The Green Sheet Online Edition
February 12, 2018 • Issue 18:02:01
Editor's Note: Following are excerpts from news stories recently posted under Breaking Industry News on our home page. For links to these and other full news stories, please visit www.greensheet.com/breakingnews.php?flag=previous_breaking_news.
Western Union forfeits $60 million to NYDFS
Following an investigation by the New York Department of Financial Services set forth in Western Union Co.'s January 2017 deferred prosecution agreement (DPA) with the U.S. Department of Justice, its Western Union Financial Services Inc. subsidiary agreed to a consent order with NYDFS on Jan. 4, 2018. In the DPA, the company acknowledged deficiencies in its money services compliance programs from 2004 to 2012. Under terms of the consent order, WUFSI agreed to pay $60 million to NYDFS to resolve violations of New York law arising out of facts set forth in the DPA.
NRF 2018 highlights retail transformation
The National Retail Federation's 107th annual Convention and Expo opened Jan. 14, 2018, at Jacob Javits Convention Center in New York City. The NRF expected record attendance, with 35,000 registered attendees and 600 exhibitors from more than 3,500 companies and 90 countries. In opening remarks, NRF President and Chief Executive Officer Matthew R. Shay said retail transformation is good for companies, employees and customers. "Retail is not dead," Shay added. "It is being reshaped in response to shifting customer expectations and buying behaviors."
Jason's Deli confirms RAM-scraper attack
Family-owned Jason's Deli, which operates 275 delis in 28 states, received notice on Dec. 22, 2017, that a large quantity of payment card information associated with the business was for sale on the Dark Web. Law enforcement, a threat response team and forensic experts began investigating immediately and recently reported a breach had occurred. It began June 8, 2017, and jeopardized the credit card information of approximately 2 million Jason's Deli customers. Criminals gained access by using random access memory (RAM)-scraping malware at POS terminals at some, but not all, Jason's Deli locations.
Shift4, Lighthouse consolidate technologies, brands
Lighthouse Network, a payment technology provider previously known as Harbortouch, disclosed Jan. 15, 2018, that it acquired Shift4 Corp., a payment gateway based in Las Vegas. Company representatives said the newly created entity, Shift4 Payments, will leverage Shift4's patented payment technologies and Lighthouse Network's family of integrated POS solutions.
Lighthouse Network CEO Jared Isaacman will take the helm as Shift4 CEO when the transaction closes. He said Shift4 has taken leadership in secure payment processing, and rebranding as Shift4 Payments reflects a commitment to power the company's extended family of software brands with premium processing and a best-in-class payments platform.
Critics deride Uber's bug bounty program
Security analysts have slammed Uber for what they deem to be a selective approach to repairing software bugs. The ride-sharing service pays informants a bounty for reporting vulnerabilities, but payouts have been uneven, according to critics. ZDNet Security Editor Zack Whittaker reported Jan. 21, 2018, that HackerOne, an Internet security firm and bug bounty program administrator, pays for bug fixes according to severity levels. Some discoveries are marked "informative," but go unpaid, Whittaker noted. Bug bounty programs are typically offered by software developers and websites, and provide recognition and compensation to individuals who report bugs in their software.
New PCI standard for software-based PIN entry on COTS
The PCI Security Standards Council (PCI SSC), which leads a global effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs, released a new standard pertaining to commercial off-the-shelf devices (COTS) such as smartphones and tablets. The new PCI Software-Based PIN Entry on COTS (SPoC) Standard contains requirements for developing secure solutions that enable EMV contact and contactless transactions with PIN entry on the merchant's consumer-facing device using a secure PIN entry application in combination with a Secure Card Reader for PIN.
ETA-sponsored study identifies top payments tech trends for 2018
The recently released IDC Market Spotlight, Payments Trends to Watch in 2018, sponsored by the Electronic Transactions Association, highlights new channels, networks and opportunities for the acquiring community. In particular, the report details the following five major trends in payment technology: the new channels: voice, artificial intelligence and the Internet of Things; the 'Point of Interaction': the changing state of the POS; software as the new hardware; evolving transmission networks; and security: innovation to support new tools.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.