Trulioo extends identity verification platform to LATAM region

Trulioo, a global identity verification company, has rolled out its real-time identity verification platform for citizens in six new Latin America countries.

The platform is called GlobalGateway and has extended its reach to countries such as Chile, Colombia, Costa Rica, Ecuador, El Salvador and Venezuela. The increased coverage will also help further the company’s mission to provide cross-border Know Your Customer (KYC) and Anti-Money Laundering (AML)-compliant identity verification for every individual around the globe.

Recent growth in the Latin American economy, a welcome change after nearly two years of declining activity, has seen a transformation within the financial sector. Recent research from Finnovista shows that the number of fintech startups in Latin America recently surpassed 1,000, many of which are catering to the large unbanked population while also reshaping the traditional banking landscape.

Source: The Paypers

Over Half of IT Professionals Don’t Know Where Sensitive Data is Stored: Survey

IT professionals are fixated on perimeter security measures such as firewalls, antivirus protection and content filtering, and are ignoring more important security considerations, suggest the findings of a Gemalto-commissioned survey.

Polling a little over a thousand IT professionals around the world, the survey found that 76 percent had reported that their companies had increased investments in perimeter security, yet 68 percent said that they thought unauthorized users could still gain access to their networks.

Thirty-two percent of the respondents said their organizations don’t encrypt payment data, and 35 percent said they don’t encrypt user data in general. Fifty-five percent said they didn’t know where such data is stored.

The responses paint a dismal portrait of the state of enterprise security at a time when the protection of sensitive data is an increasingly key concern. Just this week, a provider of smart vending machines reported that it had suffered a data breach compromising customer data including biometric credentials.

Meanwhile, the European Union’s General Data Protection Regulation will come into effect next May, with 53 percent of respondents in the Gemalto survey saying that they don’t think their organizations will be compliant in time. That could prove costly for the businesses and, in the event of hack attacks, their customers.

Source: MobileID World

Extreme Cyber-Attack Could Dwarf Natural Disaster Costs

A major global cyber-attack has the potential to trigger up to US$53 billion of economic losses – greater than some of Australia’s worst natural disasters combined.

The equivalent cost is more than five times the economic losses recorded for the devastating 2011 Queensland floods, one of the most damaging natural disasters recorded at an estimated cost of A$14.1 billion or US$10.7 billion.

The joint research undertaken by Lloyd’s and cybersecurity advisor Cyence examined the potential economic impact of two global scenarios:

A malicious hack that takes down a cloud service provider with estimated losses of up to US$53 billion; and
Attacks on computer operating systems run by a large number of businesses around the world, which could cause losses of US$28.7 billion.
The research acknowledged that economic losses could be much lower or higher than the average in the scenarios because of the uncertainty around cyber aggregation.

For example, while average losses in the cloud service disruption scenario are US$53 billion for an extreme event, they could be as high as US$121 billion or as low as US$15 billion, depending on factors such as the different organisations involved and how long the cloud service disruption lasts for.

The findings also revealed that, while the global demand for cyber insurance is on the rise, the majority of losses are not currently insured, leaving an insurance gap of tens of billions of dollars.

Cyber risk exposures
Asked about the implications for Australia, Lloyd’s general representative in Australia, Chris Mackinnon, said the implications were huge for local businesses of all sizes and across all sectors.

“Businesses today are interconnected by digital technology and services, meaning a single cyber event can cause a severe impact across an economy, triggering multiple claims and dramatically increasing insurers’ claims costs,” he said.

“This report gives us a real sense of the extent of damage a single, extreme cyber-attack could cause. An attack of that magnitude could create losses bigger than of some of Australia’s worst natural disasters combined.”

Putting that into perspective, the 2009 Black Saturday bushfires in Victoria cost an estimated A$7 billion; the 2011 Queensland floods cost A$14.1 billion and the 1989 Newcastle earthquake cost A$18.7 billion.

“Where a decade ago people would talk about preventing a cyber-attack, the reality today is that any business with proprietary information worth protecting is vulnerable to attack. The issue is how you mitigate against that risk,” Mackinnon said.

“These scenarios are designed to help both businesses and insurers gain a better understanding of their cyber risk exposures and better manage these complex and rising risks.”

Since its inception in 2014, there have been over 114,000 reports of cybercrime registered with the Australian Cybercrime Online Reporting Network (ACORN). Notably, 23,700 of these have been reported over the last six months, highlighting a growing occurrence of cyber-criminal activity.

Source: RFi Group

Safaricom Looks to PhotoID to Curb M-Pesa Fraud

Safaricom is set to give merchants access to photo identification technology in a bid to reduce fraud on its m-Pesa platform, Business Daily reported.

According to the newspaper, Safaricom is already distributing pre-programmed smartphones to m-Pesa agents to verify the identity of customers. These handsets have software built-in to enable verification against images taken when the SIM card was purchased and other nationally held data.

Vendors with the devices will also be required to take images of all new registrants, which will then be stored in a database for verification of future transactions. This is in addition to current procedures, which include recording the new user’s name, ID card number and postal address.

M-Pesa is Kenya’s dominant mobile payment service and become a blueprint for similar services across developing markets. However, its wide usage also made the platform and its users a target for criminals.

In addition to well-documented hacking attempts against the company, there are regular reports in the Kenyan media of scams targeted at users to extort money using the platform.

Announcing the new photo ID scheme, Safaricom corporate affairs director Stephen Chege told the publication the new system of registration would eliminate the use of stolen personal ID to commit fraud.

Source: Mobile World Live

Swiss City Plans to Verify IDs Using Ethereum

The City of Zug has announced plans to launch a new Ethereum-based identity service in September 2017.

The Swiss city will offer digital identity services through a new app, connecting a person’s ID with a particular crypto-address. Thus, local citizens can register and are verified by city officials. On the technology side, the app will leverage the uPort identity platform created by Ethereum development community ConsenSys. Also involved on the development front is the Swiss startup ti&m and the Lucerne University of Economics.

Zug plans to hold a consultative vote on electronic ballot access, expected to take place in 2018. According to CoinDesk, the city has become a major hub for digital currency and blockchain startups, buoyed by a proactive government that has sought to attract more startups to Switzerland.

Source: The Paypers