Disqus - Latest Comments for tylerhannan

Re: PayPal Developer Conference: Innovate 09

tylerhannan — Mon, 02 Nov 2009 23:58:22 -0000

Tim. I have some very firm opinions on the subject. (Imagine that :) ) There is an eBay & eCommerce track at the event so I will see if there is anything brought up regarding the situation...The beauty of a developer event is there are heaps of people to chat with about it as well. I will absolutely revert with both my opinions and those of others.

Re: Surcharge for Credit Cards

tylerhannan — Wed, 14 Oct 2009 21:18:40 -0000

I completely agree that cash discounts are, in fact, disguised surcharges...at least frequently. At some point it is really a semantics issue of "advertised price" vs. "discounted price."

The key element you identify is that the decision of accepting plastic is based on benefits of accepting that particular tender. It is, as many things, a bit of a cost/benefit analysis. I will revert this week with some interesting statistics I've found regarding the benefits of acceptance in the SMB sector.

Re: Cloud Based Messaging

tylerhannan — Sun, 31 May 2009 13:28:33 -0000

An odd woe...I've used disqus on my blog for the minor amount of comments it receives at present...and have been a huge fan. I decided to use the follow feature (for the first time) and it would appear that it was an authentication error. Somewhat surprisingly I was presented with the "something went wrong" screen but it was constrained by the embed region of the comment which made the error quite difficult to read without in page scrolling.

Regardless, seems pleasant now, will just copy/paste comment prior to click the "post" button.

Re: Cloud Based Messaging

tylerhannan — Sat, 30 May 2009 03:35:25 -0000

Perhaps this comment won't fail upon posting...

I wrote a lengthy comment regarding my own cloud usage...and that the only applications that I remain "tethered" to are office applications and e-mail.

Above all, I'm just glad I'm not the only one who uses e-mail as a file storage system. It is rapid access...easily searched (particularly when using Spotlight)...and the context of the e-mail around presentations and other saved attachments proves extraordinarily useful when researching something sent several years earlier.

Re: Why Isn't Paypal More Successful?

tylerhannan — Tue, 26 May 2009 16:40:56 -0000

Perhaps what is most intriguing about the commentary, at least from my perspective, is the comments appear to have some measure of similarity. Those who love it, love it...those who hate it, hate it....and the reasons are fairly consistent. Not surprising.

What I did find surprising is that there appears to be a measure of segmentation between the audiences that PayPal serves. Love or hate...the PayPal "merchant" has a very different perspective than the PayPal consumer. Again, not surprising considering that they serve more than one audience. It is, perhaps, an interesting case study on the multi-sided market concept as applied to what is, in essence, an established industry player.

I would agree that many of the woes called out in other comments point to a brand issue (which is, perhaps, due to a product issue). That is worthy of further rumination.

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Sat, 07 Mar 2009 22:02:35 -0000

Thanks for the comment.

Heartland, as I stated in the original post, appears to have been considered as "compliant" by VISA at the time of the breach.

In terms of debating the relevance of PCI...You will probably notice a theme among my posts (both here and via twitter at http://twitter.com/tylerhannan) that PCI is not the "be all, end all" of compliance. It is not a goal. It should be treated as an outcome of a Risk Management strategy.

We won't know, quite possibly ever, the details of how they were breached...although we will get a fair picture as details come out. That, however, doesn't mean that is should cause all in the industry to pause and take assessment of their position on compliance, security, and risk management in general.

I know Heartland well. I know their pricing structure (from multiple perspectives). Their value to the payments world, in my opinion, has little to do with whether their risk approach was holistic. Was it a case of negligence or a case of the "black hats" beating proper security preventions? I suppose time will tell...

The theme, however, (at least from my perspective) is the situation should reinforce a measured and attentive review of security policies that anyone in the "processing" sphere choose to implement.

thanks for you thoughts. they are appreciated.

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Wed, 21 Jan 2009 00:42:12 -0000

Some of you may have noticed that I just deleted an anonymous comment from someone who claims to work at Heartland. For all I know, they are telling the truth.

Unfortunately, the comment was an obvious copy/paste missive that didn't address any of the content of the post above and, as such, didn't add value to the conversation.

Contact me if you have any thoughts or concerns. (The information is above...or use the comment system itself.)

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Tue, 20 Jan 2009 17:09:54 -0000

A colleague advised me of your post regarding this issue in the "Payments and Cards Network" on LinkedIn. If this has been ongoing for 7 months...the number could, in fact, be staggering!

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Tue, 20 Jan 2009 17:06:36 -0000

It does mention that. "Armed with this data, thieves can fashion counterfeit credit cards by imprinting the same stolen information onto fabricated cards." A single statement that is followed by the quote in the blog regarding Card-not-present transactions...

The point of my thoughts is that I'm not sure everyone knows quite how simple and easy the concept of creating a counterfeit card really is. The technology is surprisingly inexpensive...and rather prevalent.

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Tue, 20 Jan 2009 17:03:54 -0000

I appreciate your sentiment.

I might restate as Heartland is not the ONLY victim. Keep in mind that, as they are a publicly traded company, this will (likely) have a measurable impact on their business.

You are absolutely correct that there will be a larger (most likely MUCH larger) dollar impact on fraud losses and the material cost of re-issuing cards. Which, for those in a credit union, is a ridiculous hit. I think your statement regarding PR is also enlightening...the average consumer has no idea who Heartland is, or more importantly what they do. They do know that their branded card from the CU down the street is now "unsafe."

