Log inRegister

Mobile News

Nov. 20, 2018 | by David Jones

Cyber crime seen as major risk to mobile shopping during holiday season

With Black Friday and Cyber Monday set to kick off within days, retailers and payment experts are increasingly concerned about the heightened threats to e-commerce sites and the potential impact that is having on mobile shopping.

A study from the National Retail Federation and Forrester found that payment card fraud remains the top concern of retailers, as cyber attackers have moved away from in-store fraud to online following the implementation of EMV chips on credit and debit cards. About 55 percent of retailers said they were concerned about the rise of payment card fraud and the implementation of EMV chips has moved a large number of attacks to e-commerce sites.

"The chip in an EMV card makes it difficult to counterfeit the card, but it does nothing to show whether the person trying to use the card is a legitimate cardholder," Stephanie Martz, senior vice president and general counsel at NRF said in the study announcement.

In addition, a new report from Juniper Research found that annual online fraud payment losses involving e-commerce, airline ticketing, money transfer and banking could more than double to $48 billion in 2023, up from the estimated $22 billion in losses projected for this year.

Threat actors

In August, three Ukrainian nationals, alleged to be members of a notorious cybergang known as Fin7, were arrested on federal charges that they stole millions of credit and debit cards in a massive malware campaign, dating back to 2015, which targeted more than 100 U.S. companies. In the U.S. alone, prosecutors said the group stole more than 15 million credit card records from 6,500 point-of-sale terminals, mainly in the restaurant, gaming and hospitality industries.

According to the indictments, the hackers sent emails with attachments to business employees and in some cases followed up with phone calls to make the emails seem legitimate. Once they were opened, the attackers used a version the Carbanak malware to infect the user's device and steal their payment data and resold that information on the Dark Web.

Another major actor uncovered this year was Magecart, which operated by skimming credit card information from vulnerable e-commerce sites, according to a joint research report from Risk IQ and Flashpoint. Magecart, which analysts said was comprised of a series of cyber attack teams, has targeted such high-profile names as Ticketmaster, British Airways and Newegg, according to the report.

And Check Point Software Technologies last month released its monthly Global Threat Index report revealing a nearly four-fold increase in cryptomining malware attacks against Apple's iPhone. The attacks used the Coinhive mining malware, which involved the use of javascript to search for online Monero cryptocurrency and essentially hijacked the resources of the device.

Researchers also found a sharp increase in attacks against devices using the Safari browser, the main web browser used in Apple devices.

Maya Horowitz, threat intelligence group manager at Check Point, said in that announcement that "attacks such as these are a reminder that mobile devices are an often overlooked element of an organization's attack surface, so its critical that these devices are protected with a comprehensive threat solution, to stop them from being a weak point in corporate security defenses."

Mobile protection

Considering that mobile devices now account for more than half of the global URL requests and that more than half of all personal and business email is first opened on a mobile device, mobile transactions can be vulnerable to all types of threats, said Brian Duckering, mobile security specialist at Symantec Corp., the firm behind the widely used Norton antivirus and malware protection products. Earlier this month, it acquired a startup called Appthority, as a move to help bolster the firm's ability to monitor threats against mobile apps that work in the Android and iOS environment.

Those risks include "network attacks where a hacker could observer unencrypted traffic and credentials, apps that could be a malicious copy of a legitimate app — or maybe use poorly implemented security measures," he told MPT via email. 

The New York State Attorney General's office warned in an announcement today that shoppers should avoid any financial transactions through an open, unsecured Wi-Fi connection, as hackers often stake out those type of locations. Consumers should make sure to only shop using a site with the https:// instead of http://, because the former is a secure SSL internet protocol.

They also warned that hackers use variants of known sites to lure consumers into entering their payment information and often target users through social media or email to use these fake sites.

Ron Teicher, chief executive of EverComplaint, said holiday shopping season is also ripe for a phenomenon called transaction laundering, where a merchant account is used to process the transactions of another merchant.

"In addition to being a violation of network rules, transaction laundering is often intended to hide the activity of the undeclared merchant specifically because that merchant would not otherwise be able to get a merchant account and process payments," Teicher said via email.

The reasons why this technique is used could involve anything from the sale of illegal goods to hide transactions involving sanctioned individuals or outright fraud, he said.

EverCompliant has identified more than 1 million sites that were apparently involved in illegal activity, he said, however, the primary victims in these instances were the financial institutions and the payment processors, who were not aware of the nature of the transactions.

