CU news Logo

 Your source for the latest technology information of interest to credit unions across America.

Subscribe to our weekly e-mail newsletter and/or our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.

April 14, 2014

~ This Week's News is Sponsored by Better Branches ~

 

General News  

* PSCU Rolls Out New Mobile App for Loyalty Rewards
* Progressions CU Successfully Converts to Sharetec
* The Local CU Chooses Corelation`s Core
* Columbine FCU Adopts CUProdigy Core
* Member Driven Technologies Signs 2 New CUs

PSCU announced at MoPRO 2014: Imagine the Road Forward, the company`s annual meeting of Member-Owners, that a mobile app for its CURewards Loyalty program is now available for downloading to iPhone and Android smartphones. Members of PSCU`s credit unions enrolled in the company`s CURewards program can use the app to view merchandise redemption options, review offers and check on points.

Sharetec System, one of the fastest growing core systems, announced that Progressions Credit Union in Spokane, WA has successfully converted to the Sharetec Core System. The credit union has also rolled out Sharetec`s complete paperless solution for electronically signing documents, member e-alerts, and other modules.

The Local Credit Union has chosen Corelation`s KeyStone as its new core processing system. The Local Credit Union ($98 million; 4,682 members; Sterling Heights, MI), formerly Sterling-Van Dyke Credit Union, plans to convert to KeyStone in Q4 2014.

Columbine Federal Credit Union announced its decision to convert to the CUProdigy core software platform. The credit union, a $51 million institution located in Centennial, Colorado, has also purchased ownership in the group`s CUSO. Columbine Federal Credit Union will begin its conversion in 2015.

Member Driven Technologies (MDT) announced the addition of two credit unions who have signed to convert their core processing to Symitar Episys via their CUSO solution. Metro Credit Union with six offices in Omaha, Nebraska, has signed to convert to Symitar/MDT, as well as LOC FCU which has three office locations in the southeast Michigan area.

~~~

 

 

Credit Union InfoSecurity Conference Sponsored by
imsmartin consulting

The 12th annual CU InfoSecurity Conference will be held May 21 - 23, 2014 at the Red Rock Resort in Las Vegas, NV.

This is a one-of-a-kind conference - a security conference dedicated solely to credit unions. Highly experienced, expert speakers discuss the latest security trends as they specifically apply to credit unions. Also included is a virtual tour of The Partnership FCU and a Case Study of First Tech FCU. The CU InfoSecurity Conference is priced so that the majority of credit unions can afford it - just $395 per person and $295 for returning attendees. Topics include:

 

* Phishing 2.0 Exploits
* Anti-money Laundering
* DDoS Mitigation Strategies
* Advanced Log Management
* Effectively Using Data Feeds
* Owning Credit Union Networks
* Tuning Your Fight Against Fraud
* New Ways to Eliminate Malware
* Credit Union Virtual Security Tour
* Cyber Criminal Intelligence Programs
* Legal versus Enforceable eSignatures
* Building a Secure E-mail Infrastructure
* Next Generation Authentication Techniques
* Successful Security Awareness Training Programs

Click Here for information, agenda, reservations & more.


Hardware News

Hybrid storage solutions, those incorporating high performance flash memory alongside traditional, slower hard disk drives, utilize intelligent software to keep cold, warm and hot data optimized for efficient placement within the storage tiers. A flash/disk hybrid array permits less expensive and slower HDDs to handle less frequently accessed data, while the high-speed, high-performance flash memory is used for frequently accessed data. Some arrays incorporate 15,000 RPM disks for nearline storage and commodity 7200 RPM drives for even less frequently accessed data. Here are some hybrid solutions:

- Dell Compellent Flash-Optimized Solutions

- EMC VNX

- Fusion-io n5-150

- HP 3PAR StoreServ 10400 Storage

- Nimble Storage CS-Series Array

Seagate has released its first 6TB enterprise-class hard disk drive which is 28% faster than its earlier 4TB drive and doesn't use helium. Western Digital was the first company to release a 6TB drive; that drive used helium which reduces friction and heat. The new drive also comes in 2TB, 4TB and 5TB capacities, and with either 12Gbps SAS or 6Gbps SATA connectivity. As with its past enterprise drives, Seagate's new drive is self-encrypting with the company's Instant Secure Erase, which overwrites data multiple times for easy drive disposal or repurposing. The drive is also FIPS SED certified. 

~~~

Hardware Section Sponsored by
Millennial Vision, Inc. (MVi)

 

Back to Top


Software Updates

Printer Installer is an on-premise web application that simplifies the management, migration, and provisioning of printers. In action, you copy printers from your existing print servers, convert end users from already installed printers, and centrally manage direct IP printers with the provided Printer Installer Administrator. You can also permit employees to install printers via a self-service web portal with optional floor plan maps, without the need to call the help desk.

