#what is business process services
Explore tagged Tumblr posts
epicglobal62 · 2 years ago
Text
  What are Business Process Services?
Business process services are defined as the services provided by companies that specialise in handling all aspects of outsourcing. A company may outsource specific business procedures that aren't regarded its core strengths to businesses who specialise in handling those tasks.
This enables those businesses to handle both their finances and operations with greater flexibility. Effective business process services improve user and customer experience, carry out process optimisation, and aid in cost and time to market reduction. You can be focused on the future by managing your business procedures from top to bottom with its assistance!
Never mix up business process outsourcing with the idea of outsourcing in general. There is a major difference between hiring for a specific activity (like employing a VA from a poor nation) and business process services, which include outsourcing an entire business function (for example, all the work involved in lead generation).
The majority of the time, businesses don't outsource their core operations. Because you cannot entrust a contractor with any important work that has a direct bearing on a company's success. The likelihood that you will gain from outsourcing support roles like customer relations is high.
This gives your employees back home more time to concentrate on the essential aspects of running the company rather than having to learn new abilities. In the end, your business will benefit from this. Despite establishing a customer care team from scratch, you're entrusting the job to a company that specialises in it - and ultimately end up spending far less, to hit the appropriate notes.
1 note · View note
epicglobal016 · 2 years ago
Text
0 notes
aidenwaites · 5 months ago
Text
Have I mentioned that this robot is maybe the most I've ever related to the inner workings of a fictional character's brain
Tumblr media
2 notes · View notes
get-your-dreams · 1 year ago
Text
2 notes · View notes
aeternusfoundation · 2 years ago
Text
Crypto Tokens: The New Shade of Lifestyle
Tumblr media
#Crypto tokens are digital assets that use cryptography to secure their transactions and to control the creation of new units. Crypto tokens#Crypto tokens are created through a process called “tokenization.” In tokenization#a company converts some of its assets into digital tokens that can be traded on a blockchain. These tokens can represent anything from the#Crypto power up the Dapps#Crypto tokens are often used to power dapps. Dapps are applications that are built on top of a blockchain platform. These applications use#a company might issue tokens that represent shares of its stock. These tokens can be traded on a blockchain and can be used to purchase pro#What are the benefits of using crypto tokens?#Crypto tokens offer a number of benefits over traditional cryptocurrencies. They are easier to use and can be integrated into a variety of#crypto tokens offer a number of benefits to businesses#including faster transactions and lower costs.#Tokens improve your lifestyle#In the modern world#people are always looking for new and innovative ways to improve their lifestyles. One of the latest trends in the use of crypto tokens to#including:#Paying for goods and services: Crypto tokens can be used to pay for goods and services#both online and offline. This makes it easy to purchase items without having to use a traditional currency.#Reducing transaction costs: The use of crypto tokens can help to reduce transaction costs#as there are no fees associated with the use of tokens. This can save you money when you are making purchases online or in-store.#Earning rewards: Many crypto tokens offer rewards for their users. This can include discounts on products or services or bonus points that#Improving security: One of the main advantages of using crypto tokens is the increased security that they offer. Tokens are stored on block#which is a secure and tamper-proof system. This makes it difficult for criminals to steal your tokens or access your information.#Choose the right token for your lifestyle#So#how can you start using crypto tokens to improve your lifestyle? There are a number of options available#so it’s important to do your research and find the right token for you.
3 notes · View notes
insurance-brokers-india · 1 month ago
Text
What are the next steps after obtaining an insurance broker license, and how can you generate potential leads using Mzapp CRM software?
Congratulations on securing your insurance broker license! The journey doesn’t end here; it’s just the beginning of building a successful insurance brokerage. Here’s how you can proceed and leverage Mzapp CRM software to find potential leads:
Steps After Getting Your Insurance Broker License
Understand Your Market: Research your target audience (individuals, businesses, or specific sectors).
Develop a Business Plan: Set goals for client acquisition, revenue, and operational processes.
Build a Network: Partner with insurance providers and attend industry events to establish your presence.
Create an Online Presence: Build a professional website and maintain active profiles on social platforms.
Offer Value-Added Services: Educate customers on policies, claims management, and risk assessments.
Using Mzapp CRM Software to Generate Leads
Lead Capture: Utilize Mzapp’s integrated forms and web tracking tools to capture inquiries from your website or social media.
Automated Follow-Ups: Set up personalized email and SMS follow-ups to nurture leads effectively.
Lead Scoring: Prioritize leads based on their interaction history, ensuring you focus on high-potential prospects.
Data-Driven Campaigns: Use analytics to identify what works and launch targeted campaigns.
Seamless Policy Management: Impress leads by showcasing how smoothly you manage policies and claims through Mzapp.
Why Choose Mzapp CRM?
