A leading payments industry news source for more than 17 years. Glenbrook curates the news and keeps you abreast of the important daily headlines in payments.

Search Payments News

April 27, 2021

On the web

Experian’s Credit Freeze Security Is Still a Joke


“In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumer’s request to freeze their credit file at Experian , one of the big three consumer credit bureaus in the United States.  Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space.”

April 26, 2021

On the wires

U.S. Payments Forum Publishes Resource Providing Solution Options, Stakeholder Considerations for Card-on-File Tokenization

“Tokenization has been a key investment in the payments industry for increased security at various points of the transaction lifecycle. The U.S. Payments Forum today released a resource that provides an overview of different card-on-file tokenization solution options and stakeholder considerations for each, including debit routing. The solution configurations discuss the steps followed for provisioning and transaction processing, the technical implementation, and debit routing support.”

April 23, 2021

On the wires

Sift Raises $50 Million at a Valuation Over $1 Billion and Expands Its Executive Leadership Team to Help Companies Fight the Growing Fraud Economy

Sift, the leader in Digital Trust & Safety, today announced a $50 million funding round that values the company at more than $1 billion. The financing was led by global venture capital and private equity firm Insight Partners, with participation from Union Square Ventures and Stripes. The new funding will be used to continue expanding the company’s product portfolio and to scale its product, engineering, and sales teams globally.

April 21, 2021

On the web

Amazon Is Bringing Palm-scanning Payment System to Whole Foods Stores


Amazon is expanding its palm-scanning payment system to a Whole Foods store in Seattle, the company announced Wednesday, the first of many planned rollouts at other locations. Amazon One , which debuted in September and is currently in use at about a dozen Amazon physical stores, allows shoppers to pay for items by placing their palm over a scanning device. The first time shoppers use the kiosk, they have to insert a credit card to link it with their palm print. But after that, shoppers can pay simply by holding their hand over the kiosk.”

On the wires

Boku Partners With French Carriers to Launch Mobile Identity Services in France

Boku Inc., (AIM: BOKU ), the world’s leading provider of mobile payment and identity solutions, and French mobile services providers SFR, Orange and Bouygues Telecom, today announced that they have signed a partnership to launch mobile identity products aimed at protecting consumers against cyber-hacks, account takeover attacks, SIM swap attacks, and other forms of digital fraud.”

April 19, 2021

On the wires

Semafone and Avaya Bring Leading Payment Security Capabilities to Contact Center Customers – Semafone

Semafone ®, the leading provider of data security and compliance solutions for call and contact centers, today announced a global reseller partnership with Avaya (NYSE:AVYA), the leader in cloud-based solutions designed to enhance and simplify communications and collaboration. This agreement brings Semafone into the Avaya ecosystem of alliances, with the goal of helping contact center customers solve the complex security and compliance challenges faced as they embrace a work from anywhere model.”

Mastercard to Acquire Ekata to Advance Digital Identity Efforts

“Trust is the key ingredient to conducting digital commerce. Central to creating trust in a digital world is the ability to prove your digital identity – who you are, whether you are interacting in person, online or in app. Today, Mastercard (NYSE: MA) took steps to advance its identity verification efforts with the acquisition of Ekata for US$850 million. Digital identity is a foundational part of Mastercard’s multi-layered approach to security. In 2019, the company introduced a new framework on how digital interactions should evolve, as well as how digital identity will build trust, collaboration and economic growth. That framework is now in use across a number of sectors, from education to travel to healthcare.”

April 16, 2021

On the wires

April 7, 2021

On the web

DefenseStorm Expands Security for Financial Institutions With CyberFraud

Help Net Security

DefenseStorm announced the addition of CyberFraud to its product offerings, providing an integrated solution for Information Security and BSA/AML Fraud departments in a single platform to prevent losses and protect account holders. With CyberFraud, alerts are delivered in real-time to block activity, perform step-up authentication and/or route for human investigation…This allows a financial institution (FI) to proactively detect and immediately respond to account takeover attempts, fraudulent loan applications, ACH/PTP/Wire fraud and money laundering activity.”

