Monday, June 26, 2006

Bank Data Is Sifted by U.S. in Secret to Block Terror - New York Times WASHINGTON, June 22 -- Under a secret Bush administration program initiated weeks after the Sept. 11 attacks, counterterrorism officials have gained access to financial records from a vast international database and examined banking transactions involving thousands of Americans and others in the United States, according to government and industry officials. The program is limited, government officials say, to tracing transactions of people suspected of having ties to Al Qaeda by reviewing records from the nerve center of the global banking industry, a Belgian cooperative that routes about $6 trillion daily between banks, brokerages, stock exchanges and other institutions. The records mostly involve wire transfers and other methods of moving money overseas and into and out of the United States. Most routine financial transactions confined to this country are not in the database. Viewed by the Bush administration as a vital tool, the program has played a hidden role in domestic and foreign terrorism investigations since 2001 and helped in the capture of the most wanted Qaeda figure in Southeast Asia, the officials said. The program, run out of the Central Intelligence Agency and overseen by the Treasury Department, "has provided us with a unique and powerful window into the operations of terrorist networks and is, without doubt, a legal and proper use of our authorities," Stuart Levey, an under secretary at the Treasury Department, said in an interview on Thursday. The program is grounded in part on the president's emergency economic powers, Mr. Levey said, and multiple safeguards have been imposed to protect against any unwarranted searches of Americans' records. The program, however, is a significant departure from typical practice in how the government acquires Americans' financial records. Treasury officials did not seek individual court-approved warrants or subpoenas to examine specific transactions, instead relying on broad administrative subpoenas for millions of records from the cooperative, known as Swift. That access to large amounts of confidential data was highly unusual, several officials said, and stirred concerns inside the administration about legal and privacy issues. "The capability here is awesome or, depending on where you're sitting, troubling," said one former senior counterterrorism official who considers the program valuable. While tight controls are in place, the official added, "the potential for abuse is enormous." 8:42:01 AM  PermaLink   / trackback []

Bank Records Secretly Tapped (Wash Post) The Bush administration, relying on a presidential declaration of emergency, has secretly been tapping into a vast global database of confidential financial transactions for nearly five years, according to U.S. government and industry officials. Initiated shortly after Sept. 11, 2001, the surveillance program has used a broad new interpretation of the Treasury Department's administrative powers to bypass traditional banking privacy protections. It has swept in large volumes of international money transfers, including many made by U.S. citizens and residents, in an effort to track the locations, identities and activities of suspected terrorists. Current and former counterterrorism officials said the program works in parallel with the previously reported surveillance of international telephone calls, faxes and e-mails by the National Security Agency, which has eavesdropped without warrants on more than 5,000 Americans suspected of terrorist links. Together with a hundredfold expansion of the FBI's use of "national security letters" to obtain communications and banking records, the secret NSA and Treasury programs have built unprecedented government databases of private transactions, most of them involving people who prove irrelevant to terrorism investigators. Stuart Levey, undersecretary of the Treasury for terrorism and financial intelligence, said in an interview last night that the newly disclosed program -- the existence of which the government sought to conceal -- has used the agency's powers of administrative subpoena to compel an international banking consortium to open its records. The Brussels-based cooperative, known as the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, links about 7,800 banks and brokerages and handles billions of transactions a year. Terrorism investigators had sought access to SWIFT's database since the 1990s, but other government and industry authorities balked at the potential blow to confidence in the banking system. After the 2001 attacks, President Bush overrode those objections and invoked his powers under the International Emergency Economic Powers Act to "investigate, regulate or prohibit" any foreign financial transaction linked to "an unusual and extraordinary threat." Levey and other officials emphasized that the government has confined its financial surveillance to legitimate terrorism investigations and tightly targeted searches. After identifying a suspect, Levey said, "you can do a search, and you can determine whom he sent money to, and who sent money to him." 8:35:00 AM  PermaLink   / trackback []

Slashdot | U.S. Secretly Tapping Bank Databases The Washington Post and New York Times are reporting on a Bush administration initiative that has tapped into a vast global database of confidential financial transactions for nearly five years. Relying on a presidential emergency declaration made under the International Emergency Economic Powers, the administration has been surveilling the data from the SWIFT database, which links about 7,800 banks and brokerages and handles billions of transactions a year. From the article: Together with a hundredfold expansion of the FBI's use of "national security letters" to obtain communications and banking records, the secret NSA and Treasury programs have built unprecedented government databases of private transactions, most of them involving people who prove irrelevant to terrorism investigators. 8:31:28 AM  PermaLink   / trackback []

