Apple Inc is gearing up to launch its electronic payments service in Canada in November, the first international expansion of Apple Pay, the Wall Street Journal reported, citing people familiar with the matter.
The iPhone maker is in talks with Canada’s six biggest banks, Royal Bank of Canada, Toronto-Dominion Bank , Bank of Nova Scotia, Bank of Montreal, Canadian Imperial Bank of Commerce and National Bank of Canada, the people told the Journal.
The banks are open to an agreement, but are not happy with Apple’s fee proposals and are worried about security vulnerabilities like the ones that U.S. banks experienced, the Journal said, citing the people.
It was still unclear if all six Canadian banks would launch Apple Pay at the same time, the Journal said.
Apple launched the service, a mobile payment app that allows consumers to buy things by holding their iPhone6 and 6 Plus devices up to a reader, in the United States in October.
The move is Facebook’s attempt to create a dedicated hub for chats on the web as it incorporates many new features into the Messenger mobile app and grows its use. Facebook users can still chat with others as they would normally do on Facebook.com. But the new web app, accessible at Messenger.com, is aimed solely at messaging, without other distractions like the news feed or profile pages.
To use Messenger.com, which went live on Wednesday, users must sign in with their Facebook credentials. It works largely the same as the mobile app, with support for voice calling, stickers and emoticons, and syncs chats across devices. It’s available to all English-speaking Facebook users globally. Facebook is working on making it available in other languages in the coming weeks, a spokeswoman said.
On mobile, Facebook has extended the functions of its Messenger app well beyond simple messaging. For example, users can now send each other money within the app. Third-party developers can also integrate their software into the app, giving users more ways to place digital content inside their chats. Facebook is also making Messenger a platform to let users interact with online retailers and receive updates on the status of their orders.
If someone has the new payments feature enabled in the Messenger mobile app, that function will be included in Messenger.com. Content from third-party mobile apps will be integrated into people’s chats on the web, but that content can’t be created from Messenger on the web.
Facebook’s Messenger app now has roughly 600 million users who log in monthly, which is almost half of Facebook’s total user base.
A survey from research firm Phoenix Marketing International found that 68 percent of respondents who have used Apple Pay had encountered an issue when making an in-store purchase.
The leading compliant made by nearly half of respondents was that retailers’ sales terminals took too long to record a transaction. Other problems: employees who didn’t know how to process sales with the mobile wallet (42 percent); errors in how the sale posted (36 percent), like a transaction appearing twice; and out of service Apple Pay terminals (27 percent). Almost half of the Apple Pay users surveyed (47 percent) found that the particular store they visited didn’t accept Apple Pay although the retailer was supposed to support the service.
Apple Pay launched in October and is accepted at 700,000 locations and supported by 2,500 banks in the U.S., CEO Tim Cook said at an event earlier this month. Retailers that accept Apple Pay include Macy’s, Subway, Nike, Whole Foods and McDonald’s. Apple hasn’t shared details on when the service will be expanded internationally.
People appear eager to use Apple Pay, with 59 percent answering that they have asked store employees if the merchant accepts payments with the service. Using Apple Pay requires linking a credit or debit card to the service.
A majority of respondents used the mobile payment system in Apple stores (46 percent), followed by McDonald’s (36 percent) and Macy’s (30 percent). Apple Pay was also popular at Nike stores, Whole Foods and Walgreens.
The service, dubbed Pony Express, would ask users to provide personal information, including credit card and Social Security numbers, to a third-party company that would verify their identity, according to a Re/code report on Tuesday.
Google also would work with vendors that distribute bills on behalf of service providers like insurance companies, telecom carriers and utilities, according to the article, which was based on a document seen by Re/code that describes the service.
It’s not clear whether Pony Express is the actual name of the service or if Google will change the name once it launches. It’s planned to launch by the end of the year, according to the report.
A Google spokeswoman declined to comment.
A handful of vendors such as Intuit, Invoicera and BillGrid already offer e-billing payment and invoicing software. Still, a Google service, especially one within Gmail, could be useful and convenient to consumers if the company is able to simplify the online payment process.
A benefit for Google could be access to valuable data about people’s e-commerce activities, although there would be privacy issues to sort out. Google already indexes people’s Gmail messages for advertising purposes.
Plus, the service could give Google an entry point into other areas of payment services. The company has already launched a car insurance shopping servicefor California residents, which it plans to expand to other states.
It’s unclear who Google’s partners would be for the service, but screen shots published by Re/Code show Cascadia Financial, a financial planning company, and food delivery service GreatFoods.
Cisco has revealed details of a new point of sale (PoS) attack that could part firms from money and users from personal data.
