Welcome to the PaymentsSource Morning Briefing, delivered daily. The information you need to start your day, including top headlines from PaymentsSource and around the Web:

A tip from the TLC: Uber's payment experience, which is largely in the background and invisible to the rider, has inspired companies in other industries to adopt the concept. But not everybody's happy with the Uber app, which provides no way to add a tip. The New York Taxi and Limousine Commission is moving to require tipping as an option in ride sharing apps, according to The New York Times, which reports the regulation may become formalized in the next few months. The move, which may be more widespread than New York as regulators in other states consider similar requirements, was sparked by a petition from The Independent Drivers Guild, a lobby group for Uber drivers in New York.

Bloomberg News

Swift pushes back against NSA hack claims: Swift and EastNets deny claims by the Shadow Brokers hacking group that the NSA used weaknesses in older Microsoft Windows systems to break into EastNets, which outsources Swift connections for 260 companies, mostly in the Middle East. Finextra reports EastNets claims the Shadow Brokers' published documents are "false and unfounded," and EastNets ran a check of its servers and found "no hacker compromise or vulnerabilities" and said no customer data has been compromised. EastNets also contends its Service Bureau runs on a separate server and cannot be accessed over public networks, though EastNets adds it cannot ascertain the information that has been published. Finextra also quotes Swift as contending there was no evidence to suggest unauthorised access to its network or messaging services. Microsoft said it has patched "most" of the exploits discussed in the Shadow Brokers' leak.

Is Square plotting a debit card?: Square has primarily used mobile hardware and digital commerce to acquire merchants, though it may have plans to provide a more traditional plastic payment card. SlashGear reports an image is circulating of a black Visa debit card wit Square and Twitter CEO Jack Dorsey's Twitter handle on it. While SlashGear admits that's not a ton of evidence to suggest Square is planning to introduce a plastic payment card, it says the card is similar to an older card Square planned in 2014, but later dropped as the company turned its focus to primarily merchant acquiring. Square's closest product line to a payment card would be Square Cash, which has features that enable it to act as a prepaid or budgeting product, though the funds must be loaded onto a debit card.

Prison credit: Two prisoners allegedly used stray equipment at their jail to build computers that they used to apply for credit cards, among other nefarious activities. The Ohio Inspector General's office reports Adam Johnston and Scott Spriggs took advantage of a "green" initiative at the Marion Correctional Institution that involved recycling old electronic equipment. The two men were able to build functional PCs out of this equipment, which they then hooked to the prison's computer network via ethernet cables. That allowed them to make passes to unauthorized areas of the prison and electronically access prison records. They stole another inmate's Social Security number to apply for credit cards, some of which were approved and send to one of the inmate's mothers. They also downloaded television shows, music and other content which they distributed to other inmates via a thumb drive. The state office has turned over the results of its investigation to law enforcement. The inmates have been transferred to other prisons while they await charges, and the state prison system is reviewing possible changes to computer security.

Hard bait: While phishing attacks are becoming more sophisticated in the age of digital commerce, an older coding technique has internet browsers scrambling for a fix. Engadget reports a unicode technique that's decades old is being used to mask the fake sites that are central to a phishing con, making it harder for consumers to know if a site is legitimate. Called Punycode, phishers register fake domains that look similar to a real website. A "xn" prefix to the domain code tells browsers that the domain is using compatible code that renders in a country's local language, making it easier to trap people into visiting fake sites for retailers, financial institutions or payment companies. Engadget reports Microsoft Edge, Explorer and Safari are now immune from the attack and Google should have a patch completed shortly for Chrome.

From the Web (powered by Wiser)

Hike Messenger May Beat WhatsApp To Bring UPI Powered Payments Platform
Trakin' the india business buzz • Mohul Ghosh
The first wave of digital transactions was created by credit/debit cards. Then came mobile wallets and now, it is the messenger apps which will form the next wave of growth in digital transactions. In China, for instance, third party mobile payments market...

Latin America Online Payment Methods: Full Year 2016 - Credit Cards are the Most Popular Online Payment Method in Latin America - Research and Markets
International consumer surveys cited in this report show that credit cards are the top online payment method in Latin America...

Cardtek Launches New International Growth Strategy
Cardtek announces plans for international growth led by new Executive Chairwoman Ayşe Nil Sarıgöllü.

More from PaymentsSource

As cross-border market heats up, Ripple builds a bigger rail
Ripple's distributed ledger platform has fed an appetite for cheaper and more efficient cross-border payments, but it may not measure up to the needs of a larger market.

As the U.K. embraces check images, security risk awaits
While the U.K. gears up for what promises to bring greater convenience and faster clearing times from document imaging, businesses that still rely on the ability to accept paper cheques can learn from their counterparts across the pond, who found new risks accompanied the increase in speed.

Ant's bid for MoneyGram is about more than money
Jack Ma’s Ant Financial Services Group has deep enough pockets to win the bidding war against Euronet Worldwide for MoneyGram, but money may not be the deciding factor in this deal.

Alleged NSA hack of Swift service bureau revives ‘back door’ debate
Reports that the National Security Agency infiltrated bank servers through a Swift service bureau highlight a recurring concern for financial institutions about the unintended consequences of U.S. government snooping.