Research firm Gartner offers this advice for organizations still running Windows XP: have a plan to get rid of it ASAP. They also propose these two moves:

1) reduce user rights on the machines, restrict the PC to run only “known good” applications, and minimize web browsing and email use on the PCs

2) move critical applications and users to server-based computing

 

~~~

Software Updates Sponsored by
Raddon Financial Group (RFG)


Back to Top


ATMs/Kiosks

Concerns about ATM cash-outs have reached new heights which has prompted the FFIEC to warn FIs of the risks associated with cyber-attacks on ATM and card authorization systems. Cyber-attacks against the payment platform can result in "unlimited operations" which refer to ATM cash withdrawals for monetary amounts that exceed daily limit controls or even the cash balance in a cardholder's account. The FFIEC pointed to a recent unlimited operations attack that netted more than $40 million with only 12 debit cards.

Hong Kong-based CryptexCard, a provider of what it calls the first global Bitcoin-to-cash ATM and debit card, says it will begin shipping personalized cards within four to six weeks to approved applicants. Cryptex claims 90% of U.S. ATMs can support the prepaid card, and it will be usable at any merchant location that accepts the Discover card.

~~~

ATMs/Kiosks Sponsored by
Heritage Industries


Back to Top


CU Success Stories  

 

Here is a chance to learn about real life credit union success stories from various technology vendors through the words of their clients. This week's vendor is:

 

IMM

IMM

and their client is:

Congressional Federal Credit Union

Credit Unions - if you have a vendor that you are happy with then please This email address is being protected from spambots. You need JavaScript enabled to view it.!

Vendors - if you have a credit union that is happy with your solutions then please This email address is being protected from spambots. You need JavaScript enabled to view it. and we will give you a $100 discount on your Case Study!
 

~~~

Back to Top


Wireless World

By some accounts, the most common form of mobile RDC fraud is "duplicate presentment" which involves someone depositing a check via a mobile device, then taking the paper check to a different financial institution to cash it as well. Some security experts recommend requiring some kind of "restricted endorsement." In such a case, a member would be required to include a note in their endorsement (e.g., "for mobile RDC only") indicating the check is intended to be deposited via RDC or it won't be accepted for mobile deposit.

Complete Data Products offers an SMS text option from the teller line. The teller`s workflow remains the same – instead of selecting print or email, the teller chooses text. The teller is prompted for the member`s phone number (or asked to verify it if previously used) then the member will receive a text with access to the receipt. They note that member wait time is reduced since the text is received instantly – no waiting on a printer.

The Samsung Galaxy S5 smartphone is one of the first consumer mobile devices to enable users to pay with their fingerprints. If users visit a website or app that accepts PayPal using the device, they can authorize payments by swiping a finger across the phone's home button. The user must first complete a short setup process that registers the identity of the device, based on its cryptographic chip, and links the user's fingerprint to a PayPal account. PayPal's software then asks for a fingerprint swipe anytime an app or site would normally show a log-in screen.

~~~

Back to Top


Security Section

NACHA announced the launch of an Emergency Contact Database for Financial Institutions. The Emergency Contact Database serves as a tool to help facilitate communication and collaboration between financial institutions during emergencies, such as natural disasters, data breaches, and denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. Financial institutions are invited to search the database for risk management contacts at financial institutions across the country and populate the database with contact information for appropriate risk management personnel at their own institutions.

Fiserv announced a new real-time electronic payments monitoring solution to help prevent fraud. ACH Fraud Prevention from Fiserv evaluates ACH files, batches and transactions, looking for unusual patterns of behavior and other variables that indicate fraud risk. The system continuously builds intelligence for each customer, account and other entities relevant to the ACH process to support accurate detection on anomalies. Meanwhile Wire Fraud Prevention from Fiserv evaluates wire transfers and interdicts suspected fraud, looking for anomalies and other characteristics that indicate fraud risk.

~~~

Back to Top


Leaders Roundtable

Security:

Addressing the Big 3: Compliance, Fraud & Cyber Security

>
D+H - http://wwwdh.com
Read Jeff Marshall's comments:
https://www.cunews.com/D+H.pdf

DirectRM - http://www.directrm.com
Read Donald E. Malloy's comments:
https://www.cunews.com/DirectRM.pdf


Easy Solutions - http://www.easysol.net
Read Daniel Ingevaldson's comments:
https://www.cunews.com/EasySolutions.pdf


 
Horsetail Technologies - http://www.horsetailtech.com
Read Mark Berman's comments:
https://www.cunews.com/Horsetail.pdf


 
Integrated Media Management - http://www.immonline.com  
Read John A. Levy's comments:


Incapsula - http://www.incapsula.com
Read Marc Gaffan's comments:
https://www.cunews.com/Incapsula.pdf


LogRhythm - http://www.logrhythm.com
Read Mike Reagan's comments:
https://www.cunews.com/LogRhythm.pdf


 
Mimecast - http://www.mimecast.com  
Read Mounil Patel's comments:

Hyland Software - http://www.onbase.com
Read Steve Comer's comments:
https://www.cunews.com/Hyland.pdf


ProPay - http://www.propay.com
Read Dr. Heather Mark's comments:
https://www.cunews.com/ProPay.pdf


Rallypoint Solutions - http://www.rallypoint.us.com
Read Kris Zupan's comments:
https://www.cunews.com/Rallypoint.pdf




SilverSky - http://www.silversky.com
Read Andrew Jaquith's comments:
https://www.cunews.com/SilverSky.pdf


Spikes Security
Spikes Security - http://www.spikes.com
Read Branden Spikes' comments:
https://www.cunews.com/Spikes.pdf


TrustCC - http://www.trustcc.com
Read Andy Robbins' & Brandon Henry's comments:
https://www.cunews.com/TrustCC.pdf


Verafin - http://www.verafin.com
Read Brendan Brothers' comments:
https://www.cunews.com/Verafin.pdf


Wombat Security Technologies - http://www.wombatsecurity.com
Read Joe Ferrara's comments:
https://www.cunews.com/Wombat.pdf


Zerto - http://www.zerto.com
Read Ziv Kedem's comments:
https://www.cunews.com/Zerto.pdf