Experian: Consumers Prefer ‘invisible Security’ to Passwords


“Could the era of passwords be drawing to a close? Decades of fumbling around to remember the right password or constantly resetting or having to jump through multiple authentication hoops have made them dirty words for many consumers. All those headaches, and there’s still a good chance your personal information will wind up somewhere for sale on the internet. Perhaps it’s not surprising then, according to a new survey released by Experian, that consumers are embracing new methods of security that are physical and behavior-based. Indeed, according to the company’s 2021 Global Identity and Fraud Report , consumers did not rank passwords among the top 3 most secure ways to protect identity.”

Rabobank and ABN Amro Target Privacy-friendly Data Analysis

Finextra Research

“ABN Amro and Rabobank are working with research outfit TNO to test technology that lets banks share data used for detecting financial crime while still respecting clients’ privacy. The partners are experimenting with ways of monitoring transactions between clients at different banks without sharing the risk scores that they assign their customers.”

April 1, 2021

On the web

MobiKwik Investigating Data Breach After 100M User Records Found Online


“MobiKwik said on Tuesday it was investigating claims of data breach after a website claimed to have exposed private information of nearly 100 million users of the Indian mobile payments startup . Over the weekend, a site on the dark web claimed it had 8.2 terabytes of MobiKwik user data. The data included phone numbers, email addresses, scrambled passwords, transactions logs and partial payment card numbers. The website also claimed that it had “know your customer” (KYC) documents (government-issued Aadhaar card or PAN ID) of 3.5 million users, and each visit to the website displayed four random images from the data dump.”

March 23, 2021

On the web

Jumio Raises $150M As Its All-in-one ID Authentication Platform Crosses 300M Verified Identities


“Digital identity services — used as a key link between organizations to verify that you are who you say you are online and individuals logging into those services — have come into their own in this past year. Now, one of the companies providing digital identity products is announcing a large round of funding, underscoring both the market size and its ambitions to be a central player in that space. Jumio , which has built a platform that provides a variety of digital identity tools and technology — using biometrics, machine learning, computer vision, big data, and more to run checks on ID documents, log-ins, to help prevent suspicious financial activity, identity theft and more — has closed a $150 million round of funding.”

March 19, 2021

On the web

Fintech Giant Fiserv Used Unclaimed Domain


“If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of one such goof committed by Fiserv [ NASDAQ:FISV ], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions.”

Andreessen-Backed Startup Pindrop Agrees to Buy Next Caller


“Voice security startup Pindrop Security Inc. has agreed to buy Next Caller Inc. , making its first acquisition to build out personalization and verification services as the coronavirus pandemic spurs a surge in call volumes. Pindrop Chief Executive Officer Vijay Balasubramaniyan said the deal was for a mix of cash and equity with additional payments for hitting certain financial milestones, but he declined to specify the deal terms. The purchase will boost revenues by 10% and speed up the timeline for a possible initial public offering to about 18 months, he said in an interview.”

March 18, 2021

On the web

More Than $4 Billion in Cybercrime Losses Reported to FBI in 2020 – CyberScoop


“American victims reported $4.2 billion in losses as a result of cybercrime and internet fraud to the FBI in 2020, a roughly 20% uptick in the money known to be lost to scammers in 2019, the bureau said in a new report.  The FBI’s Internet Crime Complaint Center, the organization through which U.S. citizens and businesses report financial losses from hackers, said in its annual report released Wednesday that it received an average of more than 2,000 complaints per day through 2020.”

March 16, 2021

On the web

A Hacker Got All My Texts for $16


“The method of attack, which has not been previously reported or demonstrated in detail, has implications for cybercrime, where criminals often take over target’s phone numbers in order to harass them, drain their bank account, or otherwise tear through their digital lives. The attack also brings up issues around private, corporate, and national security, where once a hacker gains a foothold on a victim’s phone number, they may be able to intercept sensitive information or personal secrets.”

On the wires

PayMyTuition Changes the Game by Incorporating Open Banking Into Their International Student Payment Plans Solution for Educational Institutions

“PayMyTuition, a leading provider of technology-driven payment processing solutions, announced today that it has incorporated open banking into its innovative solution for international payment plans for universities and colleges. This launch will enable educational institutions to validate student banking information and account balance status in real time, creating a highly efficient payments process saving both the student and institution time and money.”

March 11, 2021

On the web

Forget Apps, Russia’s X5 And Visa Have Launched Pay With Your Face


“X5 Retail Group, Russia’s largest food retailer, has partnered with Visa and Sber to launch what it describes as ‘pay with a glance’ biometrics at self-service checkout terminals in X5’s Perekrestok supermarkets and Pyaterochka convenience stores. And the facial recognition payment system may be expanded to some 3,000 X5-owned stores by the end of 2021.”