Photo: iStock

 

Topics: Mobile Apps, Retail, Security

Companies: Symantec

image
David Jones

David Jones is a veteran business and technology journalist, with three decades of experience writing about business travel, real estate and technology.

Since 2015 he covered a range of technology stories for the ECT News Network, which includes the E-Commerce Times, TechNewsWorld, LinuxInsider and CRM Buyer, writing about cybersecurity, artificial intelligence, machine learning, open source computing and privacy issues among others,. He recently covered FinTech issues for PYMNTS.com.

He worked as a staff writer for Bloomberg Business News and an online reporter for Crain’s New York Business. He has written for numerous media organizations, including Reuters, The New York Times, The Real Deal, Continental, City Limits and The Nation.

He was previously awarded the George Washington Williams Fellowship for Journalists of Color by the Independent Press Association.

Sponsored Links:

Related Content

Latest Content

Nov. 20, 2018

7-Eleven Inc. is partnering with cross-border payment firm Citcon to start accepting Chinese mobile payment platforms WeChat Pay and Alipay at 35 Canadian locations in Vancouver and Toronto, according to a company press release.

Citcon specializes in helping U.S. merchants integrate WeChat Pay and Alipay into their platforms.

The agreement makes 7-Eleven, the world’s largest convenience store chain with 67,000 locations, the first to accept mobile payments from WeChat Pay and Alipay in Canada, according to the release. Future plans include expanding to other parts of the country over the next few months.

Alipay, which is operated by Ant Financial Services Group, operates in 40 countries around the world, works with more than 250 financial institutions and supports 27 currencies, according to the release.

Earlier this month, 7-Eleven announced plans for a pilot program to test Scan & Pay technology at 14 Dallas-area stores in the U.S. The technology allows customers to skip the cashier line and check out remotely as long as they are inside or just outside the store.

Topics: Mobile Apps, Mobile/Digital Wallet, Retail

Companies: 7-Eleven, WeChat Pay, Alipay

Sponsored Links:

Related Content

Latest Content

Nov. 20, 2018

Wonolo Inc., a San Francisco-based temporary staffing platform that pays workers through an app, said it raised $32 million in Series C financing led by Bain Capital Ventures, bringing the total funds raised by the firm to $60 million. The round also included investments from first-time investor Dag Ventures as well as existing funders, including Sequoia Capital, Base10, AMN Healthcare and Cendana.

The firm uses a mobile app to help companies fill on demand hourly jobs with unemployed or underemployed workers looking to find a position. The Wonolo platform connects the company and the worker through the platform and the entire onboarding process can be completed in minutes, according to a company spokesperson.

The company posts the scope of the job and the exact hours and how much the worker will earn, according to the spokesperson. Wonolo charges a fee to the employer, so for example if a job is paying $100 for a certain amount of work, an employer would see a charge for example of $145, with the excess amount going to Wonolo. Workers are paid quickly through the app in days, rather than waiting for the following pay period, the spokesperson said.

In April, the company raised $13 million in a Series B round led by Sequoia Capital.

 

.

Topics: Financial News, In-App Payments

Companies: Wonolo Inc.

Sponsored Links:

Related Content

Latest Content

Nov. 19, 2018

Hong Kong-based Crypto.com and New York-based Metropolitan Commercial Bank announced a plan to launch their new MCO Visa Card program in the U.S., which uses virtual currency firm’s wallet app and includes tap and go functionality, according to a Medium.com blogpost.

The U.S. rollout, through Crypto.com’s U.S. affiliate, Jacksonville, Florida, based Foris Inc., follows the October launch of the card in Singapore.

The prepaid card is a metal card that has no annual or monthly fees, no-fee ATM withdrawals, no foreign exchange fee and for select cards includes access to airport lounges, according to the announcement.

The Crypto.com wallet and card app can be used to make reservations for the MCO card, which has a three-minute onboarding process, according to the announcement. The app allows customers to manage transactions, freeze or unfreeze their account and manage card usage.

The wallet app also allows customers to buy, sell, send and store cryptocurrency and allows users to spend fiat currency without exchange fees.

 

Topics: Bitcoin, Mobile Banking, Region: APAC

Companies: Metropolitan Commercial Bank, Crypto.com

Sponsored Links:

Related Content

Latest Content

Nov. 16, 2018 | by David Jones

Retailers, payment platforms unveil mobile technologies to raise omnichannel game

Target is using mobile technology to let customers skip the cashier line

For many retailers, the holiday shopping season can literally mean the difference between growth and expansion or their ultimate demise. The combination of fierce competition on pricing, the need for fast and accurate delivery and maintaining enough inventory to meet consumer demand can expose the most experienced retailer.