Mzapp CRM simplifies lead management, streamlines operations, and provides insights into customer behavior, making it easier to convert prospects into loyal clients.
Learn more about how Mzapp can transform your insurance business here.
#Question:#What are the next steps after obtaining an insurance broker license#and how can you generate potential leads using Mzapp CRM software?#Answer:#Congratulations on securing your insurance broker license! The journey doesn’t end here; it’s just the beginning of building a successful i#Steps After Getting Your Insurance Broker License#Understand Your Market: Research your target audience (individuals#businesses#or specific sectors).#Develop a Business Plan: Set goals for client acquisition#revenue#and operational processes.#Build a Network: Partner with insurance providers and attend industry events to establish your presence.#Create an Online Presence: Build a professional website and maintain active profiles on social platforms.#Offer Value-Added Services: Educate customers on policies#claims management#and risk assessments.#Using Mzapp CRM Software to Generate Leads#Lead Capture: Utilize Mzapp’s integrated forms and web tracking tools to capture inquiries from your website or social media.#Automated Follow-Ups: Set up personalized email and SMS follow-ups to nurture leads effectively.#Lead Scoring: Prioritize leads based on their interaction history#ensuring you focus on high-potential prospects.#Data-Driven Campaigns: Use analytics to identify what works and launch targeted campaigns.#Seamless Policy Management: Impress leads by showcasing how smoothly you manage policies and claims through Mzapp.#Why Choose Mzapp CRM?#Mzapp CRM simplifies lead management#streamlines operations#and provides insights into customer behavior#making it easier to convert prospects into loyal clients.#Learn more about how Mzapp can transform your insurance business here.
0 notes
pcdoctorsnettx · 7 months ago
Text
What is the impact of artificial intelligence on e-commerce?
Understanding the influence of artificial intelligence (AI) on e-commerce is essential in today’s digital landscape. AI technologies are reshaping how businesses operate online, from personalized shopping recommendations to efficient inventory management. This article delves into the multifaceted impact of AI on e-commerce, exploring its benefits and transformative potential.
Know more https://www.pcdoctorsnet.com/what-is-the-impact-of-artificial-intelligence-on-e-commerce/
Tumblr media
0 notes
p24rana · 8 months ago
Text
Boost Your Efficiency By 40% With IT Outsourcing
Tumblr media
Amplify Your Growth: Leverage IT Outsourcing to Boost Business Efficiency by 40%
In a fast-paced business world, everyone must follow the lead of technological breakthroughs that shape market trends and competitive tactics, it's essential to integrate digital technologies into operations and strategies as they become critical components of business perennity. With this shift, the complexity and costs of managing IT infrastructures have surged considerably, making it a significant challenge for businesses and tiny to medium-sized enterprises (SMEs). These organizations often need help with the high costs and resource allocation required to maintain a fully functional IT department capable of responding to the latest technological shifts and cybersecurity demands.
Internally managing IT needs has become increasingly daunting due to the fast technological evolution, the growing sophistication of cybersecurity threats, and the escalating demands for data compliance. The cost implications for keeping an IT department up-to-date with training, certifications, and technological advancements can drain resources, diverting focus from core business activities. For instance, Gartner reported that global spending on IT services reached approximately $1 trillion in 2020, highlighting the massive financial commitment required to manage IT internally.
The Necessity of IT Outsourcing
IT outsourcing has transcended its initial cost-saving purpose to become a strategic asset. By entrusting IT operations to external experts, businesses gain agility, specialized talent, and access to cutting-edge technology. This shift from fixed to variable costs optimizes budget allocations and allows companies to invest strategically.
Deloitte's study reveals that 53% of businesses utilize outsourcing for core functions, underlining its importance. Scalability and flexibility are critical benefits, addressing capacity issues and facilitating adaptation to market dynamics. IBM's strategic outsourcing approach further validates its significance, enabling cost-effective operations while focusing on high-margin projects like cloud computing and AI.
Key Benefits of IT Outsourcing
Cost Efficiency
IT outsourcing offers a significant reduction in operational costs by eliminating the need for full-time staff and associated expenses like salaries and infrastructure. Businesses pay for services as needed, converting fixed costs to scalable ones. For instance, a mid-sized e-commerce company could save up to 40% annually, redirecting these funds to enhance customer service or expand market reach.
Access to Specialized Expertise
Outsourcing IT services provides access to a global pool of skilled professionals with specialized expertise, crucial for staying abreast of technological advancements. Outsourcing firms invest in continuous training, ensuring clients benefit from the latest innovations. For example, a small software company can leverage AI expertise through outsourcing without hiring specialists directly.
Enhanced Focus on Core Business Functions
Outsourcing IT allows businesses to focus on core competencies, leading to efficiency gains. A global retailer redirected efforts to customer engagement post-outsourcing, resulting in a 30% increase in operational efficiency. Streamlined operations improved service delivery and boosted customer satisfaction.
