Security expert Brian Krebs recently published a blog outlining some of the tactics that thieves use to commit tax fraud, and being that the deadline to file just passed, it seemed like a good time to talk about what can happen when you procrastinate.

Tax fraud is a frightening prospect. Thieves impersonate their victims and file in their name in order to collect returns that don’t belong to them, and in a lot of cases can make out with a lot of money. Not only are they able to steal the victim’s tax refund, but they create a huge headache for the person they targeted.

Fraudsters will obtain employee identification numbers (EINs), which, while not private information by any means, are still quite valuable. These EIDs are used to create bogus refund claims which are often loaded onto a prepaid card. These prepaid cards are widely used by thieves because they’re not easy to trace, and make it easy for the fraudsters to avoid banks or places that may pick up on their suspicious behavior. And how exactly are they filing these fake claims? You may or may not be surprised to learn that most of tax fraud is conducted with TurboTax, who has been under recent scrutiny for their seemingly lax fraud detection.

So, what is the best thing that you can do next year to ensure you don’t become a victim? It’s quite simple–file early. Tax fraud is getting harder for thieves to get away with each year, but its complexities mean there are plenty of loopholes for them to find. The safest thing you can do is to put in for your return before fraudsters have a chance to.

Read more about how to deal with becoming a tax fraud victim and learn what else you can do to protect yourself over on Krebs on Security.

Company is the Only Validated Oracle E-Business Suite Integration for Payments

PHILADELPHIA (April 10, 2015) — CardConnect, a payment processing and technology services provider, announced that it will be attending COLLABORATE 15, an  Oracle User Group event offering the full spectrum of Oracle Applications and Technology education.

As the leading payment gateway and tokenization solution, CardConnect is the only validated Oracle E-Business Suite (EBS) integration for payments. Its patented solution provides the greatest reduction of Payment Card Industry (PCI) scope from mail order, telephone order and call center environments.

“An enormous amount of cardholder information has gotten into the wrong hands simply because businesses cannot protect raw card data,” said Rush Taggart, Chief Security Officer at CardConnect. “Thankfully, adoption is growing for technologies that help avoid catastrophic data breaches. Tokenization, coupled with point-to-point encryption and EMV, ensure that the most sensitive information remains protected. By seamlessly integrating with Oracle, our solutions create peace of mind for customers and businesses alike.”

CardConnect’s patented solution allows businesses that both accept credit cards and run Oracle to:

• Remove the burden of PCI compliance
• Eliminate the threat of a data breach
• Reduce interchange to the lowest possible level
• Automate reconciliation
• Seamlessly integrate all sales channels

Hosted by Oracle’s three largest user groups, COLLABORATE 15 takes place April 12-16 at Mandalay Bay Resort and Casino in Las Vegas. Visit CardConnect’s booth #1140 for more information, or visit the company’s website at www.cardconnect.com.

About CardConnect

CardConnect® is a rapidly growing payments technology company that provides solutions for companies that accept bank card transactions, store sensitive data and seek to push the boundaries of innovation.  Trusted by more than 50,000 businesses, ranging from Fortune 500 Companies to independent coffee shops, CardConnect’s proprietary gateway and API make payments simple, integrated (Oracle, SAP, JD Edwards) and secure. CardConnect’s patented payment security solutions use point-to-point encryption (P2PE) and tokenization to provide an unparalleled level of data breach protection and full escape form the burden of PCI compliance. For more information, visit cardconnect.com.

It’s almost time for Collaborate 2015! This year has a plenty of great events planned and we wanted to take a moment to go over the basic schedule as well as some standouts. Check out our picks and don’t forget to visit us at booth #1140!

Sunday, April 12

IOUG Pre-Conference Workshops*

9 am – 4 pm

Collaborate starts for IOUG members Sunday morning! Check out some of the great pre-conference workshops that Collaborate has in store. Speakers from Oracle will lead hands-on workshops on Enterprise Manager, Oracle Database 12c, Accreditation for Advanced Users and more.

Learn more

IOUG Welcome Reception*

6 pm – 8 pm
Mandalay Bay Ballroom K

Celebrate the return of the #IOUGenius to Collaborate! Enjoy h’oeuvres, enter the raffle, and do some networking with your fellow #IOUG technologists. Don’t forget to stop by the photobooth!

*IOUG badge required to attend these events

Monday, April 13

Registration and Caffeination

7 am
Mandalay Bay Foyer

Get registered and grab a coffee before a day of breakout sessions, exhibitions, and more.

