JCB Co., Ltd. (JCB), a leading global payment scheme, and EPIC LANKA (PRIVATE) LIMITED (Epic Lanka), a leading Sri Lankan IT conglomerate, are pleased to announce that JCB has granted the J/Secure(TM) 2.0 Third Party Provider (TPP) Certification to Epic Lanka as the ACS Operator for its service with EPIC ACS.

In addition to being the only locally developed ACS provider in Sri Lanka, Epic Lanka is the first ACS Operator in South Asia to be certified as a J/Secure(TM) 2.0 TPP for its product EPIC ACS. Epic Lanka also has the distinction of being the first company in the world to be certified with EMV(R) 3DS 2.2 certification and the first-ever Sri Lanka-based vendor to be certified by the other international payment schemes for their 3-D Secure ACS solution.

J/Secure(TM) 2.0, JCB's Cardholder authentication program conforming to the EMV(R) 3-D Secure Protocol and Core Functions Specification, is expanding globally and supported by major global suppliers of 3DS Server and ACS. The J/Secure(TM) 2.0 TPP Certification granted to Epic Lanka as the ACS Operator for EPIC ACS will provide more opportunities to the JCB Issuers for secure e-commerce transactions. The ACS functions and characteristics supported by Epic Lanka include 3RI, ACS Attempt, Decoupled Authentication and Acquirer TRA as authentication options.

Note: EMV(R) is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.

Nucleus Commercial Finance, the fintech revolutionising how UK SMEs access finance, has been accredited by the British Business Bank under the government-backed Recovery Loan Scheme (RLS). Nucleus will be the first lender to offer interest-only on all RLS term loans. 

To bring this unique offering to market, businesses will make interest payments over the first year of their six year Nucleus RLS loan, rather than repaying both interest and principal. This will help businesses with significantly lower repayments over the first 12 months - a major development as SMEs fully reopen and recover from the impact of the Covid-19 pandemic. 

The Government-backed RLS supports access to finance for UK businesses as they recover and grow following the pandemic. Funds can be used for any legitimate business purpose, including managing cashflow, growth and investment. It is designed to appeal to businesses that can afford to take out additional finance for these purposes.

Under the scheme, Nucleus will provide loans from £30,000 to £10 million (£30 million per group) for SMEs seeking financial support as a result of the COVID-19 pandemic. RLS term loans will be available across both secured and unsecured finance options.

The accreditation follows Nucleus playing a significant role in the government’s Coronavirus Business Interruption Loan Scheme (CBILS). The fintech lender processed over 12,000 applications, lending £438m in 2020 to support SMEs.

Chirag Shah, CEO, Nucleus Commercial Finance, said: “We’re delighted to have been accredited under the Recovery Loan Scheme, and pleased to be the first lender to offer interest-only on all RLS loans. This is a significant development for SMEs and the broker community as businesses will be repaying less over the first year of their six year loan. This means they can use the financial support on their priorities and to future proof their business.

“Underpinning our RLS offering is our industry-leading technology, which enables us to process applications and deliver funds to businesses within hours. This allowed us to play a major role in CBILS, demonstrating the role fintech lenders play at a time when traditional banks and other alternative lenders were struggling to keep up. 

“As we continue to emerge from the pandemic, we look forward to supporting businesses on the road to recovery. SMEs are the backbone of the economy and by providing continued access to finance we can not only help them achieve future growth but bolster our economy too.”

Survey of almost 1700 retail traders points to successful Covid vaccination programmes and the subsequent reopening of global economies as reasons for positive market sentiment

Only two in five clients of Capital.com, the high-growth European investment trading platform, are optimistic about the stock market, according to a new survey.

A survey of nearly 1700 Capital.com clients globally found that 42.6% of traders have a bullish outlook on the global stock market for the remainder of 2021, expecting prices to continue rising through the rest of the year.

Market optimism is largely driven by ongoing vaccine roll-outs and the reopening of economies, with 71.3% of Capital.com clients identifying this as a source of confidence. Other reasons for optimism include the resumption of international travel, identified by 46.7% of clients, while 34.1% also anticipate an employment boom having a positive impact on the economy. Respondents also cited continued retail sales (31.6%) and more fiscal stimulus (30.7%) as reasons for their bullish sentiment.

Despite the generally positive outlook however, more than one third of Capital.com clients remained  neutral on the outlook for global stocks. 

38.9% of clients surveyed said they were ‘neutral’ about the stock market’s prospects and 18.5% said they were bearish, expecting prices to fall. When asked what factors were deemed to have the biggest negative impact on stock markets,  59.7% of Capital.com traders identified ongoing Covid-related lockdown measures as a key risk while 43.2% cited rising interest rates and 38.1% listed international conflict as areas of concern.

Commenting on the survey findings, David Jones, Chief Market Strategist at Capital.com said: 

“The economic outlook is mixed at the moment and this sentiment seems to be reflected by our clients. While stocks have climbed recently, as economies emerge from the pandemic and consumer confidence grows, there are also ominous signs such as rising inflation and concerns about the potential of the delta variant to plunge us back into lockdown.”

When asked where they would likely invest over the next six months, 63.2% of survey respondents said they’d be investing in the Nasdaq, which is largely pegged to the US’s booming technology sector. This compares to just 19.9% who said they’d be investing in UK technology stocks. 27.3% also said they’d be investing in hospitality, leisure and travel stocks. 

“While certain sections of the economy are highly vulnerable to potential further lockdowns, other sectors are highly resilient. In particular the US tech sector has boomed recently as people around the world switch to both remote working and remote retail spending, supported by US tech giants and software. Even as economies reopen, it seems many of the culture changes ushered in by the pandemic, such as working from home and online retail growth, are here to stay. We see this resilience reflected in the ongoing appeal of the Nasdaq,” added Jones.

