Take On Payments

About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

June 29, 2015


The More Things Change, the More They Stay the Same

As I write this blog on the screened porch of a North Alabama lake house, the cicadas are constantly buzzing in the background. I am fascinated by the life cycle of this species—namely, the emergence of the periodical cicadas from belowground every 13 to 17 years. This life cycle got me thinking how the world has changed since the last time the 17-year cicadas emerged. And while in this neck of the woods, some things have changed—new houses have been built and personal watercraft are now constantly buzzing on the lake—some things have remained the same. The nearest grocery store is still 30 minutes away and the iced tea is as sweet as it ever was. Is this mixed scenario really any different for payment card fraud?

Certainly a lot has changed in card payments during the last 17 or so years. We've witnessed the enormous growth of debit card transactions, the continued growth of credit card transactions, the emergence of the e-commerce and mobile payments channels, and the almost global adoption of the EMV (chip) card. As card payment usage has evolved, so has the fraud landscape. Lost and stolen card fraud fell out of vogue while counterfeit card fraud took off only to see stolen card fraud re-emerge when the issuance of EMV cards in most markets thwarted counterfeit card fraud. Point-of-sale (POS) fraud is occurring less often across the globe because of EMV and PIN verification, driving the fraudsters to the Internet to commit card-not-present (CNP) fraud.

But what hasn't changed is the global rate of fraud. An article in the August 2013 Nilson Report estimated that the annual cost of card fraud worldwide in 2012 was 5.2 cents for every $100 spent, resulting in $11.27 billion in losses. This figure compares to Nilson's estimate of fraud losses in 1998, which ran approximately 4.8 cents for every $100 spent and resulted in a little less than $2 billion of fraud. Perhaps a fraud rate in the 5 basis points range is the industry-wide acceptable rate, but with billions of dollars being invested to mitigate fraud, I would like to think that over time the rate would be reduced (though I must admit that I am not sure what the acceptable rate should be).

Maybe this speaks to the tenacity of the card fraudsters. As we in the Retail Payments Risk Forum have often stressed, once one door is fortified, the fraudsters find another door to enter. And if we could dive deeper within the figures, I am certain that is what we would find, according to various estimates of fraud and anecdotal evidence. For example, the emergence of EMV and the use of PIN verification instead of signature verification have reduced POS fraud. Today, CNP fraud rates are significantly higher than POS fraud rates and many industry risk efforts are focused on mitigating CNP fraud.

When the cicadas reappear, undoubtedly the payment card usage and fraud landscape will look different. Perhaps mobile payments will have taken off and the use of biometrics as a method of verification will be commonplace. I feel confident that in 17 years the industry will make substantial strides in reducing e-commerce CNP fraud rates—but also that new areas of fraud will appear. Is the industry prepared to fight the next generation of fraud or will it just continue to Band-Aid the past? Should we expect a 5 basis points rate of fraud when the cicadas emerge in another 17 years? I'd like to think the rate will be lower. At a minimum, hopefully, it will remain as consistent as the sweet iced tea in this neck of the woods.

Photo of Douglas A. King By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed


June 29, 2015 in cards, chip-and-pin, EMV, fraud, innovation, mobile payments | Permalink | Comments (0)

June 22, 2015


The Current Tokenization Landscape in the United States

Last fall, Take on Payments featured a three-post series on tokenization. The first post introduced the technology regarding payment credentials and noted that merchant-centric tokenization solutions came to the market in the mid-2000s, driven by the Payment Card Industry Data Security Standard (PCI-DSS) requiring merchants to protect cardholder data. The second post examined some of the distinguishing attributes of payment token solutions in mobile wallets that were developed to replace the payment card's primary account number (PAN) with a token so the presence of the cardholder's PAN would be minimized or eliminated in the payment's data transmissions. The final post examined the challenges of payment tokenization and discussed its effect on payment risk over the short term.