The threat has been called PoSeidon by the Cisco team and comes at a time when eyes are on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a new threat that has the ability to breach machines and scrape them for credit card information.
Credit card numbers and keylogger data is sent to an exfiltration server, while the mechanism is able to update itself and presumably evade some detection.
Cisco’s advice is for the industry to keep itself in order and network admins to keep systems up to date.
“PoSeidon is another malware targeting PoS systems that demonstrates the sophisticated techniques and approaches of malware authors. Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,” said the firm.
“As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families. Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”
The security industry agrees that PoS malware is a cash cow for cyber thieves, highlighting the importance of vigilance and keeping systems up to date.
“PoS malware has been extremely productive for criminals in the last few years, and there’s little reason to expect that will change anytime soon,” said Tim Erlin, director of product management at Tripwire.
“It’s no surprise that, as the information security industry updates tools to detect this malicious software, the authors will continue to adjust and innovate to avoid detection.
“Standards like the PCI Data Security Standard can only lay the groundwork for protecting retailers and consumers from these threats. A standard like PCI can specify a requirement for malware protection, but any specific techniques included may become obsolete as malware evolves.
“Monitoring for new files and changes to files can detect when malware installs itself on a system, as PoSeidon does.”
Target is reportedly close to paying out $10m to settle a class-action case that was filed after it was hacked and stripped of tens of millions of peoples’ details.
Target was smacked by hackers in 2013 in a massive cyber-thwack on its stores and servers that put some 70 million people’s personal information in harm’s way.
The hack has had massive repercussions. People are losing faith in industry and its ability to store their personal data, and the Target incident is a very good example of why people are right to worry.
As well as tarnishing Target’s reputation, the attack also led to a $162m gap in its financial spreadsheets.
The firm apologized to its punters when it revealed the hack, and chairman, CEO and president Gregg Steinhafel said he was sorry that they have had to “endure” such a thing
Now, according to reports, Target is willing to fork out another $10m to put things right, offering the money as a proposed settlement in one of several class-action lawsuits the company is facing. If accepted, the settlement could see affected parties awarded some $10,000 for their troubles.
We have asked Target to either confirm or comment on this, and are waiting for a response. For now we have an official statement at Reuters to turn to. There we see Target spokeswoman Molly Snyder confirming that something is happening but not mentioning the 10 and six zeroes.
“We are pleased to see the process moving forward and look forward to its resolution,” she said.
Not available to comment, not that we asked, will be the firm’s CIO at the time of the hack. Thirty-year Target veteran Beth Jacob left her role in the aftermath of the attack, and a replacement was immediately sought.
“To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target,” said Steinhafel then.
“As a first step in this effort, Target will be conducting an external search for an interim CIO who can help guide Target through this transformation.”
“Transformational change” pro Bob DeRodes took on the role in May last year and immediately began saying the right things.
“I look forward to helping shape information technology and data security at Target in the days and months ahead,” he said.
“It is clear to me that Target is an organization that is committed to doing whatever it takes to do right by their guests.”
We would ask Steinhafel for his verdict on DeRodes so far and the $10m settlement, but would you believe it, he’s not at Target anymore either having left in the summer last year with a reported $61m golden parachute.
The new live auctions platform – ebay.com/sothebys – that launched on Tuesday pairs Sotheby’s 270 years of experience selling art and antiques with eBay’s digital expertise and 155 million active users worldwide to meet the demand for online bidding.
The first auctions on the platform will begin on April 1 with photographs and a themed New York sale that will include the 13 letters of the 1970s Yankee Stadium sign that could fetch up to $600,000 from the collection of baseball great Reggie Jackson.
Online art sales are not new. Sotheby’s and its rival Christie’s conduct them. But the platform will bring Sotheby’s vast inventory to a new audience in the hopes of boosting sales and prices.
“What this partnership is about is leveraging eBay’s audience and ability to target that audience and find clients that have the means to participate in a Sotheby’s auction,” Josh Pullan, senior vice president, director of e-commerce at Sotheby’s, said.
Online sales of art and antiques are estimated to have reached 3.3 billion euros ($3.5 billion) or about 6 percent of global sales in 2014, according to a report commissioned by the Netherlands-based European Fine Art Foundation.
The majority of online sales, it added, was in the $1,000 to $50,000 range.
Most of Sotheby’s New York auctions will be streamed on the platform except for high-priced evening sales of contemporary, modern and Impressionist art and other specialist categories.
Sotheby’s has seen a nearly 25 percent rise in online bidding in 2014 over the previous year. In an auction of Picasso Ceramics, 75 percent of the lots offered attracted online bids.
The is designed to emulate the auction catalog in a digital format and to replicate the experience of seeing art in a museum before taking bidders to the live auction where they can bid in real time.
