A library of snippets
xxx
The letter from senators points out that operators of P2P services talk about convenience without having a plan that protects customers and “instead sought to avoid providing reimbursement when their customers are defrauded or scammed.”
From Senators to CFPB: Protect Consumers From P2P Scams | PYMNTS.com:
But why is the payment schemes’ fault when a consumer instructs them to send money to a fraudster?
xxx
A connected place provides a range of critical functions and services to its citizens. The systems that these functions and services rely on will be moving, processing, and storing sensitive data, as well as controlling critical operational technology. Unfortunately, this makes these systems an attractive target for a range of threat actors. A connected place will be an evolving ecosystem, comprising a range of systems that exchange data, which will only add further risks.
If connected systems are compromised, the consequences could impact the local citizens. Impacts could range from breaches of privacy to the disruption or failure of critical functions. This could mean destructive impacts, which in some cases could endanger the local citizens. There could also be impacts to the local authorities that are attacked. These could include a loss of reputation that could affect citizen participation, or the financial impacts of dealing with the aftereffects of an attack.
From Connected Places Cyber Security Principles – NCSC.GOV.UK:
xxx
xxx
PSA Certified is a global partnership of security-conscious companies that are proactively building security best practices into devices at scale. Our security framework and independent third-party evaluation scheme was originally spearheaded by Arm, CAICT, ProvenRun, Riscure, SGS Brightsight, TrustCB, and UL. Today, the original founders alongside new members, Applus+ Laboratories and ECSEC Laboratory, are providing the resources needed to build a security by design scheme that starts with the Root of Trust and is aligned to cybersecurity requirements of USA, Europe and China.
PSA Certified has scaled to become one of the fastest growing, most valued security ecosystems, globally. Being awarded ‘Ecosystem of the Year’ in the IoT Global Awards 2021 is a testament to the role it has played and will continue to play, in uniting industry, standards bodies, regulators and insurers together under one initiative. In doing so it’s accelerating the cross-industry collaboration required to untap the full potential of the IoT. With nearly 100 certifications from over 50 partners, PSA Certified has democratized the adoption of security across the electronics industry, giving the ecosystem the confidence to innovate, while protecting consumers, businesses and service providers from the most common hacks.
xxx
xxx
Trusted components also help to democratise security, providing secure, certified silicon and system software built using standardised best practices. With these, OEMs and device vendors can use the built-in and verified security capabilities in their end products. In fact, almost half of respondents (48 per cent) to our survey that work in the smart cities market said building with trusted components is the most important consideration when they are developing a secure device. By “trusted” we mean products with a certified Root of Trust – a component built into the silicon that provides the security features the rest of the system or device relies on, such as secure boot, cryptography and secure storage.
From Business Reporter – Sustainability – IoT security for smart cities:
xxx
xxx
Meta Pay supports most major credit and debit cards, as well as PayPal and Shop Pay.
xxx
xxx
SK Telecom said users of its wallet will be able to store, transfer and receive blockchain-issued tokens such as cryptocurrencies, non-fungible tokens (NFTs) and “soulbound tokens” (SBTs), which are permanent, non-transferable NFTs for verifiable identifications and certificates.
SK Telecom owns over 47% of all mobile communications users in South Korea as of 2021, according to Korea Information Society Development Institute (KISDI).From South Korea’s SK Telecom to build its first Web3 wallet:
xxx
xxx
Indonesia, Malaysia, the Philippines, Singapore and Thailand are planning to link their respective systems, meaning that people from each country will be able to seamlessly pay for goods and services throughout the region.
Payments will use local-currency settlements between the countries, bypassing the need for US dollar as intermediary.
From Southeast Asian countries prep QR code payment interoperability:
xxx
xxx
Fast facts
SK Telecom said users of its wallet will be able to store, transfer and receive blockchain-issued tokens such as cryptocurrencies, non-fungible tokens (NFTs) and “soulbound tokens” (SBTs), which are permanent, non-transferable NFTs for verifiable identifications and certificates.
SK Telecom owns over 47% of all mobile communications users in South Korea as of 2021, according to Korea Information Society Development Institute (KISDI).
The telecommunications arm of conglomerate SK Group also operates its own metaverse, Ifland, which has a monthly average user base around 1.1 million people.SK Group’s information technology investment subsidiary, SK Square, has been working on its own cryptocurrency that is intended to be used within SK’s Web3 network.
From South Korea’s SK Telecom to build its first Web3 wallet:
xxx
As soon as M-Pesa went live it was immediately apparent that the market was using it in ways that had not been part of the original business model. In particular, businesses began to use it. They started to deposit cash (as a kind of “night safe”) as well settling transactions and paying wages. What’s more, some big businesses started accepting M-Pesa for payments (including the national airline, the power utility and insurance companies). The Safaricom CEO Michael Joseph realised that something big was going on and drove his team to scale. He focused on developing the agent network. Safaricom already had agents, of course, because they used them to sell airtime, but Michael realised that they needed to increase the size of the network substantially and this meant dealing with agent incentives, float management, trading and so forth. Suffice to say that becoming an M-PESA agent became an attractive proposition.
xxx
It lost almost 1m subscribers between April and July, as the number of people quitting the service accelerated.
xxx
xxx
an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.
From A New Attack Can Unmask Anonymous Users on Any Major Browser | WIRED:
xxx
The technique is known as a “side channel attack” because the researchers found that they could accurately and reliably make this determination by training machine learning algorithms to parse seemingly unrelated data about how the victim’s browser and device process the request.
xxx
The proposed “workable plan” is based in part on a survey which shows that 55 percent of UK residents support the establishment of a digital ID system to prevent asylum seekers whose claims are rejected from working and settling in the Kingdom anyway. Only 28 percent were opposed to this plan, leaving 17 percent who do not have an opinion.
The idea is to cut off demand for passage to the UK among asylum-seekers. Right-to-work checks of digital ID, often involving biometrics, are already coming into force in the UK. As of December 30, 2022, a long-planned set of requirements for employers will come into effect, but with restrictions on what forms of digital documentation are accepted.
The system proposed in the paper would involve a physical identity card with digital functionality for employers and government services to authenticate the bearer. Those with the card could provide a passport or equivalent document for identity verification to generate a public or private key pair for a digital signature. The digital signatures could be applied to necessary documents to prove the person’s right to work or receive the service.
Snippings