CU news Logo

 Your source for the latest technology information of interest to credit unions across America.

Subscribe to our weekly e-mail newsletter and/or our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.

April 21, 2014

~ This Week's News is Sponsored by Better Branches ~


General News  

* 5 CUs Renew Credit & Debit Processing Contracts with PSCU
* Nymeo FCU Selects IMM Technology
* CU*Answers Adds its Newest Owner
* FInection Marks First Anniversary

PSCU announced that five of its Member-Owner credit unions have signed long term contract renewals for the CUSO`s credit and debit processing services. The credit unions renewing their credit and debit card processing with PSCU include: DFCU Financial (Dearborn, MI; $3.5B); Pen Air FCU (Pensacola, FL; $1.2B); Ashland Credit Union (Ashland, KY; $178M); West Community CU (O`Fallon, MO; $154M); and Peninsula Community FCU (Shelton, WA; $147M).

Nymeo Federal Credit Union has selected multiple offerings from IMM`s software suite to expand its financial service offerings and increase members` banking conveniences. Maryland-based Nymeo will employ IMM`s TotaleAtlas eSignature platform with workflow capabilities, as well as IMM`s Teller Item Capture, TotaleReceipts and TotaleChecks to help them make greater strides in achieving a paperless environment.

CU*Answers, the Grand Rapids, Michigan-based cooperative CUSO, announced that it has recently added another credit union owner. This newest investor is Lakes Community Credit Union, located in Lake Orion, MI ($80M and 9,000 members).

FInection, a set of video channels created by Mid-Atlantic Corporate Federal Credit Union, is celebrating its first year of service to the credit union movement. To date, the Corporate has created over 200 educational videos, releasing several each week.




Credit Union InfoSecurity Conference Sponsored by
imsmartin consulting

The 12th annual CU InfoSecurity Conference will be held May 21 - 23, 2014 at the Red Rock Resort in Las Vegas, NV.

This is a one-of-a-kind conference - a security conference dedicated solely to credit unions. Highly experienced, expert speakers discuss the latest security trends as they specifically apply to credit unions. Also included is a virtual tour of The Partnership FCU and a Case Study of First Tech FCU. The CU InfoSecurity Conference is priced so that the majority of credit unions can afford it - just $395 per person and $295 for returning attendees. Topics include:


* Phishing 2.0 Exploits
* Anti-money Laundering
* DDoS Mitigation Strategies
* Advanced Log Management
* Effectively Using Data Feeds
* Owning Credit Union Networks
* Tuning Your Fight Against Fraud
* New Ways to Eliminate Malware
* Credit Union Virtual Security Tour
* Cyber Criminal Intelligence Programs
* Legal versus Enforceable eSignatures
* Building a Secure E-mail Infrastructure
* Next Generation Authentication Techniques
* Successful Security Awareness Training Programs

Click Here for information, agenda, reservations & more.

Hardware News

Riverbed Technology released a rebranded SteelFusion line of storage appliances: 1160, 1260 and 1360. The company claims that the appliances fuse servers, storage, virtualization and networking into a single solution that speeds provisioning by up to 30 times and recovery by up to 96 times. The SteelFusion Core 3000 appliance will start at $8,000, while the Edge 1360p unit will start at $8,500.

WTI's TSM-40-DPE serial console server provides secure in-band and out-of-band access to RS232 serial console and maintenance ports with the added benefit of dual power supplies for failsafe redundant power. The unit delivers 24/7 remote access to servers, routers, switches, firewalls and other network elements. Secure Shell (SSHv2) encryption and address-specific IP security masks prevent unauthorized access to command and configuration functions. Other features include dual power inlets with built in ATS, event logging and alarm functions, and Enterprise Management Software. 


Hardware Section Sponsored by
Millennial Vision, Inc. (MVi)


Back to Top

Software Updates

Microsoft's free Joulemeter program lets you calculate the power used by a Windows desktop or laptop. Joulemeter's developers intend the program to be used in conjunction with an external power meter when measuring a desktop's energy consumption, although the program's Manual Entry option generates an approximate power-usage number; the energy use of laptops is determined without requiring an external power meter.