Scalability and Flexibility
IT outsourcing offers unmatched scalability, crucial for adjusting resources as per current needs and future growth. During demand fluctuations, scalability ensures operational agility. For instance, a retail company scales up IT capabilities during peak seasons with temporary resources provisioned by an outsourcing partner.
Risk Management and Compliance
Outsourcing IT enhances risk management by implementing robust cybersecurity measures and ensuring compliance with regulatory standards. For example, a healthcare provider outsourcing data management can improve HIPAA compliance, while a financial services firm can navigate GDPR complexities through specialized IT providers, reducing potential fines and reputational damage.
Addressing Common Concerns with IT Outsourcing
Strategic planning and best practices effectively manage concerns like loss of control, communication issues, and cultural differences in IT outsourcing.
Control Over Service
Concern: Establish clear contractual agreements with detailed service scope, performance benchmarks, and SLAs. Implement monitoring mechanisms for transparency and involve outsourcing partners in strategic planning.
Solution: Address concerns of perceived loss of control by defining explicit agreements and integrating partners into planning sessions, ensuring alignment with business objectives.
Communication Issues
Concern: Overcoming communication challenges, especially across different time zones and cultures, is vital to avoid delays and errors.
Solution: Enhance communication through structured updates, clear protocols, and collaborative tools. Utilize project management software to bridge gaps and maintain alignment.
Cultural Differences
Concern: Cultural mismatches may lead to misunderstandings and inefficiencies, particularly in diverse work environments.
Solution: Integrate cultural training into the outsourcing strategy to foster mutual understanding. Encourage social interactions and team-building activities to promote cohesion. Select partners with experience in the company's culture to minimize potential issues.
Best Practices for Managing Outsourcing Challenges
Clear Contracts and Expectations: Define detailed contracts with clear expectations, deliverables, timelines, and accountability measures to avoid ambiguity.
Regular Performance Reviews: Conduct frequent assessments against SLAs and KPIs to promptly identify and address any issues.
Dedicated Liaison Roles: Assign project managers to bridge in-house teams and outsourcing providers, managing day-to-day operations and troubleshooting.
Building Relationships: Foster a strategic partnership beyond vendor-client dynamics to enhance service quality and commitment to goals.
Leveraging Technology: Utilize advanced communication and project management tools for seamless integration and progress tracking.
How to Successfully Implement IT Outsourcing
 A step-by-step guide for effective outsourcing, including partner selection, contract negotiation, and communication protocols.
Step 1: Define Your IT Requirements
Clearly outline your IT needs to align with potential outsourcing partners effectively.
Step 2: Research Potential Partners
Look for experienced, secure, and industry-relevant outsourcing providers during your search.
Step 3: Evaluate the Providers
Assess candidates based on experience, scalability, and technology compatibility for your project.
Step 4: Conduct Due Diligence
Thoroughly examine financial stability, reputation, and legal compliance before finalizing a decision.
Step 5: Negotiate the Contract
Finalize terms, scope, pricing, and SLAs to establish a clear agreement with your chosen outsourcing partner.
Step 6: Establish Communication Protocols
Effective communication is critical to successful outsourcing. Establish structured communication protocols from the outset.
Step 7: Set Clear Expectations
Establishing clear expectations, including defined KPIs and regular performance reviews, is essential for preventing conflicts and ensuring desired outcomes in the outsourcing partnership.
Step 8: Manage the Transition
Effectively manage the transition of IT services from in-house to the outsourcing partner. This includes thorough knowledge transfer, documentation, and a phased transition to minimize disruptions.
Step 9: Monitor and Optimize
Continuous monitoring and adjustment of services against agreed-upon KPIs are crucial to align outsourcing with evolving business requirements.
By adhering to careful planning, partner selection, effective communication, and ongoing management, businesses can maximize the benefits of IT outsourcing while minimizing associated risks.
Concluding Thoughts: Embracing the Strategic Benefits of IT Outsourcing
Embracing the strategic benefits of IT outsourcing is pivotal for navigating the complexities of the digital landscape, enhancing operational efficiencies, and propelling companies forward. While it allows focus on core competencies and access to world-class capabilities, careful planning and execution are essential to maximize its benefits. Critical questions regarding integration, long-term benefits, and innovation drive the refinement of the outsourcing strategy to align with business objectives and growth targets.
How Coditude can help you
Success in selecting the right IT outsourcing company hinges on our extensive experience, commitment to innovation, and tailored IT solutions. Our approach centers on understanding your unique needs, delivering custom solutions that streamline operations, and boost competitiveness. We offer more than mere service delivery; we serve as strategic allies, ensuring agile, secure IT operations aligned with your business goals across various industries. Ready to explore how outsourcing can redefine your IT strategy and accelerate growth? With Coditude, enhanced efficiency and innovation in IT operations are within reach. Contact us to make IT outsourcing a pivotal part of your success story.
