MasterCard Tests 'Selfie Pay' Technology

MasterCard may soon roll out a new feature on its smartphone app that lets users pay for online purchases by taking "selfies."

The financial services company is testing technology that allows customers to authorize transactions using photos of themselves instead of passwords, the company announced in a news release in August.

Some 200 employees of the First Tech Federal Credit Union are currently taking part in a two-month "selfie pay" pilot program, which runs through October, USA Today reports. Another trial is underway in the Netherlands.

Ajay Bhalla, president of MasterCard's security company Enterprise Solutions, has called the technology convenient and secure.

"Passwords are a pain," Bhalla said in a news release when the feature was announced. "They’re easy to forget, they waste our time and they’re not very safe. Biometrics are making online transactions as secure and simple as purchases in person."

If a purchase requires identity verification, customers can hold up their phone cameras, blink and let the app verify with a facial scan, according to USA Today. Blinking safeguards against thieves who might try to bypass security with a photo of the cardholder.

MasterCard is also working to implement voice recognition and even heartbeat recognition to verify a person’s identity, USA Today reports.
Visa is considering a feature similar to "selfie pay." The competing corporation has developed a blueprint to enable biometrics like fingerprints to verify on site transactions, according to USA Today.
Read More >>

Read More

Kentucky Prosecutor: Being Hispanic Is Good Enough Reason For Police To Pull You Over

Being Hispanic in Oldham County, Kentucky is enough to be pulled over by a cop, according to one prosecutor. You can also be coerced into a plea deal if you have a certain last name.

Last July, Mauro Martinez was pulled over for speeding but he was not charged. Instead, he was cited for not having a license because he only had a Guatemalan ID at the time. During a court hearing about the citation, Assistant County Attorney Travis Combs pointed out that the defendant’s issue was that he was pulled over for being Hispanic. In a video recording of the hearing, prosecuting attorney John K. Carter says “that’s probable cause.”

After a video of the exchange was circulated by the Courier-Journal, Carter reversed course and said the speed at which Martinez was driving was probable cause. But the judge presiding over the case and Martinez’ defense attorney, Dawn Elliot, did not interpret Carter’s remarks that way.
Watch the video:


WDRB 41 Louisville News

“Clearly he had an opportunity to clear that up on the record over 24 hours ago, but now there’s buzz about it,” Elliot said. “My reaction and the judge’s reaction speaks for itself. We certainly interpreted him talking about probable cause for my client’s ethnicity.”
Elliot believes Carter’s comment highlights a growing trend of racially profiling Hispanics in the county. She claims that prior to Martinez’ trial, she was informed by an assistant attorney that there is a special form for “people that have that type of last name” to plead guilty. If people without driver’s licenses are stopped, as Martinez was, officers encourage them to sign the form and agree to two years of unsupervised probation. If they are caught driving again without proper ID, they can be sentenced to jail for 90 days.

The assistant attorney noted that Martinez was offered a plea bargain, but repudiated Elliot’s claim that Hispanics are disproportionately targeted. Elliot is calling for an investigation of the county’s officers.

Latinos, like other people of color, are racially profiled during traffic stops across the country. Many are stopped for minor offenses, and if they cannot provide valid licenses they are funneled into the criminal justice system. Police often use lack of ID to crack down on undocumented immigrants.
While the push to give undocumented immigrants licenses has gained traction in many states, Kentucky still bars non-citizens from applying for driver IDs. However, a bill to give undocumented people special licenses if they live in the state for at least three years received bipartisan support earlier this year. The bill was not voted on, but it could be revived in 2016.

Read More >>

Read More

Signal-Scrambling Tech 'Freezes' Drones in Midair

A new device that can detect, target and deter commercial drones could be used to keep the flying robots away from areas where they're not wanted, like government properties, airports or your own backyard.

The new Anti-UAV Defense System (AUDS) was developed by three tech companies in the United Kingdom. It has a radar detection component, advanced tracking capabilities and a sneaky little onboard device that keeps drones at bay.

Rather than melting drones in midair like Boeing's new Compact Laser Weapons System, AUDS shoots the flying vehicles with something that doesn't destroy them — radio waves. Drone operators typically communicate with, and direct, the aerial bots using radio signals. [5 Surprising Ways Drones Could Be Used in the Future]

Enter AUDS, which uses a drone's communication system against it. Using directional antennas pointed at the drone, AUDS sends the unmanned aerial vehicle (UAV) radio signals that interfere with the radio signals coming from the remote operator. When the drone picks up AUDS' signals, it "freezes," unsure of where to fly.

Whoever is controlling the anti-drone system can keep the UAV hovering at a distance until the machine runs out of battery life and crashes to the ground, according to a report by the BBC.

AUDS can spot a drone from about 5 miles (8 kilometers) away. After zeroing in on its target, it uses video and thermal imaging software to keep the flying vehicle in its sight. Once the drone gets close enough to the anti-drone system, it's "game over" for the drone.