Business: No cash? No card? Just stick in finger TAMPA - Customers can pay with cash, plastic or their index finger at a new Coast to Coast Family Convenience store here. Taking a big step beyond the ease of the Mobil SpeedPass, Coast to Coast has installed what's claimed as Florida's first biometric payment system. There are no cards or PIN numbers to remember. Just stick your finger in the scanner and be on your way. While applications are available to process credit and store loyalty card transactions by fingerprint, this one is limited to processing only debit account transactions. "People either love it or think it's a sign of the coming apocalypse,'' said Amer Hawatmeh, owner of the new convenience store at 110 E Bearss Ave. who signed up a few hundred customers for Pay By Touch. "But to me, it's the wave of the future.'' Pay By Touch is one of several speedier payment technologies racing to build enough retailer acceptance to ace out rivals and overcome consumers' rising concerns over identity theft. It's all on the road to payment gurus' vision of a cashier-free future, in which customers just walk out the door while their transaction is automatically processed. The big credit card companies, for instance, are deploying a card reader developed by MasterCard International that picks up a radio signal to record a transaction when a card is merely tapped on or waved around a reader at the checkout stand. Other wireless systems in use in other countries use built-in payment system prompts broadcast to and from a cell phone to activate vending machines. Pay By Touch is a closely held San Francisco startup that uses finger-scan technology to authenticate payment account holders. Backed by $130-million in venture capital money, Pay By Touch recently paid $82-million to acquire BioPay LLC, its biggest finger-scan competitor that has won a following in Europe big enough to authenticate $7-billion worth of transactions to date. Pay By Touch now has tests under way with several convenience stores, gas stations and supermarket chains around the United States, including Harris Teeter in the Carolinas, Farm Fresh in Virginia and Jewel Osco in Chicago. "Finger scanning is new, so we want to get people used to it by building acceptance at high-frequency, high-traffic retail locations such as gas stations and grocery stores,'' said Leslie Connelly, spokeswoman for Pay By Touch. "We're also going into places where people who don't have a banking relationship cash paychecks.'' The company is a bit puzzled by customer privacy fears. After all, they say, how can using a unique fingerprint for identification be riskier to theft than a plastic card, key chain token or account number that's tapped into a computer or spoken over the phone? The company pledges not to sell or rent personal information, or access to it. The fingerprint image recorded is not the same as those collected by the federal government or law enforcement. It's similar to the finger-scan technology used at theme park gates. Those systems take measurements of patrons' hands and fingers and link them to a multi-day pass to prevent several people from using one person's pass. The Pay By Touch computer records a multitude of point-to-point measurements and stores them in an encrypted form in an IBM data center. Images of both index fingers are kept in case a shopper's trigger finger is hidden by a bandage. 8:28:19 AM  PermaLink   / trackback []

Slashdot | Biometric Payment Arrives in a Store Near You  "A chain of Florida convenience stores has begun accepting fingerprints as payment, using a biometric system called Pay By Touch. The company is a Bay-area startup backed by $130 million in VC cash and the acquisition of BioPay, a Virginia-based biometrics firm that's already done $7 billion in European transactions. From the article: 'The company is a bit puzzled by customer privacy fears. After all, they say, how can using a unique fingerprint for identification be riskier to theft than a plastic card, key chain token, or account number? ...The fingerprint image recorded is not the same as those collected by the federal government or law enforcement.'" 8:24:13 AM  PermaLink   / trackback []

Slashdot | Freenode Network Hijacked, Passwords Compromised? tmandry writes "The world's largest FOSS IRC network, FreeNode, was hijacked (for lack of a better term) by someone who somehow got a hold of the privileges of Robert Levin, AKA lilo, the head honcho of FreeNode and its parent organization, PDPC. To make matters worse, the passwords of many users may have been compromised by someone posing as NickServ, the service that most clients are configured to send a password to upon connecting, while they reconnected to the servers that hadn't been killed. Of course, if someone was able to nab lilo's password, every user password may have been ripe for the taking. The details are still unknown, but these events raise scary questions about the actual security of FreeNode and other organizations like it."  8:17:12 AM  PermaLink   / trackback []