The CookieCrunch

On the 25 May 2011 the UK became the first EU country to bring the new cookie directive into law – and on the same day, the UK Government announced a 12 month delay on any enforcement action being taken.




Last nights Bootlaw event, looked at what the cookie law means for start ups and website operators and what you are supposed to be doing over the next 12 months before the laws are going to be enforced.

The Directive states that ‘explicit consent’ must be sought by website owners before they track the online behaviour of their users using cookies, whereas previously, users simply had to be given the opportunity to opt out. The new law aims to give consumers more control on how their internet browsing is tracked.

The UK government proposes to adopt the wording of the Directive exactly as it stands. It states that consent must be given before organisations place cookies on a user’s computer or retrieve cookies previously stored there. However, the Directive does not provide detail on how this consent is to be achieved and so there remains a large question of interpretation.

They discussed technical solutions which could allow websites to collect user consents to cookies without getting in the way.Businesses and organisations running websites in the UK must wake up to the fact that this is happening.”

LiveEnsure™ is our authentication technology that doesn't store any personally identifiable information such as user names and password, nor does it rely on the browser, Javascript or cookies. It is simply powerful, real-time session authentication.

You can update yourselves on last nights session listen to Danvers Baillieu the Pinsent Masons LLP in London update here.

More audio coverage is uploaded on AudioBoo.

http://audioboo.fm/TheCookieCrunch

Mobile Security Starts with Authentication.

No one could have predicted the rapid evolution of the phone, from the brick phone to the flip phone, the mobile phone has evolved quite a bit in the last 25 years. The overarching trend had been toward smaller and smaller devices, but this preoccupation with size seems to have reached a plateau. The focus now is squarely on adding capabilities.

For many using the mobile device as a phone has become indispensible seldom will anyone leave home without their phone.

New smart phones have the processing capabilities of computers, and they going to play a significant role in identification as applications evolve.

Airlines already enable travelers to download boarding passes to smart phones. Hotels enable guests with to download room keys and bypass the front desk. Corporate users generate one-time passcodes on handsets to gain access to computer networks and authorize transactions. But this is just the beginning.

Two-factor authentication is already happening

For many using the mobile phone for an extra level of authentication may seem futuristic, but it’s already here for some. The use of one-time passcodes with mobile devices is commonplace. Smart phone owners can download an app to generate the codes while other providers send codes via text messages. These one-time passcode systems have been vulnerable to man-in-the-middle attacks. There is an array of these attacks but they all have the same basic premise–a hacker eavesdrops on an individual’s Web activity and changes information or forges a Web site to gain access.
LiveEnsure is leading the way offering Saas Authentication to protect the site, the session and the user.


2011 will be a transition time for mobile phones and what consumers do with them is set to increase. LiveEnusure is authentication for this transition period, replacing what we do with smart cards and tokens … truly authentication for the future.”


Smartphones half of handsets shipped by 2012

With a plethora of apps, their large screens, built-in cameras and plenty of processing power–more than 50% of U.S. handset shipments will be smartphones by 2012, according to research firm In-Stat. Globally, shipments are projected to reach 850 million units by 2015.

By December 2010, U.S. smartphone adoption had surged to 27% penetration, according to comScore. There was rapid adoption of Google Android devices, making Google the second largest operating system by the end of the year.

Security is not a game. Protecting your revenue and your users identities in the mobile space is key - without tracking, storing or trafficking in their privacy information.

With LiveEnsure™ you can verify user, site, device and session in real time.

Layered Approach to Security is the Only Way.

Reading this oracle presentation, it takes you through very clearly multifaceted interactions of employees across a business. The best defense it says is a and I totally agree is multi-dimensional and multi-level approach.

http://slidesha.re/jM0TI2

If nothing else click through to the slide 'obvious but often overlooked' so many businesses focus on firewall and encryption paying little attention to authentication, believing user-name and password are enough, anyone reading my blog will know this is not the case. Identification is most definitely not authentication.

Christian Hessler debates this so well in his blogs:

Top 10 Habits of Highly Effective Security Solutions

1-3 http://bit.ly/f69F9l
4-6. READ ON! http://bit.ly/f91Jyo
7-10 FINALE! http://bit.ly/gSyf3p

An interesting presentation.

Remote Working - simplified with LiveEnsure- Unified Communications Show.

LONDON, March 8, 2011

A key subject at todays Unified Communications Expo 2011 http://www.ucexpo.co.uk is the new era of the 'remote worker' Today new research indicates that remote working is still a controversial topic in the UK.

