A leading payments industry news source for more than 17 years. Glenbrook curates the news and keeps you abreast of the important daily headlines in payments.

Search Payments News

February 28, 2022

On the web

February 9, 2022

On the web

Pakistan to Launch National Digital Identity Wallet

NFCW

“Citizens of Pakistan will soon be able to apply for, store and display a digital version of their national identity card in a digital ID wallet on their smartphone using an updated version of the country’s Pak-ID mobile app. Pakistan’s National Database and Registration Authority (NADRA) launched Pak-ID in September 2021, enabling citizens to apply for a physical ID card remotely by using their Android or iOS device to scan supporting documents and capture biometric data including their fingerprint and a photograph of their face to verify their identity.”

January 26, 2022

On the wires

1Password and Brex Partner to Optimize Secure Online Payments

“The new integration will help businesses protect critical financial information and identities. Online purchases can be made quickly – in two clicks – and securely, as information stored in a customer’s Brex vault will be automatically synced with 1Password, ensuring users always have access to the most up-to-date version of their Brex virtual cards. If a card is compromised, customers can delete their card from both the 1Password or Brex dashboard to ensure no further payments are processed. For customers with heightened security concerns, the new integration enables the creation of a single-use card, ensuring a card can only be used once and eliminating the risk of online card theft.”

January 24, 2022

On the web

No Time to Relax: Data Compromises Reached An All-Time High in 2021

Digital Transactions

“Data-compromise incidents hit an all-time high in 2021, totaling 1,862, up 23% from the previous record high of 1,506 in 2017, according to the Identity Theft Resource Center’s Annual Data Breach Report. On a year-over-year basis, the number of the compromises increased 68% in 2021, compared to 2020. The number of breaches involving sensitive information, such as Social Security numbers, represented 83% of the overall number of compromises in 2021, compared to 80% in 2020. Despite the year-over-year over increase, the percentage of breaches involving sensitive information remains well below the all-time high of 95% set in 2017.”

January 21, 2022

On the web

January 19, 2022

On the web

FBI Warning: Crooks Are Using Fake QR Codes to Steal Your Passwords and Money | ZDNet

ZDNet

“QR codes are useful shortcuts to online resources via a phone’s camera, but scammers are now tampering with them to direct victims to phishing pages and cryptocurrency scams. QR or ‘Quick Response’ codes have been connecting scanners to real-world objects since the 1990s, but got widely adopted during the pandemic as businesses moved to contactless communication and payments via QR codes on restaurant menus, parking meters and other public spaces.”

Cryptocurrency Exchange Crypto.com Hit by Cyber Attack

SearchSecurity

“Crypto.com experienced a cyber attack over the weekend but the extent of the damage is unclear. On Sunday, the cryptocurrency exchange platform announced through Twitter and Telegram that a “small number of users” reported unauthorized account activity and that withdrawals were suspended pending an investigation. The company confirmed that all funds were safe but required users to sign back into their accounts and reset their two-factor authentication out of “an abundance of caution.”

January 14, 2022

On the web

Nacha Brings Verification of Payment-Related Data to Its Phixius Network

Digital Transactions

“As part of its effort to help users of its Phixius payment-data network mitigate fraud and enhance payment-routing certainty, Nacha announced Thursday the network will enable originators, fintechs, and financial institutions that originate and receive electronic payments to verify payment-related information, such as account ownership, account numbers, and routing information.”

January 12, 2022

On the web

TSA to Begin Apple Digital ID Pilot in February

NFCW

“Air passengers with Apple devices will soon be able to verify their identity at Transportation Security Administration (TSA) checkpoints at two US airports by presenting a digital ID document such as their mobile driving licence (mDL) or state ID stored in Wallet. The TSA is to begin trialling the use of Apple digital IDs as part of a pilot programme that will roll out to airports in “two additional states around March of 2022”, enabling travellers to tap their Apple device on an NFC reader or use a QR scanner to initiate an automated identity verification process.”

January 3, 2022

On the web

TSA to Begin Supporting Apple’s Digital IDs in February

iDrop News

“The idea of digital driver’s licenses has begun gaining more traction in the U.S. as the Transportation Security Administration (TSA) prepares to begin its rollout of Apple’s Digital IDs at key airports early next year. Similar to the way that Apple drove the adoption of mobile payments through Apple Pay, it appears that the introduction of support for Digital IDs in iOS 15 has more government agencies sitting up and taking notice of the technology.”

