Airbnb, a website that helps users find short-term accommodations in the living rooms and recreation rooms of cities around the world, announced today that it has raised $112 million in second round funding from Andreessen Horowitz, DST Global, and General Catalyst on a valuation of $1 billion. The company’s previous round of funding totaled $7.8 million. READ MORE
Germany is issuing another warning. This time, though, it has nothing to do with a debt crisis. This recent Achtung, released by Germany’s Federal Office for Information Security (BSI) says that Apple’s iPhone, iPads, and iPod Touch devices are vulnerable to malware delivered via PDF. Devices running versions up to iOS 4.3.3. could be at risk if users click on the infected file, giving a hacker administrator privileges and thus access to data such as passwords, banking information, and even the built-in camera. READ MORE
The Federal Bureau of Investigation says it has clamped down on scareware gangs that are said to have stolen more than $74 million from computer users and netted $2 million in losses. The FBI’s Operation Trident Tribunal has charged two Latvians and seized more than 40 PCs, servers, and bank accounts in several European countries, including Lithuania, Sweden and Germany. READ MORE
“Crackberry” addicts who remember sweating bullets during the long-running Blackberry patent infringement lawsuit of 2005 and 2006 have new reason to fear. Audio giant Dolby has filed suit against Blackberry maker Research In Motion in the U.S. and Germany alleging patent infringement for use of its audio file compression technology. Apparently, it’s used in countless smartphones and other devices, but, Dolby claims, “all other major smartphone makers” have agreed to pay licensing fees for it. READ MORE
Imagine you’re floating happily in a hotel pool when the iPhone you left by your beach chair rings. You know it’s an important call, and you want to answer. Maybe someday you can, by simply drawing your index finger across your palm. That’s the idea behind some new research at the Hasso Plattner Institute in Germany, which shows that users familiar with their smartphones can easily reproduce familiar functions with 80 percent accuracy even if they’re not actually holding a phone. READ MORE
Researchers from the University of Ulm in Germany have found that 99 percent of devices running Google’s Android operating system are vulnerable to attacks in which adversaries can steal digital credentials used to access calendars, contacts and other data, writes Dan Goodin for The Register. The researchers reported that even though Google patched the security hole earlier this month with the release of Android 2.3.4, devices that sync with Picasa web albums still transmit sensitive data through unencrypted channels. READ MORE
In his immortal speech delivered on the steps of the Lincoln Memorial, Martin Luther King Jr. shared his dream for this country. In one of the most quoted parts of the speech, he spoke of his wish to see his children judged not by the color of their skin, but by the content of their character. Those words will live on forever to inspire generations of people to come. Because the content of our character is what tells people who we are, what we believe in and what we stand for. And through this speech we understood the content of this remarkable man’s character. So if we’re to be judged, we’d like to be judged by our accomplishments, capabilities, and by what we’re made of. And from a business perspective, we not only should want to be judged in this manner, we need to be judged as so. However, the people we seek judgment from do not preside over courtrooms and pound gavels, but rule over social networks and comment on blogs. But shrinking attention spans coupled with an exponentially-increasing supply of online information is making it harder for us to plead our case to the judge. One thing we do know — the only way we stand a chance of having the content of our character judged in the age of social media is by creating content that is full of character. Some may confuse character-filled content with colorful content. Others may feel images, pictures, and videos will turn heads and focus eyeballs. And they absolutely can, but only for a minute if there’s no real substance accompanying the color. Because substance is what our online judges are looking for to allow them to make important decisions. And while it is important to offer up content on a regular basis, the quality of it is the most important factor. Quality of content not quantity Many feel it’s too time consuming to create good content, or that it’s too daunting a task. But you don’t have to write volumes to share the content of your character. Abraham Lincoln needed less than three hundred words to express his feelings for what took place on a battlefield in Maryland during his Gettysburg Address. What many feel was the most important speech in our country’s history is shorter than the average blog post. No Flickr picture or YouTube video necessary. But even today those words move people to tears. Just as Martin Luther’s words, nailed to the door of a church in Germany, started a religious revolution that’s still being felt almost 500 years later. Using content to display our true character, as individuals as well as business entities, is not a new thing. But we have to be ready and willing to make sure the content we produce represents us in a truly meaningful way. Meaningful to us — as we need to represent ourselves and our businesses properly. More importantly, we need to make it meaningful to the judges out there who have to make the important decision on whether or not we have the expertise, experience, and character to help them answer the challenges they face. Despite the obstacles we are faced with, in terms of creating content that captures the attention of our online judges, it’s time to get over it. Don’t tell it to the judge, because they have their own issues and concerns to deal with. They are looking for help — good help. They’re willing to search for it, discuss it, and share their story in order to find it. So use pictures, videos, blogs, and whatever you need to share your story. Post once a day, once a week, or once a month. Automate, co-create, and user generate it if it can help streamline the generation process. But remember one thing: All the judges ask is that you make it as easy as possible on them to find the real you, by creating content that allows them to understand your business’ character. Now go out there and throw yourselves on the mercy of the court. Brent Leary is a small-business technology analyst, adviser, and award-winning blogger. He is the co-author of Barack 2.0: Social Media Lessons for Small Business (http://barack20.com). His blog can be found at http://brentleary.com, or follow him on Twitter at http://twitter.com/brentleary.