Opening Keynote – Erik Wahl of UNthink™

8 am – 9 am

Graffiti artist, author, and entrepreneur Erik Wahl will be gracing us with his presence to talk about how creativity is within everyone’s reach–even if you’re not an artist. UNthink will inspire you to unlock your own creative potential.

Morning Educational Breakout Sessions

Detecting and Stopping Cyber Attacks against Oracle Databases

9:15 am – 11:30 am
Room North Convention, South Pacific J

Oracle Databases are a target of cyber attacks by hackers looking to obtain sensitive data such as credit card numbers and personally identifiable information used in identify theft. Even though databases are not externally accessible, they are still a target as most cyber attacks penetrate the network perimeter and look for high value targets within your internal network. Based on lessons learned from recent high-profile cyber attacks, a framework and techniques for detection and prevention of these cyber attacks against database will be presented.

Learn more

Oracle E-Business Suite: Strategy, Update and Roadmap

9:15 – 10:15 am
South Seas F

In this session, hear from Oracle E-Business Suite General Manager Cliff Godwin as he delivers an update on the Oracle E-Business Suite product line. The session covers the value delivered by the current release of Oracle E-Business Suite applications, the momentum, and how Oracle E-Business Suite applications integrate into Oracle’s overall applications strategy. You will come away with an understanding of the value Oracle E-Business Suite applications deliver now and in the future.

Learn more

Women in Technology Luncheon – Registration required

11:30 am – 12:30 pm
Mandalay Bay Ballroom A

Kellyn Pot’Vin-Gorman of Oracle will lead this tech-forward meet up for women in the field to discuss personal experiences and strategies for success. Men are also welcome to join! Sign up is during morning registration.

Learn more

Afternoon Educational Breakout Sessions

Meet the Experts: Oracle E-Business Suite Procurement

12:45 pm –  1:45 pm
Breakers G

Don’t miss this opportunity to meet with the Oracle Procurements experts – the people who design and build the applications. This session is where you can have discussions regarding the Oracle Applications strategy and your specific business and IT strategy. The experts will be available to discuss the value of the latest releases and share insights into the best path for your enterprise, so come ready with your questions.

Learn more

Insightful EBS Purging Strategies

2 pm – 3 pm
Mandalay Bay D

Purging and Archiving are very complex subjects and there is so much information available that it is impossible to cover everything in one presentation. This presentation is meant to discuss purging features and functionality of the Oracle EBS Applications that is available in Release 12.

Learn more

Another Security Patch – How Do I Keep Up?

4:30 pm – 5:30 pm
Room North Convention, South Pacific J

Every quarter Oracle provides security patches for Oracle E-Business Suite, the database and Exadata/Exalogic. We will discuss the need for applying these patches quarterly, how to plan for them, test them, and best practices on when to apply them.

Learn more

Welcome Reception

5:30 pm – 8 pm
Room Shoreline AB

Drinks, hors d’oeuvres, and networking! Check out the opening of the Exhibitor Showcase and check out this year’s participating companies.

Tuesday, April 14

Oracle Keynote: Keeping Your Head in the Cloud – Leadership Edge in the Digital Transformation

8 am – 8:45 am
Mandalay Bay Ballroom

Mark Sunday is Chief Information Officer and Senior Vice President at Oracle, responsible for the information technology infrastructure used across the company globally. Mark’s responsibilities have also included the operational infrastructure for Oracle’s on-demand product offerings. Prior to joining Oracle in 2006, Mr. Sunday was Senior Vice President and Chief Information Officer of Siebel Systems. With more than 30 years in the high technology industry, he has also served in various IT leadership positions at Motorola, ST Microelectronics, and Texas Instruments. Mr. Sunday supports the innovation, technology and science community serving as Vice Chair of Utah Technology Council and board member of the Leonardo – a museum dedicated to the intersection of art, science and technology.

Learn more

IBM Keynote: Building for the Future: APIs, Cognitive Computing and Customizing Your Oracle Applications in Cloud

8:45 am – 9:45 am
Mandalay Bay Ballroom

IBM Cloud Platform APIs are a critical component to developing ecosystems around your technology as well as building modern, born on the cloud, web and mobile applications. Given the popularity of customizing social functionality into Oracle applications, it should come as little surprise that daily API calls to some of the more popular social networking platforms can number in the billions. While impressive as a stand alone statement about the increasing value and significance of building and using APIs, it also highlights a substantial new market opportunity.