December 21, 2021

On the wires

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats Are Equal

Venafi® , the inventor and leading provider of machine identity management, today announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.”

December 16, 2021

On the web

NY Man Pleads Guilty in $20 Million SIM Swap Theft

KrebsOnSecurity

“A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.”

December 6, 2021

On the web

December 2, 2021

On the web

Millions of Credit Card Details for Sale on Dark Web for As Little As 75p

ComputerWeekly.com

“The credit card details of millions of people are being sold to criminals on the dark web for an average of less than £8 ($10.60) each. Research by VPN provider NordVPN of over four million credit cards for sale on the dark web found that credit cards from US citizens were the most common, with 1.6 million of the 4.5 million analysed being from the US. About 135,000 of the card details analysed belonged to UK citizens.”

November 22, 2021

On the web

November 19, 2021

On the web

Plaid Leads Effort to Raise the Bar on Fintechs’ Data Security

American Banker

“The data aggregator Plaid is leading the charge for a new data security standard for fintechs. The San Francisco company, which delivers bank account data to 4,500 fintech clients, has recruited other companies to this effort, including the data aggregators Flinks and MX; the employment verification provider Truework; and the security compliance companies Drata, Laika, Secureframe and Vanta. The new Open Finance Data Security Standard was posted online Tuesday and is open for outside comment ahead of implementation next year. It is meant to hold fintechs that handle consumer data to a higher standard of data protection, the way the PCI Security Standards Council’s Data Security Standard guides those in the payment card industry to protect card data.”

US Banks Ordered to Report Major Cyber Incidents Within 36 Hours

iTnews

“US banking regulators on Thursday finalised a rule that directs banks to report any major cyber security incidents to the government within 36 hours of discovery. Separately, the banking industry said it had successfully completed a massive cross-industry cyber security drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.”

November 1, 2021

On the web

Identity Thieves Exploit El Salvador’s Chivo Bitcoin Wallet’s Setup Process

coindesk

“Between Oct. 9 and Oct. 14, Cristosal, a human rights organization in El Salvador, received 755 notifications of Salvadorans reporting identity theft with their Chivo Wallets, Rina Montti, the group’s director of human rights research, told CoinDesk. In the majority of those cases, the affected Salvadorans tried to activate their wallets after they learned of the large number of people reporting that their identities had been stolen. The hackers had an incentive: Each wallet came loaded with $30 worth of bitcoin, provided by the administration of Salvadoran President Nayib Bukele to encourage citizens to use the cryptocurrency.”

October 27, 2021

On the web

FIS’s Worldpay Replaces PAX Terminals Over Security Concerns

Bloomberg

“FIS’s online-payments processing unit has begun replacing terminals made by PAX Global Technology Ltd. due to concerns about their security, according to messages reviewed by Bloomberg News and people familiar with the matter. The business, called Worldpay from FIS, told partner companies on Oct. 8 that it had decided to remove PAX devices in favor of point-of-sale equipment manufactured by two competitors, U.S.-based Verifone and France’s Ingenico, according to a message reviewed by Bloomberg News.”

FBI Raids Chinese Point-of-Sale Giant PAX Technology

krebsonsecurity

“U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have been involved in cyberattacks on U.S. and E.U. organizations.”

October 19, 2021

On the web

Hacker Steals Government ID Database for Argentina’s Entire Population

The Record by Recorded Future

“A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER , which stands for Registro Nacional de las Personas, translated as National Registry of Persons. The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.”

October 8, 2021

On the wires

Interac Corp. Acquires Exclusive Rights to SecureKey Digital ID Services for Canada

Interac Corp. , a leading payments network and digital ID provider, today announced it has entered into a strategic transaction to acquire the exclusive rights to SecureKey Technologies Inc . (“SecureKey”) digital ID services for Canada. SecureKey is a leading digital ID and authentication provider that works with governments, financial institutions, and businesses to simplify consumer access to online services and applications. This strategic acquisition of the SecureKey Canadian business contracts and exclusive licence in Canada of its intellectual property is the latest investment by Interac to bring together world-class digital identification and authentication capabilities in the market.”