In the age of Facebook and Twitter, the old-fashioned business card lives on. But there’s nothing out-dated about the next-generation of business cards, most of which are smart phone or Web applications or hardware-software combos that people can use to swap contact information and social network profiles. Here’s a look at some of the newest: Poken It looks like a toy, but the miniature character with the oversized hand hides a USB drive that stores a name, address, phone number, social networking accounts and other traditional business card information in an encrypted personal ID number. Meet another Poken user and swap information by pressing the infrared sensors embedded in the hands together to give each other a “high four.” Plug the USB drive into a computer and it brings up a Web browser and downloads any new contact data into the user’s account on the Poken website. CEO Stephane Doutriaux created the device while finishing MBA school in Switzerland in 2008. Since then he’s raised $2 million, moved the company’s headquarters to Silicon Valley, signed up distributors in 25 countries and struggled to keep up with orders from places like Germany and The Netherlands that have gone gaga over the tiger, geisha, panda, alien and 20-odd other Poken characters. In the United States, Poken was completely out of stock in late May, forcing fans like Kelly Guimont, a Portland, Ore., tech support specialist and avowed lover of all things digital, to wait until sometime in June for new shipments to arrive. “I want a Poken so bad I don’t even know what to do with myself,” Guimont says. “They are so the cutest things ever.” They may be cute, but they serve a real purpose and unlike some smart phone-based business card apps, Pokens don’t need a constant 3G connection to work, Doutriaux says. On the horizon: a Poken convention badge. DropCard To set itself apart from other digital business-card apps, DropCard is retooling itself to appeal to salespeople and other hardcore business types — think of it as the LinkedIn of business-card apps. According to company founder Tal Raviv, once the revamped service goes live later this month, members can log onto the DropCard website to see which parts of their profile information new contacts clicked on, data they can use to do follow up phone calls or e-mails. “We decided to sell not the technology, but the benefits,” says Raviv, who started the company in 2008 with backing from a Philadelphia incubator while an undergraduate engineering student at University of Pennsylvania, where he graduated in May. When the new DropCard comes online, three tiers of service will be available: a free, basic level for sending five DropCards a month; a $5 level for up to 25 cards, and a $10 level for unlimited service. Rather than handle marketing and sales itself, DropCard is pairing up with small businesses like print shops to act as resellers. “It adds value to the (print) business cards they provide,” Raviv says. Bump Until she can get her hands on a Poken, Guimont is making due with Bump, a free application on iTunes that lets two iPhone users tap or “bump” their respective mobile phone screens together to swap contact information. Other software developers have used iPhone’s application development platform to create similar business card-like programs, including SnapDat and beamME. EverNote While not specifically a business card substitute, this software application for noting things you find on the Web or taking pictures of them with your mobile phone can act like one. EverNote uses optical character recognition to parse text from an image and store it so it can be retrieved at a later date. Portland tech enthusiast Guimont uses EverNote instead of Bump to swap contact information with people she meets who don’t use an iPhone. “With EverNote on the iPhone I pick up a business card, take a picture and put it back. I can’t remember the last time I picked up and kept a business card,” she says. CardScan The 16-year-old company, now part of Newell-Rubbermaid, helped invent the business card reader business. Since then, CardScan’s product line has grown to encompass a variety of scanners and software applications for individuals and small businesses. One of the newest: a Mac package that includes a scanner and contact management software that debuted last fall. Other business-card applications: twtBizCard – Transmits contact information via Twitter by adding the “#twtbizcard” hashtag to a standard Twitter @reply. Contxt – Transmits social network profiles and contact information via smart phones. iPhone business card apps – A list of additional business-card apps on Mashable, the social media blog.
