Nedbank has launched the first live EMV certified mobile point-of-sale (POS) solution in South Africa. The Nedbank PocketPOS enables businesses to process debit and credit card transactions by using a smartphone connected to a secure card reader.
The launch of PocketPOS is in line with Nedbank’s aspiration to be a leader in digital banking, providing convenience, mobility, security and ease of access to banking, anytime, anywhere. It equally supports Nedbank’s continued focus on partnering with SMEs for growth for a greater South Africa by providing seamless banking experiences for all the needs of business owners, including their business, employees and household.
‘At Nedbank, we seek to provide our clients with a choice of distinctive, client-centred banking experiences and continuously innovate to deliver on this. Small to medium-sized businesses are important to Nedbank, which is why we are delighted to introduce a solution that talks to the heart of any business operation: receiving payments in a safe, convenient, mobile and cost-effective way, as an alternative to cash,’ says Ingrid Johnson, Group Managing Executive of Nedbank Retail and Business Banking.
‘PocketPOS is an exciting addition to our existing suite of business products, and one of several Nedbank is planning to introduce over the coming months as we build up to the second year of the Small Business Friday initiative in association with the National Small Business Chamber (NSBC),’ Johnson adds.
PocketPOS‚Ñ¢ is suitable for any business that wishes to accept card payments securely without access to a fixed data or telephone line or where low frequency of card acceptance does not warrant the higher rental cost of a traditional POS device.
‘It creates the opportunity for many smaller businesses to accept card payments where this would not have been considered feasible up to now. It gives businesses on the move, such as plumbers, electricians or delivery services, the ability to reduce cash acceptance when making sales and processing payments on the road. Effectively, we believe PocketPOS will change the way they do business,’ says Sydney Gericke, Managing Executive of Nedbank Card and Payments.
PocketPOS is designed to operate in South Africa where EMV ‘CHIP & PIN’ technology has been mandated, and uses a certified secure card reader and advanced encryption to capture and protect the card data and PIN.
‘Mobile card acceptance solutions, such as Square, have been in operation in the USA for a few years: however, these solutions are typically magnetic-strip and signature-based,’ explains Gericke. ‘PocketPOS is a first in South Africa and the only mobile POS device in Africa and the Middle East using ‘CHIP & PIN’ technology, which has been certified by MasterCard, Visa and American Express, with all the security usually included in a standard POS device.’
Philip Panaino, Division President for MasterCard in South Africa confirms, ‘Nedbank PocketPOS expands the card acceptance reach beyond the traditional card acceptance footprint in South Africa, provides merchants with a new way to receive payments and gives consumers a new, convenient and safe way to pay for their goods. PocketPOS adheres to the crucial ‘CHIP & PIN’ security certifications mandated by the industry. We congratulate Nedbank on this landmark achievement.’
The solution comes in the form of two different secure card readers. The first is a small device with a secure PIN pad that requires the merchant to capture an email address into the smartphone application and, on acceptance of the transaction amount, sends a digital receipt to the captured email address. The second, alternative, device provides the ability to print out a physical receipt, much like in the case of a traditional POS. Both card reader devices have a secure PIN pad for PIN entry and utilise Bluetooth technology to connect to the smartphone.
‘PocketPOS‚Ñ¢ will reduce the cost of card acceptance for entry level-merchants, who could save up to 50% on their existing card acceptance costs. Nedbank will offer a choice of innovative pricing bundles, allowing business clients to select the bundle most applicable to their transaction volume. Clients have the flexibility to upgrade from one bundle to another should their transaction volume increase. The cost of the device will be included in these bundles,’ Gericke explains.
Following today’s launch, PocketPOS will initially be used by a small, selected group of existing Nedbank clients and this number will be gradually increased to scale during the second quarter of 2013. Clients who are interested in this solution can access additional information and log their contact details via the SimplyBiz website (www.simplybiz.co.za).
Johnson concludes, ‘The benefits of this innovation are vast for both business and consumers. PocketPOS provides a secure alternative to cash and we are extremely excited about bringing mobile card acceptance to South Africa, as we believe this will be a true enabler of small-business growth in the future’.
Scammers cleaning up with gullible computer users
Kaspersky experts have detected a two-fold rise in the number of users being attacked with fake system cleaners – fraudulent programmes designed to trick users into paying for alleged serious computer issues to be fixed. The number of users hit reached 1,456,219 in the first half of 2019, compared to just 747,322 for the same period in 2018. During this time, some of the attacks have become more sophisticated and dangerous.
A slow-working or poorly performing computer is a common complaint among PC users, and there are many legitimate tools available to solve such issues. However, alongside genuine system cleaners, there are fake ones developed by fraudsters that are designed to trick users into believing their computer is in critical danger, for example through memory overload, and needs immediate cleaning. The attackers then offer to provide such a service in return for payment. Kaspersky defines and detects such programmes as ‘hoax system cleaners’.
Upon receiving user permission and payment, the fraudsters install the hoax programmes that claim to clean the PC, but which often either do nothing or install adware – an annoying, but not critical, storm of unsolicited advertising – on the computer. Increasingly, however, the cybercriminals are using the installation of hoax cleaners to download or disguise malware such as Trojans or ransomware.