Working with the Mobile Payments Industry Workgroup (MPIW), the Federal Reserve Bank of Boston's Payments Strategies group and the Federal Reserve Bank of Atlanta's Retail Payment Risk Forum just released a comprehensive white paper on the current tokenization landscape in the United States. Based on our research and interviews with more than 30 payment stakeholders, the white paper provides an overview of the U.S. payment tokenization landscape for mobile and digital commerce (versus physical card payments), describes the interoperability of different tokenization systems, and examines the status of these 30 stakeholders' plans to implement to a broader audience of industry stakeholders, policymakers, and regulators.

The paper discusses the many benefits, challenges, gaps, and opportunities of tokenization from the perspectives of the major industry stakeholder groups, while acknowledging that there is not always full agreement on current approaches or underlying details. The goal in authoring this paper is to encourage further collaboration among the stakeholders to resolve differences to the mutual satisfaction of stakeholders in the industry and to provide what is best for consumers.

Tokenization in mobile payments is just a very small part of the potential impact that tokenization can have in reducing fraud in the overall payments environment, but it is a start in a payments channel that is expected to grow significantly in the years ahead. We hope that you find the paper informative and feel free to contact us if you have any questions.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 22, 2015 in payments | Permalink | Comments (0)

June 15, 2015


“Customer, You Have the Conn”

Sometimes when you're watching nautical-themed movies, you'll hear the phrase, "I have the conn." The person who speaks this phrase is alerting all those on the vessel that he or she is in control with regard to the vessel's direction and speed. Customers could utter that phrase with regard to their payment vessels—they pretty much have full control in that they make the final choices about their method of payment. They may be restricted by the payment options a merchant offers, but in most cases, if they don't like the options they can shop, or secure services elsewhere.

One of the challenges with payment security that we frequently mention in our posts and speaking engagements is the disincentive that various consumer protection regulations give for consumers to adopt strong security practices. We have all seen or heard of the consumers who write their PINs on their debit cards or set up the PIN 1-2-3-4. In addition, research consistently tells us that consumers often select easily guessed user IDs and passwords—and then often use those same ID/password combinations on multiple sites.

Financial institutions and other payment stakeholders have long worked to develop tools that will encourage customers to be more aware of their financial account activity and contribute to minimizing fraud losses. Account alerts are among the most useful and popular of the tools. When consumers set up account alerts, they can usually specify conditions that will trigger a text message or e-mail. Common alerts are sent when the account balance drops below a set threshold, a debit transaction posts in excess of a specified amount, or an address or phone number change was made on the account. These alerts are beneficial, but they are merely reactive; they report only when a condition has already occurred.

I believe we will soon see a major breakthrough in card security. There are new applications now in testing or in early roll-out phases. These applications will allow customers to be proactive because they will be able to set up a number of filters or controls on their payment cards that will dictate whether a transaction even gets to the point for an authorization decision. For example, if I have a payment card that I use only for gasoline purchases, I can designate my settings to reject transactions coming from other merchant categories. Or I can specify that no international transactions should be allowed. At the extreme end of the control options, I can "turn off" my card, thereby blocking all transactions, and then I can turn it back on when I am ready to use it again. The possible options and filters are almost limitless for this self-service function. Yes, there will be the need for strong customer education, and the choices will require a reasonable limit or the customer will never remember what they set.

If these options are enabled and cardholders are then willing to "take the conn," this new tool could help significantly reduce the number of unauthorized transactions. Critical to the success is whether cardholders will set a reasonable range of parameters based on their normal card usage patterns so they don't get transactions rejected they actually make themselves but still be able to weed out the truly unauthorized transactions. I say "full speed ahead" with such tools. What do you say?

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 15, 2015 in consumer protection, data security, innovation | Permalink | Comments (0)

June 08, 2015


Is the Conventional Wisdom about EMV Migration Right?

We're within five months now of the initial EMV (chip) card liability shift for POS transactions. Most people in the industry have held the belief that as the ability to create counterfeit cards is shut down, the criminals will shift their focus primarily to the card-not-present (CNP) environment, where they can continue to use payment card data they take from the magnetic stripe or other data breaches. In fact, my colleagues and I have been broadcasting this message in our presentations and posts for quite some time. Our assessment, along with most other industry experts, was based on the statistics released by banking groups in major countries that had already gone through the EMV migration. The chart illustrates one view of their experiences. It seems to leave no doubt about what we can expect.

