The US credit card industry was a very late adopter of security chips, lagging the EU by a decade or so; when they did roll out chips, it was a shambolic affair, with many payment terminals still not using the chips, and almost no terminals requiring a PIN (and some require a PIN and a signature, giving rise to the curiously American security protocol of chip-and-PIN-and-swipe-and-sign). Read the rest “Security chips have not reduced US credit-card fraud”

Consumer Reports is arguably America's most trusted source of product reviews -- published by Consumers Union, a venerable nonprofit with a deserved reputation for scrupulous care and neutrality -- and for years it has been wrestling with how to address privacy and cybersecurity in modern products (disclosure: I have advised them some on this). Read the rest “Consumer Reports now evaluates products' security and privacy”

Gary Cohn is Trump's chief economic advisor. He's a former Goldman-Sachs banker with a net worth of more than $250,000,000. In his latest appearance, the quarter-billionaire explained to the press that Trump's tax-plan (which will transfer billions to the wealthiest 1%, e.g., Gary Cohn) will save two-child families earning $100,000/year about $1,000 and that they can use this money to buy "a new car." Read the rest “Trump's chief Goldman-Sachs goblin tells America they can buy a new car for $1000”

A prepaid debit card company's lobbying efforts in Washington are paying off. Congressional Republicans are seeking to repeal limits to the amount banks can charge customers in overdraft fees. The company is Total System Services, and it stands to make tens of millions of dollars when the GOP starts letting it charge exorbitant overdraft fees. And Total System Services only had to spend $270,000 to make the GOP do its bidding. What a great investment!

Via Buzzfeed:

Last week, Georgia Republican Sen. David Perdue introduced a resolution in Congress, alongside other Republicans including his fellow Georgian Johnny Isakson, to throw out a new package of rules for the prepaid debit card industry.

The rules, finalized by the Consumer Financial Protection Bureau in October, include limitations on overdraft fees, which have become a significant source of consumer complaints about the financial industry — and an important revenue stream for Georgia-based financial firm Total System Services, whose NetSpend unit is the country’s largest manager of prepaid cards, according to a 2015 financial filing.

The vast majority of prepaid debit cards don’t come with overdraft fees, but NetSpend’s do, and the fees accounted for 10-12% of its overall revenue in 2016, or $80-85 million, the company told investors in October. Its parent has spent big on lobbying and political donations in a bid to kill the rules: in the last three months of 2016 alone, it spent some $270,000 lobbying Congress.

The company’s political action committee has also given its home-state senators Perdue and Isakson $37,500 in campaign contributions since 2010, according to data from the Center for Responsive Politics.

In Does The Online Card Payment Landscape Unwittingly Facilitate Fraud?, a new paper in IEEE Security & Privacy, researchers from the University of Newcastle demonstrate a technique for guessing secruity details for credit-card numbers in six seconds -- attackers spread their guesses out across many websites at once, so no website gets enough bad guesses to lock the card or trigger a fraud detection system. Read the rest “Crooks can guess Visa card details in six seconds by querying lots of websites at once”

Cybersecurity firm Symantec said today a second hacking group has been trying to rob banks with phony SWIFT messages. That same method nabbed $81 million in a high-profile attack on the central bank of Bangladesh earlier this year.

Jim Finkle at Reuters reports:

Symantec said that a group dubbed Odinaff has infected 10 to 20 organizations with malware that can be used to hide fraudulent transfer requests made over SWIFT, the messaging system that is a lynchpin of the global financial system.

Symantec's research provided new insight into ongoing hacking that has previously been disclosed by SWIFT. SWIFT Chief Executive Gottfried Leibbrandt last month told customers about three hacks and warned that cyber attacks on banks are poised to rise.

SWIFT and Symantec have not identified specific victims beyond Bangladesh Bank. Symantec said that most Odinaff attacks occurred in the United States, Hong Kong, Australia, the United Kingdom and Ukraine.

