Monday, 15 August 2011

myBART Data-base Leaked

Yesterday account information was compromised in connection with an illegal and unauthorised intrusion into the myBART system.

Bay Area Rapid Transit has confirmed that unauthorised person has obtained contact information from at least 2,400 of our 55,000 members. In most cases, the information consists of names, email addresses, and passwords. In some cases, the database also listed an address and phone number. No financial information is stored in the myBART database.

In response to this intrusion, Bart has temporarily shut down the website, and have notified law enforcement authorities.

Commission says information privacy laws are flawed

The Equality and Human Rights Commission is today publishing a report that shows current privacy law is failing to stop breaches of personal data privacy and is not keeping pace with the rapid growth in personal data collection.

The report shows that the way government and its agencies collect, use and store personal data is deeply flawed. They may be unaware that they are breaking the law as the complexity of the legal framework means their obligations are unclear.

It also finds that it is difficult for people to know what information is held on them, by which government agency or private sector body, or how it is being used.

In response to the report's findings, the Commission is making three recommendations to government:

Streamline the current legislation on information privacy

Ensure that public bodies and others have to properly justify why they need someone's personal data and for what purpose.

All public bodies should carefully consider the impact on information privacy of any new policy or practice.

Geraldine Van Bueren, a Commissioner for the Equality and Human Rights Commission said: "It's important that the government and its agencies have the information they need about us to do their job, and any need for personal information has to be clearly justified by the organisation that wants it. The law and regulatory framework needs to be simplified and in the meantime public authorities need to check what data they have and that it complies with the existing laws."

AOptix Launches Dash Six Iris Recognition Enterprise SDK

AOptix Technologies, Inc. announces the launch of their 'Dash Six' Iris Recognition Enterprise SDK. Dash Six is a new breed of iris recognition software offering powerful, flexible, iris image processing capabilities that include iris segmentation, encoding and matching. Following years of rigorous engineering, structured statistical analysis and optimization in real world environments, Dash Six achieves superior accuracy, interoperability and speed.

The new SDK offers strong support for "one-to-one" authentication (including a compact template-on-card format) as well as large-scale "one-to-many" identification, supported by powerful image quality and anti-spoofing metrics. And, because AOptix prioritizes interoperability, Dash Six can be implemented with a wide range of iris recognition systems.

"The Dash Six algorithm is already in use in demanding airport passenger terminals, secure facilities, and other environments where accuracy and consistency are critical" says Joseph Pritikin, Director of Product Marketing at AOptix.

Google to Acquire Motorola Mobility

Google Inc. and Motorola Mobility Holdings, Inc. today announced that they have entered into a definitive agreement under which Google will acquire Motorola Mobility for $40.00 per share in cash, or a total of about $12.5 billion, a premium of 63% to the closing price of Motorola Mobility shares on Friday, August 12, 2011. The transaction was unanimously approved by the boards of directors of both companies.

The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business.

Larry Page, CEO of Google, said, "Motorola Mobility's total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers."

The transaction is subject to customary closing conditions, including the receipt of regulatory approvals in the US, the European Union and other jurisdictions, and the approval of Motorola Mobility's stockholders. The transaction is expected to close by the end of 2011 or early 2012

PCI Security Standards Council Releases PCI DSS Tokenization Guidelines

The PCI Security Standards Council (PCI SSC) has published the PCI DSS Tokenization Guidelines Information Supplement, the latest in a series of SSC guidance documents aimed at providing the market with greater clarity on how specific technologies relate to the PCI Security Standards and impact PCI DSS compliance.

Tokenization technology replaces a Primary Account Number (PAN) with a surrogate value called a-token. Specific to PCI DSS, this involves substituting sensitive PAN values with non-sensitive token values, meaning a properly implemented tokenization solution can reduce or remove the need for a merchant to retain PAN in their environment once the initial transaction has been processed,

Working in conjunction with members of its Scoping Special Interest Group (SIG), the Council created the guidance in response to the requests from the PCI community for direction on how tokenization technology may reduce the scope of the cardholder data environment (CDE) and the effort required to conduct a PCI DSS assessment.

"This newest guidance may be found in the Council's Document Library. While this guidance will provide merchants with additional understanding on how tokenization may help their PCI efforts, it is important to note that tokenization should not be viewed as an alternative to the PCI Data Security Standard," said Bob Russo, general manager of the PCI Security Standards Council.

Note to Subscribers

If you would prefer to receive your News On Line email in plain text, please send an email with "Plain Text" in the subject line.

If you are a subscriber to our Daily News On Line service or Monthly Newsletter you are entitled to access restricted pages on our website news archive. For the username and password please send an email with "Subscriber Password" in the subject line. lesley.dann, Subscriptions Administrator, Smart Card Group.

To Unsubscribe Email Us at or click Unsubscribe

Important Information

From time to time, this news service may include industry forecasts and forward looking statements made by the companies concerned. Readers should be advised that Smart Card News Ltd cannot be held responsible for decisions and/or actions taken by readers of our news service, based on the information provided. This news is only to be distributed to persons/companies who have a contract with Smart Card News Ltd. Unless your company has gained a licence and/or written permission from Smart Card News, the contents of this news page are not to be forwarded to any other person or server. Any replication by any means without prior permission is illegal and action may be taken. If you receive this online news from a forwarded source please contact the team at Smart Card News Ltd. It is illegal to replicate this online news.

Tel: +44 (0)1903 734 677