Thursday, September 22, 2011

Is it REALLY the Economy, Stupid?

So, I can't help but get encouraged and frustrated at the same time when I see articles such as these.  First, a Duane Reade drug store opened over the summer in NYC.  Here's an excerpt:

"At 22,000 sq. ft., it is Duane Reade’s largest store ever. The cavernous former bank space has vaulted ceilings that rise two stories above the marble floor and retains the bank’s marble columns, pyramidal roof and French gothic spire. As the Bank of Manhattan Trust Building, it was the tallest structure in the world until the Chrysler Building opened in 1930. Donald Trump purchased it in 1995, but for 11 years the site was only used to host special events, Magnacca says. The New York City Landmarks Preservation Committee awarded it landmark status in 1998."


HOLY MOLY Batman!  A DRUG STORE!  That's encouraging for Duane Reade and Parent company, Walgreens, but really, a DRUG STORE?  Hard to believe we're still having a real problem with the ecomony when companies are performing this type of monumental addage to their existing footprint.

Take that story and add it to this one...  A Software Engineer, Stephen Huff, in MO builds PENSMORE (Loosely derived from "Thinking More), a 72000 sq ft high tech home. 

http://today.msnbc.msn.com/id/44607760/ns/today-today_people/t/take-tour-billionaires-high-tech-castle/

Said to be one of the largest and yet most fuel-efficient homes ever, I reckon the project alone will keep hundreds of workers busy for the next two years. 

I'm starting to think the problem's not really economocal in nature, but more POLITICAL!

6 Tips to Curb ATM Skimming

Again, due to the recent activities around the Pacific Northwest cases, recommendations are made on how Skimming attacks might be countered. 

The basic list looks like this (I've commented on some standout points...):

Fraudsters are Savvy to Surveillance - The writer suggests the Fraudsters KNOW that live video is not being monitored.  However, they do not address the use of RECORDED video.  Also, this is not a serious issue as the Fraudsters might simply use a machine without Video Surveillance.

Incidents Occur Quickly - 2-3 hours to collect a bunch of Account Data.  That's about what would be expected.  And then I suppose they move onto another machine.

No Wireless Technology - This is interesting in that the writer does not mention the use of wireless video cameras, something more commonly seen in the past.  But they refer to the actual skimming device transmitting data wirelessly.  I think it would certainly add costs and risk for the criminal, but it seems the use of a camera is still fairly likely.

Branch ATMs Preferred - The writer points out very good reasons for the preference of Branch Bank ATMs over Retail or otherwise, off-site ATMs.  Easy access and high traffic volume, most important.

Certain Makes Targeted - I would say the regular use of specific model(s) is more related to familiarity and costs.  If the Fraudsters can simply build ONE facade and product it in quantity, tehy can more quickly get the thefts underway at more places quicker and for less costs.

Merchants Can Help Detect Fraud - I find this most troubling.  FIRST, consider the issue that the Retail organization DOES NOT check IDs when a Debit charge is being conducted.  But SECOND. indeed, why/how should they?  The main point of using a debit card, specifically with a customer swiping access point, is so the employee never NEEDS to check the card and/ or ID.  It would seem to me a little strange after I've swiped my card and entered my PIN that an employee would ask me for the card and my ID.

Here's the whole article...
http://www.cuinfosecurity.com/articles.php?art_id=4084&pg=1

Wednesday, September 21, 2011

2 ATM Skimming Suspect Jailed

These are two additional folks linked to the same cases from last month in the Seattle area. 
http://www.cuinfosecurity.com/articles.php?art_id=4077

Friday, September 9, 2011

Top Stealth Home Energy Hogs

I saw this article and did a real quick once over in my house.  Found a couple of spots where I can certainly make quick adjustments.  With all the power outages recently, we often think about ongoing entertainment.  So one of the things I do is setup our Portable DVD players under the regular TV with a library of DVDs.  Each of the DVD players is plaugged in to keep it charged.  I moved things around a little, so I can, at any point in time unplug the TV, the FIOS Settop Box, and all the DVD Player at one time when not in use.  Looking forward to those millions of dollars in savings...  Or maybe just a few bucks...

Here's the article...

http://finance.yahoo.com/family-home/article/113465/top-energy-consuming-items-forbes

ATM Skimming: How Effective is Jitter?

This is an older article from 2010 regarding the "jitter" technology to provide anti-skimming protection.  Overall conclusion is the jitter technology should only serve as a piece of the overall anti-skimming solution.  I completely agree.  Thereare many ways to protect an ATM or Gas Pump from skimming devices, but how does one prove ROI on a device and how much is one willing to spend on the device or overall anti-skimming solution - PER ATM?

Here's the Jitter Article

http://www.cuinfosecurity.com/articles.php?art_id=2667&pg=1

Thursday, September 8, 2011

Hands Off - Gap’s apprehension strategy stresses safety

I read this interesting article about Hands Off Apprehension. Nto super original really, but gives some ood ideas on what Retailers are doing to train AP folks properly.

