A leading payments industry news source for more than 17 years. Glenbrook curates the news and keeps you abreast of the important daily headlines in payments.

Search Payments News

March 29, 2022

On the wires

Very Good Security (VGS) Extends VGS Payment Optimization With Network Tokens

Very Good Security (VGS), the modern standard for secure storage, exchange, and optimization of the world’s payment data, today announced that the VGS Payment Optimization suite now offers Network Tokens, a new feature that enhances the security of payment transactions while minimizing fraud and improving approval rates. A network token is a unique randomly generated identifier issued and unlocked only by a card network such as Visa or Mastercard. This secure token can then be used in lieu of a primary account number (PAN), enabling the processing of payment transactions without exposing sensitive card account data.”

March 28, 2022

On the web

FCC Puts Kaspersky on Security Threat List, Says It Poses “unacceptable Risk”

Ars Technica

“The Federal Communications Commission on Friday determined that security products from Kaspersky posed an unacceptable risk to US national security and added the company to a covered list of other firms not eligible for FCC funds. The move adds Kaspersky to the same covered list that Huawei and ZTE landed on in 2021 . Besides its Moscow headquarters, the company’s founder, Eugene Kaspersky, attended a KGB-sponsored technical college and has long been accused of having ties to Russian military and intelligence services.”

March 15, 2022

On the web

ASM Global and PopID Partner on Biometric Payments and Ticketing for Stadiums

Biometric Update

PopID and venue management company ASM Global are kicking off a biometric ticketing and payment system that employs facial verification at the Pechanga Stadium in San Diego, California. The stadium will use PopID’s ‘PopPay,’ a contactless biometric payment option that grants access to payments with a selfie of the user. PopPay works by having a person enroll on their phone and submitting a photo and payment option to open an account.”

March 11, 2022

On the web

Biometrics Is Most Popular for Onboarding in Only One Country — Survey

Biometric Update

“Buried in a new marketing-driven survey about the importance of consumers’ retail digital experience, is a surprising insight into the importance of biometric security. Of 14 nations (plus Puerto Rico) surveyed around the world, consumers in only two, Hong Kong and Brazil, prefer to verify their identity with biometrics when they open an online account according to credit-reporting firm TransUnion.”

March 7, 2022

On the web

February 28, 2022

On the web

February 9, 2022

On the web

Pakistan to Launch National Digital Identity Wallet


“Citizens of Pakistan will soon be able to apply for, store and display a digital version of their national identity card in a digital ID wallet on their smartphone using an updated version of the country’s Pak-ID mobile app. Pakistan’s National Database and Registration Authority (NADRA) launched Pak-ID in September 2021, enabling citizens to apply for a physical ID card remotely by using their Android or iOS device to scan supporting documents and capture biometric data including their fingerprint and a photograph of their face to verify their identity.”

January 26, 2022

On the wires

1Password and Brex Partner to Optimize Secure Online Payments

“The new integration will help businesses protect critical financial information and identities. Online purchases can be made quickly – in two clicks – and securely, as information stored in a customer’s Brex vault will be automatically synced with 1Password, ensuring users always have access to the most up-to-date version of their Brex virtual cards. If a card is compromised, customers can delete their card from both the 1Password or Brex dashboard to ensure no further payments are processed. For customers with heightened security concerns, the new integration enables the creation of a single-use card, ensuring a card can only be used once and eliminating the risk of online card theft.”

January 24, 2022

On the web

No Time to Relax: Data Compromises Reached An All-Time High in 2021

Digital Transactions

“Data-compromise incidents hit an all-time high in 2021, totaling 1,862, up 23% from the previous record high of 1,506 in 2017, according to the Identity Theft Resource Center’s Annual Data Breach Report. On a year-over-year basis, the number of the compromises increased 68% in 2021, compared to 2020. The number of breaches involving sensitive information, such as Social Security numbers, represented 83% of the overall number of compromises in 2021, compared to 80% in 2020. Despite the year-over-year over increase, the percentage of breaches involving sensitive information remains well below the all-time high of 95% set in 2017.”

