Google will add a “buy” button in its search results on mobile devices in the coming weeks, according to a report last Friday in the Wall Street Journal, a move that could give online shoppers an easier way to buy products on small screens.
The change might also give consumers an alternative to mobile apps from companies like Amazon and eBay, though it might jeopardize retailers’ ability to directly market to their customers.
The buy button will appear on Google’s search results pages when people search for certain products on mobile devices, said the report, which cited unnamed sources. If users click on the buttons, they’ll be taken to another Google page where they can choose among sizes and colors, select shipping options and complete the purchase, the report said.
Google reportedly will let shoppers enter their payment information just once, store it, and automatically load it for future purchases on Google’s shopping pages.
The products will still be provided and sold by the retailer and not by Google. Macy’s is in talks with Google to take part in the launch of the button, according to the Wall Street Journal report.
Representatives of Google and Macy’s did not immediately respond to requests for comment on Friday.
The buttons will accompany only sponsored search results, not regular results driven by Google’s basic search algorithm, the report said. At first they will only appear with a small percentage of Google’s search traffic.
Over time, the buttons could help Google expand its search service beyond information and links to also encompass an online storefront.
The company launched an investigation in early May after receiving reports of unusual activity involving payment cards used at some of its stores. While it now has sufficient evidence to confirm an illegal intrusion, the company declined to comment on the breach’s scope until the forensics investigation is complete.
Sally Beauty is one of the largest retailers of beauty products in the U.S. and has over 4,500 stores.
In March last year, the company said hackers stole up to 25,000 customer records containing payment card data. According to the company’s annual report for 2014, attackers managed to install malware on some of its point-of-sale systems and captured “track 2″ card data.
Track 2 refers to one of the data tracks encoded on a card’s magnetic stripe. It contains the card’s number and expiration date and can be used by criminals to clone it.
“There can be no assurances that we will not suffer another cyber-attack or data security breach in the future and, if we do, whether our physical, technical and procedural safeguards will adequately protect us against such attacks and breaches,” the company said in its report.
The compromise of point-of-sale systems with memory-scraping malware has resulted in some of the largest card breaches over the past two years. The technique was used to steal 56 million payment card records from Home Depot last year and 40 million from Target in late 2013.
With chipmaker Qualcomm, GE is offering retailers a way to connect with shoppers’ smartphones through technology embedded in LED light bulbs, the company said. One use of the “indoor positioning” technology could be to transmit customized coupons to shoppers depending on their store location.
GE also said it will produce an LED bulb compatible with Apple’s yet-to-launch connected-device platform HomeKit. The bulb can change colors to align with the natural rhythms of the body.
The tie-ups underscore GE’s plans to dive into the emerging and increasingly competitive market for connected lighting that integrates with smart devices.
While GE sees an opportunity in selling energy-efficient LED bulbs, it will seek to use sensors and other technology embedded in LEDs to the advantage of consumers, businesses and cities, said Beth Comstock, who leads GE Business Innovations.
Services offered by GE stand to provide revenue that could offset pressure should the LED bulb business become more commoditized.
“There’s now a data stream from light that is going to create opportunity to be more productive,” said Comstock, in her first interview about the lighting strategy since September, when the unit became part of GE’s innovations division.
Some analysts have speculated the U.S. conglomerate will divest lighting after deciding last year to sell its appliances segment and moves by Siemens and Philips to hive off lighting units. GE Lighting totaled about $2.5 billion in revenue last year, 2.3 percent of the company’s overall industrial sales.
Comstock said lighting fits smoothly with GE Chief Executive Jeff Immelt’s desire to marry software and analytics with GE’s various industrial equipment, which GE calls the “Industrial Internet.”
“LEDs plus software, it helps GE continue its Industrial Internet expansion and I think the lighting business has a big role in GE’s future because of that,” Comstock said.
Japanese consumer electronics maker Sony Corp expects operating profit to more than quadruple this year, as strong sales of camera sensors and cost reductions anchor a much needed turnaround after years of losses on TVs and mobile phones.
Sony said on Thursday it estimates operating profit will jump in the year ending March 2016 to 320 billion yen ($2.7 billion). For the previous fiscal year, operating profit was 68.5 billion, in line with an April 22 forecast.
