  personal information from  current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.  However  the company has no evidence that “ credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised. ”Although the exact number of compromised records isn’t known the WSJ is reporting that the hackers gained access to data bases containing information on  about 80 million customers.

Obviously expect calls from nervous members today wondering if they have been victimized by identity theft.  The good news is that since Anthem decided to quickly disclose the breach the public may be better positioned than usual to prevent data thieves  from taking full  advantage of this treasure trove  of personal data. Remember that under New York Law consumers may request that credit reporting agencies place a freeze on access to their credit reports. N.Y. Gen. Bus. Law § 380-t (McKinney).

Here is the company’s press release:

http://www.anthemfacts.com/

Durbin’s Folly

Given the pressing need to improve our nation’s cyber security infrastructure you might thing that a law that deters financial institutions from adopting  the latest security is a bad idea.  That is exactly what the Durbin amendment is doing.  In an interview published by BankInfo Security  Kimberly Lawrence, Senior VP  of Global Corporate Initiatives for Visa estimates that by the end of 2015 70 percent of credit cards will be EMV chip enabled but only close to  40 percent of debit cards  will be.

Why the difference? One reason is that Durbin makes EMV chip migration more   expensive and challenging.  It requires merchants to have a choice of two unaffiliated networks for processing transactions.  EMV was never designed to interact with more than one network at a time so workarounds have had to be created .  In addition, with merchant litigation challenging the Federal Reserve’s implementation of Durbin only recently concluded the regulatory environment has remained unsettled.  Incidentally Lawrence , estimates that 50% of merchants will be able to accept the cards.

Remember that starting in October Visa and Mastercard shift liability for unauthorized transactions from an issuer  that uses EMV cards to a merchant who does not.  There is no requirement that both Debit and credit cards be EMV  enabled at the same time You could even decide to forego EMV conversion completely if you decide the  costs of conversion outweigh its benefits.  Here is an article and interview.

http://www.bankinfosecurity.com/interviews/visa-on-unique-emv-challenges-in-us-i-2564?rf=2015-02-04-eb&utm_source=SilverpopMailing&utm_medium=email&utm_campaign=enews-bis-20150204%20(1)&utm_content=&spMailingID=7476382&spUserID=NTQ5MzMzNDYwNzYS1&spJobID=620402043&spReportId=NjIwNDAyMDQzS0

 

Silk Road Founder Guilty

Ross Ulbricht, aka Dread Pirate Roberts, was found guilty yesterday of several counts related to drug trafficking and money  laundering.  As I explained in a previous blog (https://newyorksstateofmind.wordpress.com/2013/10/04/another-black-eye-for-the-bitcoin) by using   the so called “hidden internet” he was able to offer an ebay like service  for purchasing  drug  paraphernalia .  Prosecutors alleged that he took a commission on all the sales, which were paid for with Bitcoins.   His arrest underscored the concerns of public officials who argue that the computer generated  currency   could be  a handy   means of executing illegal transactions and should be closely monitored.

In a statement,  US Attorney  Preet Bharara proclaimed that Ulbricht’s conviction and  the  seizure of millions of dollars of Silk Road Bitcoins “ should send a clear message to anyone else attempting to operate an online criminal enterprise. The supposed anonymity of the dark web is not a protective shield from arrest and prosecution.” http://www.wsj.com/articles/silk-road-creator-found-guilty-of-cybercrimes-1423083107?mod=djemalertNEWS

Preet’s enthusiasm notwithstanding,  with the amount of money to be made and the technology to make it possible I don’t think we have seen the last of the internet’s Silk Roads.  This is your faithful blogger, AKA   Dread Pirate Roberts, wishing  all of you a pleasant day.

Entry filed under: Compliance, General, Regulatory, technology. Tags: , , .

Too Little, Too Late Again When are state laws preempted?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


Authored By:

Henry Meier, Esq., General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 446 other followers

Archives