0 notes
epicglobal62 · 2 years ago
Text
Maximizing Efficiency and Growth with Business Process Services
In today's fast-paced and highly competitive business landscape, companies across industries are constantly seeking innovative ways to streamline their operations, reduce costs, and drive growth. Business Process Services (BPS) have emerged as a powerful solution for organizations looking to optimize their processes and focus on core business objectives. In this blog post, we will explore the concept of Business Process Services, their benefits, and how they can transform the way businesses operate.
Understanding Business Process Services
Business Process Services, also known as Business Process Outsourcing (BPO), refers to the practice of outsourcing specific business processes or functions to a third-party service provider. These processes can span various domains, including finance and accounting, human resources, customer service, supply chain management, and more. BPS providers specialize in handling these processes efficiently, leveraging technology, expertise, and economies of scale to deliver cost-effective and high-quality solutions.
The Benefits of Business Process Services
Cost Reduction: One of the primary drivers for organizations to adopt BPS is cost reduction. By outsourcing non-core activities, companies can significantly lower operational expenses associated with staffing, training, infrastructure, and technology investments. BPS providers often operate in low-cost locations, enabling economies of scale and enhanced cost savings.
Scalability and Flexibility: Business Process Services offer scalability and flexibility to adapt to changing business needs. As organizations grow or face fluctuations in demand, BPS providers can quickly adjust their resources, ensuring efficient process execution without compromising quality. This agility enables companies to focus on strategic initiatives while leaving routine tasks in capable hands.
Access to Expertise: BPS providers are experts in their respective domains, possessing deep knowledge and experience in handling specific processes. By leveraging their expertise, organizations can benefit from best practices, industry insights, and advanced technologies without the need for extensive in-house investments. This access to specialized skills enhances process efficiency and drives innovation.
Improved Focus on Core Competencies: By outsourcing non-core functions, businesses can allocate more time, resources, and attention to their core competencies. This strategic shift allows organizations to concentrate on value-added activities such as product development, market expansion, and customer experience, which are vital for long-term success and competitiveness.
Enhanced Service Quality: BPS providers are dedicated to delivering high-quality services as their reputation and business depend on it. They often implement robust quality control measures, performance metrics, and service level agreements to ensure consistent service delivery. With their focus on process improvement, BPS providers can drive efficiency gains and enhance overall service quality.
Technology Advancements: BPS providers leverage advanced technologies such as robotic process automation (RPA), artificial intelligence (AI), machine learning (ML), and data analytics to automate and streamline processes. These technological advancements improve accuracy, reduce manual errors, and enable faster and more reliable data processing. Companies partnering with BPS providers can harness these technologies without significant upfront investments.
Conclusion
Business Process Services have revolutionized the way organizations approach their operational workflows. By outsourcing non-core activities to specialized service providers, businesses can achieve cost savings, scalability, access to expertise, and improved service quality. BPS enables companies to focus on core competencies, enhance efficiency, and drive growth in an increasingly competitive business environment.
As the global marketplace continues to evolve, embracing Business Process Services can provide businesses with a competitive edge by leveraging external expertise, cutting-edge technologies, and cost-efficient solutions. Organizations that strategically adopt BPS are poised to unlock new opportunities, enhance customer experiences, and accelerate their journey toward long-term success.
0 notes
epicglobal016 · 2 years ago
Text
How does Bpo works in simple words
For a variety of reasons, business executives choose to outsource a business process. These reasons differ depending on the organization's type, age, and size, as well as market forces and economic conditions.
Startup businesses, for example, frequently need to outsource back-office and front-office functions because they lack the necessary in-house resources.
After determining that a third-party service provider could do the job better or cheaper, an established company may decide to outsource a task that it had previously performed. Management experts advise enterprise executives to identify functions that can be outsourced and then decide whether outsourcing that task to a third party makes sense.
If this is the case, the organization must not only identify the best vendor for the job but also shift the work from in-house to the external provider. Because the transition to an outsourced provider generally affects staff, established Bpo services, and existing workflows, this necessitates a significant amount of change management.
The transition to an outsourced provider has an impact on the organization's finances, not only in terms of shifting costs from internal functions to outsourced providers but also in terms of corporate taxes and reporting requirements.
To ensure a smooth flow of work to the outsourced provider, the organization may need to invest in new technology. The scope and cost of that technology are determined by the function being performed.
Typically, this process begins with enterprise leaders identifying specific functions or business processes to outsource in order to save money, gain flexibility, improve performance, and redirect resources to core business capabilities.