Learn more

Meet the Experts: Oracle E-Business Suite Financials

9:45 am – 10:45 am
Room Breakers G

Don’t miss this opportunity to meet with the Oracle Financials experts – the people who design and build the applications. This session is where you can have discussions regarding the Oracle Applications strategy and your specific business and IT strategy. The experts will be available to discuss the value of the latest releases and share insights into the best path for your enterprise, so come ready with your questions.

Learn more

Advanced Architectures for Oracle E-Business Suite

11 am – 12 pm
Room Islander D

Attend this session to build on the three-tier logical Oracle E-Business Suite architecture to meet your business requirements and to assist you with planning a disaster recovery project for your environment. If you want to learn more about how to deploy advanced configurations for Oracle WebLogic Server and parallel concurrent processing, this session is for you. It covers features that provide high availability, scalability, and performance, including load-balancing, clustering, virtualization and DMZ.

Learn more

E-Business Suite 12 Payments: The Centralization of Payment Processing

2 pm – 3 pm
Room South Seas C

This presentation highlights the new E-Business Suite Release 12 Payments module. This new module supports both funds disbursement and funds capture. The discussion will focus not only on the benefits of centralization, but will illustrate the new payment factory model and the out-of-the-box support for funds capture. Several new user dashboards that facilitate more efficient processing will be shown and discussed, as will the new setup form. Critical similarities and differences between Release 12.1 and 12.2 will also be highlighted. Finally, key implementation milestones and timelines will be emphasized.

Learn more

ERP Project Management for the Busy Professional

3:15 pm – 4:15 pm
Room South Pacific H

While the PMBOK provides some great knowledge on the best practices for managing projects, it is sometimes difficult to apply these practices in real-life. Learn the everyday skills and methods needed to assess and deliver almost any type of ERP project. Starting from project intake and working through project execution and closure, we’ll share our thoughts on how to setup a structure to manage projects successfully.

Learn more

Exhibitor Showcase Happy Hour

5:30 pm – 7 pm
Room Shoreline AB

Self explanatory. Have a drink and network!

Wednesday, April 15

Oracle E-Business Suite Patches: Fear no More!

8 am – 9 am
Room South Seas I

For many organizations, applying a patch to their Oracle E-Business Suite (EBS) system can be a tenuous experience, regardless of the patch size. The high costs and risks associated with deploying EBS patches deter many organizations from deploying them. However, “sitting on the fence” and not deploying necessary patches can also be a costly and risky business!   Embry-Riddle Aeronautical University, the world’s largest, fully accredited university specializing in aviation and aerospace, will share how they significantly reduced the risk, time and cost when implementing patches using Panaya’s SaaS impact analysis solution.

Learn more

From E-Business Suite with Love: An Excel-Based Reporting Alternative to Oracle Discoverer

10:45 am – 11:45 am
Room South Pacific C

Are you on a mission to replace Oracle Discoverer? Meet Wand, Reports Wand. Our Excel-based ad hoc reporting tool for E-Business Suite is shaken, not stirred and is empowering users around the world. See why Reports Wand is a viable alternative and a much less complex option than migrating to OBIEE. Friendly to end users, our solution installs in minutes without consultants or heavy IT resources and allows for greater flexibility and customization with reporting. See how you can also use it with NoetixViews.

Learn more

Meet the Experts: Oracle E-Business Suite In-Memory Applications

3:15 pm – 4:15 pm
Room Breakers G

Don’t miss this opportunity to meet with the Oracle Service Management experts – the people who design and build the applications. This session is where you can have discussions regarding the Oracle Applications strategy and your specific business and IT strategy. The experts will be available to discuss the value of the latest releases and share insights into the best path for your enterprise, so come ready with your questions.

Learn more

Young Professionals Forum Cocktail Meet-Up

6:30 pm – 7:30 pm
Room Islander C

Are you looking to connect with other young professionals in the Oracle Applications community? Start the Groovy 60s Party with your peers at happy hour. Build your network and your knowledge during our pre-party event. Pick up your pass at the OAUG Welcome Reception at LIGHT Nightclub on Sunday.

Learn more

Thursday, April 16

Getting Optimal Performance from Oracle E-Business Suite

8:30 am – 9:30 am
Room South Seas H

This packed Oracle Development session summarizes practical tips and lessons learned from performance-tuning and benchmarking the world’s largest Oracle E-Business Suite environments. Apps sysadmins will get concrete tips and techniques for identifying and resolving performance bottlenecks on all layers of the technology stack. They will also learn how Oracle’s engineered systems such as Oracle Exadata and Oracle Exalogic can dramatically improve the performance of their system.