January 21, 2022

On the web

January 19, 2022

On the web

FBI Warning: Crooks Are Using Fake QR Codes to Steal Your Passwords and Money | ZDNet


“QR codes are useful shortcuts to online resources via a phone’s camera, but scammers are now tampering with them to direct victims to phishing pages and cryptocurrency scams. QR or ‘Quick Response’ codes have been connecting scanners to real-world objects since the 1990s, but got widely adopted during the pandemic as businesses moved to contactless communication and payments via QR codes on restaurant menus, parking meters and other public spaces.”

Cryptocurrency Exchange Crypto.com Hit by Cyber Attack


“Crypto.com experienced a cyber attack over the weekend but the extent of the damage is unclear. On Sunday, the cryptocurrency exchange platform announced through Twitter and Telegram that a “small number of users” reported unauthorized account activity and that withdrawals were suspended pending an investigation. The company confirmed that all funds were safe but required users to sign back into their accounts and reset their two-factor authentication out of “an abundance of caution.”

January 14, 2022

On the web

Nacha Brings Verification of Payment-Related Data to Its Phixius Network

Digital Transactions

“As part of its effort to help users of its Phixius payment-data network mitigate fraud and enhance payment-routing certainty, Nacha announced Thursday the network will enable originators, fintechs, and financial institutions that originate and receive electronic payments to verify payment-related information, such as account ownership, account numbers, and routing information.”

January 12, 2022

On the web

TSA to Begin Apple Digital ID Pilot in February


“Air passengers with Apple devices will soon be able to verify their identity at Transportation Security Administration (TSA) checkpoints at two US airports by presenting a digital ID document such as their mobile driving licence (mDL) or state ID stored in Wallet. The TSA is to begin trialling the use of Apple digital IDs as part of a pilot programme that will roll out to airports in “two additional states around March of 2022”, enabling travellers to tap their Apple device on an NFC reader or use a QR scanner to initiate an automated identity verification process.”

January 3, 2022

On the web

TSA to Begin Supporting Apple’s Digital IDs in February

iDrop News

“The idea of digital driver’s licenses has begun gaining more traction in the U.S. as the Transportation Security Administration (TSA) prepares to begin its rollout of Apple’s Digital IDs at key airports early next year. Similar to the way that Apple drove the adoption of mobile payments through Apple Pay, it appears that the introduction of support for Digital IDs in iOS 15 has more government agencies sitting up and taking notice of the technology.”

December 21, 2021

On the wires

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats Are Equal

Venafi® , the inventor and leading provider of machine identity management, today announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.”

December 16, 2021

On the web

NY Man Pleads Guilty in $20 Million SIM Swap Theft


“A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.”

December 6, 2021

On the web

December 2, 2021

On the web

Millions of Credit Card Details for Sale on Dark Web for As Little As 75p


“The credit card details of millions of people are being sold to criminals on the dark web for an average of less than £8 ($10.60) each. Research by VPN provider NordVPN of over four million credit cards for sale on the dark web found that credit cards from US citizens were the most common, with 1.6 million of the 4.5 million analysed being from the US. About 135,000 of the card details analysed belonged to UK citizens.”

November 22, 2021

On the web

November 19, 2021

On the web

Plaid Leads Effort to Raise the Bar on Fintechs’ Data Security

American Banker

“The data aggregator Plaid is leading the charge for a new data security standard for fintechs. The San Francisco company, which delivers bank account data to 4,500 fintech clients, has recruited other companies to this effort, including the data aggregators Flinks and MX; the employment verification provider Truework; and the security compliance companies Drata, Laika, Secureframe and Vanta. The new Open Finance Data Security Standard was posted online Tuesday and is open for outside comment ahead of implementation next year. It is meant to hold fintechs that handle consumer data to a higher standard of data protection, the way the PCI Security Standards Council’s Data Security Standard guides those in the payment card industry to protect card data.”

US Banks Ordered to Report Major Cyber Incidents Within 36 Hours


“US banking regulators on Thursday finalised a rule that directs banks to report any major cyber security incidents to the government within 36 hours of discovery. Separately, the banking industry said it had successfully completed a massive cross-industry cyber security drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.”

