A library of snippets
xxx
Wells’ tiptoeing into open APIs by offering them to commercial customers is typical of banks, which see such clients as the test case. Consumer applications hold the greater opportunity, but also carry more risk given cybersecurity and data issues.
From The Drumbeat for Open APIs Is Getting Louder | American Banker
xxx
xxx
Hendrik Kleinsmiede, the director of Visa Europe’s innovation arm Collab, which is backing Sthaler, said the Fingopay technology was less immune to problems such as wet and dusty fingers or fraud. “People are ready to accept biometrics as a secure authentication mechanism,” he said.
xxx
xxx
It turns out machine vision algorithms have an Achilles’ heel that allows them to be tricked by images modified in ways that would be trivial for a human to spot. These modified pictures are called adversarial images, and they are a significant threat.
From Machine Vision’s Achilles’ Heel Revealed by Google Brain Researchers
xxx
xxx
Integrated into the company’s main app, CVS Pay lets customers combine payment, prescription pickup and loyalty programme access all in one quick scan at checkout.
From CVS follows Walmart with own mobile payments service – BayPay Members Blogs
xxx
xxx
The new rules from the Competition and Markets Authority are designed to promote transparency and clarity while providing an incentive for customers to switch providers. The model is taken from the UK’s deregulated electricity industry.
Security experts, however, remain concerned over the potential of greater risk to customer data inherent in the new approach.
xxx
xxx
The default position in tort law is that it is very difficult to hold software developers liable for the harms their software wreaks. Software licenses — the terms on which people use software — generally disclaim all liability for problems the software causes. In keeping with the tech mantra that it’s always better to ask forgiveness than permission, these powerful shields encourage coders to experiment.
This lax liability standard may work when we are talking about sharing music or creating cat videos. It doesn’t work so well with money, finance, contracts, property records, medical records, proof of identity
From Call Blockchain Developers What They Are: Fiduciaries | Bank Think
xxx
xxx
From September, for savings in excess of 100,000 euros (US$111,710), the community’s Raiffeisen bank will take back 0.4 per cent.
From Dailytimes | German bank starts charging customers in negative interest rate
xxx
The combination o
FingoPay is cutting out the middlemen (the bank cards, the smartphones and smartwatches), to let you pay with – you guessed it – your finger.
The use vein-scanning as the non-contact biometric.
xxx
I also told [the BBC], in the spirit of openness and integrity that is associated with the good name of Consult Hyperion throughout the civilised world, that we had been retained by Hitachi some years ago to carry out a study on the security of this product and its suitability for certain financial services applications.
From We’ll be giving Barclays the finger next year | Consult Hyperion
xxx
xxx
Biometrics continue to advance in Japan with the news that Hitachi is teaming with Japanese issuer JCB to develop a biometric payment system based on its finger vein authentication technology that can be used as an alternative to cards and cash at the point of sale.
As you will see in this piece, I was sceptical about biometric identification at retail POS because back then the use of biometric authentication against a revocable token seemed like a much better solution to me.
2009
xxx
So, a plausible idea for son-of-chip-and-PIN, taking on board Max’s idea and merging it with our experiences gained implementing and doing security risk analysis for EMV schemes in a number of countries, might be as follows:
For micropayment, cash-replacement transactions: just wave the token (well, let’s say it, the mobile phone); For mesopayment, card-replacement transactions: enter the PIN, preferably into the mobile phone not the terminal, then wave the phone over the terminal; For megapayment, EFT-replacement transactions: enter the PIN, put the phone on the terminal and then put your finger in a vein scanner (such as the Hitachi system used in Japan).
This is a practical solution to the mass market use of biometrics, and you can make it work online as well by using challenge/response voice biometrics instead of vein scanning.
xxx
Festival – put token on file for four days – use fingerprint – have it all deleted at the end
xxx
But what if law enforcement goes to the biggest miners in the world (representing at least 51% of the hashpower) and tells them that if they continue to confirm easily identifiable mixing transactions, they will be accused of money laundering.
From On Fungibility, Bitcoin, Monero and why ZCash is a bad idea. – We Use Cash
xxx
xxx
For sending banks, the bank processes the CXC transactions as they normally do: look up the receiver, run limit checks, apply fraud controls, and initiate the transaction. However, instead of settling via ACH to the end recipient’s DDA, the bank sends the payment transaction to CXC, which originates the Visa/MC original credit transaction (OCT) on behalf of the sending bank to credit the receivers debit card. Once CXC performs the OCT, it updates the sending bank, which will see its transactions in its normal debit network settlement files.
From Levvel Blog – clearXchange Finds New Allies in the Quest For Ubiquity
xxx
Snippings