- 6 Tips to Help You Avoid Being Scammed
- Lab rats, Windows 10 and the importance of being last
- What is an API? (Application Programming Interface)
- Office Lens gets you networking—scan business cards to OneNote, contacts to Outlook
by Quyen Bui, Square’s Senior Fraud Data Analyst
Have you ever heard of an account takeover? Not the kind where celebrities take over social media accounts to snap photos of their day. I’m talking about the more malicious kind, where fraudsters gain access to your email and password and access your online accounts with bad intent.
Once fraudsters hack into your account, they can get hold of your private information, divert your deposits, or commit credit card fraud. While the Square Secure team performs 24/7 fraud monitoring on your behalf, here are four things you can do to stop fraudsters in their tracks.
4 Ways to Prevent Account Takeovers
The most important thing you can do to protect your personal and business accounts from being taken over by fraudsters is to pick unique passwords and then change them regularly.
What makes a strong password?
- It’s long and complicated. Eight letters? Fine. Sixteen letters? Even better. With vAriEd CaPitaliZAtiOn and $pec!al ch[email protected]&cters? Great! If you’re experiencing writer’s block, try using an online secure password generator.
- It’s not easily guessable. Don’t use simple dictionary words, personal things (like your name), or strings that a stranger could predict. I’m looking at you, “password12345.”
- It’s not shared with other platforms. Whatever you do, do not use the same password for your email and your Square account. Many experts hypothesize that password reuse is the main driver of hacker success. If you have difficulty remembering your different login information, consider using a secure password manager.
- It’s refreshed on a regular basis. Millions of credentials are compromised every year across thousands of websites. To keep your account protected for the long term, you should try to change your password every 30—90 days.
Scammers send a phishing email to obtain your private information and use it to commit fraud. These emails are designed to look just like another email from your bank or payment processors in order to trick you, but they are run through third-party websites instead of your bank’s or payment processors.
Whenever a website or email asks you for personal information (e.g., password, Social Security number, birth date, etc.), always verify the request is from someone you trust.
What do you do when you think that email or website is sketchy? Do not click any links or download any attachments. You may want to forward it to the company it claims to be from. You should definitely mark the message as spam and delete it from your email account.
Two-step verification adds another layer of security to your account. In addition to a username and password to log in, you also need to enter a security code that only you can receive (through either text message or an authentication app).
Fraudsters are not always sophisticated hackers from far, far away. Sometimes, they are the employees whom you’ve hired. While we’d like to think that rogue employees work with other people at other companies, research suggests that as many as 25 to 40 percent of employees steal from their employers in some way.
If your account gets into the wrong hands, you can have your settings changed, deposits taken, and reputation harmed if fraud occurs. (With Square, you can customize employee permissions to secure your business’s most sensitive information.)
It’s important that you take action to protect your account from takeover and fraud. In addition to adhering to the best practices, above, you should also put a lot of thought into the vendors and partners you work with in your business.
Only work with partners like Square that place as much emphasis on protecting your business and customer data as you do. Look for payment providers, for instance, that offer things like fraud detection, dispute support, and PCI compliance, so if something does happen, you won’t be alone.
By Gregg Keizer. Senior Reporter, Computerworld
API is the acronym for Application Programming Interface, which is a software intermediary that allows two applications to talk to each other. Each time you use an app like Facebook, send an instant message, or check the weather on your phone, you’re using an API.
What Is an Example of an API?
When you use an application on your mobile phone, the application connects to the Internet and sends data to a server. The server then retrieves that data, interprets it, performs the necessary actions and sends it back to your phone. The application then interprets that data and presents you with the information you wanted in a readable way. This is what an API is – all of this happens via API.
To explain this better, let us take a familiar example.
Imagine you’re sitting at a table in a restaurant with a menu of choices to order from. The kitchen is the part of the “system” that will prepare your order. What is missing is the critical link to communicate your order to the kitchen and deliver your food back to your table. That’s where the waiter or API comes in. The waiter is the messenger – or API – that takes your request or order and tells the kitchen – the system – what to do. Then the waiter delivers the response back to you; in this case, it is the food.
