CU news Logo

 Your source for the latest technology information of interest to credit unions across America.

Subscribe to our weekly e-mail newsletter and/or our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.

December 5, 2016

~ This Week's News is Sponsored by Better Branches ~



General News  

* ESP Signs Pine Tree CU
* Crossmatch Launches Composite Authentication
* Credit Union of Texas Selects Symitar
* LogRhythm Announces Latest Version

Enhanced Software Products (ESP), a Spokane, WA-based core data processing processor, recently added Pine Tree Credit Union in Grangeville, ID to its Windows-driven FORZA3 Core Processing solution. Pine Tree CU will be also deploying ESP`s Home Banking, Audio Response, Mobile Banking, Paperless/Imaging Solutions and more for its members.

Crossmatch, a leading provider of security and identity management solutions, announced Composite Authentication. The company stated that their DigitalPersona Composite Authentication is designed to achieve four objectives: close gaps left by traditional authentication approaches, offer rapid adaptability, deliver complete coverage and be human-proofed.

Jack Henry & Associates' Symitar division announced that Credit Union of Texas has selected the Symitar Episys core system. In addition to selecting Episys, the credit union also chose to implement Advanced Reporting for Credit Unions (ARCU) for data warehousing and reporting and Episys Data Store.

LogRhythm, a security intelligence company, announced the release of LogRhythm 7.2, a major upgrade to its leading security intelligence and analytics platform. The Boulder, CO-based company states that the latest version features more powerful machine analytics, embedded security automation and orchestration, and enhanced performance at scale.



Hardware News

RAID hard disk arrays are designed to allow one or two individual drives to fail without losing access to the data, however RAID technology is about 25 years old. A newer architecture is beginning to replace RAID for large scale systems: object storage. An object is a file plus metadata that normally is stored in a file system. Objects are accessed directly by their ID number, not through a file system. Object storage systems can sustain multiple - 4 or 5 commonly - drive failures without data loss or a performance penalty. Plus, object stores can replicate data to multiple drives, eliminating the single drive write bottleneck. Clear Sky and Infinidat are two object storage vendors.

HP announced the EliteBook 705 family of laptops with AMD's Pro chips - the EliteBook 705 family includes the 12.5-inch 725, the 14-inch 745 and the 15.6-inch 755 models. These systems can be configured with full-HD screens, up to 500GB of storage and 16GB of RAM. The laptops include AMD's system management and security controls, plus other features include 802.11ac wireless, an SD card slot, a micro SIM slot, two USB 3.0 ports, one USB Type-C slot, a DisplayPort slot and an optional webcam. 


Hardware Section Sponsored by
Millennial Vision, Inc. (MVi)


Back to Top

Software Updates

Security Information and Event Management (SIEM) systems have been around for a long time, but some analysts are predicting that they will give way to a security operations and analytics platform architecture (SOAPA). Consulting firm ESG notes that SOAPA is built on SIEMs, but can also include:

  • Endpoint detection/response tools
  • Incident response platforms
  • Network security analytics
  • UBA/machine learning algorithms
  • Vulnerability scanners and security asset managers
  • Anti-malware sandboxes
  • Threat intelligence

Hiring a consulting firm to determine the best new branch location can be an expensive proposition. There is one low cost alternative: ZoneSavvy which taps big data to help smaller organizations find best sites for new locations. In action, you enter a business type, the ZIP code of the general area where you want to locate the business, and the distance from that ZIP code you are willing to consider. ZoneSavvy then gives you suggestions for which nearby neighborhoods would be the best locations for your type of business.


Software Updates Sponsored by

FI fraud activity reached an all-time high in 2015, and in turn Credit Unions increasingly need software able to produce real time alerts on suspicious so that fraud analysts can be more proactive. LogRhythm's Security Intelligence and Analytics Platform consolidates analytics into a single platform and provides out-of-the-box Compliance Automation Suites to help financial enterprises comply with requirements, deliver automated reports, and produce forensic investigations.

Learn how Alliant Credit Union has successfully implemented real-time fraud detection by clicking here to read their case study.


