Morning Brief 12.26.19: Twitter Android flaw put phone numbers at risk

Register now

The information you need to start your day, from PaymentsSource and around the web:

Trouble with Twitter

A flaw in the system Twitter uses to match a user's contacts with Twitter accounts could be utilized to deduce the phone numbers of random Twitter users.

A researcher, Ibrahim Balic, was able to exploit this feature by generating a list of 2 billion randomized phone numbers and matching 17 million of them to Twitter handles via its Android app, TechCrunch reports. The flaw does not work in Twitter's web version, and Balic was blocked from using the feature as of Dec. 20.

That same day, Twitter patched a bug in its Android app that could have allowed improper access to private information such as direct messages and location data; TechCrunch says this is likely unrelated to the flaw Balic used.


A Utah man has implanted four NFC chips into his hands, enabling him to unlock his Tesla and open doors at work, and he next plans to enable mobile payments, according to a report aired by Salt Lake City’s Fox-affiliated TV station KSTU.

The concept has been tried across the globe in recent years, including in Stockholm and Wisconsin, using technology from BioHax. In those cases, the chips were meant for use by employees of Epicenter and Three Square Market.

In the Utah example, Ben Workman injected the chips under his skin using a syringe, with the help of friends.

Color coded

Card processor i2c has designed its digital banking and mobile app to accommodate consumers who are color blind, according to a press release.

The new site is easy to navigate even for the portion of the population who struggle to distinguish between red and green or blue and yellow (less than 2% of the population, with more male sufferers than female).

Longer days

Nacha announced that on March 19, 2021 it will add two more hours to the settlement window for Same-Day ACH, ensuring that payments submitted up to 4:45 p.m. ET will be settled that same day.

The date was set after the Federal Reserve Board of Governors approved an extension of operating hours for the National Settlement Service, which underpins ACH.

From the web

Google’s YouTube Goes To War With Bitcoin And Crypto
FORBES | Thu December 26, 2019
Google has decided to remove hundreds of bitcoin and cryptocurrency videos from its video-sharing site YouTube in what's being called a "crypto-purge" — leaving many who make bitcoin and cryptocurrency-related videos feeling unfairly targeted by the search giant.

Kroger taking card payments again after Christmas Eve outage
FOX BUSINESS | Wed December 25, 2019
Kroger grocery stores started taking card payments again Tuesday after a temporary register outage that affected stores across the country on Christmas Eve. Some holiday shoppers were forced to wait in line to use ATMs, causing chaos at a number of locations as people scrambled to buy last-minute supplies for holiday meals.

Fintech lenders tighten their standards, becoming more like banks
LOS ANGELES TIMES | Wed December 25, 2019
Online personal loans were easy to come by for years, enabling millions of Americans to borrow cheaply to pay down costly credit card debt. In the last year, though, companies, including LendingClub Corp., have been tightening the spigot, following a revolt by investors upset over years of unexpected losses.

More from PaymentsSource

Australian banks want to one-up Square with tap-on-phone payments
Two of Australia’s biggest banks, National Australia Bank (NAB) and Commonwealth Bank of Australia (CBA), are competing to be the first to commercially launch tap-on-phone contactless payments in the country.

New ways to pay require new approaches to security
Innovation is showing little sign of slowing, creating both myriad benefits and risks moving ahead, says Visa's Paul Fabara.

NCR to add store virtualization through Zynstra acquisition
In the same manner as customer-interaction tools can integrate into a point-of-sale terminal, NCR Corp. is ready to turn the POS screen into a virtual business office.

Biometrics is better, but still has security holes
Consumers face significant risk if this highly personal information is exposed, says Mitek's Stephen Ritter.

How Open Banking payments may undercut mainstream options for small shops
With the cost of processing business transactions remaining stubbornly high, a number of U.K. fintechs are working to facilitate Open Banking payments, a method which could soon enable consumers and businesses to make faster payments at a lower cost.

For reprint and licensing requests for this article, click here.