7.26.17: Your morning briefing
Welcome to the PaymentsSource Morning Briefing, delivered daily. The information you need to start your day, including top headlines from PaymentsSource and around the Web:
Wells drops the data: Wells Fargo has suffered a data breach that has compromised account information for 50,000 high net worth clients, in this case because the bank accidently leaked the information as part of a court case. Wells gave the documents, which had Social Security numbers and sensitive information, to a lawyer as part of a lawsuit from a former and current employee. Social Security numbers are particularly important, since they're still a key element in most authentication and ID checks, and are easily transferrable once compromised. Finextra reports the 1.4GB file passed through a third-party vendor that didn't delete client data before transferring the file to the court. Wells has asked for the files to be returned, but the plaintiff in the case has not done so, though the plaintiff's legal team has promised to keep the files secure and confidential "for now," Finextra reports.
Canadians slowly warm to fintech: Canada's embrace of digital technology has been mixed, with contactless payments widespread while mobile payments sputter. There are some signs Canadians are embracing overall financial technology, which could push mobile payments ahead. EY found fintech adoption in Canada has increased to 18% in the past two years, which means 18% of Canadians have used at least one digital financial service in the past six months. That's up from 8% in 2015, but still well behind the global rate of 33%. The low rate is a result of a lack of awareness of the capabilities of new technology, according to EY. That problem is improving, as 22% of Canadians say they have never heard of "fintech," which is down from 49% two years ago.
Instant payments advance in parts of Europe: UniCredit will soon deploy instant payments in Italy and as part of tests of EBA Clearing's RT1 real-time platform. The bank is preparing for the rollout of instant payment services to customers in Italy and Germany. Testing will be complete and the first wave of of services will debut in November in line with the European Payments Council's Sepa Instant Credit Transfer Scheme. UniCredit is among 39 companies that are involved with a new clearing infrastructure that will provide real-time payments processing across Europe at all times. At UniCredit, this effort is part of a broader digital strategy for payments and other financial services with a goal of saving about $1.4 billion in operating costs.
A picture of ransomware payments: There have been several high-profile ransomware attacks recently, including ones such as WannaCry that directly targeted payments systems in parts of the world. The result has been more than $25 million in payments to the attackers over the past two years, according to The Verge, which cites a study from Google, Chainalaysis, UC San Diego and NYU. The researchers followed payments through the blockchain that led to the attack source, and produced an analysis of the ransomware infrastructure. After the malware infects a system, the underlying program encrypts local files to a private key that the attackers control. These attackers demand bitcoin to recover the systems, a method that has shown profitable for the crooks, according to The Verge. The researchers tracked about three dozen types of ransomware, though only a handful are responsible for most of the revenue. One program, Locky, has resulted in a large increase in payments, drawing more than $7 million over the past year. Locky is the first ransomware program that keeps the payment and encryption distinct from the distributors, which allows the malware to move faster than other strains, reports The Verge.
From the Web
Shoddy data-stripping exposes firms to hack attacks
BBC | Wed Jul 26, 2017 - Large firms are vulnerable to targeted hack attacks because they do little to strip data from files on their websites, suggests research. The data gets added as employees create documents, images and other files as they maintain and update websites. The research found user names, employee IDs, software versions and unique IDs for internal computers in the files. Attackers could use it to craft attacks aimed at senior staff, said security firm Glasswall which did the survey. Banks, law firms, defence contractors and government departments were all found to be leaking data. "This is really low-hanging fruit," said Lewis Henderson, a vice-president at Glasswall, which carried out the survey for the BBC.
Payments group Worldline raises 2017 guidance after first-half growth
Reuters | Wed Jul 26, 2017 - French payments company Worldline on Tuesday raised its 2017 objectives following an 11 percent hike in operating profits for the first six months of the year. Worldline expects its operating margin before depreciation and amortization (OMDA) for the 2017 fiscal year to surpass its previously announced target range of 20.0-20.5 percent. It did say by how much it would exceed that range. First half OMDA was up 11.2 percent at 153.3 million euros ($178.67 million).
Investment in UK Fintech Tops Pre-Brexit Levels in First Half of 2017
The New York Times | Tue Jul 25, 2017 - Over half a billion dollars were poured into British financial technology companies in the first half of 2017, over a third more than the same period last year, trade body Innovate Finance said on Wednesday, in the latest sign the fast-growing sector is so far weathering Brexit. UK-based fintech startups pulled in $564 million of venture capital investment in the first six months of the year, more than half of which came from outside Britain. That was up 37 percent from the first half of 2016, and put Britain in third place globally for fintech investment, behind the United States and China.
More from PaymentsSource
Visa is building new processing centers to handle global data deluge
Visa is developing its first international transaction processing centers — one in the U.K. and one in Singapore — on the heels of other moves to accelerate digital payments growth globally.
ABN Amro broadens the business case for P-to-P payments
ABN Amro is enabling its Tikkie social P-to-P app to send tuition payment requests to students, a dramatic expansion from the transaction types the bank designed the app for.
The too-firm footing of QR codes
Despite the considerable momentum behind contactless technologies such as NFC, the unloved but effective QR code continues to live on. QR's success keeps outweighing its clunkiness, winning more support from companies that might otherwise prefer newer technology.
American Express connects to Abra’s bitcoin wallet
American Express is giving its card customers an easy way to transact in cryptocurrency.