Chart_cnp_fraud_losses

But does it mean what we think it means? While the chart clearly shows an increase in the CNP channel in fraud losses, did the ratio of CNP fraud to overall sales increase? Unfortunately, definitive data is not readily available to provide that answer. Using some confidential sources and partial—but significant volumes of—payment data, we were able to determine that during the period from 2010 to 2013, as a percentage of overall sales, CNP fraud in Canada actually held relatively steady. But was that stability created due to the large increases in the recurring billing segment in the CNP environment, which has a relatively low rate of fraud? At this point, we just don't have data granular enough to tell us.

I don't think this means that there isn't a reason to be concerned about CNP fraud as the EMV migration in the United States continues. For one thing, the experience of others is no guarantee that we will experience the same. But perhaps the biggest reason for us not to relax about the issue is that, even if the levels hold flat through our migration, CNP fraud is still quite significant and has a major negative financial impact on merchants and issuers. The 2013 Federal Reserve Payments Study found that CNP fraud by volume is three times that of card-present fraud.

This situation also demonstrates the need to be able to collect detailed and accurate data on fraudulent payments activity. Fraud has been a real challenge in this country because of the large number of payments stakeholders that end up saddled with the loss. The Federal Reserve is interested in working with the industry to develop a process for collecting such information for the benefit of all.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 8, 2015 in chip-and-pin, cybercrime, EMV | Permalink | Comments (0)

June 01, 2015


Follow the Money

This blog is inspired by Jack Weatherford's The History of Money, and I'll open with a quote from the book's introduction, attributed to Gertrude Stein: "The thing that differentiates man from animals is money." Now I'm guessing most of us can think of a few more distinctions than that, but I will wager her item would make just about any top ten list.

In his book, Mr. Weatherford discusses three generations of money, noting that today's free market systems saw their genesis in Lydia several millennia ago with the advent of coins. He credits the invention not only with leading to our free market systems but also with destroying "the great tributary empires of history." In other words, money can build new, mighty things and fell that which was once mighty.

Mr. Weatherford describes the second generation of money as beginning in Italy with the Renaissance and moving through the Industrial Revolution. What emerged in this turning was paper money and banking and what fell was feudalism, "changing the basis of organization from heredity to money," with ownership of land supplanted by ownership of stocks, bonds, and the like. In other words, modern capitalism took hold and society evolved into something very different from what it had been.

He describes stage three as electronic money and the virtual economy. Instantly, we recognize the current age. In the way he presents the history, he makes a compelling case that noteworthy evolution and reinvention of money changes the world.

"Fascinating," you might say, "but so what?" Before suggesting an answer, I point out that Mr. Weatherford published this work in 1997. Nevertheless, presciently, he said, "A new struggle is beginning for the control of [money]... We are likely to see a prolonged era of competition during which many kinds of money will appear, proliferate, and disappear in rapidly crashing waves. In the quest to control the new money [emphasis mine], many contenders are struggling to become the primary money institution of the new era."

Indeed. So, I get to my answer. At the moment, one of the focal points for many payment wonks is making platforms "faster." A lot has gone into that already, and much more seems yet to come. A key risk if not the chief risk in this endeavor is ending up with an industry focus that is too narrow (platforms only). It could cause key payment participants to end up missing an important change—in money—not the mechanisms for moving it.

As work progresses to reach consensus on what and how to improve the extant payment mechanism, it seems good to pause and make sure the focus. Pursuit of a purely faster mechanism that envisions world monetary systems continuing to be based on the things they've been based on for centuries now could cause us to overlook or miss the next evolution of money. It would have been of little use to invest in improving the systems for speeding the exchange of cowrie shells as the turn was made toward paper money and banking. I think that to get this right, it is important to worry less about improving the system(s) for facilitating exchange, and more about what's going to be exchanged.