Research among delegates who pre-registered to attend illustrates that there's still a difference of opinion when it comes to remote working in the UK. Almost exactly half of those surveyed claimed that people are accepting of remote working and that home working can be just as productive, indicating that attitudes here are almost perfectly split down the middle. There is however a marked difference between the technology- and business-focused attendees with 61% of the technology audience against just 45% of the business audience agreeing that it's acceptable.

79% of respondents agreed or strongly agreed that smartphones are essential to their business, implying that, even if attitudes towards home working are divided, attitudes towards mobile integration are not.

LiveEnsure™, is able to provide secure multi-factor authentication for a variety of corporate network resources for internal and external security.

Remote Access / VPN
Protecting remote access mechanisms in the corporate network is crucial to prevent unauthorised access by external users. LiveEnsure™ is able to protect these resources with strong authentication and is easily integrated by your web developer or digital agency. It is a mashup.

Web- Authentication Security- Protecting Login.
LiveEnsure™ is the solution for providing convenient, strong authentication to an external user base which accesses a web service or application, such as internet banking, e-commerce sites, commercial portals or document repositories. LiveEnsure™ can be deployed directly from our portal it easy is to deploy and manage, and will integrate simply into your web infrastructure.



Full Article
http://www.finanznachrichten.de/19571253

LiveEnsure introducing Authentication to The Game Developers Conference.

LiveEnsure is attending the GDC – The Game Developers Conference (GDC), San Francisco the world’s largest professionals-only game industry event.

http://www.gdceurope.com/


Authentication is an essential layer of security for companies who are active in the online, mobile, betting, bingo, casino, lottery and street gaming sectors.

Christian Hessler will be discussing our authentication solution with programmers, producers, game designers, audio professionals and others involved in the development of interactive games.

The exhibition is packed with hundreds of genuine gaming innovators who will be launching thousands of new products and technologies.

This short video gives a short introduction into how we protect gamers online.

http://bit.ly/etggX6

Phone Apps Insecure!

It is becoming more clear to me that as we move into the mobile age, companies need to move to the next generation of identity security. Even the big brands are still burying their heads in the sand, majoring on what the password is its format etc rather than adding another factor to their security.

The world we live in today is fastly moving to mobile, ipads, tablets and phones are the way we all transact, the normal username/password credentials are just not enough to protect us. Yet apps and retailers still expect us to hang our 'assets' on the line when interacting with them. Only yesterday I read that the Starbucks app is insecure, why are they missing that necessary authentication layer.

Starbucks...
Mobile barcode scanning apps have come under fire recently. Earlier this month, security researchers found that the Starbucks iPhone app – which embeds a customer’s payment information in a picture of a barcode – can be hijacked in about 90 seconds. See Christian's Hesslers feature on Privacy Daily.


http://paper.li/tag/privacy

Brands who are developing mobile apps and websites can simply deploy LiveEnsure to protect their users from phishing, pharming and man in the middle attacks.LiveEnsure™ uses Digimetric™ technology to uniquely identify computers, cellphones and other devices, without building profiles of the people who use them.

Authentication is importand for The Big Society

17 February 2011, Oxo Tower Wharf, London
#bsngiving


The UK Government's great ambition is to build a stronger more resilient society where people have more control over their lives and local communities have the motivation and capability to take decisions which impact on them on a daily basis.

This 'Big Society' requires us to develop a generous culture of giving and mutual support.

The Big Society Network exists to convene people from across society to think about, support and generate new ideas to help enable people pursue their individual and collective aspirations.

Give it Up! is a unique opportunity to bring together established thought leaders in this field along with people with new ideas and technology know-how.

LiveEnsureTM will engage with the fresh thinking, and a forum for new connections and ideas.


With Big Society moving to the cloud the security challenge is really about securing the access points – the doors ( and windows if applicable ) to your house ( of data ). For standard lock read – user name and password.

And the reality is that most applications that are accessed via a standard user name and password ‘lock’ are hosted in the Cloud and insecure. LiveEnsure™ is much stronger authentication not identification, easy to implement and easy to scale.
It is a solution that is easy accessible and implementable a SAAS solution; one that is easy to scale (The end user does not have to carry around some kind of device like a dongle or USB key) and one that is strong (is immune to traditional hacks).

We are happy to demonstrate and would like to offer to charities free of charge, your developers can download the freemium version now.