Megan Ford, director, emerging verticals and live auctions at eBay, said technology is changing and people have become more comfortable purchasing high-ticket items online in the past few years.
Alibaba chairman Jack Ma showed the new feature while speaking at the Cebit trade fair in Hanover, Germany.
Using Alipay, Ma bought a souvenir stamp from Alibaba’s e-commerce site in China. But to confirm the purchase, Ma scanned his face using the front camera on his smartphone.
“Online payment to buy things is always a big headache,” he said. “You forget your password, you worry about your security. Today we show you a new technology.”
Alibaba, which reigns as China’s largest e-commerce player, said Monday that the facial recognition feature was still under development.
Other online payment services have also started using biometrics to confirm user purchases. Apple Pay, for instance, relies on an iPhone’s fingerprint scanner.
It’s unclear how secure Alibaba’s technology is. But the company’s affiliated Alipay service is already hugely popular in China, where it has more than 300 million registered users.
Just over a half of the transactions Alipay processes came from mobile devices last year. And although most of Alibaba’s business remains in China, the company has ambitions to expand globally.
Alipay, which was spun off from Alibaba in 2011, is also seeking to increase its international user base. Last October, Apple CEO Tim Cook also said he was exploring a possible partnership with Alibaba Group to bring Apple Pay to China.
The facial recognition feature, while still in a beta state, is called “Smile to Pay,” according to a social media post by Ant Financial Services Group, an Alibaba affiliated company which runs Alipay. The feature was developed in partnership with a Beijing company Megvii, which provides a cloud-based facial recognition service.
Alibaba’s Tmall offers virtual storefronts and payment portals to merchants. Several western retailers, including Zara owner Inditex, Britain’s Burberry and ASOS, have joined TMall this year as they look to boost their presence in China.
Imported food, shoes, toys and kitchenware are listed on Amazon’s store, one of the many on Tmall that sell brand-name goods to Chinese shoppers, Bloomberg, which first reported the news, last week.
Amazon also operates its own e-commerce site in China.
U.S. retailer Costco Wholesale Corp last year opened an online store in China using Tmall, entering the country’s booming e-commerce market to combat slowing sales at home.
Amazon did not immediately respond to requests for comment outside usual business hours.
Auto Motor und Sport said in its March 4 edition that the two firms were discussing possibilities for cooperating on the development of a passenger car.
Apple was impressed with BMW’s carbon-fiber electric cars, the magazine said, citing a “high ranking BMW manager.”
The BMW spokesman said: “We are in regular talks with companies from the IT and telecommunications sector, including Apple, concerning topics like connected vehicles. Developing or building a car is not a topic of these discussions.”
An Apple spokesman said the company did not comment on rumor or speculation.
Auto Motor und Sport said Apple cars could be sold in Apple stores and serviced at BMW dealerships.
Among the issues that needed to be resolved was whether BMW would allow Apple to develop an operating system for its i3 model, a step that would require BMW to reveal details of its own vehicle software to the technology giant, the magazine said.
Last month, a source told Reuters that Apple was looking beyond mobile devices to learn how to make a self-driving electric car, and was talking to experts at carmakers and automotive suppliers.
PayPal didn’t disclose how much it is paying for the Wellesley, Massachusetts, company, which has a platform that companies can use to build their own branded mobile payment and loyalty apps.
Several well-known companies use Paydiant’s technology, including Subway and Capital One. It has also been adopted by the Merchant Customer Exchange, a group of major retailers including Target, CVS and WalMart that is developing a mobile payment app called CurrentC to take on Apple Pay.
Paydiant’s payment technology allows customers to pay for items by using either NFC (near field communication) or a QR code, which is scanned at checkout. To pay with NFC, which is also used by Apple Pay, the customer holds a mobile device near a special sales terminal that can read the embedded NFC chip. However, some merchants have said they are reluctant to invest in new payment terminals that support NFC payments.
PayPal, which is getting spun off from parent company eBay later this year, will face increased competition in the mobile payment market. While Apple’s contactless payment system has received much attention since it launched in October, other large tech companies are building their own products.
The watch is designed to replace car keys and the clumsy, large fobs that are now used in many vehicles, Cook told the newspaper.
Its battery will last the whole day, and will not take as long to charge as an iPhone, the report quoted Cook as saying.
Apple Watch will also work as a credit card through Apple Pay, Cook told the paper, but did not mention how user verification will work with the watch.
The rollout of the watch might pose a challenge for Apple’s stores, which may involve “tweaking the experience in the store,” the Telegraph said, citing Cook’s conversation with the staff at Apple’s Covent Garden store in London.
Last March, Apple unveiled CarPlay, which lets drivers access contacts on their iPhones, make calls or listen to voicemails without taking their hands off the steering wheel.