I do find it intriguing that, in most breaches, the hardest hit (from a PR perspective) is the merchant itself. For example, TJX is to blame for my card being released at their store. In this scenario there isn't as easy a finger to point (at least for the consumer).

Thanks for your thoughts!!! I always appreciate the perspective of someone at a different point in the chain of business that makes the payment industry function.

Re: Payment Processor Breach: a stream of consciousness rant

tylerhannan — Tue, 20 Jan 2009 16:16:50 -0000

I agree completely. This a great example of criminal activity...And Heartland is a victim. As are the businesses it provides processing capabilities for (albeit tangentially). Perhaps most impacted are the cardholders...

Based on the type of business they are...and the focus on security & compliance in the payments sector it remains thoroughly intriguing and will be discussed, I believe, for years to come. (For example, the CardSystems breach and its impact are still topics of discussion)

Re: Why I Use Twitter: -or- Social Media in the Payments Industry

tylerhannan — Tue, 16 Dec 2008 23:50:29 -0000

Thanks for your thoughts...

To start. Is there enough knowledge in IP Commerce to do what we are doing better than anyone else? Absolutely. Without question. Does this mean that ignoring the knowledge in the industry is a good idea? Hardly!

I agree, wholeheartedly, that the hiring (and retention) of subject matter experts is key to the business. Extraordinarily important in fact. The purpose of my missive was not to encourage a lack of knowledge within an organization.

Rather, there is "tribal" knowledge that can be gleaned from interaction with a community that is simply untenable to obtain otherwise. I would love to employ all those who function as experts in the dynamic industry of payments and security. The sharing and distribution of knowledge has always been a key element, in my experience, to any successful organization. This is true in my work in the government sector, non-profit sector, enterprise retail, payments, scientific analysis, etc.

In a sense, social media has taken the brown bag lunch that organizations held with their respective teams and made it available in 140 character chunks. It has in-formalized the user group meetings I continue to attend...it has taken the monthly industry webinar and made it accessible whenever the inspiration for a group discussion strikes. A platform must add value to all participants...both in hard revenue and in soft knowledge.

To be frank, and perhaps too blunt, I would rather work with an organization respects the knowledge of a community than an insular organization that believes its customers and partners have no insight into the future and are unnecessary to "competing and consistently winning".

Re: Why I Use Twitter: -or- Social Media in the Payments Industry

tylerhannan — Tue, 16 Dec 2008 23:39:08 -0000

Thanks. I, for one, have enjoyed following you on twitter.

Re: Boxee

tylerhannan — Tue, 18 Nov 2008 10:49:34 -0000

It is definitely an intriguing sector...and, having spent substantial time looking for a solution for our own home theater, boxee is the furthest along in both number of connected services and interface simplicity. The competition is non-trivial (in large part dedicated hardware devices ala netflix streaming), but they open approach of additive connectivity without being locked to a specific service makes the boxee solution the most compelling.

However, the thing that is most intriguing about the boxee crew is their interaction with their community. Be it forum posting...or frequent tweets...they have truly cultivated a community.

I think that, long term, it will be interesting to see how the streaming media sector itself is affected by the bandwidth shaping of service providers. The roku forums are awash right now with people complaining of time based degradation of streaming service. There is no verification that the issue is provider based and not something less sinister...but considering the impact is an interesting thought exercise none the less.

Congratulations to the Boxee team and to Union Square Ventures. Best of Luck!

Re: Security, Security, Security: or PCI and PA-DSS on the mind

tylerhannan — Fri, 14 Nov 2008 02:34:53 -0000

Hence the link. Mike, I've always be impressed with what you have to say. Keep up the good work!

Re: What is a Platform?: a discussion from the past

tylerhannan — Tue, 04 Nov 2008 23:11:14 -0000

Not entirely sure what you mean. Each quote has "platform" included...each quote is germaine, none are (in my opinion) excessively long...care to elaborate?

Or do you mean I should endeavour to make statements that are more quote-worthy?

Re: Platform: core to the business, not a feature

tylerhannan — Wed, 29 Oct 2008 17:13:59 -0000

Derek,

Very valid point...That was, in part, what I was trying to get at with the title. Facebook, et al, approached the platform as a "feature" rather than a core element of the business. As such, there was no balance. It requires a measured and structured (or, perhaps, cadenced) approach to ensuring a balance throughout the network.

I like to think of this as aligning the interest of all participants. That's why, at IP Commerce, we spend time not only simplifying the technical complexity but templating business relationships for Software Companies (in particular). This ensures not only immediate value, but ongoing (and, in fact, recurring) value for all participants.

Re: Platform: core to the business, not a feature

tylerhannan — Wed, 29 Oct 2008 17:11:47 -0000

Elias,

I see you have spent a fair amount of time considering the multitude of business models. If you have additional questions regarding platforms, I am happy to discuss...or I continue to recommend the Catalyst Code as a method of understanding the complexity of the multi-sided market.

Re: How do I know what is happening in payments?

tylerhannan — Mon, 25 Aug 2008 13:09:40 -0000

Absolutely. If there are additional items or blogs you recommend I follow feel free to reach out via comment or directly.

Re: An Odd Experience: aka “Why is there a bus in Starbucks?”

tylerhannan — Sat, 07 Jun 2008 13:59:45 -0000

Based on the way it struck the building, I wouldn't think there was a driver inside the shuttle. . .possibly user error. I still think the bus was just thirsty (new flex fuel?)

Re: An Odd Experience: aka “Why is there a bus in Starbucks?”

tylerhannan — Fri, 06 Jun 2008 18:46:31 -0000

It smashed a tree, broke the drivers side door, and mangled the bumper. No injuries other than those. Definitely Odd.