NSS Labs recently tested several endpoint security products to see how well each would block socially-engineered malware. The good news is that all five did a good job of protecting against socially-engineered malware:

- Fortinet`s FortiClient Endpoint Protection

- McAfee VirusScan Enterprise and Antispyware Enterprise

- Symantec Endpoint Protection

- Trend Micro OfficeScan

- Endpoint Security by Bitdefender

Quiktrak announced that it has licensed its Revoquest audit software solution. The Revoquest platform allows credit unions to bring their auditing process online with a comprehensive platform. The platform supports pre-audit logistics and workflow management, audit report generation, unique business-rule logic and customized reporting. For credit unions with field inspection needs, the Revoquest platform is available on Android as well as PCs.



Software Updates Sponsored by
Raddon Financial Group (RFG)

Back to Top


Fujitsu has launched a new range of ATMs featuring its PalmSecure biometric technology, a technology that authenticates the user by reading the unique pattern of veins in the palm of the hand, and support for mobile NFC. Fujitsu notes that their technology maximizes security levels when incorporating mobile applications, such as access to the ATM using contactless technology, or interacting with mobile devices via NFC. The Fujitsu ATM Series 100 will initially roll out in Europe.

Nautilus Hyosung announced that it will provide an EMV upgrade kit for its popular legacy model, the NH1500 for the U.S. market. The EMV upgrade kit includes an EMV card reader, new main board and the appropriate software patch. With this additional EMV support for the NH1500, Nautilus Hyosung can support EMV capability for its entire family of Retail ATMs, including the NH1800CE/SE, Halo and Halo S, NH2700, MX5000 and MX4000.


ATMs/Kiosks Sponsored by
Heritage Industries

Back to Top

CU Success Stories  


Here is a chance to learn about real life credit union success stories from various technology vendors through the words of their clients. This week's vendor is:




and their client is:

Meritrust Credit Union

Credit Unions - if you have a vendor that you are happy with then please This email address is being protected from spambots. You need JavaScript enabled to view it.!

Vendors - if you have a credit union that is happy with your solutions then please This email address is being protected from spambots. You need JavaScript enabled to view it. and we will give you a $100 discount on your Case Study!


Back to Top

Wireless World

According to data from New York-based consulting firm AlixPartners, about 60% of smartphone or tablet users who switched FIs in the fourth quarter said mobile banking was an important factor in the decision, up from 7% in the second quarter of 2010. The research firm also noted that the biggest jump among any type of mobile banking function was mobile RDC: about 34% of mobile bankers used the function in the fourth quarter of 2013, versus 22% two years earlier.

MasterCard plans to issue its specifications for host card emulation (HCE) by the end of June. Visa has already announced its support for mobile payments using HCE via its contactless technology, PayWave. HCE is a long-recognized part of the NFC specifications, but it has gained prominence since Google incorporated support for it into its latest Android operating system for mobile phones, Android 4.4, also known as KitKat. HCE allows organizations offering mobile payment and loyalty services to provision user credentials from a remote server rather than store them on the secure element in the user`s phone. HCE not only frees providers from dependence on the phone`s secure element, it also lowers costs by removing the need to pay fees for access to the phone. Both card networks require tokenization with their implementations of HCE. Tokenization bolsters security by generating one-time replacement values for card account numbers before the credential is delivered to the terminal.

PayPal is one of the first major payment companies to support "wearable payments." The company has released an app for the new Samsung Galaxy Gear II smart watch that works in conjunction with the new Galaxy S5 smartphone. The smart watch app lets users view their PayPal balance and recent transactions, receive location-based offers for nearby stores and restaurants, and pay in-store by checking in. Meanwhile, Intuit, FIS, and other companies are developing financial apps for wearable devices. Many analysts believe that watches and wrist bands which can tap a reader to enable payment are the more likely initial form factors for wearable payments.


Back to Top

Security Section

The Heartbleed Bug, a vulnerability in the OpenSSL encryption standard, has been making headlines lately. In response, security firm SilverSky is offering a complimentary scan to determine if your network is vulnerable to the Heartbleed Bug. They will also provide timely advice on how to remedy any issues to protect your network from the bug.

FICO announced the general availability of their Identity Resolution Engine 3.6 which is a software solution that helps improve personal identification to detect fraud rings and other forms of crime. The company says that the new version combines entity resolution with social network analytics to help credit unions expose money laundering schemes, detect insider fraud, and enhance screening processes.