This year’s earnings would be Sony’s biggest annual operating profit in seven years, though well below an average analyst forecast of 408 billion yen, according to Thomson Reuters. Achieving it would mark another milestone in Chief Executive Kazuo Hirai’s long haul to pull one of Japan’s most iconic technology firms out of heavy losses, squeezed by cheaper and more nimble rivals in mass consumer electronics.
Under Hirai’s direction, Sony has reshaped itself to target expansion in lucrative new areas such as sensors used in cameras for popular devices like Apple Inc’s iPhones. That strategy has vexed some former executives who have urged Hirai to focus on innovation, not cost cuts.
“We are emerging from losses but still recuperating,” Chief Financial Officer Kenichiro Yoshida told reporters on Thursday, saying Sony was being cautious in forecasting to break with past habits.
“In the past seven years, we revised (earnings guidance) downwards around 15 times,” he said, citing fluctuations in foreign exchange rates as a major concern.
As part of its restructuring, Sony has exited PCs and spun off its TV business. It also plans to split off its audio and video business in an effort to hold subsidiaries more accountable for making a profit.
Investors have welcomed the new-look Sony. Shares have risen more than 30 percent in 2015, and year-on-year, the stock has nearly doubled, hitting 3,827.50 yen earlier this month, its highest since 2008.
Samsung Electronics is winning the Smartphone war, despite what you might be reading in the mainstream press.
According to the company it expects earnings to rise in the second quarter after posting its highest profit in three quarters in January-March, boosted by strong demand for its new Galaxy S6 flagship smartphones.
To make matters even more cheery for Samsung, researcher Strategy Analytics saying the South Korean giant overtook Apple as the world’s top smartphone maker in the first quarter.
Samsung Vice President Park Jin-young “Galaxy S6 sales have been going as well as expected, while demand for the Galaxy S6 edge have been better than anticipated. “
The firm reported a January-March operating profit of $5.64 billion and promised that earnings for April-June should continue to rise, thanks to the two Galaxy S6 models which are breaking the company’s sales records.
There had been some fears that Galaxy S6 phones might not be selling, but it turned out that this was just a rumor.
Analysts have been agreeing that Samsung is winning because there is nothing else out there that can match it. Daewoo Securities analyst Jonathan Hwang said there was nothing within the current Android camp that could stand as an alternative to Samsung’s high-end smartphones.
Samsung’s chips business remained the top earner thanks in part to surging orders from smartphone makers including Samsung itself. The company said it expected robust chip sales to continue in the April-June period.
Samsung also warned that the typical industry pattern of a stronger second half may not be as pronounced this year due to risks like the weaker euro and emerging market currencies.
Best Buy said its customers could start using Apple Pay from Monday to shop using its app through the iPhone 6 and iPhone 6 Plus, thus appearing to break ranks with a group of leading U.S. merchants who are backing an alternative payment system.
“The acceptance of Apple Pay in the Best Buy app is the latest enhancement for our mobile platform,” the giant retailer said in a statement on Monday. Best Buy stores in the U.S. will start accepting Apple Pay later this year, it added.
Apple CEO Tim Cook also announced during an earnings conference call Monday that Apple Pay would be supported on the Best Buy app now and in stores later this year.
The move by Best Buy is significant as the retailer is part of Merchant Customer Exchange, a merchant’s association that backs its own mobile payments platform called CurrentC. MCX members Rite Aid and CVS stopped accepting Apple Pay at their stores a week after the launch of the Apple system, in a move that was seen as reflecting the rivalry between the two payment systems.
Best Buy could not be immediately reached for comment on whether it would support both CurrentC and Apple Pay once the MCX payment system is available.
The retailer, however, seemed to suggest in its statement that it will support both options. “Today’s consumers have many different ways to spend their money and we want to give our customers as many options as possible in how they pay for goods and services at Best Buy,” it said.
Apple Pay got another big win on Monday when card issuer Discover Financial Services said its card members in the U.S. would be able to make contactless payments using Apple Pay at participating stores, through the iPhone 6, iPhone 6 Plus and Apple Watch. Discover card members will also be able to make purchases through apps on the iPad Air 2 and iPad mini 3.
