Singapore’s digital identity scheme, Singpass, adds new features and service integrations as penetration reaches 97 percent of eligible residents, according to Kendrick Lee, director of National Digital Identity at the Government Technology (GovTech) agency. Global partnerships and a reduction in minimum age could see it being used by more people in more places.

“Veriff, a global identity verification provider, today announced its partnership with Twiso, A Zip Company, a buy now, pay later (BNPL) business, to provide identity verification (IDV) services for online merchants. With this partnership, Veriff expedites the IDV process for Twisto customers, while ensuring compliance with know your customer (KYC) regulations.  Veriff’s AI-powered identity verification technology is now available through Twisto’s platform, enabling consumers to quickly and seamlessly verify their identities. Veriff provides best-in-class KYC verification with its video-first technology and offers an extra layer of protection for users through location verification.”

“U.S. financial regulators are calling on banks to strengthen their authentication processes to better protect customer accounts and information systems. The Federal Financial Institutions Examination Council on Wednesday issued new guidance for how financial institutions can properly employ an authentication process for customers, employees and third parties as the number of access points to information systems has expanded along with mobile computing and smartphone applications.”

“In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumer’s request to freeze their credit file at Experian , one of the big three consumer credit bureaus in the United States.  Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space.”

“PayMyTuition, a leading provider of technology-driven payment processing solutions, announced today that it has incorporated open banking into its innovative solution for international payment plans for universities and colleges. This launch will enable educational institutions to validate student banking information and account balance status in real time, creating a highly efficient payments process saving both the student and institution time and money.”

“In the first half of 2019, criminals stole 40% more than in the same period in 2018 through bank transfer scams. Fraud losses on cards totalled to £313 million. Encouragingly, almost £500 million of card fraud was stopped by banks and card companies – and only three per cent came from contactless payments. However, for an industry built on trust and security, these small bright spots aren’t enough.”

“Nok Nok Labs — one of the driving forces behind the new FIDO (Fast Identity Online) standard aimed at strengthening the security of biometric systems on mobile devices, today has partnered with banking leader, BBVA. The agreement is part of BBVA’s strategy to improve the security and user experience of its mobile banking services through state-of-the-art biometric capabilities.”

“With payments fraud growing every year, the pressure is on in markets worldwide to adopt more sophisticated technology to verify the identity of mobile users. Against that backdrop, the winning technology is fingerprint recognition, with facial-recognition systems presenting a fast-growing alternative, according to the latest study from United Kingdom-based Juniper Research. Driving much of the adoption of these technologies, Juniper says, is the emergence of new security protocols like the major card networks’ 3-D Secure 2.0 , which is expected to achieve widespread adoption this year and requires two-factor authentication (for example, something you are in addition to something you have).”

“JPMorgan Chase is to enforce stricter security measures, banning third-party fintech apps from accessing customer passwords. The existing method of data sharing provides — with permission — numerous apps with access to customers’ bank accounts, but concerns have been voiced about the possible dangers. No timetable has been set out, but the American finance giant intends to use a token-based system that will provide third parties with access to “a narrow range of data in a secure form”.”

“On launch day, face unlock on the Pixel 4 and Pixel 4 XL was only supported by five apps , with a few more getting updated since last month. The latest is Bank of America’s Android client today. Release notes for version 8.3.11 of Bank of America for Android prominently mentions the “Ability to sign in with face unlock (Pixel 4 only).” After updating, you’ll need to enter your password one more time, and select the “Set up biometric sign-in” checkbox.”

“FICO (NYSE: FICO ), the leading provider of analytics and decision management technology, today announced that it is adding two new product families to its portfolio: FICO® Identity Proofing, which allows organizations to digitally onboard new customers without requiring in-person verification, and FICO® User Authentication, a comprehensive suite of capabilities including multifactor, biometric, and behavioral authentication. To support this effort, FICO has acquired EZMCOM, whose products are used by banks across the globe to protect more than 60 million customers.”

“SYS (NYSE: TSS) today announced a new authentication product that provides unprecedented real-time verification of customer identities. The new offering, the TSYS Authentication PlatformSM, relies on customer experience data collected from direct cardholder touchpoints and integrates into TSYS clients’ existing authentication systems. TSYS Authentication Platform is available in Europe and will be launched in North America in 2020.”

“We consider security keys based on FIDO standards, like our Titan Security Key , to be the strongest, most phishing-resistant method of 2SV on the market today. These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts. Now, you have one more option—and it’s already in your pocket. Starting today in beta, your phone can be your security key—it’s built into devices running Android 7.0+. This makes it easier and more convenient for you to unlock this powerful protection, without having to carry around additional security keys.”

“Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft. As first disclosed by KrebsOnSecurity last summer , Google maintains it has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes.”

“Transactis is a new NACHA Preferred Partner for API Enablement of Electronic Bill Payments. NACHA Preferred Partners are a select group of innovators that contribute to NACHA’s strategic efforts in support of the payments ecosystem by removing friction, increasing ease, improving cash flow accessibility and efficiency, as well as supporting sound risk management and security for ACH payments. Transactis was selected as a Preferred Partner because of its robust solutions, leveraging advanced API technology that automates and simplifies billing and payment processing.”

“Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.”

“The specification lets users log into online accounts using biometrics, mobile devices, and/or FIDO security keys. WebAuthn is supported by Android and Windows 10. On the browser side, Google Chrome, Mozilla Firefox, and Microsoft Edge all added support last year. Apple has supported WebAuthn in preview versions of Safari since December.”