~~~

Back to Top


Technology and Marketing

Facing declining branch transactions and diminished branch sales, some FIs are taking their business development teams to the streets via "Workplace Banking." According to Peak Performance Consulting Group's studies, if implemented effectively, Workplace Banking can be a significant incremental source of revenue, representing between 10% and 30% of total new customer relationships. One strategy involves a monthly calendar of Financial Education Workshops which can help generate ongoing program awareness resulting in new appointments, which can then be fulfilled either at the workplace or in the branch. The good news is that based on Peak Performance Consulting Group's surveys and client work, cost per acquisition (CPA) of Workplace Banking can actually be 70% to 80% less expensive than traditional marketing programs.

~~~

Back to Top


Online Banking/E-Commerce/Website Design

FIS has released a new solution that they say allows credit unions to compete effectively with alternative financial services. FIS GenNOW Financial Services provides members with real-time access to funds via mobile or prepaid cards. Members can:

- Load money to their prepaid cards through a mobile app and have immediate access to their funds

- Make expedited bill payments using a mobile app and avoid late payment charges

- Track spending and balances with personal financial management tools and alerts

- Get rewards for usage and meeting budget and savings goals

- Receive real-time notifications of offers reflective of their buying habits and interests

Western Union reports a jump in the number of U.S. and Canadian FI branches offering its money-transfer services to 10,392 at the end of 2013 from 2,678 five years earlier. A Western Union spokesperson noted that their FI partners absolutely recognized that the individual is walking down the street to another outlet to do some of their business, and the banks' rationale is why not capture that transaction in the branch? The ultimate objective is, 'Let's migrate this individual in to more traditional banking services, see if we can get them to open a checking account [or other products over time.]'"

~~~

Back to Top


Internet Access

The FFIEC has issued a notice that says that FIs must now monitor for distributed denial-of-service (DDoS) attacks against their networks and have a plan in place to try and mitigate against such attacks. As usual, the FFIEC did not dictate specific technologies, but they made it clear that FIs must monitor for attacks, have a response plan and "ensure sufficient staffing for the duration of the DDoS attack and consider hiring pre-contracted third-party servicers, as appropriate, that can assist in managing the Internet-related traffic flow." In addition, FIs are expected to "identify how the institution's ISP can assist in responding to and mitigating an attack. “The FFIEC also wants FIs and others to share attack details with the Financial Services Information Sharing and Analysis Center and law enforcement.

NSS Labs just released the results and analysis from its latest Browser Security Comparative Analysis Report which evaluated the ability of eight leading browsers - Apple Safari, Google Chrome, Kingsoft Liebao, Microsoft Internet Explorer, Mozilla Firefox, Opera, Qihoo 360 Safe Browser, and Sogou Explorer – to block against socially engineered malware (SEM). To many people's surprise, Microsoft Internet Explorer came out on top in all key test areas: an average block rate of 99.9%; the highest zero-hour block rate; fastest average time to block; and highest consistency of protection over time percentages. “Selecting a browser with robust socially engineered malware protection is one of the most critical choices consumers and enterprises can make to protect themselves. Microsoft`s SmartScreen Application Reputation technology continues to provide Internet Explorer the most effective protection against socially engineered malware,” said Randy Abrams, Research Director at NSS Labs.

~~~

Back to Top


Call Centers

CEB Customer Contact, a leading research and executive education network for customer service professionals, has coined a new contact center measurement term: Next Issue Avoidance (NIA). It is based on this concept: if a caller finishes a call with one of your agents, but then later they discovers there is something else they forgot to ask, or didn`t know to ask — they will inevitably call back. In action, NIA entails having the agent take time at the end of the call to bring up any potentially relevant issues related to the issues just solved on the call. While it will extend the current call by a few minutes, it means that same caller most likely won`t have to call back another time about something directly related to this issue due to the agent's proactive service.

~~~