The group unveiled CurrentC in September, saying it had already launched the payment service by that time in private pilot mode in select, unnamed locations, with plans for regional and national rollouts in 2015. MCX wasn’t more specific, other than saying that would take place “mid-year” in an email to Computerworld.
“The market will be determined based on a number of factors, including retail support, infrastructure and consumer population,” Scott Rankin, chief operating officer at MCX said in the email.
The group’s 62 members include Walmart, Best Buy, and CVS; together they control more than $1 trillion in payments annually.
MCX has long been considered a threat to Apple Pay, Google Wallet and other mobile payment systems, partly because of the size and buying power of its customers. Analysts have predicted that MCX will offer alternatives to loading credit or debit cards such as Visa, MasterCard and American Express on the CurrentC app so that merchants can avoid the 2% or greater swipe fees they pay to banks for every purchase.
Critics of the MCX approach have noted that without the largest credit and debit cards, retail customers might be borrowing credit from the retailers themselves or simply using CurrentC to transfer funds from their personal bank accounts or Pay Pal. Visa, MasterCard and American Express together control more than 80% of all U.S. credit card transactions.
At one point last year, MCX members CVS and Rite Aid stopped taking payments from Apple Pay and other recently-installed NFC-enabled systems. Apple Pay, Samsung Pay and Google Pay all use NFC payments, relying on a chip inside newer phones and devices such as the iPhone 6 and iPhone 6S as well as the new Apple Watch.
Most analysts had predicted MCX would rely on QR codes to activate in-store payments or some technology other than NFC.
In its email on Monday, Rankin said it is “protocol-agnostic” and works in test mode across QR code, Bluetooth and others. “We are in market today with multiple technologies and not opposed to using NFC in the future,” he said.
Discount and deal site Groupon has a novel way of dealing with bounty hunters who point out security flaws in its systems. It lets them discover the flaws and refuses to pay up.
Brute Logic says that the security issue is all the more serious because Groupon stores credit card details, and it would be incredibly easy to craft a spoof Groupon-related URL to trick victims into visiting a fake site.
On April 17 he contacted Groupon security team then got back saying that it had isolated the issue and would be back in touch once a patch has been produced.
As a contributor to XSSposed.org Brute Logic spoke with people at the site and made a reference to one of the security issues ended up being published. This only appeared online for a few moments, and was removed after it was realized it had been published in error. But Groupon is using this as a reason for refusing to pay out.
Groupon’s Bug Bounty Program terms say:
“We encourage you to report it to us in a private and responsible way. In order to encourage this, we have established a reward program which will pay a bounty for verifiable security issues reported to us through the proper channel.”
Brute Logic argues that an additional 30 problems still existed and very scant details of the security flaw were published for only a very short time. In a further email, Groupon said:
“Unfortunately we won’t be able to offer you a bounty for this submission. In the future we ask that you respect our responsible disclosure policy and not publicly disclose the vulnerability without properly notification. We noticed that you submitted the vulnerability to xssposed.org.”
Understandably Brute Logic is not happy, seeing the company trying to get out of a bounty on the basis of a technicality.
PayPal has detailed a number of biometric security solutions that it believes could replace the conventional password.
The biometric solutions include embedded chip tattoos, vein recognition and even ingestible technology that would mean people no longer need to worry about fraudsters nicking their sensitive information or digital dosh.
The payments firm is flogging the idea via a presentation at various technology conferences entitled Kill all Passwords, where it claims that the rise of hacking and phishing targeting online banking services will lead people to use tighter security.
This next step, PayPal says, includes inserting security devices into the body to allow the use of unique internal characteristics to log-in to accounts.
It sounds a little far-fetched, but PayPal’s global head of developer advocacy, Jonathan LeBlanc, who is currently giving these presentations, doesn’t seem to think so.
He listed the most frequently used passwords, including ’123456′, ‘password’, ’12345678′, ‘qwerty’ and ‘abc123′, stating that a huge 40 percent of people have a password included in the top 100 passwords list and 14 percent have a password from the most used 10.
“As long as passwords remain the standard method for identifying your users on the web, people will still continue to use ‘letmein’ or ‘password123′ for their secure log-in, and will continue to be shocked when their accounts become compromised,” he said.