The countries most affected by attacks with hoax cleaners in the first half of 2019 show how geographically widespread the threat is; leading the list is Japan with 12% of affectedusers, followed by Germany (10%), Belarus (10%), Italy (10%) and Brazil (9%).
“We’ve been watching how the phenomenon of hoax cleaners has been growing for the last couple of years, and it is a curious threat. On the one hand, many samples that we have seen are spreading more widely and becoming more dangerous, evolving from a simple ‘fraudulent’ scheme into fully functioning and dangerous malware. On the other hand, they are so widespread and seemingly innocent, that it is much easier for them to trick users into paying for a service, rather than frightening them with screen blockers and other unpleasant malware. However, these two ways end up with the same results with users losing their money,” says Artemiy Ovchinnikov, security researcher at Kaspersky.
Kaspersky detects hoax system cleaners as:
To avoid falling victim to hoax threats, Kaspersky researchers advise users to:
- Always check that the PC services that you are about to adopt are legitimate and easy to understand. If it sounds confusing, use a search engine to find out more about the service as there may be a more detailed explanation available
- Use a reliable security solution for comprehensive protection with a clean-up function for a wide range of threats and PC cleansing, such as Kaspersky Security Cloud.
- If you are purposely looking for a PC cleaner, use reliable, IT-targeted sources of information for recommendations, with a long-built reputation and software reviews.
Read the full report on Kaspersky Daily.
Trend Micro unveils security suite for Azure in Africa
Cybersecurity leader Trend Micro Incorporated has announced highly optimised security solutions for Microsoft Azure workloads for customers in sub-Saharan Africa.
The Trend Micro Deep Security suite takes into consideration that a customer needs to approach cloud security differently than one would traditional security. As a result, it is fully optimised for Microsoft Azure. The suite ensures that a customer can tap into a solution that provides flexible, scalable protection of operating systems, applications, and data without slowing you down.
“Microsoft is an important partner to Trend Micro and as a result we have built a series of technologies that support their position in the cloud,” says Indi Siriniwasa, vice president at Trend Micro Sub-Saharan Africa. “Our security solutions are uniquely optimised for Microsoft Azure and complement Microsoft Azure Security Centre so customers across the world continue to turn to Trend Micro to help better secure their Azure real estate. With Microsoft Azure now available from new cloud regions in South Africa, customers can rest assured that we support the use of Microsoft to streamline provisioning of security for Windows virtual machines and SharePoint workloads.
“This will help customers to ensure that their security follows them from their physical environment to the cloud and back again, customers can automate security with Microsoft PowerShell scripting to streamline provisioning of security for Windows virtual machines and SharePoint workloads plus many other orchestration tools for Azure, including Chef, Puppet, and RightScale, we can also help clients to better automate security control deployments.”
With Deep Security for Azure, businesses can detect and protect against intrusions as well as protect their business against serious vulnerabilities with intrusion detection and prevention (IDS/IPS). The solution will also help uncover suspicious changes to a system and immediately highlight and alert the business to these activities – without security admins having to manually sort through logs.
It also has the ability to keep malware off of workloads by using predictive machine learning mechanisms to detect unknown threats and prevalent attacks, so that a user can identify and then remove malware and blacklist domains known to be command-and-control (C&C) servers. Customers can also stop applications attached with IPS rules that block XSS or SQL attacks and other serious vulnerabilities until systems can be patched, as well as increase application visibility and control.
A particularly relevant feature within the South African context is that Deep Security is able to speed up a client’s route to PCI DSS compliance. The Deep Security solution allows a client to meet multiple PCI requirements with a single product, including intrusion detection and prevention, file integrity monitoring, and log inspection.
“Trend Micro’s integration with Microsoft Azure reduces the dependence on multiple point security tools, helping you to identify and address security and configuration issues quickly,” says Adwait Joshi, director, Azure Product Marketing at Microsoft Corp.
Trend Micro provided the following information:
Trend Micro’s Deep Security currently secures more servers globally than any other solution and specialises in protection for cloud and virtualised workload. It acts as part of the Trend Micro Hybrid Cloud Security solution, powered by XGen and provides comprehensive, flexible security for Azure workloads in a single product, so you can build new applications or move existing resources to the cloud with confidence.
Deep Security protects workloads by:
- Defending against network threats with intrusion detection and prevention (IDS/IPS)
- Immediately protecting against vulnerabilities like Shellshock and Heartbleed
- Keeping malware off Windows and Linux workloads
- Alerting when unplanned or suspicious changes are made to systems
- Stopping SQL injection and XSS attacks on applications
- Gaining visibility and control of elastic workloads with application control that fits DevOps
Local Trend Micro customers can also turn to the company’s Trend Micro Cloud App Security which is directly integrated into Office 365 via APIs. This includes advanced email protection, as well as compliance on third-party cloud file sharing services such as: Box, Dropbox, Google Drive, SharePoint Online, and OneDrive for Business.