Business leaders must then decide whether to outsource all of the work to a single vendor or to contract with multiple providers for the various tasks. A company, for example, could decide to outsource the majority of its HR functions and then either contract with a single provider to perform all of the outsourced processes or hire one for payroll and another for benefits administration.
These factors should result in a list of requirements as well as a detailed scope of work for outsourcing. Organizations use these to create a request for proposals to share with vendors in order for them to determine whether they can meet the requirements, at what price, and with what value-adds.
Once an organization has decided on which provider or providers to hire, it must decide on the type of contract. Such contracts are typically classified as one of the following:
Time and materials contracts, in which the company pays the provider based on the amount of time worked and the materials used; or fixed-price contracts, in which the company pays an upfront price for the specified work.
Furthermore, organizations must draft a service-level agreement with their vendors outlining the quality of the services provided.
1 note · View note
merchantservices444 · 11 months ago
Text
Do You Need Good Credit for a Merchant Account?
Tumblr media
(Human directed ai content.)
In today's digital age, having a merchant account is crucial for businesses of all sizes. Whether you're a small startup or an established corporation, accepting credit and debit card payments is often essential for maximizing sales and providing convenience to customers. However, one common concern among business owners is whether good credit is necessary to obtain a merchant account. Let's delve into this topic to understand the role of creditworthiness in acquiring a merchant account.
Firstly, it's essential to grasp the concept of a merchant account. A merchant account is a type of bank account that allows businesses to accept payments via debit or credit cards. When a customer makes a card payment, the funds are transferred from the customer's account to the merchant account. From there, the funds are typically deposited into the business's regular bank account within a few days, minus any fees charged by the payment processor.
Now, onto the question of creditworthiness. While it's true that some payment processors may conduct credit checks as part of their application process, having perfect credit isn't always a prerequisite for obtaining a merchant account. Many factors come into play when payment processors assess an applicant's eligibility, and credit history is just one of them.
Payment processors may consider various factors when evaluating a merchant account application, including:
Business Type and Industry: The nature of your business and the industry you operate in can influence the risk assessment process. Some industries are considered higher risk than others, such as travel, adult entertainment, or e-commerce.
Processing History: If your business has a history of processing payments, especially with the same payment processor, it can positively impact your application. A track record of successful transactions demonstrates reliability and reduces perceived risk.
Business Financials: Payment processors may review your business's financial statements, including revenue, cash flow, and profitability. A healthy financial position can enhance your chances of approval, even if your personal credit isn't stellar.
Chargeback History: A high volume of chargebacks can raise concerns for payment processors, as it suggests potential issues with customer satisfaction or service quality. Minimizing chargebacks is essential for maintaining a positive relationship with payment processors.
Compliance and Legal Factors: Adherence to industry regulations, such as PCI DSS (Payment Card Industry Data Security Standard), is crucial for securing a merchant account. Compliance with anti-money laundering (AML) and Know Your Customer (KYC) requirements is also essential.
While credit checks are a standard part of the application process for some merchant account providers, there are alternative options available for businesses with less-than-perfect credit. For instance, high-risk merchant account providers specialize in serving businesses with higher perceived risk due to factors like poor credit, industry type, or processing history. These providers often offer tailored solutions and may be more lenient in their credit assessment criteria.
Additionally, some payment processors offer "instant approval" or simplified application processes that may not involve extensive credit checks. However, these options may come with higher fees or more stringent terms to offset the perceived risk.
Ultimately, while good credit can certainly improve your chances of obtaining a merchant account and may lead to more favorable terms, it's not always a deal-breaker. Businesses with less-than-perfect credit can still explore options for accepting card payments and finding a payment processor that meets their needs.
In conclusion, while good credit may be beneficial when applying for a merchant account, it's not necessarily a requirement. Payment processors consider various factors beyond credit history when assessing an applicant's eligibility, including business type, processing history, financials, and compliance measures. Businesses with less-than-perfect credit can explore alternative options, such as high-risk merchant account providers, to secure the payment processing solutions they need to thrive in today's competitive market.
1 note · View note
follow-up-news · 3 months ago
Text
The U.S. Justice Department has filed an antitrust lawsuit against Visa, alleging that the financial services behemoth uses its size and dominance to stifle competition in the debit card market, costing consumers and businesses billions of dollars. The complaint filed Tuesday says San Francisco-based Visa penalizes merchants and banks who don’t use Visa’s own payment processing technology to process debit transactions, even though alternatives exist. Visa earns an incremental fee from every transaction processed on its network. According to the DOJ’s complaint, 60% of debit transactions in the United States run on Visa’s debit network, allowing it to charge over $7 billion in fees each year for processing those transactions. “We allege that Visa has unlawfully amassed the power to extract fees that far exceed what it could charge in a competitive market,” said Attorney General Merrick B. Garland in a statement. “Merchants and banks pass along those costs to consumers, either by raising prices or reducing quality or service. As a result, Visa’s unlawful conduct affects not just the price of one thing – but the price of nearly everything.”