Photo of Julius Weyman By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed

June 1, 2015 in emerging payments, innovation | Permalink | Comments (1)

May 18, 2015


A Presumption of Innocence

Presumption of innocence is a principle that goes all the way back to Roman law. This concept means that if reasonable doubt remains after the accuser presents his or her proof, then the accused must be acquitted. In the payments ecosystem, the guilty is defined as the party that the account holder or cardholder has not authorized to conduct a transaction on that account or card. According to the 2013 triennial Federal Reserve Payments Study, the estimated number of unauthorized ACH transactions in 2012 reached a total of $1.2 billion.

With dollar stakes so high, reaching a guilty verdict when fraud has been committed is important. What is the best due process to identify the guilty while ensuring the preservation of the rights of the accused?

In 2009, NACHA members passed a rule change requiring financial institutions (FI) to keep the percentage rate of unauthorized transaction returns below 1 percent per originating company. If an originating company reaches the unauthorized return threshold, NACHA will contact the originating FI to investigate and resolve any potential issues that can lead to rules violations and fines. Some of the reasons an ACH transaction can be returned unauthorized include the following: the entry amount is different than the amount that was authorized, the debit was processed earlier than authorized, the transaction was fraudulent, the transaction sender is unrecognized, the check conversion was done improperly, or a previous authorization has already been revoked. Unauthorized transactions can even be a result of the receiving party committing the fraud, by reporting the transaction as unauthorized but still in receipt of goods and services. The rule change set an expectation that FIs would monitor unauthorized returns received for each originating company name over a two-month period.

Monitoring for unauthorized activity unveils a number of payment issues, but there are more opportunities to identify the guilty. The ACH operator provides unauthorized return rate data, representing returns coded properly with NACHA’s unauthorized return reason codes (R05, R07, R10, R29 or R51). If a disputed transaction is improperly coded or returned with a different code, the transaction would not factor into current unauthorized return monitoring. Regulation E provides consumer protections that require FIs to provide error resolution beyond the NACHA return deadlines and therefore such disputed transactions will also fall outside unauthorized monitoring, unless the FI manually adjusts return counts. Additionally, unauthorized transactions are sometimes quickly returned under the codes for "insufficient funds, "invalid account" or "unable to locate an account." These codes should also be monitored in order to uncover guilty originators.

Effective September 18, 2015, a new NACHA rule will lower the unauthorized transaction return rate to half a percent. In addition two new thresholds will be introduced to monitor other return reason codes that can unveil guilty originators while improving overall network quality. Thresholds are meant to provide a red-flag approach to return monitoring. However, return rates over or near the threshold should trigger investigation and due process before a final verdict is rendered.

By Jessica J. Trundley, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

May 18, 2015 in regulations | Permalink | Comments (0) | TrackBack (0)

May 11, 2015


The Hill Tackles Cybersecurity

In a post last month, Take on Payments highlighted recent cybersecurity-related executive orders. Cybersecurity has been a hot item inside the Beltway in 2015, and the activity hasn't been limited to the executive office. Beginning on April 22, the House passed two separate cybersecurity bills. And now all eyes are on the Senate, as it looks like a vote on its own cybersecurity bill is set to take place later in May. Today's Take On Payments post will highlight the two House bills recently passed by the House and the Senate's bill under consideration.

Protecting Cyber Networks Act (H.R. 1560)
This bill encourages the timely sharing of cyber threat information among private entities, nonfederal government agencies, and local governments. It provides businesses liability protection for sharing cyber threat indicators when taking reasonable efforts to remove personally identifiable information (PII). The bill also allows the federal government (excluding the National Security Agency and Department of Defense) to share cyber threat information with private entities, nonfederal government agencies, and local governments. To further promote and protect individual privacy, it requires that the Department of Justice (DOJ) periodically review the information shared to ensure that PII is not being received, used, or disseminated by a federal entity. Finally, this bill directs the Cyber Threat Intelligence Integration Center (CTIIC), under the direction of the Office of the Director of National Intelligence, to serve as the primary organization to analyze and integrate all intelligence shared.

