Tag Archive for: payments

NSA: Sanctions on Russia Having a Positive Effect on Ransomware Attacks, Attempts Down Due to Difficulty Collecting Ransom Payments

/in


National Security Agency (NSA) director of cybersecurity Rob Joyce told attendees of a recent UK security conference that ransomware attacks are down in roughly the last two months, and that trend can be traced directly to sanctions placed on Russia. Criminals that operate out of the country are struggling to find ways to cash out ransom payments and set up infrastructure, due in large part to sanctions attached to the invasion of Ukraine.

NSA director sees downward trend in ransomware attacks due to recent sanctions

The NSA cyber security director told the National Cyber Security Centre’s (NCSC) Cyber UK event in Wales that criminal attempts on government agencies and critical infrastructure had made ransomware attacks a national security priority, and that most of the serious players in this particular segment of the criminal underworld are based in Russia. New sanctions against entities in Russia are thus having a dampening effect on ransomware attacks, as the criminals lose options for doing business with the outside world.

Joyce said that this was likely not the only factor for the reduction in ransomware attacks, but was a significant contributor. Ransom payments are more difficult to process due to lack of access to assorted banking options, and inability to purchase necessary technology to set up the infrastructure for new ransomware campaigns.

Whether or not to formally ban ransomware payments has been a hot topic across the world for several years now, ever since ransomware attacks made a major resurgence. After a lull in the mid-2010s, ransomware roared back in 2017-2018 roughly concurrent with the massive rise in value of cryptocurrencies. Even larger spikes have occurred since the beginning of the Covid-19 pandemic, as both home and work internet traffic greatly increased. While there is some case to be made for cutting these attacks off at the source by banning ransom payments, an argument supported by this recent NSA announcement, many organizations feel that they have no option but to make a payment when they are unexpectedly caught by a breach. This is particularly true for companies that cannot afford even a small amount of downtime, such as health care…

Source…

Apple hit with EU antitrust charge over mobile payments technology

/in


An Apple logo hangs above the entrance to the Apple store on 5th Avenue in the Manhattan borough of New York City, July 21, 2015. REUTERS/Mike Segar//File Photo

Register now for FREE unlimited access to Reuters.com

BRUSSELS, May 2 (Reuters) – Apple faces a possible hefty fine and may have to open its mobile payment system to competitors after EU antitrust regulators charged the iPhone maker with restricting rivals’ access to its technology used for mobile wallets.

This marks the second EU charge against Apple after EU regulators last year accused the company of distorting competition in the music streaming market following a complaint from Spotify (SPOT.N). read more

The European Commission said on Monday it had sent a charge sheet known as a statement of objections to Apple, detailing how the company had abused its dominant position in markets for mobile wallets on iOS devices.

Register now for FREE unlimited access to Reuters.com

The Commission said Apple’s anti-competitive practices dated back to 2015 when Apple Pay was launched.

“We have indications that Apple restricted third-party access to key technology necessary to develop rival mobile wallet solutions on Apple’s devices,” EU antitrust chief Margrethe Vestager said in a statement.

“In our statement of objections, we preliminarily found that Apple may have restricted competition, to the benefit of its own solution Apple Pay,” she said.

Apple, which could face a fine up to 10% of its global turnover or $36.6 billion based on its revenue last year, though EU penalties rarely reach the cap, said it would continue to engage with the Commission.

“Apple Pay is only one of many options available to European consumers for making payments, and has ensured equal access to NFC while setting industry-leading standards for privacy and security,” the company said in a statement.

Apple’s Frankfurt-listed shares fell on the news and were down 0.7% at 1216 GMT.

Apple Pay is used by more than 2,500 banks in Europe and over 250 fintechs and challenger banks. The NFC chip enables tap-and-go payments on iPhones and iPads.

Vestager rejected the company’s security argument.

“Our investigation to date did not reveal any evidence that would…

Source…

Mastercard and Google Pay partner on tokenization for card-based payments

/in


MUMBAI :

Mastercard and Google on Tuesday announced the rollout of tokenization that will enable Google Pay users to safely transact using their Mastercard credit and debit cards.

Through tokenization, Mastercard cardholders can make payments through a secure digital token without having to share their credit or debit card details such as card number and expiry date with a merchant.

The statement said that Google Pay Android users can scan and pay across all Bharat QR-enabled merchants, tap-and-pay, and make in-app transactions through their Mastercard debit and credit card. For registration, users will do a one-time setup by entering their card details and their OTP to add their card on the Google Pay app.

Sajith Sivanandan, business head of Google Pay and Next Billion User Initiative (Asia Pacific) said, “At Google Pay, our endeavour is to simplify payments and make it accessible to as many users as possible – one key pillar in making this a reality is to offer the highest levels of security for every transaction with the help of technology.”

“We are excited to collaborate with Mastercard for card tokenization which will offer users state-of-the-art security for card payments. This is already live for several credit card issuers on Mastercard, and we are working closely with other banking partners to further expand the adoption of tokenization in India. We are hopeful that the added simplicity and convenience will make an ever-larger base of users feel secure in making more payments digitally,” he said.

According to Nikhil Sahni, division president (South Asia and country corporate officer) at Mastercard, tokenization enables an additional layer of security for payments, which reduces friction and improves the shopping experience.

“It will redefine the current payment ecosystem by enabling a safe experience for the consumer and facilitate millions of mobile- first users from remote locations in migrating towards a cashless society,” said Sahni.

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our…

Source…

Security Experts Warn of Apple Pay Express Transit Hack That Enables Large Unauthorized Visa Payments From Locked iPhones

/in


Researchers in the U.K. have demonstrated how large unauthorized contactless payments can be made on locked iPhones by exploiting Apple Pay’s Express Transit feature when set up with Visa.

apple pay express transit london
Express Transit is an ‌Apple Pay‌ feature that allows for tap-and-go payment at ticket barriers, eliminating the need to authenticate with Face ID, Touch ID, or a passcode. The device does not need to be wakened or unlocked to use Express Transit.

Computer Science researchers from Birmingham and Surrey Universities demonstrated to the BBC how the attack works by exploiting a weakness in the Visa contactless system through the use of a small piece of commercially available radio equipment, which is placed near the phone and masquerades as a ticket barrier.

An Android phone running an app developed by the researchers is used to relay signals from the iPhone to a contactless payment terminal and modifies the communications to fool the terminal into acting as if the ‌iPhone‌ has been unlocked and a payment authorized.

In demonstrating the attack, researchers made a contactless Visa payment of £1,000 from a locked ‌iPhone‌. The scientists only took money from their own accounts. The researchers said the Android phone and payment terminal used don’t need to be near the victim’s ‌iPhone‌ as long as there’s an internet connection.

Apple told the BBC the matter was an issue with the Visa system.

“We take any threat to users’ security very seriously,” said Apple. “This is a concern with a Visa system but Visa does not believe this kind of fraud is likely to take place in the real world given the multiple layers of security in place. In the unlikely event that an unauthorized payment does occur, Visa has made it clear that their cardholders are protected by Visa’s zero liability policy.”

The researchers said the attack might be easiest to deploy against a stolen ‌iPhone‌, although there’s no evidence that the hack has been used in the wild. Visa said payments were secure and attacks of this type were impractical outside of a lab.

“Visa cards connected to Apple Pay Express Transit are secure, and cardholders should continue to use them with confidence,” said a Visa spokesperson….

Source…