4K notes · View notes
mostlysignssomeportents · 11 months ago
Text
How I got scammed
Tumblr media
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security
Tumblr media
I wuz robbed.
More specifically, I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened. And then he tried to do it again, a week later!
Here's what happened. Over the Christmas holiday, I traveled to New Orleans. The day we landed, I hit a Chase ATM in the French Quarter for some cash, but the machine declined the transaction. Later in the day, we passed a little credit-union's ATM and I used that one instead (I bank with a one-branch credit union and generally there's no fee to use another CU's ATM).
A couple days later, I got a call from my credit union. It was a weekend, during the holiday, and the guy who called was obviously working for my little CU's after-hours fraud contractor. I'd dealt with these folks before – they service a ton of little credit unions, and generally the call quality isn't great and the staff will often make mistakes like mispronouncing my credit union's name.
That's what happened here – the guy was on a terrible VOIP line and I had to ask him to readjust his mic before I could even understand him. He mispronounced my bank's name and then asked if I'd attempted to spend $1,000 at an Apple Store in NYC that day. No, I said, and groaned inwardly. What a pain in the ass. Obviously, I'd had my ATM card skimmed – either at the Chase ATM (maybe that was why the transaction failed), or at the other credit union's ATM (it had been a very cheap looking system).
I told the guy to block my card and we started going through the tedious business of running through recent transactions, verifying my identity, and so on. It dragged on and on. These were my last hours in New Orleans, and I'd left my family at home and gone out to see some of the pre-Mardi Gras krewe celebrations and get a muffalata, and I could tell that I was going to run out of time before I finished talking to this guy.
"Look," I said, "you've got all my details, you've frozen the card. I gotta go home and meet my family and head to the airport. I'll call you back on the after-hours number once I'm through security, all right?"
He was frustrated, but that was his problem. I hung up, got my sandwich, went to the airport, and we checked in. It was total chaos: an Alaska Air 737 Max had just lost its door-plug in mid-air and every Max in every airline's fleet had been grounded, so the check in was crammed with people trying to rebook. We got through to the gate and I sat down to call the CU's after-hours line. The person on the other end told me that she could only handle lost and stolen cards, not fraud, and given that I'd already frozen the card, I should just drop by the branch on Monday to get a new card.
We flew home, and later the next day, I logged into my account and made a list of all the fraudulent transactions and printed them out, and on Monday morning, I drove to the bank to deal with all the paperwork. The folks at the CU were even more pissed than I was. The fraud that run up to more than $8,000, and if Visa refused to take it out of the merchants where the card had been used, my little credit union would have to eat the loss.
I agreed and commiserated. I also pointed out that their outsource, after-hours fraud center bore some blame here: I'd canceled the card on Saturday but most of the fraud had taken place on Sunday. Something had gone wrong.
One cool thing about banking at a tiny credit-union is that you end up talking to people who have actual authority, responsibility and agency. It turned out the the woman who was processing my fraud paperwork was a VP, and she decided to look into it. A few minutes later she came back and told me that the fraud center had no record of having called me on Saturday.
"That was the fraudster," she said.
Oh, shit. I frantically rewound my conversation, trying to figure out if this could possibly be true. I hadn't given him anything apart from some very anodyne info, like what city I live in (which is in my Wikipedia entry), my date of birth (ditto), and the last four digits of my card.
Wait a sec.
He hadn't asked for the last four digits. He'd asked for the last seven digits. At the time, I'd found that very frustrating, but now – "The first nine digits are the same for every card you issue, right?" I asked the VP.
I'd given him my entire card number.
Goddammit.
The thing is, I know a lot about fraud. I'm writing an entire series of novels about this kind of scam:
https://us.macmillan.com/books/9781250865878/thebezzle
And most summers, I go to Defcon, and I always go to the "social engineering" competitions where an audience listens as a hacker in a soundproof booth cold-calls merchants (with the owner's permission) and tries to con whoever answers the phone into giving up important information.
But I'd been conned.
Now look, I knew I could be conned. I'd been conned before, 13 years ago, by a Twitter worm that successfully phished out of my password via DM:
https://locusmag.com/2010/05/cory-doctorow-persistence-pays-parasites/
That scam had required a miracle of timing. It started the day before, when I'd reset my phone to factory defaults and reinstalled all my apps. That same day, I'd published two big online features that a lot of people were talking about. The next morning, we were late getting out of the house, so by the time my wife and I dropped the kid at daycare and went to the coffee shop, it had a long line. Rather than wait in line with me, my wife sat down to read a newspaper, and so I pulled out my phone and found a Twitter DM from a friend asking "is this you?" with a URL.