National Cybersecurity Protection Advancement Act of 2015 (H.R. 1731)
The purpose of this bill is to also encourage information sharing of cyber related risks among the private sector and government. Unlike its companion bill, which directs the CTIIC as the overseer of the information-sharing program, this bill authorizes the Department of Homeland Security (DHS) to do so. In order for the DHS to serve in this capacity, the bill expands the composition and scope of the DHS national cybersecurity and communications integration center to include additional parties, namely private entities and information-sharing and analysis centers, among its non-federal representatives. As with H.R. 1560, the bill has provisions to protect individual privacy and requires that the DHS performs an annual privacy policies and procedures review. As with its companion House bill, liability protection is afforded to parties sharing information.

Cybersecurity Information Sharing Act (CISA) of 2015 (S. 754)
The Senate's version of cybersecurity legislation is a companion bill to the two recently passed House bills and combines tenets of both of them. It's viewed as an information-sharing bill, with the DHS serving as the federal entity responsible for overseeing the sharing of data between the government and private sector. The DOJ is responsible for ensuring that privacy and civil liberties are upheld within the information-sharing program. As with the House bills, liability protection is provided to all entities sharing information.

The goal of information sharing featured in these bills is the hope both government and private sector would benefit. As evidenced by the participation of a significant number of financial institutions (FIs) with the Financial Services Information Sharing and Analysis Center, many FIs are seeing value to sharing cybersecurity information within their own sectors. Additionally, the Retail Industry Leaders Association established the Retail Cyber Intelligence Sharing Center earlier this year to share cyber threat information between retailers and law enforcement. Whether or not these bills accomplish the goals of creating a private environment to safely share cybersecurity information and risks, I think the payments industry and other private industries would benefit from sharing information among themselves and with government and law enforcement agencies.

Photo of David Lott By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

May 11, 2015 in collaboration, consumer protection, cybercrime, law enforcement, regulations | Permalink | Comments (0) | TrackBack (0)

May 04, 2015


Keeping Up with the Criminals: Improving Customer Authentication

The interesting thing about authenticating customers for checks and PIN-based debit transactions is that the customer's authentication credentials are within the transaction media themselves—a signature, a PIN. But for the rest of the transaction types, authentication is more difficult. The payments industry has responded to this challenge in a few different ways, and may be turning increasingly to the use of biometrics—that is, the use of physical and behavioral characteristics to validate a person's identity.

Improving customer authentication in the payments industry has been a focal point for the Retail Payments Risk Forum since its formation. After all, authenticating the parties in a payment transaction efficiently and with a high level of confidence is critical to the ongoing safety and soundness of the U.S. payments system. We have intensified our focus over the last two years, including holding a forum on the topic in mid-2013. The Forum has also just released a working paper that explores the challenges and potential solutions of customer authentication.

The working paper examines the evolution of customer authentication methods from the early days of identifying someone visually to the present environment of using biometrics. The paper reviews each method regarding its process, advantages and disadvantages, and applicability to the payments environment.

Much of the paper looks at biometrics, an authentication method that has received increased attention over the last year—partly because smartphones keep getting smarter as folks keep adding new applications, and as manufacturers keep improving microphones, cameras, accelerometers, touch sensors, and more.

The table lays out six key characteristics that we can use to evaluate a biometric system for a particular application.

New_characteristics_table

The use of biometrics will be the subject of an upcoming forum hosted by the Retail Payments Research Forum later this fall, so stay tuned as we finalize the date and agenda. In the meantime, if you have any comments or questions about the working paper, please let us know.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

May 4, 2015 in authentication, biometrics, emerging payments, innovation, mobile banking, mobile payments, risk management | Permalink | Comments (0) | TrackBack (0)

April 27, 2015


Not Seeing a Tree for the Forest

For this blog's title, I confess to having pineapple-upside-down-caked the common adage "missing the forest for the trees." The thing is, I want to point to a particularly nice tree in the same day ACH (automated clearinghouse) forest. By torturing the adage I hope to inspire folks to deviate from the basic, same day forest flyover and focus on one tree. It seems to me it has not gotten all the attention due.

Those advocating for same day ACH generally tout the increased functionality or the economic benefits of the latest proposal. Another oft-mentioned benefit of the proposed rule change is that it may provide a bridge from today's payments to those of the future. However, tucked into the lush same day ACH forest is a hard-to-find risk abatement species. Allow me to point out some of its features.