Learn more

Oracle DBA Profession Life Skills – from a 25-Year Veteran

12:15 pm –  1:15 pm
Room Banayn E

Learn life lessons from a 25-year Oracle veteran who started with Oracle 5.1!

Learn more

Search the full schedule and don’t forgot visit us at booth 1140!

We are excited to announce yet another Merchant Center release! Here’s a look at some of our new features:

We also have a few additions to the Marketplace that we know you’re going to want to check out.

Account Updater

The hassle of expired and replaced cards are a thing of the past with the Account Updater. Whenever a new card is assigned to your customer, the card information will automatically update on your end.

Learn more

PIN-less Debit

Accept PIN-less debit card transactions with ease for lower interchange rates, faster checkout, and more. Available to customers with access to both the Gateway and the Virtual Terminal.

Learn more

 

EMV Upgrade

The EMV deadline is set for October of this year, and all merchants must be capable of accepted EMV-cards. That’s why CardConnect supports hundreds of EMV-ready devices for all of your payment processing needs.

Learn More

Quickbooks

 Our native integration for Quickbooks allows card-present and card-not-present transactions within the Quickbooks application for customers of both our Gateway and Virtual Terminal

Learn More

Recently, mobile payment security has been a bit of a hot button issue. Between concerns about Apple Pay’s desire to “keep it simple” and criticism about NFC (near field communication) technology in general, it seems like everyone in the payments sphere has mobile on the mind. With Apple Pay specifically, some experts have expressed concern about the technology’s simplicity making it less secure—right now, 6% of Apple Pay purchases are made with stolen cards. Naturally, this is giving merchants and customers alike some pause. Apple Pay seems to be giving criminals another way of using cards they have already stolen since it’s fairly simple to load a new card into Apple Pay.

That said, mobile technologies like Apple Pay are generally much harder to hack. The real issues have come from the implementation rather than the technologies themselves. The stolen cards being used with Apple Pay were stolen through other means—Apple Pay has simply become the method of use, much like when someone steals a physical card and then uses it to place an online purchase.

What is comes down to is not whether or not NFC technology is secure, but whether or not the product using NFC is secure. Apple Pay is secured with tokenization, meaning that all stored information is useless to criminals if they manage to steal it. Despite any criticism Apple Pay may have received recently, Visa has stated that they believe tokenization technology itself is actually making consumers more comfortable with mobile payments. Statements like this from major credit card companies have inspired companies like Samsung to adopt the technology for themselves in their own mobile payment products.

We’re happy to see the public coming around to the notion that tokenization is the future of security for card payments. The belief that all transactions should be tokenized at the point of entry is one we’ve held for quite some time—that’s why every payment flowing through the CardConnect gateway is encrypted and tokenized using our patented CardSecure solution.

With so much pessimism surrounding the security of the current payments ecosystem, we’re actually quite optimistic about the powerful combination of EMV, P2PE and tokenization. These technologies are available to any business that wants to employ them, and they would have thwarted the recent spate of payment card breaches. The biggest question that remains is one of adoption and how it can be fast tracked.

Last week we introduced you to our new recurring billing feature and gave you a quick walk-through. This week we’d like to tell you a bit more about the benefits of recurring billing as well as explain some more about the functionality.

Mark as Paid

This feature provides flexibility, particularly when you are first signing up a customer for a recurring billing cycle. For example, if the customer has previously paid for a scheduled payment (say, with cash or from a previous transaction), you can go into, you can go into their billing plan and click “Mark as Paid” to ensure they’re not charged twice. This is also useful if a customer opts to submit several scheduled payments at once.

Billing Interval Flexibility

Whether daily, weekly, monthly, or annually, you’re in full control of when your customers get billed. Once a week house cleaning every Monday, daily dog walking, personal training every 10 days, monthly magazine subscriptions—you name it. You can also determine if you want to bill your customer infinitely (meaning you would need to manually cancel), based on the amount of payments, or based on an end date.

Edit Bill Plan Details

If a customer’s card expires or they simply want to be billed on a different card, there’s no need to create an entirely new account. Just go into “Bill Plan Details”, click “Add New Card” and enter the card information.

Mobile

That’s right, you can sign up your customers for recurring billing on your mobile device! This is an excellent option if your company is a subscription service and you’re doing sales at a conference, door-to-door, or any time you’re face to face. Instead of inputting your customers bill plan information later from your computer, you can get them all set up right on the spot.

Recurring billing is available to all of our merchants that use our Virtual Terminal. Learn more about all of our Virtual Terminal offerings here.