Assuming this was something to do with those articles I'd published the day before, I clicked the link and got prompted for my Twitter login again. This had been happening all day because I'd done that mobile reinstall the day before and all my stored passwords had been wiped. I entered it but the page timed out. By that time, the coffees were ready. We sat and chatted for a bit, then went our own ways.
I was on my way to the office when I checked my phone again. I had a whole string of DMs from other friends. Each one read "is this you?" and had a URL.
Oh, shit, I'd been phished.
If I hadn't reinstalled my mobile OS the day before. If I hadn't published a pair of big articles the day before. If we hadn't been late getting out the door. If we had been a little more late getting out the door (so that I'd have seen the multiple DMs, which would have tipped me off).
There's a name for this in security circles: "Swiss-cheese security." Imagine multiple slices of Swiss cheese all stacked up, the holes in one slice blocked by the slice below it. All the slices move around and every now and again, a hole opens up that goes all the way through the stack. Zap!
The fraudster who tricked me out of my credit card number had Swiss cheese security on his side. Yes, he spoofed my bank's caller ID, but that wouldn't have been enough to fool me if I hadn't been on vacation, having just used a pair of dodgy ATMs, in a hurry and distracted. If the 737 Max disaster hadn't happened that day and I'd had more time at the gate, I'd have called my bank back. If my bank didn't use a slightly crappy outsource/out-of-hours fraud center that I'd already had sub-par experiences with. If, if, if.
The next Friday night, at 5:30PM, the fraudster called me back, pretending to be the bank's after-hours center. He told me my card had been compromised again. But: I hadn't removed my card from my wallet since I'd had it replaced. Also, it was half an hour after the bank closed for the long weekend, a very fraud-friendly time. And when I told him I'd call him back and asked for the after-hours fraud number, he got very threatening and warned me that because I'd now been notified about the fraud that any losses the bank suffered after I hung up the phone without completing the fraud protocol would be billed to me. I hung up on him. He called me back immediately. I hung up on him again and put my phone into do-not-disturb.
The following Tuesday, I called my bank and spoke to their head of risk-management. I went through everything I'd figured out about the fraudsters, and she told me that credit unions across America were being hit by this scam, by fraudsters who somehow knew CU customers' phone numbers and names, and which CU they banked at. This was key: my phone number is a reasonably well-kept secret. You can get it by spending money with Equifax or another nonconsensual doxing giant, but you can't just google it or get it at any of the free services. The fact that the fraudsters knew where I banked, knew my name, and had my phone number had really caused me to let down my guard.
The risk management person and I talked about how the credit union could mitigate this attack: for example, by better-training the after-hours card-loss staff to be on the alert for calls from people who had been contacted about supposed card fraud. We also went through the confusing phone-menu that had funneled me to the wrong department when I called in, and worked through alternate wording for the menu system that would be clearer (this is the best part about banking with a small CU – you can talk directly to the responsible person and have a productive discussion!). I even convinced her to buy a ticket to next summer's Defcon to attend the social engineering competitions.
There's a leak somewhere in the CU systems' supply chain. Maybe it's Zelle, or the small number of corresponding banks that CUs rely on for SWIFT transaction forwarding. Maybe it's even those after-hours fraud/card-loss centers. But all across the USA, CU customers are getting calls with spoofed caller IDs from fraudsters who know their registered phone numbers and where they bank.
I've been mulling this over for most of a month now, and one thing has really been eating at me: the way that AI is going to make this kind of problem much worse.
Not because AI is going to commit fraud, though.
One of the truest things I know about AI is: "we're nowhere near a place where bots can steal your job, we're certainly at the point where your boss can be suckered into firing you and replacing you with a bot that fails at doing your job":
https://pluralistic.net/2024/01/15/passive-income-brainworms/#four-hour-work-week
I trusted this fraudster specifically because I knew that the outsource, out-of-hours contractors my bank uses have crummy headsets, don't know how to pronounce my bank's name, and have long-ass, tedious, and pointless standardized questionnaires they run through when taking fraud reports. All of this created cover for the fraudster, whose plausibility was enhanced by the rough edges in his pitch - they didn't raise red flags.
As this kind of fraud reporting and fraud contacting is increasingly outsourced to AI, bank customers will be conditioned to dealing with semi-automated systems that make stupid mistakes, force you to repeat yourself, ask you questions they should already know the answers to, and so on. In other words, AI will groom bank customers to be phishing victims.
This is a mistake the finance sector keeps making. 15 years ago, Ben Laurie excoriated the UK banks for their "Verified By Visa" system, which validated credit card transactions by taking users to a third party site and requiring them to re-enter parts of their password there:
https://web.archive.org/web/20090331094020/http://www.links.org/?p=591
This is exactly how a phishing attack works. As Laurie pointed out, this was the banks training their customers to be phished.