Settlement—By reducing the settlement window, same day ACH reduces credit risk associated with the network ecosystem—both in terms of the length of time counterparties are exposed to settlement risk and, potentially, the total amounts of settlement risk. For sure, financial institutions will have more flexibility to better manage these circumstances.

Operations—Same day ACH provides additional processing windows that result in risk reduction opportunities. Operations managers gain the means to load balance or smooth processing volumes and may also be able to ease the pressure on deadlines. The additional processing windows can be thought of as de facto contingency alternatives and seem likely to yield a corresponding increase in reliability and quality for the ACH.

Returns—Expedited settlement means expedited return handling. same day ACH would provide the opportunity for receiving banks to return same day payments on that same day. Moreover, because return requirements are tied to settlement, any same day payment that needs to be returned to an originating bank will be received one banking day earlier than would have occurred without same day settlement. NACHA points out that exceptions may be identified sooner and returned sooner, which means resolution for more problems may begin sooner. They have described this as "a 'win-win' for all parties." It's hard to argue the point.

If it passes, same day ACH will improve the risk posture of financial institutions, benefiting both ACH payers and payees. As spring continues to unfurl, perhaps some of you will get to stroll through the woods. If you come across a particularly handsome dogwood or perhaps an eastern redbud, be reminded that the same day ACH ballot will pop later this spring. I'm keeping my fingers crossed that the woodsmen don't get to clear cut the forest this time and we don't lose any of the nice trees.

Photo of Julius Weyman By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed


April 27, 2015 in ACH, risk management | Permalink | Comments (0) | TrackBack (0)

April 20, 2015


Fed Survey Shows Mobile Banking on Rise in Southeast

In August 2014, the Retail Payments Risk Forum conducted a mobile banking and payments survey of financial institutions in the Sixth Federal Reserve District. (The Sixth District comprises Alabama, Florida, Georgia, and portions of Louisiana, Mississippi, and Tennessee.) The Federal Reserve's Board of Governors has annually conducted a national survey of mobile financial services for the last four years from the consumer perspective. We conducted this inaugural survey to determine the level and type of mobile financial services offered by financial institutions (FIs) in our region. (At the same time, the Federal Reserve Banks of Boston, Dallas, and Richmond conducted an identical survey of the financial institutions in their districts. (So far, only the results of the Dallas District's survey are available.)

Of the 189 validated responses, 75 percent were from banks and 25 percent from credit unions (CUs). Six of the respondents (five banks and one CU) indicated that they did not currently offer nor had any plans to provide mobile banking services. The two most important reasons given by the FIs for not offering the service were security and regulatory concerns.

The full survey report is available on the Retail Payments Risk Forum website, but some of the key findings from the survey include:

  • While mobile banking was first launched in the United States in 2007, it is a relatively new service for many FIs in the Sixth District. Almost 23 percent launched it within the last year, and an additional 15 percent are planning to offer mobile banking within the next two years.
  • The primary reason FIs selected for offering mobile banking was to retain customers. Some saw it as an opportunity to gain new customers.
  • There is very little difference in the basic mobile banking functions that banks and credit unions offer.
  • Sixth District FIs use more than 30 mobile banking application vendors, although there is a large concentration with three of these providers.
  • Despite the current headlines, the respondents expressed little to no interest in using biometrics and tokenization. (But note that the survey was conducted before the Apple Pay rolled out.)
  • Security concerns related to identity theft, data breaches, malware, and poor customer security practices remain primary concerns of FIs.
  • With the possible exception of the remote deposit capability, FIs do not expect to charge customers for mobile banking or payment services.
  • The mobile payments environment is nascent and highly fragmented in both the number of vendors and the wide range of technologies. This fragmentation has created some inertia while the FIs wait for the environment to sort itself out.

The Retail Payments Risk Forum plans to conduct this survey every two years in order to measure changing penetration and attitudes. If you have any questions concerning the survey results, please contact me via e-mail.


April 20, 2015 in mobile payments | Permalink | Comments (0) | TrackBack (0)

Google Search



Recent Posts


July 2015


Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Archives


Categories


Powered by TypePad