November 1, 2021

On the web

Identity Thieves Exploit El Salvador’s Chivo Bitcoin Wallet’s Setup Process


“Between Oct. 9 and Oct. 14, Cristosal, a human rights organization in El Salvador, received 755 notifications of Salvadorans reporting identity theft with their Chivo Wallets, Rina Montti, the group’s director of human rights research, told CoinDesk. In the majority of those cases, the affected Salvadorans tried to activate their wallets after they learned of the large number of people reporting that their identities had been stolen. The hackers had an incentive: Each wallet came loaded with $30 worth of bitcoin, provided by the administration of Salvadoran President Nayib Bukele to encourage citizens to use the cryptocurrency.”

October 27, 2021

On the web

FIS’s Worldpay Replaces PAX Terminals Over Security Concerns


“FIS’s online-payments processing unit has begun replacing terminals made by PAX Global Technology Ltd. due to concerns about their security, according to messages reviewed by Bloomberg News and people familiar with the matter. The business, called Worldpay from FIS, told partner companies on Oct. 8 that it had decided to remove PAX devices in favor of point-of-sale equipment manufactured by two competitors, U.S.-based Verifone and France’s Ingenico, according to a message reviewed by Bloomberg News.”

FBI Raids Chinese Point-of-Sale Giant PAX Technology


“U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have been involved in cyberattacks on U.S. and E.U. organizations.”

October 19, 2021

On the web

Hacker Steals Government ID Database for Argentina’s Entire Population

The Record by Recorded Future

“A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER , which stands for Registro Nacional de las Personas, translated as National Registry of Persons. The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.”

October 8, 2021

On the wires

Interac Corp. Acquires Exclusive Rights to SecureKey Digital ID Services for Canada

Interac Corp. , a leading payments network and digital ID provider, today announced it has entered into a strategic transaction to acquire the exclusive rights to SecureKey Technologies Inc . (“SecureKey”) digital ID services for Canada. SecureKey is a leading digital ID and authentication provider that works with governments, financial institutions, and businesses to simplify consumer access to online services and applications. This strategic acquisition of the SecureKey Canadian business contracts and exclusive licence in Canada of its intellectual property is the latest investment by Interac to bring together world-class digital identification and authentication capabilities in the market.”

October 4, 2021

On the wires

Basis Theory Becomes Nacha Preferred Partner for Data Tokenization and Encryption | Nacha

“Basis Theory today became a Nacha Preferred Partner for Data Tokenization and Encryption. As a Nacha Preferred Partner, Basis Theory joins a select group of innovators recognized for offering products and services that align with Nacha’s strategies to advance the ACH Network. Basis Theory helps ACH originators provide data protection and risk management that help improve ACH transaction quality.”

September 28, 2021

On the wires

Spreedly Issues More Than 150,000 Network Tokens Daily

“Spreedly, the provider of the leading Payments Orchestration platform, today announced it issued over 150,000 new network tokens daily — over five million in the month of August alone. Network tokens add another powerful tool to prevent card-not-present fraudulent transactions and significantly increase authorization rates. The newly issued tokens are part of a larger program a nnounced earlier this year with Visa to accelerate the adoption of network tokens.”

September 15, 2021

On the web

French Government to Let Citizens Scan NFC EID Cards to Access Secure Online Services


“French citizens will soon be able to verify their identity when accessing a range of secure online services — including opening a bank account, filing a tax return and paying for their health insurance — by scanning their updated Carte Nationale d’Identité Électronique (CNIE) eID card with their NFC-enabled smartphone. The French government is introducing the functionality in order to enable holders of the new CNIE card to tap it on their mobile device in response to an authentication request made by any of 900 service providers connected to the FranceConnect platform.”

Payments News

Give us your email address or link to our RSS feed and we’ll push the daily Payments News headlines to you.

Glenbrook Payments Boot camp®

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Train your Team

Customized, private Payments Boot Camps tailored to meet your team’s unique needs.

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

Glenbrook Press

Comprehensive books that detail the systems and innovations shaping the payments industry.