LeBlanc said that, after working with developers to uncover and trial new forms of secure account log-in, embeddable, injectable and ingestible devices are the future for mobile payments.
Devices that use some of this technology already exist, such as those used for medical applications including glucose detection, blood pressure monitoring and digestive health.
LeBlanc even went as far as to say that more recently developed online interactions using external bodily methods, such as fingerprints, used by the likes of Apple for its iPhones and iPads, are “antiquated” and will be phased out before services like PayPal will consider using them.
Sounding like something from a sci-fi film, another idea of PayPal’s is that a brain chip implant could allow humans to authenticate themselves online.
PayPal, which at the moment is still owned by auction site eBay, will become its own business again at some point this year following news of a split in 2014.
The numbers from eBay’s fourth-quarter and full-year financial statements last year explained that there will be a cull of about seven percent of staffers in the first quarter of 2015.
Meanwhile, PayPal faces challenges from established players and new entrants like Apple, which offers some kind of phone-based option.
Samsung has recently described the first week of Galaxy S6 and Galaxy S6 Edge sales as “impressive” and predicted overall sales for both devices will break a record, passing 70 million globally for both.
That projection, offered by an unnamed Samsung executive in a recent Korea Times report from Seoul, would be welcome, indeed, after the company’s problems selling the Galaxy S5.
A Samsung spokeswoman could not immediately confirm the sales estimate. Both phones went on sale April 10 in the U.S. and other major markets.
The 70 million in sales for both phones would compare to reported sales of 70 million for each of the Galaxy S3 and Galaxy S4 phones. The Galaxy S5′s sales fell 40% below expectations, as measured last November, leading to an executive shakeup.
Samsung has been using the Edge device as a kind of promotion for both phones, which are reportedly sold to carriers in a ratio deal: When a carrier buys 10 Galaxy S6 phones to resell, the carrier gets the right to buy five Edge phones to resell.
The Edge is the first smartphone with two curved front display edges on either side, something Samsung expected would be a crowd pleaser. Some reports have said there were a record high 20 million pre-orders for both new phones and that some retailers sold out within a day of availability.
Samsung is apparently seeing good early sales despite user complaints of a problem with the auto-rotate feature on some Edge devices. Some images and apps remain stuck in the portrait mode (vertical) and won’t rotate as they should to landscape mode (horizontal), according to dozens of users in forums.
Samsung and U.S. carriers have offered no public explanation for the problem or its fix, nor have they said how many units are affected. Some customers have returned an Edge device only to have a second one fail. Sprint referred all queries on the matter to Samsung, while Verizon and AT&T have not commented.
Apple Inc is gearing up to launch its electronic payments service in Canada in November, the first international expansion of Apple Pay, the Wall Street Journal reported, citing people familiar with the matter.
The iPhone maker is in talks with Canada’s six biggest banks, Royal Bank of Canada, Toronto-Dominion Bank , Bank of Nova Scotia, Bank of Montreal, Canadian Imperial Bank of Commerce and National Bank of Canada, the people told the Journal.
The banks are open to an agreement, but are not happy with Apple’s fee proposals and are worried about security vulnerabilities like the ones that U.S. banks experienced, the Journal said, citing the people.
It was still unclear if all six Canadian banks would launch Apple Pay at the same time, the Journal said.
Apple launched the service, a mobile payment app that allows consumers to buy things by holding their iPhone6 and 6 Plus devices up to a reader, in the United States in October.
The move is Facebook’s attempt to create a dedicated hub for chats on the web as it incorporates many new features into the Messenger mobile app and grows its use. Facebook users can still chat with others as they would normally do on Facebook.com. But the new web app, accessible at Messenger.com, is aimed solely at messaging, without other distractions like the news feed or profile pages.
To use Messenger.com, which went live on Wednesday, users must sign in with their Facebook credentials. It works largely the same as the mobile app, with support for voice calling, stickers and emoticons, and syncs chats across devices. It’s available to all English-speaking Facebook users globally. Facebook is working on making it available in other languages in the coming weeks, a spokeswoman said.
On mobile, Facebook has extended the functions of its Messenger app well beyond simple messaging. For example, users can now send each other money within the app. Third-party developers can also integrate their software into the app, giving users more ways to place digital content inside their chats. Facebook is also making Messenger a platform to let users interact with online retailers and receive updates on the status of their orders.