Drone disturbance

Even though drones can be incredibly useful— they can help conservationists keep tabs on protected areas and help farmers survey their crops more quickly — these flying robots have stirred up quite a few problems in recent months.

Just today (Oct. 9), two people operating a small drone near the Washington Monument in Washington, D.C., accidentally crashed their UAV on the back lawn of the White House. A similar incident occurred at the presidential residence in January. Drones are prohibited from flying in the U.S. capital, but laws and heavy fines don't seem to keep all drones out.

Commercial drones have also been used in attempts to smuggle contraband goods, like cellphones and weapons, into prisons. And camera-toting drones hovering over private homes have been derided as both a security and privacy concern for residents.

The U.S. Federal Aviation Administration (FAA), which sets guidelines for how and where commercial drones can be flown, has ruled that small UAVs cannot be flown within 5 miles of airports and that they must remain below 400 feet (122 meters), where they are unlikely to interfere with piloted aircraft.

But a recent deluge of complaints from pilots, as well as U.S. Forest Service employees who have spotted the flying bots near wildfires, has led the FAA to take further action against rule-breaking drone operators. The FAA signed an agreement this week that will allow it to test technologies that can detect the position of operators who are flying their drones in restricted areas, such as near airports, according to a report by Phys.org.

Though the AUDS system doesn't promise to help locate errant drone operators, it could be used to keep drones away from restricted areas altogether. The radio-jamming technology aboard AUDS doesn't scramble signals from commercial or military aircraft, which use encrypted signals, so it might be safe to use near airports.

The new anti-drone system has been tested in the United Kingdom, the United States and France, according to the BBC. But there's no word yet on when or where this drone-freezing technology could be used in these countries.

Read More >>

Read More

Chinese hack attacks against US companies persist despite leader's pledge, report says

Read More >>

WASHINGTON –  Chinese hacking attempts on American corporate intellectual property have occurred with regularity over the past three weeks, suggesting that China almost immediately began violating its newly minted cyberagreement with the United States, according to a newly published analysis by a cybersecurity company with close ties to the U.S. government.

The Irvine, California-based company, CrowdStrike, says it documented seven Chinese cyberattacks against U.S. technology and pharmaceuticals companies "where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection."

"We've seen no change in behavior," said Dmitri Alperovich, a founder of CrowdStrike who wrote one of the first public accounts of commercial cyberespionage linked to China in 2011.

One attack came on Sept. 26, CrowdStrike says, the day after President Barack Obama and Chinese President Xi Jinping announced their deal in the White House Rose Garden. CrowdStrike, which employs former FBI and National Security Agency cyberexperts, did not name the corporate victims, citing client confidentiality. And the company says it detected and thwarted the attacks before any corporate secrets were stolen.

A senior Obama administration official, speaking on condition of anonymity because he was not allowed to discuss the matter publicly, said officials are aware of the report but would not comment on its conclusions. The official did not dispute them, however.

The U.S. will continue to directly raise concerns regarding cybersecurity with the Chinese, monitor the country's cyberactivities closely and press China to abide by all of its commitments, the official added.

The U.S.-China agreement forged last month does not prohibit cyberspying for national security purposes, but it bans economic espionage designed to steal trade secrets for the benefit of competitors. That is something the U.S. says it doesn't do, but Western intelligence agencies have documented such attacks by China on a massive scale for years.

China denies engaging in such behavior, but threats of U.S. sanctions led Chinese officials to conduct a flurry of last-minute negotiations which led to the deal.

CrowdStrike on Monday released a timeline of recent intrusions linked to China that it says it documented against "commercial entities that fit squarely within the hacking prohibitions covered under the cyberagreement."

The intrusion attempts are continuing, the company says, "with many of the China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures."

CrowdStrike did not explain in detail how it attributes the intrusions to China, an omission that is likely to draw criticism, given the ability of hackers to disguise their origins. But the company has a long track record of gathering intelligence on Chinese hacking groups, and U.S. intelligence officials have often pointed to the company's work.

"We assess with a high degree of confidence that these intrusions were undertaken by a variety of different Chinese actors, including Deep Panda, which CrowdStrike has tracked for many years breaking into national security targets of strategic importance to China," Alperovich wrote in a blog posting that laid out his findings.

The hacking group known as Deep Panda, which has been linked to the Chinese military, is believed by many researchers to have carried out the attack on insurer Anthem Health earlier this year.

CrowdStrike and other companies have tracked Deep Panda back to China based on the malware and techniques it uses, its working hours and other intelligence.

In 2013, another cybersecurity company, Mandiant, published a report exposing what it said was a hacking unit linked to China's People's Liberation Army, including identifying the building housing the unit in Beijing. Those findings were later validated by American intelligence officials.
Read More >>

Read More