LogRhythm Security Intelligence and Analytics Platform

Back to Top


EasyBranch has rolled out EasySelf which is a mini-ATM and cash recycling Smart-Safe hardware components managed by their software that they say provides all the functionality of a full size ATM. Multiple mini-ATM points can be connected to a single Smart-Safe cash recycler located anywhere in the self-service area of the branch. Each EasySelf mini-ATM point can also be connected to the credit union`s member service personnel, whether onsite or in a centralized remote location, allowing members to contact them via video call or chat messaging onscreen. The mini ATM points can be configured to handle a multitude of non-cash transactions including bill pay, prepaid card and mobile phone recharging, balance transfers, check scanning, etc.

San Diego County Credit Union announced the launch of its new SDCCU Wallet. They note that they are one of the first financial institutions in the country to offer mobile cash access with the launch of their SDCCU Wallet. Members can save time at any SDCCU ATM by setting up their withdrawal on their iPhone - they simply open the app and select how much they want to withdraw and from which checking account, and then tap the button on the ATM screen and scan the QR code with the app to withdraw their money.


ATMs/Kiosks Sponsored by
Heritage Industries

Back to Top

CU Success Stories  


Here is a chance to learn about real life credit union success stories from various technology vendors through the words of their clients. This week's vendor is:  



and their client is:

Member Savings Credit Union

Credit Unions - if you have a vendor that you are happy with then please This email address is being protected from spambots. You need JavaScript enabled to view it.!

Vendors - if you have a credit union that is happy with your solutions then please This email address is being protected from spambots. You need JavaScript enabled to view it. and we will give you a $100 discount on your Case Study!


Back to Top

Wireless World

Some observers are questioning why more credit unions are not deploying Visa's Mobile Location Confirmation Service technology that they say enhances both convenience and security by eliminating the need for cardholders to notify their credit union about their travel plans. It uses mobile geo-location data to match the location of Visa transactions with the location of your mobile device. If your mobile device is in proximity of the payment transaction, your issuer can more confidently approve the transaction.

SecureAuth recently announced Symbol-to-Accept which is a mobile MFA (multi-factor authentication) approach that aims to improve security without placing an undue burden on users. With Symbol-to-Accept, the user is presented a small number of “accept” buttons displaying single, randomly selected symbols (such as letters). To successfully log in, the user selects the correct symbol that matches one displayed on their login screen.


Wireless World Sponsored by
Member Access Pacific (MAP)



The MAP App™ is the first network-branded prepaid card exclusively serving credit unions to offer mobile banking -
contact us now to learn more about this market-leading innovation for credit unions:

(866) 598 - 0698

Back to Top

Security Section

According to security firm Agari, 60 percent of surveyed security leaders say their organizations were or may have been victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked say that employees` credentials were compromised as a result of the attacks. Other highlights from their report include:

- 89 percent of respondents have seen either a steady pace or an increase in spear phishing and other targeted email attacks in the past year

- 49 percent of respondents rate the effectiveness of the current controls they deploy to defend against social engineering attacks as average or below

- More than one fifth of respondents have ‘no confidence` in their business partners` abilities to defend against social engineering attacks that could compromise the respondents` organizations

TopSpin Security has developed a deception-based platform called DECOYnet that provides complementary layers of deception and detection. DECOYnet connects to a TAP or SPAN port and looks at all traffic in a certain network or subnet through its network traffic analysis engine. After this discovery process concludes, the platform places dummy assets such as endpoints, servers, data repositories, etc. around the network. Employees have no reason to access these assets, so any access to them should be an indication that an intruder is at work. TopSpin says that their decoys and mini-traps are so realistic that an intruder will not know that they are fake documents, user credentials, email messages, system resources, etc. They contend that deception can detect and trap an attacker within just a few moves on the network.

Many security experts believe that logs hold the baseline information required for quality incident response and forensics. Whether the logs are local, centralized or cloud-based, intruders work hard to change or delete them to cover their activities. In order to help keep log repositories more secure, Waterfall developed the BlackBox. The company says that their solution secures logs “behind” a unidirectional gateway, ensuring that logs are physically kept trustworthy and out-of-reach of cyber attackers.