Here is a real-life API example. You may be familiar with the process of searching flights online. Just like the restaurant, you have a variety of options to choose from, including different cities, departure and return dates, and more. Let us imagine that you’re booking you are flight on an airline website. You choose a departure city and date, a return city and date, cabin class, as well as other variables. In order to book your flight, you interact with the airline’s website to access their database and see if any seats are available on those dates and what the costs might be.
However, what if you are not using the airline’s website––a channel that has direct access to the information? What if you are using an online travel service, such as Kayak or Expedia, which aggregates information from a number of airline databases?
The travel service, in this case, interacts with the airline’s API. The API is the interface that, like your helpful waiter, can be asked by that online travel service to get information from the airline’s database to book seats, baggage options, etc. The API then takes the airline’s response to your request and delivers it right back to the online travel service, which then shows you the most updated, relevant information.
What an API Also Provides Is a Layer of Security
Your phone’s data is never fully exposed to the server, and likewise the server is never fully exposed to your phone. Instead, each communicates with small packets of data, sharing only that which is necessary—like ordering takeout. You tell the restaurant what you would like to eat, they tell you what they need in return and then, in the end, you get your meal.
APIs have become so valuable that they comprise a large part of many business’ revenue. Major companies like Google, eBay, Salesforce.com, Amazon, and Expedia are just a few of the companies that make money from their APIs. What the “API economy” refers to is this marketplace of APIs.
The Modern API
Over the years, what an “API” is has often described any sort of generic connectivity interface to an application. More recently, however, the modern API has taken on some characteristics that make them extraordinarily valuable and useful:
- Modern APIs adhere to standards (typically HTTP and REST), that are developer-friendly, easily accessible and understood broadly
- They are treated more like products than code. They are designed for consumption for specific audiences (e.g., mobile developers), they are documented, and they are versioned in a way that users can have certain expectations of its maintenance and lifecycle.
- Because they are much more standardized, they have a much stronger discipline for security and governance, as well as monitored and managed for performance and scale
- As any other piece of productized software, the modern API has its own software development lifecycle (SDLC) of designing, testing, building, managing, and versioning. Also, modern APIs are well documented for consumption and versioning.
By: Greg Akselrod and the OneNote Team
Did you know that in the U.S. alone, over 10 billion business cards are printed each year and 88 percent of business cards exchanged are thrown out within a week? Here on the OneNote team, we’re always looking for ways to help you be more efficient, and today we’re launching a new feature to help you digitize all those business cards.
Scan business cards with Office Lens
You’ve already been able to scan documents and whiteboards with Office Lens, and now you can scan business cards in its new Business Card mode! Using technology from Microsoft Research, when you take a picture of a business card with Office Lens for Windows Phone and save it to OneNote, it will automatically recognize the card’s contact information and format it nicely into your OneNote notebook. Using OneNote on your phone, tablet, Mac or PC, you can search for text contained in the scanned business card, initiate a call to the number recognized, find their address on a map or open the attached VCF file to save their contact details to Outlook or your phone’s contact list.
Office Lens is available for free in the Windows Phone app store—
Help make it better
Business card scanning works best on English-based business cards right now, but we plan to add additional language support in the future. You can help our recognition algorithms get smarter:
- Upload your collection of scanned business cards to a folder on OneDrive.com, Dropbox.com, or any other cloud drive.
- Create a sharing link. Here are instructions for: OneDrive and Dropbox.
- Email the sharing link to [email protected].
We’ll only use the images to improve our algorithms.
integrate business card scanning into your app for free
Starting today, developers can leverage the OneNote API to scan and recognize business cards from their app too! Head over to our OneNote Developer blog post to get started.
We hope you love these updates as much as we do. As usual, we want to hear your feedback so we can keep making OneNote better. Let us know what you think!