I came close to getting phished again today, as it happens. I got back from Berlin on Friday and my suitcase was damaged in transit. I've been dealing with the airline, which means I've really been dealing with their third-party, outsource luggage-damage service. They have a terrible website, their emails are incoherent, and they officiously demand the same information over and over again.
This morning, I got a scam email asking me for more information to complete my damaged luggage claim. It was a terrible email, from a noreply@ email address, and it was vague, officious, and dishearteningly bureaucratic. For just a moment, my finger hovered over the phishing link, and then I looked a little closer.
On any other day, it wouldn't have had a chance. Today – right after I had my luggage wrecked, while I'm still jetlagged, and after days of dealing with my airline's terrible outsource partner – it almost worked.
So much fraud is a Swiss-cheese attack, and while companies can't close all the holes, they can stop creating new ones.
Meanwhile, I'll continue to post about it whenever I get scammed. I find the inner workings of scams to be fascinating, and it's also important to remind people that everyone is vulnerable sometimes, and scammers are willing to try endless variations until an attack lands at just the right place, at just the right time, in just the right way. If you think you can't get scammed, that makes you especially vulnerable:
https://pluralistic.net/2023/02/24/passive-income/#swiss-cheese-security
Tumblr media
Image: Cryteria (modified) https://commons.wikimedia.org/wiki/File:HAL9000.svg
CC BY 3.0 https://creativecommons.org/licenses/by/3.0/deed.en
10K notes · View notes
chronicbitchsyndrome · 5 months ago
Text
so... i'm seeing a lot of activism (like, actual activism, not just tumblr posts--letters & scripts to us senators, for example, copy written for press, etc) focusing on improving ventilation & filtration as primarily an access issue for immunocompromised people. basically, presenting the argument as "this is in service of this demographic, who is blocked from public access currently."
this is like. true. of course. it is the main reason i want clean air and i think it is the most pressing reason overall for it. but i think it's the wrong tack for building a clean air movement and getting legislation passed.
like, unfortunately, the vast majority of people in power--and of americans in general, tbh--are not immunocompromised and do not have immunocompromised roommates or family members. should you have to have this experience to understand that public access is a big fucking deal for, like, staying alive? no! you shouldn't! but most people straight up will not understand whatsoever unless they have personal experience with immune compromisation.
trying to change hearts and minds to have cognitive sympathy for disabled people takes a long time, decades' worth of work to just change a handful of people; meanwhile, getting legislation passed is 1) imminently important, 2) while still a lengthy process, takes significantly less time if it doesn't hinge on first converting the majority of the population to have sympathy for a marginalized demographic they have no contact with (and yes, they have no contact with us because we are barred from public access to begin with, again, i am aware of how fucked up this is).
here's some arguments for passing clean air legislation that are designed to appeal to a normative, conservative-leaning crowd:
air filtration is a public health and sanitation baseline just like running water. we provide clean water to drink and wash our hands in as a baseline for public life; we should also be providing clean air to breathe similarly.
improved ventilation and filtration in schools results in less sick days for students, meaning better attendance and less time off work for parents.
improved ventilation and filtration in the workplace results in workers taking less sick days. it also makes it less troublesome when a coworker comes in sick; it's less likely you will have to take sick leave as a result.
improved ventilation and filtration in hospitals, doctors' offices, etc, helps combat the health care worker shortage by reducing the amount of sick leave health care workers need. it additionally makes hospitals safer overall; for example, it makes it safer for cancer patients to be in the same building with patients with highly infectious airborne illnesses such as chickenpox.
improved ventilation and filtration in public buildings at large could improve the economy, as less workers stay home, more people enter the workforce, more people begin attending public businesses like bars and venues, etc.
if government programs to upgrade ventilation and filtration are created, this could create jobs for blue-collar workers, further improving the economy.
the last note i have is that, as much as this sucks shit, don't mention covid as much as you can avoid it. covid has become a massive culture war thing in the usa and as soon as you bring it up, the entire discussion becomes about virtue-signaling and showing in-group affinity--it doesn't matter what you're saying about covid, anyone who thinks "covid is over" will immediately shut down and become incapable of listening to anything else you have to say. and unfortunately, a majority of the population does, in fact, think covid is an irrelevant concern even for immunocompromised people in 2024.
importantly, all general air sanitation improvements will improve the covid situation significantly. in this context, you do not have to talk about covid in order to make real, material changes limiting the spread of covid. system-level changes that limit the spread of things like the flu and chickenpox are equally effective in limiting the spread of covid. take advantage of that!
3K notes · View notes
gerneralife · 1 year ago
Text
0 notes
get-your-dreams · 1 year ago
Text
0 notes