A few days ago, we added recurring billing to the Merchant Center and just wanted to take a moment to provide a walk through to show how easy it is it set up billing plans! This feature is perfect for any merchant with customers with subscriptions, nonprofits that want to easily set up and track recurring donations, and more.

Let’s get right into it.

1. From your account home page, click on the Billing tab. Then click “New Billing Plan.”

That will bring you to this page:

2. Enter the name of an existing customer into the search bar to populate the fields with their information.

3. After the customer fields are populated, you can select an existing card to append to the billing plan, or add a new card.

4. You can then choose your billing plan interval. Simply choose Daily, Weekly, Monthly, or Yearly and select frequency.

Click “Save Plan” and you’re done!

Remember, this feature is available to any merchant who is set up with our Virtual Terminal. Tune in next week and learn about other helpful features of our new recurring billing tool.

CardConnect is excited to announce new features and enhancements for the Merchant Center!

Recurring billing made simple

Finally, it’s easy to create billing plans in intervals of days, weeks, months and years. You can also base your billing plan on cancellation, date, or number of payments. We’ve also included a new option to email receipts to your customers!

Order new hardware hassle-free

Need a new swiper? An additional POS system? A key pad for phone orders? No problem! Order them directly from the Merchant Center and we’ll have them at your door ASAP.

Kount, 3-D Secure, and DonorPro are here!

Kount: Utilize Kount’s proprietary persona technology to stop fraud in its tracks before you risk authorizing an illegal purchase. Plus, manual behavior reviews add an extra level of security your customers will appreciate.

3-D Secure: Further reduce your interchange rate and remove the burden of fraud responsibility from your company’s shoulders when you integrate 3-D Secure.

DonorPro: Non-profits can accept donations secure and increase their gifts by about 10x the nation average with DonorPro’s unique CRM.

Dashboard refresh

We’ve simplified the batch process and given the dashboard an enhanced, simplified design that updates after every settlement window. View funding trends from the past 5 days, and enjoy a greater emphasis on alerts so you never miss a thing.

New VT features

Add surcharges (percentages of the total) to any transaction, or disable PAN entry to ensure that your system only ever receives tokens—keeping your system completely outside the scope of PCI compliance

Enhanced chargeback reporting

We’ve tied chargebacks to their individual transactions to allow for greater transparency.

Added user permission

Users can now be granted permissions for “Verify”, “Authorize Only”, and “Billing Plans” to give you greater control over what your users can and cannot access.

Receipt signature line

Questions about the new Merchant Center enchancements? Drop us a line at info@cardcw.com and we’ll be in touch.

Retailers aren’t the only targets of cyber crime, especially recently. The most notable breach was at Anthem, the largest for-profit managed health company in the Blue Cross and Blue Shield Association. The hackers made off with up to 80 million records including names, dates of birth, Social Security numbers, health care ID numbers, home addresses, email addresses, and employment information. While Anthem doesn’t believe any credit card information has been stolen, that doesn’t mean this breach won’t hurt the victims.

So what do thieves do with PII data? It’s a different strategy than credit card fraud. When these cyber criminals manage to collect social security numbers, addresses, etc., they store them in order to create an elaborate identity theft plan. While this sort of breach may not be immediately damaging, over time it can be worse than similar credit card fraud. These criminals can use your information to bill your insurance for prescriptions and medical services–all of which would remain on your personal record. This can impact the quality of care you receive if your record begins to reflect another person’s health history and preexisting conditions instead of your own.

What’s more is that this breach in particular is very hard to track. Records belong to both current and former Anthem members, plus they have uncovered 14 million incomplete records that they’re struggling to link.

With PII data being as valuable as payment data, it’s important that merchants take the necessary actions to keep it secure. So how do you keep Social Security Numbers and other personal information as save as credit card numbers? Simple. With the exact same technology.

The Anthem breach, with its eye-popping 78.8 million comprised records, is yet another reminder of the risks involved when businesses are not securely protecting our sensitive information. Hacking networks and databases is like cracking a giant safe – once inside, you have access to all the jewels. Had Anthem implemented the simple process of tokenizing sensitive data upon entry, all personally identifiable information would have been replaced by irreversible, impossible-to–decrypt tokens – in essence, fool’s gold.

 

Rush Taggart, Chief Technology Officer, CardConnect

Yep, that’s right. It’s completely possible to tokenize and encrypt Social Security Numbers and other PII data in the exact same way as payment cards.In fact, so many of our clients have requested to use our tokenization solution for PII, that we transformed this feature into a standalone product.  That way if anyone ever does force their way into your system, they wouldn’t be able to use any of the data they uncovered. Simple.

Learn more about tokenization for PII