2011 The Year of Authentication for Security!

Last year ended with Gartner's John Pescatore note on the need for stronger authentication and a move away from relying upon reusable passwords. This post was driven by the recent Gawker incident but is simply more evidence toward what Gartner has been saying all along authentication is an essential as a security factor.

The one area where companies could get the most immediate value for their security budget is with stronger authentication. In the mentioned note Pescatore states:

LiveEnsure is trying to remove the barriers to multi-factor authentication to make stronger security available to everyone. LiveEnsure™ is embracing digital device fingerprinting technology for authentication with Digimetrics™, our patent-pending technology based on a synthesis of multiple factors. The "fingerprinting" data is challenged "outside" the browser, its data is *not* shared, and the process is session/commerce context specific, i.e. purpose-built keys - the "smarter" and "safer" version of a universal fingerprint. This architecture is based on years of study - finding that trusting purely general-built keys is great for convenience but not worthy for security.

LiveEnsure™ sits in the gap - providing strong, real-time authentication, using a universally unique digital footprint of a laptop, ipad, device or smartphone. There is nothing for the user to download, install and no out of band/dongle/token to look after. The login process is seamless the clever device recognition happens without the user being aware, checking the device fingerprint in real time as part of a secure triangulation.











Full Note Link below:

http://blogs.gartner.com/john_pescatore/2010/12/17/the-future-of-passwords-put-all-your-eggs-in-one-basket-and-really-really-watch-that-basket-or-stop-using-eggshells-as-the-foundation-of-e-commerce/

Digital Fingerprinting is an essential part of authentication!

The Wall Street Journal headlines last week announced the Race Is On to 'Fingerprint' Phones, PCs. Device fingerprinting is a powerful emerging tool in internet security trade, and LiveEnsure™ is leading the way with its SaaS authentication offering for web and mobile.

It might seem that one computer is pretty much like any other. Far from it: Each has a different clock setting, different fonts, different software and many other characteristics that make it unique. So it makes perfect sense to uses Digimetric™ technology to uniquely identify computers, cellphones and other devices, without building and sharing profiles of the people who use them.

I can't understand why more websites and apps are not more rapidly embracing digital device fingerprinting technology for authentication. It adds an altogether new layer of security for the user, the site and the session. The "fingerprinting" data is challenged "outside" the browser, its data is *not* shared, and the process is session/commerce context specific, i.e. purpose-built keys - the "smarter" and "safer" version of a universal fingerprint. This architecture is based on years of study - finding that trusting purely general-built keys is great for convenience but not worthy for security.

LiveEnsure™ sits in the gap - providing strong, real-time authentication, using a universally unique digital footprint of a laptop, ipad, device or smartphone. There is nothing for the user to download, install and no out of band/dongle/token to look after. The login process is seamless the clever device recognition happens without the user being aware, checking the device fingerprint in real time as part of a secure triangulation.

Low price high strength, developers can mash up today at http://www.liveensure.com/

The New Social Rules- Authentication is Essential

The New Social Rules - 24th November 2010

November has been non stop with Facebook launching a new service, offering email to its user base and opening more data about ourselves to a large organisation, what does this mean to The New Social Rules now?

I am looking forward to some interesting debate tomorrow with 100 people registered social media speakers from PayPal, ex Managing Director of MSN UK, Ketchum Pleon, Twitjobs and an angel investor the panel will be sharing their insights. The new rules of communication are constantly changing, social media impacts our outlook, the decisions we make now ,our future career, children and financial well being.

I urge you to take a few minute to crash through these slides on the new digital age, Tony Fish as ever has his finger on the pulse and is spot on:

'Reputation is all you have and your name is a good identity so don't abuse or loose either'

'Your digital footprint is worth more than your salary'

'Your password is the weakest point in your armour'

I will tomorrow be flying the flag for the need for communities, businesses and organisations to authenticate their users to protect not only the users but themselves.


'Don't sack the person who has the corporate login for your facebook fanpage, group, twitter accounts, linkedin profiles, until other people have access and admin rights- or you will be held hostage'

New rules for living in a digital age

View more presentations from Tony Fish.

Like Car Brakes? The Future for Security

Like car brakes? The future for security

I cannot agree more with Bruce Schneir of BT, the push for security is coming directly from consumers.Consumers assume they are secure... and now when they are not they are moving their custom.