The increasing demand for omnichannel shopping options means that retailers need to convert millennial and Generation Z consumers from passive shoppers into paying customers on a mobile platform with a service that can securely handle a large volume of traffic, engage the customer and hopefully draw those same customers into the store to potentially make more purchases.

Smartphones impacted more than one-third of the $1 trillion in holiday sales in 2017, according to a September blog post by Fiona Swerdlow, vice president and research director at Forrester Research. She said in the three months before her post, 73 percent of U.S. smartphone owners had researched physical products on their phones while they were in the store, and 46 percent of EU-5 smartphone owners did the same.  

She argued that retailers need to streamline checkout and payments to drive mobile conversion by ensuring that they have the correct "input masks," [to ensure accurate formatting of user data] parsing form fields and limiting digital wallets to those that customers use.

Point-of-sale integration

Point-of-sale integration continues to be a problem when it comes to integrating the capabilities of merchants with mobile payment systems, according to Maya Mikhailov, co-founder and chief marketing officer at GPShopper. In some cases, this means that POS systems need to be upgraded to accept NFC-based mobile payments such as Android or Apple Pay, she said.

"Even when the POS hardware is updated, some retailers haven't enabled mobile payments from the software end," she told MPT. "But this can also mean opening standards on the devices themselves to allow third parties access to the NFC systems needed to encourage more players,"

She said the retailers most directly impacted by these problems are those in the middle tier, as large retailers have the resources available to make large-scale changes to their computer systems, while companies like Square can assist even one-shop retailers with their requirements.

"The laggards right now are in the middle — too big for Square, but too small to make the capital investment needed for a POS upgrade," she said.

Combining mobile payments with the in-store experience

Target, which operates more than 1,800 physical stores and also has a major online and mobile business, has utilized mobile to help put pressure on Amazon and Walmart. Its aggressively promoting same-day delivery through its Shipt acquisition, for example, and earlier this month launched its "skip the line" technology, allowing customers to use mobile checkout with the help of a Target associate from any part of the store to avoid the in-store cashier lines.

Another way retailers are incorporating the mobile and a brick-and-mortar shopping experience is by allowing customers to purchase big-ticket items via installments from their phones. An October study released by Square found that 45 percent of consumers planned to make a purchase of $250 or more during the holiday season, however, 61 percent said they would feel more comfortable making that purchase if they had the ability to pay for it over time.

In response to this concern, Square has launched a program called Square Installments, which allows merchants working with the platform to provide immediate decisions to mobile shoppers buying items between $250 and $10,000, according to spokesman Enrique Petino-Daly. He said a key differentiator for this program is the seller is not involved in the decision making on whether to provide the extended installment plans.

"Generally, we've heard tremendous feedback on the impact Square installments can have on a seller's growth," he told MPT.

Fly1 Motorsports, an automotive restyling business in Southern California, saw a 20 to 30 percent increase if mobile sales after offering Square Installments. Average order values shot up 55 percent at the firm.

"The bottom line is in 2019, retailers both in online and physical must know their consumer's preferences like the back of their hands," said Joe Leija, head of Ingenico ePayments, North America. "The appropriate payment data will allow merchants to better prepare for future trends of consumers whether that's biometrics, bitcoin or another emerging technology."


 

Topics: Mobile Apps, Mobile/Digital Wallet, Retail

Companies: Square, Target

image
David Jones

David Jones is a veteran business and technology journalist, with three decades of experience writing about business travel, real estate and technology.

Since 2015 he covered a range of technology stories for the ECT News Network, which includes the E-Commerce Times, TechNewsWorld, LinuxInsider and CRM Buyer, writing about cybersecurity, artificial intelligence, machine learning, open source computing and privacy issues among others,. He recently covered FinTech issues for PYMNTS.com.

He worked as a staff writer for Bloomberg Business News and an online reporter for Crain’s New York Business. He has written for numerous media organizations, including Reuters, The New York Times, The Real Deal, Continental, City Limits and The Nation.

He was previously awarded the George Washington Williams Fellowship for Journalists of Color by the Independent Press Association.

