A leading payments industry news source for more than 17 years. Glenbrook curates the news and keeps you abreast of the important daily headlines in payments.

Search Payment News

January 24, 2023

On the web

Haptic Authentication for Blind, Low-Vision Users Tested by US, Canadian Academics

Biometric Update

A new method for authenticating blind and low-vision (BLV) users via haptic vibrations has been tested by researchers at the University of Waterloo and the Rochester Institute of Technology. Called OneButtonPIN, the new method is described in a study published in the Proceedings of the ACM on Human-Computer Interaction journal and aims to make authentication more user-friendly and secure for BLV individuals.

July 29, 2022

On the web

Singpass Incorporates Digital Identity Card, Saves $36 Per Onboarding, Considers Decentralization

Biometric Update

Singapore’s digital identity scheme, Singpass, adds new features and service integrations as penetration reaches 97 percent of eligible residents, according to Kendrick Lee, director of National Digital Identity at the Government Technology (GovTech) agency. Global partnerships and a reduction in minimum age could see it being used by more people in more places.

June 29, 2022

On the web

Veriff Identity Verification Solutions Now Available to Twisto’s Buy Now, Pay Later Clients

PR Newswire

“Veriff, a global identity verification provider, today announced its partnership with Twiso, A Zip Company, a buy now, pay later (BNPL) business, to provide identity verification (IDV) services for online merchants. With this partnership, Veriff expedites the IDV process for Twisto customers, while ensuring compliance with know your customer (KYC) regulations.  Veriff’s AI-powered identity verification technology is now available through Twisto’s platform, enabling consumers to quickly and seamlessly verify their identities. Veriff provides best-in-class KYC verification with its video-first technology and offers an extra layer of protection for users through location verification.”

June 6, 2022

On the web

Payments Platform Stripe Launches Authentication Feature

ITP.net

“Stripe, a financial infrastructure platform for businesses, today announced the launch of a delegated authentication feature to improve payment conversion rates in Europe. Stripe businesses can now have their customers authenticate purchases right inside a checkout flow. Wise is the first card issuer to implement the feature. As a result, cardholders will no longer be redirected to their Wise app when authenticating purchases from millions of Stripe businesses. Instead, they will be able to use any biometric authentication method supported by the device they’re on, without ever leaving the checkout flow.”

August 12, 2021

On the web

Regulators Urge Banks to Strengthen Customer Authentication

American Banker

“U.S. financial regulators are calling on banks to strengthen their authentication processes to better protect customer accounts and information systems. The Federal Financial Institutions Examination Council on Wednesday issued new guidance for how financial institutions can properly employ an authentication process for customers, employees and third parties as the number of access points to information systems has expanded along with mobile computing and smartphone applications.”

July 14, 2021

On the wires

Remote Authentication Fraud: Are You Who You Say You Are? – FedPayments Improvement

“Heightening the need for greater attention to authentication fraud, the COVID-pandemic increased demand for more consumers to enroll in online or mobile (digital) accounts to make remote payments. In fact, average U.S. consumer e-commerce spending was 36% of total spending in December 2020, up from just 26% in March 2020. [1] Unfortunately, fraudsters have noticed the shift, too – and they are changing the targets of their fraud attacks accordingly. To help address remote authentication fraud, the Fed recently published Remote Authentication Landscape and Authentication Methods , the first of three research briefs planned for this summer.”

June 1, 2021

On the wires

LoginID Announces Investment From Visa to Accelerate FIDO-certified Strong Customer Authentication

LoginID , a FIDO-certified authentication provider, today announced additional investment from Visa on the heels of its $6M seed round from veteran payment and fintech entrepreneurs. The investment amount from Visa is undisclosed. Customers are readily accepting the use of biometrics to make payments and other transactions in a secure and convenient way. According to an April 2021 pymnts.com report , 18 billion payment transactions will be verified using biometrics in 2021. Visa recognizes that strong authentication solutions from companies like LoginID help promote its vision to improve integrity around payments – both reducing fraud and helping merchants meet global regulatory and compliance demands.”

May 17, 2021

On the wires

Stripe Newsroom: Stripe Acquires Bouncer to Help Businesses With Fraud Prevention

“Stripe, a global technology company that builds economic infrastructure for the internet, announced today it has acquired Bouncer , a company building card authentication technology to reduce fraud during online transactions. Bouncer’s team and technology will join Stripe to further enhance the capabilities of Radar, Stripe’s powerful, machine-learning-based fraud prevention tool. Bouncer’s card scanning and risk technology is used to help online businesses reduce fraud and authenticate cards. Bouncer will be integrated into Stripe Radar, a fraud prevention tool whose machine learning models are trained on purchases made at millions of companies around the world every day.”

