After an all nighter watching India lose pretty badly to Australia in World Cup Cricket semifinals, I am beginning the healing process. One of the things that will make me heal quickly is for Australia to lose to New Zealand in the finals. Given that the New Zealanders already beat the Aussies once in this tournament and won their semi finals in a dramatic fashion, I am hopeful that they will clinch the finals. I know most of you don’t care about cricket, sorry, but remember I am going through healing.

I was invited to watch a demo of yet another software product that we are looking at that will help us with affordable care act reporting requirements. (As a side note, ever wonder when these regulations will stop adding to the cost of Higher Ed?) In light of this demo, I was thinking about our experiences in purchasing third party software and it immediately dawned on me that “Lies, Damned Lies and Statistics” is so appropriate parallel to software.

(more…)

I do not have an iPhone, sorry! However, there are a couple in my family who do, so I am aware of the apps and advances in that arena. I have been following the Apple Pay technology with a lot of interest. The fact that it is is touch free (“contactless”) is cool in itself, but I am very impressed by the thought that has gone into securing the information from start to finish. The web page titled “Apple Pay security and privacy overview” clearly explains how the technology behind Apple Pay works. I strongly suggest that you read it. In simple terms, a device and credit card specific “secure element” is stored on your iPhone. When you are at a place that accepts this form of payment, using Near Field Communication (NFC) technology, the iPhone and a payment terminal communicate. After you enter your passcode on iPhone, it then transmits a dynamically generated encrypted information that contains the secure element for the credit card you choose, along with a few other information (presumably, the vendor name, the actual charge etc.). This data is received by the bank or the payment network, which then verifies all of this information and accepts the transaction. The key to all of this is that the information is secure, encrypted and is stored on your device as well as the bank. No one else, including Apple and the vendor has access to this information except perhaps in transit, but without the appropriate keys to decrypt, the information in such a short transit is not useful.

Samsung has come up with Samsung Pay, which is very similar, but has one advantage over Apple Pay. It also can communicate with the traditional magstripe terminals. Google is rumored to be revamping its Google Wallet  to measure up to these. It is fair to say that most of us are not ready to use these and continue to use traditional methods of using the credit cards in the stores as well as through online. There have been numerous breaches where, because the stores retain our information, they have been stolen. Credit card companies are getting better and alert us of fraud detection, which sometimes can be annoying (because of legit charges) and they tend to arrive at the most inopportune moments, such as when you are just about to embark on a trip. I would love to transition to one of these more secure methods asap. In the meantime…

(more…)