Sponsored Links:

Related Content

Latest Content

Nov. 19, 2018

The Securities and Exchange Commission said it settled charges with Carrier EQ Inc.(Airfox) and Paragon Coin Inc., alleging that they sold tokens in initial coin offerings without proper registration, according to a release from the agency.

Boston-based Airfox raised about $15 million in digital assets for a token-denominated ecosystem that would let users in emerging markets earn currency in exchange for them viewing advertising, according to the SEC. By October 2017, Airfox had sold 1.06 billion tokens to about 2,500 investors, according to the SEC order. 

Paragon raised $12 million from about 8,323 investors for its plan to develop a plan to use blockchain technology in the cannabis industry, according the SEC.

The agency said that neither firm registered their ICO under federal securities law, nor did they qualify for an exemption. Both firms agreed to return funds to harmed investors, register their tokens as securities, pay a penalty and file periodic reports with the SEC, according to the release.

Each company was fined $250,000, according to the SEC, however an SEC spokesman said the exact restitution amount was not specified in the announcement.

“We have made it clear that companies that issue securities through ICO’s are required to comply with existing statutes and rules governing the registration of securities,” said Stephanie Avakian, co-director of the SEC's enforcement division, in the release.

She said these cases are an indication that the agency will be on the lookout for future violators.

The action is the first time the SEC imposed such penalties in an ICO case, the agency said in the announcement. 

In December 2017, the SEC imposed a cease-and-desist order on Munchee Inc., but did not impose a fine. That firm, which sought $15 million in an ICO, consented to the order without admitting or denying guilt, and repaid investors, according to SEC documents.

Jessica VerSteeg, chief executive of Paragon, said the company has been working more than a year on the agreement and said it will “effectively put an end to the uncertainties of the legal status of our PRG tokens,” in a company release.

She said the company has entered agreements with many cannabis companies, including Dreamfields, Fundanna, Flux, Oakland Distribution, Pearl Pharma and Mammoth Labs, in a release. She added that the company has launched Phase I of its mobile app, which will allow for a Paragon Space member portal and the PRG wallet.

Airfox CEO Victor Santos said in a release that the company was pleased with the settlements with the SEC and the Massachusetts Securities Division. With the agreements, he said the company is “removing uncertainty and positioning Airfox to grow our blockchain platform within a regulatory framework.”

 

Topics: Bitcoin, Mobile Apps, Regulatory Issues

Companies: Airfox, Paragon Coin

Sponsored Links:

Related Content

Latest Content

Nov. 19, 2018

UnionPay International, a subsidiary of China UnionPay,  is launching a mobile payment next year in Sri Lanka, according to a company press release.  UnionPay plans to launch its QR code payment system as part of an agreement with Cargills Group, the largest retail and FMCG group in Sri Lanka. It will be added to the Cargills' e-wallet with plans for a rollout during the first half of next year.

UnionPay is accepted at major tourist cities, including Columbo, Kandy, Galle and Matale, and about 2,000 merchants, including restaurants, department stores and supermarkets support it.

UnionPay's QuickPass service, which allows users to pay with a contactless swipe, is accepted at more than 2 million POS terminals across 30 countries and regions outside of mainland China. The UnionPay QR code payment is accepted at more than 60,000 merchants across 23 nations and regions outside of China.

Topics: Mobile/Digital Wallet, Region: APAC

Companies: UnionPay International, China UnionPay

Sponsored Links:

Related Content

Latest Content

Already registered? Login Now

*

CountryUnited StatesAfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBruneiBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCanadaCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo (the Democratic Republic of the)Cook IslandsCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzechiaDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland Islands [Malvinas]Faroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHoly SeeHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesia (Federated States of)MoldovaMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth KoreaNorthern Mariana IslandsNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRéunionRomaniaRussiaRwandaSaint BarthélemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth KoreaSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited States Minor Outlying IslandsUnited States of AmericaUruguayUzbekistanVanuatuVenezuelaVietnamVirgin Islands (British)Virgin Islands (U.S.)Wallis and FutunaWestern SaharaYemenZambiaZimbabwe

By clicking the button above, you agree to our Terms of Service and Privacy Policy and to allow your personal information to be shared with the sponsor of this content. Your information will NOT be shared with anyone else.

  1. Point-of-Sale(PoS) Trends in Middle East and Africa
  2. Dutch fintech Bitsafe offers cross-border banking on mobile, online platform
  3. Alipay, National University of Singapore, to support social good digital startups
  4. PayPal completes $400M Hyperwallet acquisition, buys stake in Arkose Labs

Page 93 of 905