The provider is going to be the website, application, community of whatever technology service is in operation. They will have to consider and build in the security, so seamlessly that the end user never has to think about it.This is where new technologies like LiveEnsure come into their own they are easily implemented across the consumer online experience.

I’ve talked about security being part of everything for years, I am pleased to say rising tide of user expectation is now forcing the reality. As this article from last weeks Gartner Symposium says Security will become a B2B market where security and solutions providers work together to create the magic. We are currently working with Virtual Technology Group, Global Mobile Solutions and FabriQate to make this a reality.

More and more, this makes security specifically, and IT as a whole, a utility.

Fear has been the best way to sell security.

Many vendors have tried to develop ROI models to prove value and build desire, but that’s never really worked, a great number stick with old products giving packaging and promotion regular facelifts. As the market moves to utility models like LiveEnsure, they’ll be much less need to prove the value of the “investment” as initial outlay is low.
Brands will spend the money because they have to.

In this new world we are selling reputation and the benefit of the solution, with strength of security as an assumed feature.

Just like the brakes on your car.

Inspiration taken from Ellen Ferrara who was reporting live from the Gartner Symposium/ITxpo. http://www.blog.bt.com/gartnerITxpo-cannes-2010/?p=174


To Learn more about LiveEnsure authentication for web and mobile: http://events.linkedin.com/LiveEnsureTM-Technology-Session/pub/407646

Ecommerce Expo, National Hall Olympia..Next week

I am looking forward to attending next weeks, E Commerce Expo it is the industry event for the UK and, increasingly, Europe. It ranks as one of the largest gatherings of E Commerce professionals in Europe and boasts over 140 exhibiting companies plus a comprehensive conference programme.

http://www.ecommerceexpo.co.uk/page.cfm/Action=Seminars/SeminarDate=10_19_2010/goSection=4


Scanning the session list there are really great people telling their stories, I am looking forward to hearing from:

Steve Willey, Group Head of Product Development, moneysupermarket.com

Joe Leech, Principal Consultant, cxpartners

Matt Henderson, Director of Merchant Services, Amazon

Tjipto Sugijoto, Managing Director for Americas, Intershop.

Very surprised to see we are the only best of breed security vendor in attendance... and that there is no session talking about authenticating and protecting your user. With consumers being targeted by hackers, phishing and pharming attacks I would have expected at least one session.

"Relying on static, user-generated passwords to outwit expert hackers leaves ecommerce site severely at risk for data theft," said Christian Hessler, CTO, LiveEnsure™. "Ethical organizations are recognising the need for authentication security. We have made our solution affordable, accessible and quickly deployable for ecommerce sites."

http://www.liveensure.com/getit.html


NOTE to Show organisers... the regulators are really coming down on companies who don't protect their online consumers. A Session would have been good, Christian our CTO would have covered the importance of online authentication and I am sure Stewart Room the leading legal light in data protection would have covered changes in Legislation.

www.christianhessler.com/

http://www.stewartroom.com/

Cyber Criminals, New Job Option....

e-crime Mid-Year Meeting 5 October 2010, Victoria Park Plaza, London.

As we all know Technology is continuing in it relentless advance at such a rapid pace that even 10 years ago anyone predicting our current technology-enabled capabilities would have been considered crazy. We are all living in a world that is totally connected 24/7. We are the martini generation of computers, anytime, anyplace and anywhere, just like martini time we are very relaxed about our security.

The e-criminal- A Growth Profession!
These quantum changes are matched in the way e-criminals operate, singularly or as very sophisticated groups. Their objective is to find a way around website, apps and mobile protection. E-Criminals are the cyber equivalent to burglars who pick locks and break windows. There is one obvious area where commercial organisations are ‘holding the door’ open for the e-criminal, and that is around login and authentication, research tells us that the 2 factor username and password is not enough you may have left your door open for the e-criminal.
The Cost of CyberCrime to business.
Studies by the Ponemon Institute reveal that a security breach costs a company:
• an average of £64 per file
• £10,000-£120,000 of admin costs
• An ICO fine
• Reputation Damage.

Pro-actively investing in security can help a business avoid potential costs, loss of resource and productivity that security violations can have on a company. Attacks on organisations are becoming more frequent and the attacks are moving outside of the financial sector into all sectors that transact on the web. (Retail, Gaming and Social Networks)

Cloud Computing its coming... well actually everyone is going that way!