April 27, 2021

On the web

Experian’s Credit Freeze Security Is Still a Joke

krebsonsecurity

“In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumer’s request to freeze their credit file at Experian , one of the big three consumer credit bureaus in the United States.  Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space.”

March 16, 2021

On the wires

PayMyTuition Changes the Game by Incorporating Open Banking Into Their International Student Payment Plans Solution for Educational Institutions

“PayMyTuition, a leading provider of technology-driven payment processing solutions, announced today that it has incorporated open banking into its innovative solution for international payment plans for universities and colleges. This launch will enable educational institutions to validate student banking information and account balance status in real time, creating a highly efficient payments process saving both the student and institution time and money.”

March 11, 2021

On the wires

Nok Nok Labs and Netcetera to Provide Delegated Authentication Solutions for Compliance With PSD2-Strong Customer Authentication and EMV® 3-D Secure

Nok Nok Labs (Nok Nok), the trusted leader in passwordless authentication and Netcetera, the trusted partner for digital payment solutions, today announced a partnership that will deliver delegated authentication solutions to merchants and payment providers seeking to address PSD2-SCA and 3DS 2.x protocols compliance. By utilizing the Nok Nok™ S3 Authentication Suite’s FIDO-based passwordless authentication, merchants, PSPs and acquirers can more securely and easily authenticate users, as well as increase their visibility into authentication processes and compliance in order to assess risk.”

July 7, 2020

On the web

Google Chrome Is Working on Biometric Authentication for Payment Autofill

Android Police

“A few months ago, we spotted Chrome working on Windows Hello integration for payment autofill authentication, sparing you from digging out your physical card to enter your CVC over and over. We’ve now found out that Windows isn’t the only place where Google wants to make access to payment cards easier and more tightly integrated. The company is also working on system-wide authentication for Android (and possibly Chrome OS, Linux, and macOS). Sadly, the feature isn’t fully live on any iteration of Chrome for Android yet.”

March 3, 2020

February 28, 2020

On the web

How Does Strong Customer Authentication Help Banks Fight Against Fraud?

Forbes

“In the first half of 2019, criminals stole 40% more than in the same period in 2018 through bank transfer scams. Fraud losses on cards totalled to £313 million. Encouragingly, almost £500 million of card fraud was stopped by banks and card companies – and only three per cent came from contactless payments. However, for an industry built on trust and security, these small bright spots aren’t enough.”

January 14, 2020

On the wires

Nok Nok Labs Joins Forces With BBVA to Boost the Use of Authentication on Mobile Banking Services

“Nok Nok Labs — one of the driving forces behind the new FIDO (Fast Identity Online) standard aimed at strengthening the security of biometric systems on mobile devices, today has partnered with banking leader, BBVA. The agreement is part of BBVA’s strategy to improve the security and user experience of its mobile banking services through state-of-the-art biometric capabilities.”

January 7, 2020

On the web

Fingerprint ID Dominates Authentication, But Facial Recognition Is Growing Fast

Digital Transactions

“With payments fraud growing every year, the pressure is on in markets worldwide to adopt more sophisticated technology to verify the identity of mobile users. Against that backdrop, the winning technology is fingerprint recognition, with facial-recognition systems presenting a fast-growing alternative, according to the latest study from United Kingdom-based Juniper Research. Driving much of the adoption of these technologies, Juniper says, is the emergence of new security protocols like the major card networks’ 3-D Secure 2.0 , which is expected to achieve widespread adoption this year and requires two-factor authentication (for example, something you are in addition to something you have).”

January 2, 2020

On the web

JPMorgan to Ban Third-party Fintech Platforms From Accessing Customer Passwords

BetaNews

“JPMorgan Chase is to enforce stricter security measures, banning third-party fintech apps from accessing customer passwords. The existing method of data sharing provides — with permission — numerous apps with access to customers’ bank accounts, but concerns have been voiced about the possible dangers. No timetable has been set out, but the American finance giant intends to use a token-based system that will provide third parties with access to “a narrow range of data in a secure form”.”

December 16, 2019

On the web

CULedger Completes Blockchain Identity Pilot With Three US Credit Unions

FinTech Futures

“CULedger claims that MyCUID users can verify their identity by using a biometric function on their smart phone, such as voice, fingerprint or facial recognition. The vendor says that data from its pilot indicated that the average time to verify a member’s identity had been reduced from the industry average of more than 50 seconds to ten or less. “As financial cooperatives, credit unions are more inclined to work together than their bank counterparts in order to best serve their members’ needs,” said John Ainsworth, president and CEO of CULedger.”