October 4, 2021

On the wires

Basis Theory Becomes Nacha Preferred Partner for Data Tokenization and Encryption | Nacha

“Basis Theory today became a Nacha Preferred Partner for Data Tokenization and Encryption. As a Nacha Preferred Partner, Basis Theory joins a select group of innovators recognized for offering products and services that align with Nacha’s strategies to advance the ACH Network. Basis Theory helps ACH originators provide data protection and risk management that help improve ACH transaction quality.”

September 28, 2021

On the wires

Spreedly Issues More Than 150,000 Network Tokens Daily

“Spreedly, the provider of the leading Payments Orchestration platform, today announced it issued over 150,000 new network tokens daily — over five million in the month of August alone. Network tokens add another powerful tool to prevent card-not-present fraudulent transactions and significantly increase authorization rates. The newly issued tokens are part of a larger program a nnounced earlier this year with Visa to accelerate the adoption of network tokens.”

September 15, 2021

On the web

French Government to Let Citizens Scan NFC EID Cards to Access Secure Online Services

NFCW

“French citizens will soon be able to verify their identity when accessing a range of secure online services — including opening a bank account, filing a tax return and paying for their health insurance — by scanning their updated Carte Nationale d’Identité Électronique (CNIE) eID card with their NFC-enabled smartphone. The French government is introducing the functionality in order to enable holders of the new CNIE card to tap it on their mobile device in response to an authentication request made by any of 900 service providers connected to the FranceConnect platform.”

Amazon One’s Palm-scanning Tech Makes First Move Into Entertainment Venues

The Verge

“Amazon’s palm-scanning technology, Amazon One, has always been about more than just fast payments. Really, it’s about Amazon controlling and verifying identities, with the company hoping to deploy its service in public spaces like offices and stadiums. Today, Amazon announced the tech’s first launch in an entertainment venue as part of a partnership with ticketing firm AXS. Amazon One will be available to validate entry into Colorado’s famous Red Rocks Amphitheatre, an open-air venue built into a rocky outcrop. It’s the first time the technology has been deployed outside Amazon and Whole Food stores, and Amazon says it expects the tech will be added “to more AXS ticketed venues in the future.””

September 14, 2021

On the wires

Networked Bot Attacks Increase As Human-Initiated Attack Levels Fall

“LexisNexis® Risk Solutions today released the findings of its latest Cybercrime Report, which covers the first half of 2021. This edition of the biannual report reveals that bot attack volumes grew 41% year over year with human-initiated attacks falling 29%. The report confirms earlier trend patterns showing the financial services industry and media businesses bear the brunt of increased automated bot network attacks.”

September 9, 2021

On the wires

French Government Selects IDEMIA for the National Digital ID Program

“The updated French national eID card (CNIe) was launched in August 2021, and will enable French citizens to complete online transactions using their smartphone. Citizens will receive an authentication request on their smartphone. They will then place their CNIe on the back of their phone, which will communicate using Near-Field Communication technology. The mobile app will securely read and authenticate the personal data held in the card’s chip. Citizens will need to provide their consent before authentication.”

September 2, 2021

On the web

Apple Reveals First US States Working to Adopt Digital Apple Wallet IDs

9to5Mac

“After first announcing that iOS 15 would bring support for digital IDs via Apple Wallet back at WWDC in June, the first US states that will lead the adoption of the new standard have been named. There are 8 states announced for now that are committed to using Apple Wallet IDs and interestingly, they’re probably not the ones you’d guess. The first of the 8 to launch will be Arizona and Georgia and Apple also says it is already talking with “many more states” about adopting IDs in Apple Wallet.”

August 16, 2021

On the web

Amazon’s Palm Print Recognition Raises Concern Among U.S. Senators

Reuters

“Three U.S. senators, including Democrat Amy Klobuchar who chairs the Senate Judiciary Committee’s antitrust panel, wrote a letter to Amazon.com Inc (AMZN.O) to express concern about its palm print recognition system, Klobuchar’s office said Friday. Amazon began rolling out biometric technology at its Whole Foods stores around Seattle in April, letting shoppers pay for items with a scan of their palm. The system, called Amazon One, lets customers link a credit card to their palm print.”

Payments News

Give us your email address or link to our RSS feed and we’ll push the daily Payments News headlines to you.

Glenbrook Payments Boot camp®

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Train your Team

Customized, private Payments Boot Camps tailored to meet your team’s unique needs.

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

Glenbrook Press

Comprehensive books that detail the systems and innovations shaping the payments industry.