Earlier this month, Reuters reported that the iPhone maker is looking at making a self-driving electric car, and is talking to experts at carmakers and automotive suppliers.
In the interview, Cook said that the Apple Watch will operate a special rewards system, track the user’s activity and “be correct to 50 milliseconds”.
Apple was not immediately available for comment.
The company has scheduled a special event on March 9, where it is expected to showcase Apple Watch, which will be launched in April.
The Anthem data breach may have exposed 78.8 million records, according to deeper analysis provided in an estimate by the health insurance company, but Anthem is still investigating exactly how many records hackers captured from a database.
Hackers accessed a database at Anthem that contained customer and employee records with names, birth dates, Social Security numbers, addresses, phone numbers, email addresses and member IDs, the health insurance company said on Feb. 4. Some records included employment information and income levels, but no financial information was compromised, it said.
It marked one of the largest data breaches to affect the health care industry, adding to a string of recent attacks that have shaken large companies, including retailers Home Depot, Target and Michaels.
Anthem, formerly known as Wellpoint, runs health-care plans under the Blue Cross Blue Shield, Empire Blue Cross, Amerigroup, Caremore, Unicare, Healthlink, DeCare, HealthKeepers and Golden West brands.
Between 60 million and 70 million of the 78.8 million records belong to current or former Anthem members, the company said in a statement.
The remainder — between 8.8 million and 18.8 million — belong to non-Anthem members who used their insurance in a state where Anthem has operated over the last decade.
Anthem is still trying to identify those people who may have been affected. Part of the problem is that Anthem has found 14 million incomplete records that can’t be linked to a product or line of business. Those records lack data fields that could be used to identify members, though they probably are not active Anthem members.
No information has been formally released on who may have compromised the database. Security firm CrowdStrike, which is not involved in the investigation, said the attackers used infrastructure linked to a suspected China-based state-sponsored group known as Deep Panda.
Google announced it has reached a deal with three of the country’s major cellular carriers to acquire “technology and capabilities” from Softcard, a competing mobile wallet app created jointly by the telecom operators. But the deal appears to be less about technology and more about branding.
The biggest immediate change is that Verizon, AT&T and T-Mobile will begin pre-installing Google Wallet on new Android smartphones later this year — something that had been blocked before in preference for the Softcard app.
At their heart, both apps are based on the same contactless payment technology as Apple Pay and a new generation of payment cards from banks and credit unions. They use NFC (near-field communication) to complete a transaction once a payment card or phone is brought within a few centimeters of a terminal.
Apple Pay brought the technology widespread recognition when it launched late last year, but Google Wallet has been around since 2011. However a lack of support from carriers, retailers, card issuers and Google itself had relegated the technology to the sidelines.
While Google Wallet and Apple Pay share a technology base, there are key differences in how they work. Perhaps the biggest is that in Google Wallet, all transactions are routed through Google before being charged to the customer’s credit card.
That gives Google even greater insight into the lives of its users. In contrast, Apple doesn’t see any details of purchases made on its system.
Getting the Google Wallet app in front of more consumers could help reduce confusion over the different brands — an important consideration when the biggest Android phone maker is making moves of its own in mobile payments.
Visa Europe has announced a new, more secure way for consumers to pay retailers usinng their mobile phones,a move that could set the stage for Apple’s Apple Pay and rival mobile payment services to be introduced into Europe in the coming months.
Visa Europe said on Tuesday it would introduce to member banks by mid-April a “tokenization” service which substitutes random numbers for a user’s credit card details when a merchant transmits transaction data, reducing the risk of online theft.
Similar security from Visa Inc ,the former parent of Visa Europe, and rival card issuers MasterCard and American Express has been key to the success of Apple Pay since it was introduced in the United States last year, according to industry experts.
Apple Pay allows iPhone users to store their credit card details on their phones, then pay at the tap of a button. In its first three months, more than $2 out of every $3 which U.S. consumers spent using speedy new “contactless” systems at the three major credit card networks was done via Apple Pay, the company said last month.
Visa Europe’s move is one of several new services the London-based credit card giant is unveiling as it battles to retain its role as a middleman connecting banks and consumers in a fast-moving payments landscape being shaken up by major technology firms including Apple, Google and eBay’s PayPal, as well as scores of ambitious start-ups.
These include a way for card customers to send money overseas to other Visa users via their social media profiles on sites such as Facebook, WhatsApp, Twitter or LinkedIn.
Steve Perry, Visa Europe’s chief digital officer, said in an interview his association’s plan for secure credit card data transmission parallels what Visa Inc offers in the United States. But he declined to comment on whether Apple Pay had agreed to use his organization’s version in European markets.