November 19, 2019

On the web

Bank of America Updates Android App to Support Pixel 4 Face Unlock

9to5Google

“On launch day, face unlock on the Pixel 4 and Pixel 4 XL was only supported by five apps , with a few more getting updated since last month. The latest is Bank of America’s Android client today. Release notes for version 8.3.11 of Bank of America for Android prominently mentions the “Ability to sign in with face unlock (Pixel 4 only).” After updating, you’ll need to enter your password one more time, and select the “Set up biometric sign-in” checkbox.”

November 6, 2019

On the wires

FICO Adds AI-Powered Authentication to Fight Fraud

“FICO (NYSE: FICO ), the leading provider of analytics and decision management technology, today announced that it is adding two new product families to its portfolio: FICO® Identity Proofing, which allows organizations to digitally onboard new customers without requiring in-person verification, and FICO® User Authentication, a comprehensive suite of capabilities including multifactor, biometric, and behavioral authentication. To support this effort, FICO has acquired EZMCOM, whose products are used by banks across the globe to protect more than 60 million customers.”

September 12, 2019

On the wires

TSYS Introduces Breakthrough Authentication Platform

“SYS (NYSE: TSS) today announced a new authentication product that provides unprecedented real-time verification of customer identities. The new offering, the TSYS Authentication PlatformSM, relies on customer experience data collected from direct cardholder touchpoints and integrates into TSYS clients’ existing authentication systems. TSYS Authentication Platform is available in Europe and will be launched in North America in 2020.”

April 17, 2019

Top Post

Stripe Acquires Touchtech, Updates APIs to Prep for Strong Customer Authentication in Europe

TechCrunch

Stripe, the payments powerhouse that is now valued at $22.5 billion , has made an acquisition to help it gear up for new regulations in Europe that will be rolled out later this year to improve security in online transactions. It has acquired Touchtech Payments , a startup out of Ireland that works with banks to help them build and manage Strong Customer Authentication, a verification process that will typically require customers to provide two different forms of authentication from card holders in order to process transactions. SCA will be required on most transactions in Europe from September 14 of this year.”

April 16, 2019

On the web

The Ultimate Account Security Is Now in Your Pocket

Google

“We consider security keys based on FIDO standards, like our Titan Security Key , to be the strongest, most phishing-resistant method of 2SV on the market today. These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts. Now, you have one more option—and it’s already in your pocket. Starting today in beta, your phone can be your security key—it’s built into devices running Android 7.0+. This makes it easier and more convenient for you to unlock this powerful protection, without having to carry around additional security keys.”

April 11, 2019

On the web

Krebs on Security

Krebs on Security

“Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft. As first disclosed by KrebsOnSecurity last summer , Google maintains it has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes.”

April 4, 2019

On the wires

Klarna Launches Global Customer Authentication Platform

Transactis is a new NACHA Preferred Partner for API Enablement of Electronic Bill Payments. NACHA Preferred Partners are a select group of innovators that contribute to NACHA’s strategic efforts in support of the payments ecosystem by removing friction, increasing ease, improving cash flow accessibility and efficiency, as well as supporting sound risk management and security for ACH payments. Transactis was selected as a Preferred Partner because of its robust solutions, leveraging advanced API technology that automates and simplifies billing and payment processing.”

April 2, 2019

On the web

Johns Hopkins University Rolls Out Support for IOS and Android Campus Cards

NFC World

“Johns Hopkins University (JHU) has become the fifth university in the US to enable its students to load their campus card onto their iPhone or Apple Watch. Those with an Android NFC phone are also able to take advantage of the university’s new mobile credential service. Students, as well as JHU faculty and staff members, can add their J-Card identity card to the app and use their iPhone, Apple Watch or Android phone to gain access to buildings and services or to pay for food. The J-Card Mobile Credential works as part of the eAccounts Mobile app developed by Blackboard.”

March 18, 2019

On the web

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Krebs on Security

“Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.”

March 14, 2019

On the wires

Fintech and Blockchain Pioneers Team Up to Bring DLT Security to Voice Banking

“When ConnectFSS began implementing the FIVE Voice Banking Platform for clients, president Grant Parry saw an opportunity to combine FIVE with work being done on CULedger’s MyCUID digital credential solution. Now, the consortium is working on a new way for members to authenticate during their voice banking transactions, utilizing the security benefits offered by MyCUID’s DLT-based self-sovereign identity platform.”

March 4, 2019

On the web

February 28, 2019

On the wires