On the wires

Nok Nok Labs and Netcetera to Provide Delegated Authentication Solutions for Compliance With PSD2-Strong Customer Authentication and EMV® 3-D Secure

Nok Nok Labs (Nok Nok), the trusted leader in passwordless authentication and Netcetera, the trusted partner for digital payment solutions, today announced a partnership that will deliver delegated authentication solutions to merchants and payment providers seeking to address PSD2-SCA and 3DS 2.x protocols compliance. By utilizing the Nok Nok™ S3 Authentication Suite’s FIDO-based passwordless authentication, merchants, PSPs and acquirers can more securely and easily authenticate users, as well as increase their visibility into authentication processes and compliance in order to assess risk.”

March 8, 2021

On the wires

March 1, 2021

On the wires

February 25, 2021

On the web

McDonald’s, Sift Partner on International Mobile Ordering


“McDonald’s has partnered with digital trust and safety provider, Sift , to safeguard and streamline the customer experience on the QSR’s mobile app in select countries across Europe, Asia, Africa and Oceania, a news release said. Through the partnership, McDonald’s will have access to Sift’s machine-learning technology and global data network for customers using its mobile order-ahead and contactless payment options, which have both increased in popularity since the pandemic.”

February 24, 2021

On the web

SMEs Can Now Use Facial Recognition to Apply for DBS Online Banking Accounts

The Straits Times

“Small and medium-sized enterprise (SME) owners now simply need to face a camera to authenticate and verify their information while setting up a corporate account online with DBS Bank. DBS said the new facial biometrics feature runs on the Government Technology Agency of Singapore’s (GovTech) SingPass Face Verification technology. Previously, business owners who qualify for straight-through processing need to manually key in their DBS digibank credentials to confirm their application, the bank said on Tuesday (Feb 23).”

February 23, 2021

On the wires

LexisNexis Risk Solutions Cybercrime Report Finds Young Adults and Adults Over 75 Most Vulnerable to Fraud Attacks

“LexisNexis® Risk Solutions released its biannual Cybercrime Report covering July 2020 through December 2020, which details how the evolving threat landscape created new opportunities for cybercriminals around the world, particularly as they targeted new online users. Analysis shows that the under 25 age group is most vulnerable to fraud attacks while the oldest age group is second most vulnerable and loses the most money.”

Trusted Computing Group | TCG Welcomes New Member Goldman Sachs As It Focuses on FinTech Security for the First Time

Trusted Computing Group (TCG) has today announced its commitment to strengthening the financial services industry against attack, as worldwide banking institution, Goldman Sachs , joins TCG in the fight for cybersecurity. In a first for TCG, the organization will now expand its focus to include the fast-moving innovation of FinTech. With mobile transactions projected to grow by 121 percent over the next year, this is fast becoming a new area of concern for security experts, where essential transactions must be kept safe and secure.”

February 17, 2021

On the web

Bluetooth Overlay Skimmer That Blocks Chip


“As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminal’s ability to read chip-based cards, forcing customers to swipe the stripe instead.”

Antelop Launches One-stop Token Service Provider Hub for Digital Card Issuers • NFCW


Antelop Solutions has introduced a unified issuer token service provider hub that enables banks to simply and securely manage every stage of the digital card issuing and management process, from card enrolment to token lifecycle management. Designed to simplify and accelerate the launch of Apple Pay, Google Pay and digital card offerings, the new Issuer TSP (iTSP) hub takes “a holistic approach to a digital card experience”, allowing banks to “reduce time to market and costs through a simplified and flexible integration”.”

Malicious Script Steals Credit Card Info Stolen by Other Hackers


“A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. Credit card skimmers (aka payment card skimmers or Magecart scripts) are JavaScript scripts that cybercrime groups known as Magecart groups inject into hacked e-commerce sites as part of web skimming (also known as e-skimming) attacks.”

February 8, 2021

On the web

Payments News

Give us your email address or link to our RSS feed and we’ll push the daily Payments News headlines to you.

Glenbrook Payments Boot camp®

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Train your Team

Customized, private Payments Boot Camps tailored to meet your team’s unique needs.

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

Glenbrook Press

Comprehensive books that detail the systems and innovations shaping the payments industry.