9.21.17: Your morning briefing

Register now

Welcome to the PaymentsSource Morning Briefing, delivered daily. The information you need to start your day, including top headlines from PaymentsSource and around the Web:

Target 'GPS': Bluetooth beacons are starting to show promise as a way to improve the payments and shopping experience inside stores, and Target is using the technology to help consumers navigate its aisles and locate special offers, reports TechCrunch. The big box retailer is installing LED lighting across its network, and is including beacons in the fixtures. These beacons locate shoppers in the stores via Target's mobile app, and the shopper can see where he or she is in the store in real time, an experience Target likens to GPS navigation. The app guides consumers to specific products and highlights which "Cartwheel" deals are new to the shopper's current location. Target is combining Cartwheel with its main app, and the mapping technology and Bluetooth are part of a larger set of upgrades, including a plan to eventually support mobile payments at checkout.
PSD2 may push Swiss exchange sale: The Swiss stock exchange operator SIX Group has hired JPMorgan to potentially manage a sale of its payments group, which could be worth up to $2.1 billion, according to Reuters. The Zurich-based SIX processes payments and supports debit and credit card point of sale systems for retailers, restaurants and hotels. It earned about $150 million last year, sources told Reuters. SIX is considering a sale as the value of payment companies and operations increases given the migration of consumers to digital payment options such as mobile wallets. Regulatory moves such as the pending Payment Services Directive (PSD2) should also boost activity in the financial technology space. The new regulations open the payments market to competition by requiring banks to share data to accommodate digital transactions..

Bluefin goes to college: Atlanta-based encryption company Bluefin is collaborating with NeuLion to add Bluefin's point-to-point protection for college ticketing. NeuLion will embed the encryption directly into its platform, reducing PCI scope and bolstering security without changing the customer experience for sporting events and other programs that require ticket purchases. The encryption supports credit and debit card transactions, and prevents cardholder data from being available in the device or merchant's system. NeuLion's clients include Duke, LSU, Florida State and the University of Oklahoma. "NeuLion’s college ticketing and donor management partners are under increasing pressure to limit the liability of credit card processing. By partnering with Bluefin, NeuLion is able to offer our partners peace of mind in knowing that the card information is secured as soon as the transaction is initiated," said Tim Vargas, senior vice president of NeuLion College Business Development, in a release.

Point to pay: Some payment companies are embracing fingerprint biometrics as a way to boost security while easing the user experience. In a new deployment, students at Brunel University in London have the option to pay with a touch of their finger at Costcutters, the campus convenience store. The Telegraph reports the Sthaler-powered FingoPay feature uses an electronic reader that builds a 3D map of the customer's finger veins. This generates a "key" that removees the need to enter other data to make a payment. Sthaler is on site this week at the university, offering an incentive of about $7 for the first 1,000 students to sign up to use the technology.

From the Web

Senators raise concerns with Equifax over military members affected by data breach
The Washington Times | Wed Sep 20, 2017 - Equifax is being asked to explain how it intends to safeguard the sensitive information of more than a million U.S. servicemembers affected by its recently disclosed data breach. Sen. Joe Donnelly, Indiana Democrat, and Sen. Dean Heller, Nevada Republican, wrote the nation’s largest credit reporting agency Tuesday. “We are particularly concerned about the roughly 1.3 million active-duty U.S. military personnel, especially the nearly 200,000 currently stationed overseas, who may lack the access and resources required to place a credit freeze on their files or take other necessary measures to adequately protect their personal information. This could leave members of our military especially vulnerable to identity theft and financial fraud in the days, months and years ahead,” the lawmakers said in a letter addressed to Equifax CEO Richard Smith.

The number of devastating cyberattacks is surging — and it's likely to get much worse
CNBC | Wed Sep 20, 2017 - Almost 2 billion data records around the world were lost or stolen by cyberattacks in the first half of 2017, according to the latest findings by digital security provider Gemalto, and the number of breaches reported by companies looks set to rise. There were 918 data breaches which compromised 1.9 billion data records in the first six months of 2017, according to Gemalto's latest breach level index published Wednesday. The number of lost, stolen or compromised records increased by 164 percent compared to the same period in 2016. Of these 918 breaches, 500 breaches had an unknown number of compromised records, while 22 of the largest data breaches involved more than one million compromised records. Part of the increase is likely that companies feel more pressure to be transparent and reveal data breaches. New regulations such as the U.K. data protection bill, the European Union's General Data Protection Regulation and Australia's Privacy Amendment (Notifiable Data Breaches) Act are set to come into force in the coming months and years, and will push firms to disclose hacks and security breaches.

Federal court denies cash awards to 22 million OPM data theft victims
Washington Post | Wed Sep 20, 2017 - A federal court has rejected a lawsuit seeking compensation for some 22 million federal employees, retirees and others whose personal information was stolen from two government databases. The U.S. District Court for the District of Columbia said Tuesday that it has no jurisdiction over cases brought by two federal unions following the hacking of Office of Personnel Management databases, revealed in mid-2015 but occurring months before. Those databases included names, addresses and Social Security numbers, in many cases personal financial and legal information, and in some cases fingerprints. In response, the government has been providing free services such as credit and identity monitoring and identity theft insurance. Separate suits by the American Federation of Government Employees and the National Treasury Employees Union sought financial damage awards for the victims in addition.

More from PaymentsSource

Post Equifax breach, enrollments are the front line in the fraud fight
In the wake of the Equifax breach, fraudsters now have 143 million new tools at their fingertips to explore new avenues of payments fraud, particularly when it comes to new account enrollments, account takeover (ATO), and synthetic identity-based fraud.

Mastercard sees an opening for new data shields after the Equifax breach
Everyone's felt the chill of the massive Equifax breach, giving Mastercard a sense of urgency when detailing future security measures for its card network.

Data: Restoring trust in a post-Equifax world
The payments industry may have been under the impression that the steady drip of data breaches over the past few years has left U.S. consumers in a state of battle fatigue, where the cycle of hacking, recriminations and credential reissuance has become almost circadian. Indeed, it may have been the expectation of a cowed and apathetic public that partly led to Equifax’s inept disaster response after its data breach was finally made public.

What would drive Uber and Lyft to create their own mobile wallets?
For companies like Uber and Lyft, which need the payment process to be as seamless and invisible as possible, Apple Pay might seem like an answer to their prayers. In reality, Apple Pay and rival mobile wallets fall very short of delivering what the two ride-sharing heavyweights need.

For reprint and licensing requests for this article, click here.