Javed Ikbal is in the IT security business. But it wasn’t until his credit card number was stolen in the Frankfurt, Germany, airport last summer that he realized how vigilant companies have to be about keeping online transactions safe. Ikbal, who runs a Boston area IT security consulting firm, says whoever stole his credit card used it to buy $1,700 in merchandise online from Circuit City, the home electronics retailer. However, Circuit City flagged the transaction because the order didn’t include his phone number, came from a computer logged onto the Internet through a German IP address, and was supposed to be mailed to Illinois, even though Ikbal’s billing address is nowhere near there. Based on those warning signs Circuit City called Ikbal, who alerted the retailer it was a bogus order on a stolen card number. Even though it involves a large business, Ikbal uses the example to show how stopping e-commerce fraud is feasible for even a very small online merchant or other company handling financial transactions online. Measures to stop e-commerce fraud are out there and many of them are cheap — or even free, such as checking the country of origin of an online order against the buyer’s credit card billing address, he says. That’s important because many small businesses can’t or won’t spend a lot on security, says Ikbal, a principal of zSquad, in Plainville, Mass., a firm that creates and audits corporate IT security plans. “They think they have a firewall or that their hosting service will provide security,” he says. “Even for companies that make $10 million a year or more, we find shocking lapses in security.” Protecting the online store According a December 2007 report on e-commerce fraud from The Aberdeen Group, a Boston technology researcher, companies that are most successful at reducing their risk of fraud and simultaneously make customers feel safe do the following to protect online transactions: Monitor and authenticate transactions in real- or near-real time Check that customers are who they say they are, either when they open an account or during a purchase transaction Use encryption, either SSL or EV SSL, a newer version of SSL that requires certification requests to go through a more rigorous identity check and authentication process before being approved Create and enforce security policies and educate customers about safe online behaviors Create marketing to explain how safe their website is for shopping, banking, etc. Ikbal also suggests companies do the following: Warn users to upgrade buggy Web browsers. Shoppers who use older Web browsers, such as Internet Explorer 4 or 5, put themselves and online merchants in danger of being hacked because of known security breaches in those programs, Ikbal says. Since Web servers automatically detect the browser someone uses to log on, a company can redirect anyone with an older browser to a special page on the website that notifies them they need to upgrade before they can continue, Ikbal says. “They could make viewing it a condition for establishing an account,” he says. “It costs nothing. You just have to program your website to respond according.” Set strict credit card policies and stick to them. Require that the address a buyer inputs for an order matches the one the credit card processor has on file for that individual. Also require that anyone making a purchase enter three- or four-digit CCV security code found on the back of the credit card. When an order is placed, the merchant can send the data to the card processor to see if it’s a match. If it’s not “the order shouldn’t be denied, but the merchant should call the person and ask about it,” Ikbal says. Check IP location of incoming orders. Companies that process orders in real time — if they’re selling software buyers pay for and download for example — can use an IP location service such as IP2Location or Akimai to instantly identify a visitor’s geographical location. The cost is usually 30 or 40 cents per transaction or less, Ikbal says. Online merchants who don’t process orders in real time can manually look up IP addresses. “If someone sells only in the US, they should be careful if they see a transaction coming from Eastern Europe or North Korea, which are hotbeds of fake credit card transactions,” Ikbal says. SIDEBAR: Create a Security Policy One of the cheapest things a small business can do is create a security policy and post it online, according to security experts. Security policies aren’t hard to come by. The Anti-Phishing Working Group, a five-year-old industry association, posts links to security policies at several large companies on its website including: eBay, whose consumer education section includes instructions for recognizing fake eBay websites and a spoof e-mail tutorial. Citibank, which maintains a series of pages explaining, among other things, how customers can avoid getting spoofed by hoax e-mail and steps to take if they do. US Bank, which maintains a section called “E-mail Fraud: Information and Help.” Companies can also point customers to the following Anti-Phishing Working Group documents: How to Avoid Phishing Scams and What To Do If You’ve Given Out Your Personal Financial Information.