Security Section Sponsored by
StrongAuth, Inc.



Back to Top

Leaders Roundtable

Core Systems:

The Foundation of Your Member’s Experience

Celent -
Read Stephen Greer's comments:

Corelation -
Read Theresa Benavidez's comments:

CU Answers
CU*Answers -
Read Randy Karnes' comments:

Enhanced Software Products -
Read Matt Lefler's comments:

Member Driven Technologies -
Read Matthew Baaki's comments:

Share One -
Read Teri Van Frank's comments:



Back to Top

Technology and Marketing

Some email marketing experts have a list of some key elements that they recommend that you keep in mind to help improve your email response rates. Here are a few:

- Personalize: do your best to personalize the email

- Visualize the Email's Structure: be clear about what the different sections of the email are and keep the message short

- Get Straight to the Point: focus on crafting an email that takes less than 30 seconds to read

- Focus on Benefits: don't discuss features of your products and services

- Include a Call-to-Action: be clear on what you want the reader to do at the end of your email message


Back to Top

Online Banking/E-Commerce/Website Design

MasterCard's Decision Intelligence software includes artificial intelligence algorithms as a core component in an effort to provide better risk scoring across all transactions and reduce the number of false declines. Research by Javelin shows that the value of false declines per year has hit $118 billion, more than 13 times the total amount lost annually to actual card fraud ($9 billion), so this is a huge issue for issuers, merchants and cardholders. The software examines how a specific account is used over time to detect normal and abnormal shopping spending behaviors, using account information like consumer value segmentation, risk profiling, location, merchant, device data, time of day, and type of purchase made.

Comtrade Digital Services announced that it has created an automated banking platform for Viber, a messaging app. The company says that their new solution allows users to carry out a range of banking transactions entirely through a chatbot, e.g., transfer money, check their balance and retrieve the money sent to them by using a QR code at an ATM or going to their local branch. The company claims that this is the only messaging platform that, through an API, can be directly integrated with a financial institution`s existing digital banking channels.


Back to Top

Internet Access

According to a report from IBM`s Security Intelligence group, cyber-attacks using the VoIP protocol Session Initiation Protocol (SIP) have been growing this year accounting for over 51% of the security event activity analyzed in the last 12 months. They note that VoIP traffic can be intercepted, captured or modified and is subject to attacks aimed at degrading or eliminating service. Security experts recommend the following techniques to help reduce VoIP security issues:

- Apply encryption by segment, device, or user

- Encrypt the signaling at your Internet gateway with Session Initiation Protocol (SIP) over Transport Layer Security (TLS)

- Apply strong passwords to access the voicemail inbox

- Train employees to immediately report anomalies

SimpleWan offers a service called vMPLS, or Virtual Multiple Protocol Layer Switching, that gives users the ability to connect multiple geographical locations through a secure carrier-neutral managed network, providing access to the entire corporate network securely from any location. The firm's "Smart Routing Technology" utilizes dozens of private backbone connections to help deliver the shortest distance routing between endpoints

Fireglass is a provider of web isolation software that requires no endpoint software installation, supports all major browsers, OSs and devices and is offered both as a cloud services and as an on-premises deployment. Attackers cannot leverage Zero-day exploits and Flash and Java vulnerabilities since all attacks occur in a remote secure environment. In other words, because all content is executed away from endpoints, users are protected from malicious websites.


Back to Top

Call Centers

The ICMI (International Customer Management Institute) has partnered with 8x8, a hosted VoIP solutions provider, to publish a Quality Management in the Contact Center Tool Kit. They state that for some organizations, up to 75% of their total contact center costs are agent costs. They contend that if organizations want to reduce their costs and increase customer and agent loyalty, they need to create a culture of continuous improvement across their agent pool. Additionally, they assert that the key to doing all of this is a comprehensive quality management program which is why they developed their complimentary toolkit.