Hands Off! STORES.org

3 Charged With 6-State Spree Linked to $550K in Fraud

Good article from CUInfoSecurity.com on another recent update in teh war on ATM Skimming.  Three separate individuals brought up on charges.

Here's the whole story...

http://www.cuinfosecurity.com/articles.php?art_id=4031

Video Analytics - Business Intelligence or Infrastructure Security

Just thinking today about the differences between Analytics in the video world, and in particular the business case for the additional costs.  It seems there are two very broad categories of Video Analytics.  First, Critical Infrastructure Security Analytics, might be considered those used to provide Asset Protection, Loss Prevention, and/ or secure an organization's infrastructure and resources.  Most often these are marketed to Airports, Seaports, Government Buildings, and Corporate Offices, because this is the most likely area of an organization that can justify the higher price tag.  These are the most popular in nature currently and the ones most of the industry is referring to when they speak about "Video Analytics".  These might include items like:

 - Setting tripwires
 - Object (object might be defined as person or vehicle) left behind
 - Object entering an Area Of Interest (AOI)
 - Directional awareness
 - Flow control

Second, there are what could be referred to as Business Intelligence Analytics.  As the descriptor implies, this refers to those analytics in which provide additional business intelligence and by their nature are developed to serve that purpose primarily.  Most often these are related to Retail-type of applications (Consumer Retail, Retail Banking, etc.).  The analytics would enable the video system to provide items like:

 - Conversion Rates - comparing and analyzing shoppers to purchases
 - Directional Analysis - analyzing which direction customers move within a given Field of View (perhaps based upon in-store signage)
 - Employee Performance - analyzing and comparing numbers of customers serviced by coworkers and providing performance metrics between employees
 - Queue Analysis - providing automated response when queues are getting too long, or there is queue abandonment

Of course, the two broad types of analytics could overlap in certain ways.  For instance, identifying an object (person) within a field of view and then identifying that object crossing a tripwire could allow an analytics to "Count" people entering a department or Area of Interest - giving the appearance of Departmental Conversion Rate.

But perhaps what is more important is how the analytics, and the overall software package included, can display a Return on Investment. Analytics to date have had a hard time justifying the higher price tags. Now, we're starting to see prices drop, but also quality, accuracy, and expectations drop also.

A brief look at typical Critical Infrastructure Analytics show the most popular, and historically the most impressive Return on Investment (ROI).  Frankly, the CI analytics are touted to save lives and reduce loss.  Setting up an analytics to detect a "suspicious bag left behind" in an airport can protect the patrons and employees of the airport as well as reduce the possibility of costly terminal shutdowns.  Detecting a small boat approaching a larger vessel and triggering alerts can have a huge impact in protecting precious cargo and even even soldiers in battle.  But the reality is in those markets, it is very difficult to show ROI as the endeavor is to stop dramatic, and potential very public in nature, events from occurring.  In this case, a single "Failure" in a mission critical event such as this may not be acceptable (because it could cause loss of life and or expensive resources).

On the other hand, there is Business Intelligence Analytics.  By using department/ product level conversion to identify why "X" number of customers enter an area and yet do not buy a specific product, one can make a very real and immediate change to the layout of the store to increase sales of that product (or replace the product altogether). 

Also using a combination of Line Queuing Analytics, as well as, Real-Time Dashboard with Alerts and Forensics, a Store Manager could immediately affect Customer Service (by reducing wait times), and review and compare employee effectiveness.

In addition the risk of failure is insignificant in the overall plan.  Missing one or two people in an Area of Interest during a 1 hour period will not cause dramatic, negative results.

Tuesday, September 6, 2011

Pay at the Pump Skimming Epidemic

Great article on Pay at the Pump "Epidemic"

http://www.cuinfosecurity.com/articles.php?art_id=3951

ATM and Gas Pump Skimming - On the Rise?

Maybe its just me,  but it seems there has been a rise in the number of Skimming cases across the US in recent months. 

May 2009 - New York - Estimated 500K USD lost due to skimming devices
Sept 2010 - South Florida - ATM and Gas pumps found with devices
July 2011 - Houston, TX - 400K ATM Skimming Scam
July 2011 - Global ATM Skimming Ring Busted
Aug 2011 - Sacramento, CA - 2 men facing charges of ATM Skimming
Sept 2011 - Tampa Bay, FL - approx 44 customers defrauded at area ATMs
Sept 2011 - Seattle, WA - 3 Charged With 6-State Spree Linked to $550K in Fraud


There are of course many more than these, but it seems to be an increasing issue in the field.  Some would estimate the problem of Card Fraud totaling over 2 BILLION dollars in recent interviews.  This number is staggering considering the limited effort ATM manufacturers have put toward actually solving the problem.  Some have attempted to correct the problem by adding jitter technology into the machines themselves, which can be a costly effort to outfit legacy machines. Others take a more unintrusive route with a combination of detection and jamming devices.  Each has ways of providing parts of the solution, but it still seems pieces are lacking.

Strategies to Optimize Every Customer Interaction

There was an error in this gadget