Javed Ikbal is in the IT security business. But it wasn’t until his credit card number was stolen in the Frankfurt, Germany, airport last summer that he realized how vigilant companies have to be about keeping online transactions safe. Ikbal, who runs a Boston area IT security consulting firm, says whoever stole his credit card used it to buy $1,700 in merchandise online from Circuit City, the home electronics retailer. However, Circuit City flagged the transaction because the order didn’t include his phone number, came from a computer logged onto the Internet through a German IP address, and was supposed to be mailed to Illinois, even though Ikbal’s billing address is nowhere near there. Based on those warning signs Circuit City called Ikbal, who alerted the retailer it was a bogus order on a stolen card number. Even though it involves a large business, Ikbal uses the example to show how stopping e-commerce fraud is feasible for even a very small online merchant or other company handling financial transactions online. Measures to stop e-commerce fraud are out there and many of them are cheap — or even free, such as checking the country of origin of an online order against the buyer’s credit card billing address, he says. That’s important because many small businesses can’t or won’t spend a lot on security, says Ikbal, a principal of zSquad, in Plainville, Mass., a firm that creates and audits corporate IT security plans. “They think they have a firewall or that their hosting service will provide security,” he says. “Even for companies that make $10 million a year or more, we find shocking lapses in security.” Protecting the online store According a December 2007 report on e-commerce fraud from The Aberdeen Group, a Boston technology researcher, companies that are most successful at reducing their risk of fraud and simultaneously make customers feel safe do the following to protect online transactions: Monitor and authenticate transactions in real- or near-real time Check that customers are who they say they are, either when they open an account or during a purchase transaction Use encryption, either SSL or EV SSL, a newer version of SSL that requires certification requests to go through a more rigorous identity check and authentication process before being approved Create and enforce security policies and educate customers about safe online behaviors Create marketing to explain how safe their website is for shopping, banking, etc. Ikbal also suggests companies do the following: Warn users to upgrade buggy Web browsers. Shoppers who use older Web browsers, such as Internet Explorer 4 or 5, put themselves and online merchants in danger of being hacked because of known security breaches in those programs, Ikbal says. Since Web servers automatically detect the browser someone uses to log on, a company can redirect anyone with an older browser to a special page on the website that notifies them they need to upgrade before they can continue, Ikbal says. “They could make viewing it a condition for establishing an account,” he says. “It costs nothing. You just have to program your website to respond according.” Set strict credit card policies and stick to them. Require that the address a buyer inputs for an order matches the one the credit card processor has on file for that individual. Also require that anyone making a purchase enter three- or four-digit CCV security code found on the back of the credit card. When an order is placed, the merchant can send the data to the card processor to see if it’s a match. If it’s not “the order shouldn’t be denied, but the merchant should call the person and ask about it,” Ikbal says. Check IP location of incoming orders. Companies that process orders in real time — if they’re selling software buyers pay for and download for example — can use an IP location service such as IP2Location or Akimai to instantly identify a visitor’s geographical location. The cost is usually 30 or 40 cents per transaction or less, Ikbal says. Online merchants who don’t process orders in real time can manually look up IP addresses. “If someone sells only in the US, they should be careful if they see a transaction coming from Eastern Europe or North Korea, which are hotbeds of fake credit card transactions,” Ikbal says. SIDEBAR: Create a Security Policy One of the cheapest things a small business can do is create a security policy and post it online, according to security experts. Security policies aren’t hard to come by. The Anti-Phishing Working Group, a five-year-old industry association, posts links to security policies at several large companies on its website including: eBay, whose consumer education section includes instructions for recognizing fake eBay websites and a spoof e-mail tutorial. Citibank, which maintains a series of pages explaining, among other things, how customers can avoid getting spoofed by hoax e-mail and steps to take if they do. US Bank, which maintains a section called “E-mail Fraud: Information and Help.” Companies can also point customers to the following Anti-Phishing Working Group documents: How to Avoid Phishing Scams and What To Do If You’ve Given Out Your Personal Financial Information.