Symantec promises to share technical information about Odinaff with banks, governments and other security firms involved in the SWIFT system. Read the rest “A second hacker group is targeting SWIFT bank system users with malware, Symantec warns”

A "death put" on a certificate of deposit means that the bond matures immediately upon the bearer's death, rather than when its term runs out: they're used as a form of life-insurance, cushioning the blow to loved ones from unexpected death, and they can be held jointly, so that the bearer's heirs and a third party get a payoff on death. Read the rest “Hedge fund paid terminally ill people to sign up for "death puts"”

The economic orthodoxy of austerity means that governments facing recession can't just spend their way out of it by creating New Deal-like stimulus that gets the economy moving again: instead, they handed trillions to banks and then watched in dismay as the banks failed to lend any of that out to small businesses and entrepreneurs. Read the rest “Europe's banks want to store billions in cash to fight back against negative interest”

Hardware hacker/security researcher Samy Kamkar is legendary for his legion of playful, ha-ha-only-serious gadgets that show how terrible information security is, and now he's turned his attention to the American Express company, which turns out to be a goddamned train-wreck. Read the rest “Tiny open-source gadget simulates replacement Amex cards, disables chip-&-PIN”

Over the holiday weekend, The Detroit News published a remarkable analysis of what happened in Detroit's foreclosure meltdown. One block on Greensboro Street saw 33 of 38 homes go into mortgage or tax foreclosure in the last ten years. Read the rest “Detroit News documents the decimation of one city block”

Matt Taibbi is touring the States with his new book, The Divide, which is on my must-read list right after I finish Capital in the 21st Century. Rick Kleffel caught up with him for his San Francisco NPR show and posted the interview, along with his notes (which includes links to his previous interviews with Taibbi).

Taibbi was, until recently, the best reason to read Rolling Stone: a finance writer for the 99%, whose incandescent and meticulous columns were terrifying and enraging by turns.

The Divide

05-12-14: A 2014 Interview with Matt Taibbi

(Thanks, Rick!) Read the rest “Interview with Matt Taibbi about "The Divide"”

JWZ's law states that "Every program attempts to expand until it can read mail." A corollary is that every complex system expands until it becomes a bank. Yesterday, I wrote about how a chatbot for organizing coffee orders became a full-fledged bank.

Now, here's a 4chan post explaining a dumb/clever way of using Gamestop stores as fee-free banking institutions by pre-ordering (and pre-paying) for games, then cancelling your orders and getting a refund (to make a withdrawal), and ordering new games (to make a deposit). It's fee-free, and as a pre-orderer, you get all the bonus stuff (your bank pays you!).

This is probably more of a reflection of the total dysfunction of banking, where low interest rates and hidden inflation, as well as high fees, conspire to bleed out savers to pay for reckless speculation, but it's still a pretty clever way of getting fee-free banking from an institution with more branches, and better hours, than many banks. Read the rest “Gamestop as a fee-free, convenient banking institution”

The Center for Public Integrity's After the Meltdown series documents the fate of the regulators, executives, and firms that were most directly responsible for the subprime meltdown, and demonstrates that the top bankers for firms like Lehman got unbelievably rich due to their failures, and are still in business with lucrative consulting firms (for example, Lehman CEO Richard Fuld walked away with several hundred million in cash and now has homes in three states and a personal consulting outfit). Consumerist's Chris Morran has done a great job of summarizing the findings: Read the rest “After the Meltdown: tracking the fortunes reaped by the bankers who tanked the economy”

In 1989, a bank-teller at the Old National Bank in Spokane, WA refused to validate the $0.50 parking stub of a shabbily dressed man who'd come in to cash a check. That shabbily dressed man was John Barrier, a 30-year customer of the bank with more than $1 million on deposit; which he promptly withdrew and took to Seafirst Bank, down the street.

(via Reddit) Read the rest “How refusing a $0.50 parking validation cost a bank a $1M depositor”

A German bank employee dozed off at his keyboard and accidentally triggered a 222 million euro ($293 million) funds transfer. Of course, the order didn't go through, but the man's colleague was fired for not catching the mistake immediately when verifying the transfer. According to the AFP, the colleague sued and the court ruled that he should get his job back. No word on whether the sleepy employee is still on duty. Read the rest “Banker falls asleep and triggers $293 million transfer”

RECOMMEND: Visit the TOM THE DANCING BUG WEBSITE, follow RUBEN BOLLING on TWITTER, and listen to him as he joins other Boing Boingers in select episodes of GWEEK PODCAST. Read the rest “TOM THE DANCING BUG: "Lucky Ducky," Featuring Hollingsworth Hound, Who Must Decide Where to Send His Money on Vacation”