If someone has the new payments feature enabled in the Messenger mobile app, that function will be included in Messenger.com. Content from third-party mobile apps will be integrated into people’s chats on the web, but that content can’t be created from Messenger on the web.
Facebook’s Messenger app now has roughly 600 million users who log in monthly, which is almost half of Facebook’s total user base.
A survey from research firm Phoenix Marketing International found that 68 percent of respondents who have used Apple Pay had encountered an issue when making an in-store purchase.
The leading compliant made by nearly half of respondents was that retailers’ sales terminals took too long to record a transaction. Other problems: employees who didn’t know how to process sales with the mobile wallet (42 percent); errors in how the sale posted (36 percent), like a transaction appearing twice; and out of service Apple Pay terminals (27 percent). Almost half of the Apple Pay users surveyed (47 percent) found that the particular store they visited didn’t accept Apple Pay although the retailer was supposed to support the service.
Apple Pay launched in October and is accepted at 700,000 locations and supported by 2,500 banks in the U.S., CEO Tim Cook said at an event earlier this month. Retailers that accept Apple Pay include Macy’s, Subway, Nike, Whole Foods and McDonald’s. Apple hasn’t shared details on when the service will be expanded internationally.
People appear eager to use Apple Pay, with 59 percent answering that they have asked store employees if the merchant accepts payments with the service. Using Apple Pay requires linking a credit or debit card to the service.
A majority of respondents used the mobile payment system in Apple stores (46 percent), followed by McDonald’s (36 percent) and Macy’s (30 percent). Apple Pay was also popular at Nike stores, Whole Foods and Walgreens.
The service, dubbed Pony Express, would ask users to provide personal information, including credit card and Social Security numbers, to a third-party company that would verify their identity, according to a Re/code report on Tuesday.
Google also would work with vendors that distribute bills on behalf of service providers like insurance companies, telecom carriers and utilities, according to the article, which was based on a document seen by Re/code that describes the service.
It’s not clear whether Pony Express is the actual name of the service or if Google will change the name once it launches. It’s planned to launch by the end of the year, according to the report.
A Google spokeswoman declined to comment.
A handful of vendors such as Intuit, Invoicera and BillGrid already offer e-billing payment and invoicing software. Still, a Google service, especially one within Gmail, could be useful and convenient to consumers if the company is able to simplify the online payment process.
A benefit for Google could be access to valuable data about people’s e-commerce activities, although there would be privacy issues to sort out. Google already indexes people’s Gmail messages for advertising purposes.
Plus, the service could give Google an entry point into other areas of payment services. The company has already launched a car insurance shopping servicefor California residents, which it plans to expand to other states.
It’s unclear who Google’s partners would be for the service, but screen shots published by Re/Code show Cascadia Financial, a financial planning company, and food delivery service GreatFoods.
Cisco has revealed details of a new point of sale (PoS) attack that could part firms from money and users from personal data.
The threat has been called PoSeidon by the Cisco team and comes at a time when eyes are on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a new threat that has the ability to breach machines and scrape them for credit card information.
Credit card numbers and keylogger data is sent to an exfiltration server, while the mechanism is able to update itself and presumably evade some detection.
Cisco’s advice is for the industry to keep itself in order and network admins to keep systems up to date.
“PoSeidon is another malware targeting PoS systems that demonstrates the sophisticated techniques and approaches of malware authors. Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,” said the firm.
“As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families. Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”
The security industry agrees that PoS malware is a cash cow for cyber thieves, highlighting the importance of vigilance and keeping systems up to date.
“PoS malware has been extremely productive for criminals in the last few years, and there’s little reason to expect that will change anytime soon,” said Tim Erlin, director of product management at Tripwire.
“It’s no surprise that, as the information security industry updates tools to detect this malicious software, the authors will continue to adjust and innovate to avoid detection.
“Standards like the PCI Data Security Standard can only lay the groundwork for protecting retailers and consumers from these threats. A standard like PCI can specify a requirement for malware protection, but any specific techniques included may become obsolete as malware evolves.
“Monitoring for new files and changes to files can detect when malware installs itself on a system, as PoSeidon does.”