The sessions focused on cloud computing, the buzz words of revolutionary cost and savings and operational flexibility, were tainted with concerns for security. Realising the cloud’s benefits is determined by the trustworthiness of the Cloud Infrastructure- in particular the software applications that control, access, private data and automate critical processes. Assuring the inherent security of your associated software is a key factor to successfully embracing cloud options.

The pan-European survey by Portio indicates that 75% of CIO’s viewed security as a barrier to adopting cloud computing, more than 65% said they would move between 21% - 60% of their applications to the cloud in the next year.

STATS
I love all the stats, and they make great colourful graphs but the fact is businesses are moving into the cloud, they need to protect themselves and their users . There is a growing need for effective non invasive security like LiveEnsure authentication.

The content of this mid -year meeting was exceptional, delivering practical advice focussing on how security can help businesses to adapt to change, take advantage of opportunities and remain secure.

http://www.e-crimecongress.org/forum/

LiveEnsure™ Authentication for the Future Summit

Authentication for the Future- Summit

London-21st September 2010

The first LiveEnsure™ Authentication for the Future Summit in London next week will cover the development and deployment of LiveEnsure™ secure authentication. LiveEnsure™ is ground breaking privacy enhancing technology that protects, sites, sessions and users.

Michel Poignant, CEO of Paymotech will talk of the deployment of LiveEnsure™ and how it will build confidence and trust in their services. Paymotech is growing rapidly delivering secure accessible payment solutions to an ever-growing mobile community. This initiative will build customer loyalty and trust in Paymotechs growing portfolio of services.

Christian Hessler CTO of Palm Tree Technology will take a deep dive into the technology with sessions for Analysts, Press and Developers.
The session content can be followed on http://www.liveensure.com/blog.php

The live analyst and attendee commentary can be followed on Twitter- #LiveEnsure

'How to achieve excellence in joined-up marketing'

Embracing Social Media in your Promotional Mix.

Savvy businesses understand the power of social media. It can be very challenging to integrate with traditional marketing.Below is a list of which social media tools can be easily integrated, how to use them in an effective way alongside traditional methods and how to prove they're a good investment.

The Marketing Mix has changed Dramatically

Socialmedia: Twitter:The News Feeder/Seeder

Twitter allows direct contact with the audience, in a simple and effective way: messages are limited to140 characters.
Twitter can be used to perpetuate messages/news, create, support competitions to monitor people’s opinions and market activity. It is proven as an effective media to launch a product on the market. There are automatic tools you can use but the business needs to engage with it to make it successful. (Dell. Sun and BestBuy, Liveensure, are excellent examples)But your followers unless you are a full on A lister are unlikely to be interested in the fact you are enjoying a frapocino as starbucks...keep it real, re-tweet your news, research and information.

Facebook and Linkedin

Social media campaign and communities: Linkedin Network/Facebook Fan Page
Facebook is the biggest social network all around the world with more than 28 million active profiles in the UK representing over 70% of the UK community.

LinkedIn has 50 million business users worldwide and is growing at one new member per second ‘Groups’ are a compelling way to communicate to your end users..
Buzz Words: Tribe, lurk and blurt.(I admit to being a bit of a lurker it comes from my heritage in online customer experience and natural female curiosity).

We have formed groups on both:

Facebook Short: http://bit.ly/cQIp27

LinkedIN :Short: http://bit.ly/c5F4jq

Simply link these to your website and add to email signatures, let people share your information and you will increase your digital footprint.

Blogger Outreach
Direct communication with bloggers is a effective way of increasing buzz online. Certain bloggers are considered experts in their sector and “opinion leaders”: they are the ones to activate the word of mouth viral activity getting too the real influencers. In internet security we have the effervescent Graham Cluley. The main objective is to grab their attention and interest and get them to endorse the product/brand. Create a list of key influencers in your sector and start to engage with them, don't sell- cut and paste will not work with these guys).
 
Social Success is Measurable

Marketing Analytics, Measurement, Metrics, Social Media, Twitter
More than ever, hard numbers are necessary to demonstrate success. They are all but incontrovertible and easy to communicate, and they can point out what is or isn't working.

There are some leading players in agencies who can help largers organisations get Social:

• Steve Richards, MD, Yomego - The social media agency, http://www.mysocialmediareputation.com/
• Jam http://www.spreadingjam.com/
• Adam Parker of realwire www.realwire.com/ourStory.asp.