Votiro has come out with a solution designed to help mitigate attacks launched during the unknown and zero day time frames. Votiro`s software works on individual files attached to email, downloaded from the Internet, or taken off a removable device. The software runs multiple anti-virus engines against the files, and then runs their proprietary Secure Data Sanitation Device (SDSD) that performs an "active sanitation process" on the file itself, making micro changes in the file in order to disintermediate any exploit code hidden in the file. The SDSD solution can be located on premise or in the cloud.


Back to Top

Leaders Roundtable


Addressing the Big 3: Compliance, Fraud & Cyber Security

D+H -
Read Jeff Marshall's comments:

DirectRM -
Read Donald E. Malloy's comments:

Easy Solutions -
Read Daniel Ingevaldson's comments:

Horsetail Technologies -
Read Mark Berman's comments:

Integrated Media Management -  
Read John A. Levy's comments:

Incapsula -
Read Marc Gaffan's comments:

LogRhythm -
Read Mike Reagan's comments:

Mimecast -  
Read Mounil Patel's comments:

Hyland Software -
Read Steve Comer's comments:

ProPay -
Read Dr. Heather Mark's comments:

Rallypoint Solutions -
Read Kris Zupan's comments:

SilverSky -
Read Andrew Jaquith's comments:

Spikes Security
Spikes Security -
Read Branden Spikes' comments:

TrustCC -
Read Andy Robbins' & Brandon Henry's comments:

Verafin -
Read Brendan Brothers' comments:

Wombat Security Technologies -
Read Joe Ferrara's comments:

Zerto -
Read Ziv Kedem's comments:


Back to Top

Technology and Marketing

The most recent Insight Report from Mercator Advisory Group's CustomerMonitor Survey Series reveals that while consumers are visiting branches less often (46% of consumers surveyed visit a branch more than once a month, down from 51% who did so in 2012), young adults, smartphone and tablet owners, particularly mobile banking users, are especially likely to visit branches frequently. Consumers who recently opened a checking or savings account (primarily at a branch location) (57%), as well as consumers who increased their branch visits over the previous two years (59%) are far more likely than average (45%) to have a credit card from their primary FI, thus confirming the power of the branch to motivate consumers to use a financial institution's products, according to the research firm.


Back to Top

Online Banking/E-Commerce/Website Design

88% of US Internet users between the ages of 18 to 34 used online banking to pay monthly bills, make deposits and withdraw money and nearly half said they performed such activities on a mobile device, according to a study released by TD Bank. Respondents were using digital banking more frequently than they had in the previous year, with 57% saying they used mobile more often and 50% saying the same for online banking.

While some FIs press forward with offering video teleconferencing at their branches, others are concerned about how various demographics will respond to talking to a person in a remote location via video. UMB has surveyed users at three of their branches and found this somewhat surprisingly result: 95% of the people that have used the video conferencing capability said that they enjoyed the experience. Plus there is more good news for video conferencing proponents: those three branches have seen a 50% boost in revenue, and video conferencing has also saved UMB 150 hours in personnel time.


Back to Top

Internet Access

Network World recently tested various solutions for protecting browser and AirGap from Spikes Security was the only product to refuse to execute everything on their local desktop by default. AirGap runs a virtualized session on another machine across the Internet. The VM renders the content and converts it to pixels that are compressed and streamed to your desktop. Since nothing executes on your own machine, any malware is ineffective. Every user session has its own virtualized session and even every browser tab has its own session and is isolated from the other tabs.

DDoS attackers relied less upon traditional botnet infection in favor of reflection and amplification techniques, according to a new global DDoS attack report from Akamai. The newer DDoS toolkits utilize Internet protocols that are available on open or vulnerable servers and devices. The most abused protocols are Character Generator (CHARGEN), Network Time Protocol (NTP) and Domain Name System (DNS).

British Internet security services provider Netcraft has released a browser extension that alerts users when a site they visit hasn't been patched to protect against malicious use of the Heartbleed vulnerability, found in certain versions of the OpenSSL (Secure Socket Layer) encryption library. The free extension can be installed on the Chrome, Firefox and Opera browsers.


Back to Top

Call Centers

CorvisaCloud, a cloud-based contact center software provider, has just released its hosted voice and SMS platform. The CorvisaCloud platform permits users to build voice and SMS apps internally, or subscribers can use and customize a la carte components of the CorvisaOne product suite such as phone extensions, call queues or lead management features.