For new-media Twitter, with its established tweetocracy (and people coining phrases with "tweet" left, right, and center), marketers are finding more tools to help them understand how their efforts are performing in this new medium.
There are many free time saving tools to measure the dynamics of activity.

Social Streams

You can very simply activate,monitor and connect:

ActiveTwitter Profiles,
Active Blog Content ,
FACEBOOK Page,
Viral Videos- You Tube,
Case Studies- video and editorial,
Communities,
MEET UP.

Once activated, communicate alongside your usual email and telephone details, let your customers and staff know you are social.

Summary

The good news facebook pages, linkedin communities and blogs are free BUT the challenge is engaging with internal resource to make the strategy work to ensure the messages are consistent in traditonal and social media. For best results a company needs to as a whole get social.

This post is part of the #JUMPchallenge, a blogging competition designed raise awareness on how to join up online and offline marketing, launched to support Econsultancy's JUMP event

Vote for me at http://advice.perkettpr.com/err-on-the-side-of-caution/

Twitter-in a Twist- lost followers

Twitter has an embarrassing bug on its hands – one that allows users to make anyone follow them. Mashable reader Ozan Yılmaz emailed mashable this morning, writing “[tweet] accept [username]” then the [username] immediately starts following you.”

Initially I noticed that my main Twitter account was following lots of new people that I had not manually followed. That means that if peopel chose to exploit this bug, their tweets could show up in anyone’s timeline — at least until the issue gets resolved. Well it appears the powers to be from twitter have resolved it with a mallet... I now have no followers, no one I am following and my lists have disappeared.

Other reports confirm that this exploit is currently being used by many users. No word yet from Twitter on when this might be fixed and if they’ll be able to do undo the damage, but I’ll update here when I know more.

Twitter is experiencing the same problem OpenID will have, or any "federated" approach where a true factor is not involved in authenticating requests such as this. The balance is, most solutions are too "expensive" (meaning hit to processing, user experience - not just cost) for such lightweight, high-scale things based on the social network site usability or cost model.

Twitter needs to find a strong simple to embed authentication technology that - gives the best of both: strength and validation with SAAS utility ease and integration, cost; but without the thin "browser-only or service-only" rigor that can enable such "over the transom" requests.

Not surprisingly 3 the top 10 trending Twitter topics at the moment have to do with the bug and the zeroing of followers.

Read what the press is saying:

http://www.informationweek.com/news/software/web_services/showArticle.jhtml?articleID=224701415

Online Fraud Protection requires a layered approach.

Identity Management Requires Defense in Depth, Much Like Enterprise Security

I could not agree more with Scott Waddell's blog entry on depth of security. It’s only a matter of time before today super powered cyber criminals find ways to take advantage of the inherent weaknesses in even the best technologies, '2 factor' have been hacked, username and password is not enough... you can google for yourself the stories.

Today’s cyber criminals are so tech savvy and innovative that staying one step ahead of them isn’t always possible. So when it comes to network security, a good defense should be made up of several different layers. That way, even if a hacker is able to exploit vulnerability in one layer of the system, he may be stopped or slowed down by another. This strategy, known as defense in depth, essentially allows organizations to protect the integrity of their systems by slowing hackers down and buying security professionals the time they need to respond to a security breach once it has occurred. This mitigates the damage that malicious hackers can do, even if they are able to make it past initial barriers.

The same basic principle of creating a more comprehensive defense by layering tools and diversifying methods can be applied to fighting online fraud. To successfully combat online fraud, a fraud management system should include the layers of defence including multi-factor identity authentication.

I agree wholehearteldy with Scott that the best offensive against cyber crime today is a multi-layered defense.

http://blog.iovation.com/2010/02/19/fraud-management-requires-defense-in-depth/#more-1580

People are becoming too relaxed about privacy on social media!

People are sharing so much on social networks, new services on these sites look appealing and it is human nature to try them according to The New York Times Yesterday :

"This is all part of one big trend: People are becoming more relaxed about privacy, having come to recognize that publicizing little pieces of information about themselves can result in serendipitous conversations — and little jolts of ego gratification."

But no one on social networking sites expected to have their credit card numbers publicised. Except that is what happened this week — or at least what was discovered this week.

Many people are quite rightly wary of sharing intimate information online because they are not sure how it will be handled, users assume they are secure. The 'Blippy' story highlights how the data protection laws have not yet started protecting our transactions on line and online services are not implementing effective online security.

http://econsultancy.com/blog/5802-bippy-publishes-credit-card-information-on-google