Capital.com enables clients to trade derivatives of over 3,000 of the world’s most popular markets through its web and mobile platforms. The platform recently diversified beyond derivatives trading to facilitate commission-free stock dealing with tight spreads.  With no hidden costs or mark-ups and with no fees to pay on deposits or withdrawals, clients can invest directly in an underlying stock without incurring any additional costs or expenses.

Capital.com surveyed its global customer base between 14 and 20 June 2021,  receiving 1677 email responses in total. 

WhatsApp Business API is now part of the set of Worldline’s messaging solutions to build and automate meaningful conversations between businesses and clients all over the world through WhatsApp, one of the most widely used messaging channels worldwide.

Worldline, the European leader in the payments and transactional services industry and number 4 worldwide, has recently become a WhatsApp Business Solution Provider for the distribution and provision of WhatsApp Business API; allowing companies to reach and connect with customers in a simple, secure and reliable way.

Serve customers through a simple and seamless digital experience

In recent years, the consumer profile has undergone significant changes in the way of interacting with brands. Today, customers want to connect with companies in the same way that they chat with their friends and family, through channels they use regularly in their daily lives. Therefore, it is essential to be present in all the channels where customers expect to find them. WhatsApp Business API  opens the door to better communications, leading to better customer engagement, greater trust, and lasting long-term relationships. According to the latest data published in 2020 (source: statista.com), WhatsApp already counts with more than 2 billion users worldwide, making it one of the most powerful messaging applications in the world.

WhatsApp Business API offers the possibility to complement or extend existing available channels to provide a seamless customer experience, providing advanced features that allows businesses to manage a high volume of messages as well as to automate and integrate processes to offer a more completed, personalized and valuable experience to customers.

WhatsApp Business API can be used not only to offer support and assistance to customers but also as a channel to carry out day-to-day operations or processes such initiating invoice payments, purchases or orders, contracting new services or even as way to keep clients informed about travel updates and payment confirmations, appointment reminders, shipping alerts and more.

Worldline introduces WhatsApp Business API connectivity to enrich customer experience

As part of becoming a business solution provider, Worldline incorporates WhatsApp Business API into its WL Mobile messaging solutions to facilitate valuable conversations between enterprises and consumers through a channel commonly used by consumers in their daily lifes. Enterprises can easily manage all conversations with the client through a dashboard that includes a shared inbox for easy chat and customer management and a statistics module to track and report all the key metrics.

Worldline’s solutions also include the possibility to automate the conversational flow through the implementation of bots to save time and resources and offer a satisfactory experience by providing instant messages to the customers 24/7 as well as  the possibility of integrating with existing businesses systems or applications such as CRMs, ERPs, ticketing tools, and more.

Furthermore, Worldline combines its solutions like secure payments (pay by link solution) or electronical verification and digital signature Worldline’s products with WhatsApp to provide an end-to-end best user experience and customer journey.

In terms of security, Worldline provides a comprehensive solution without compromising company’s security policies. WhatsApp messages are encrypted and protected via HTTPS from the application to Worldline servers. An authentication by SSL certificate, unique for each client verifies and identifies that the requests are made from an authorized server.

According to Santi Ristol, Director of the Mobile Competence Center and member of the Worldline Scientific Community, “Since Facebook launched WhatsApp Business API in 2018, there are already many companies that have expanded their social presence, incorporating WhatsApp Business API services into their omnichannel strategy. As the way businesses and customers interactions are evolving to conversational messages, Worldline is committed to staying ahead of the game in order to provide enhanced customer experience to our solutions and to our clients.”

Franx, the global trading platform initiative of ABN AMRO, migrates to °neo. Aiming at maximum convenience for their clients to support their international businesses, the core technology will be provided by Five Degrees from the Microsoft Azure cloud.
 
Since its launch in 2018 Franx offers clients currency transactions and international payments from one single digital platform. To utilize the possibilities of their Azure strategy, the Dutch-based FX transactions provider selected °neo as their core banking technology which will be delivered as Software-as-a-Service from the Azure cloud. 
 
Ronald Lokkers, General Director at Franx comments: ‘After a thorough selection process we choose °neo as it caters to our multi-currency requirements and fits our Azure strategy. It was important for us that °neo supports our high standards for cloud technology. With Five Degrees we have a partner that not only provides a strong technological fit, but also continually shows expert understanding of our specific banking products and processes.'  
 
Martijn Hohmann, CEO, and founder of Five Degrees states: ‘Franx and Five Degrees have found each other as we are both keen to change banking services through modern technology. We are delighted to take this partnership to new next level.'

Cybertino Lab, who created the marketplace for non-fungible tokens (NFTs) early this year, has secures $10m from institutional investors including VC firms Sky9 Capital, Zoo Capital, Draper Dragon, INCE Capital, UpHonest Capital, blockchain investment funds Divergence Ventures, SNZ, Hashed and branded blockchain gaming investor Animoca Brands. The investment will allow Cybertino Lab to further develop its platform, to expand its marketing output and to create a new web 3.0 social product.

Founded in March 2021 by US and Chinese entrepreneurs Wilson Wei, Ryan Li, Shiyu Zhang, Zhimao Liu, and Duke McKenzie, Cybertino Lab’s mission is to create user-friendly products in web3.0. So far they have launched the world's first community-focused NFT marketplace. CEO and Co-Founder Wilson Wei was previously the chairman of DLive, the first-ever decentralized live streaming platform for gamers and crypto fans, which had more than 30 million monthly active users when it was acquired by BitTorrent in early 2020.

This August, Cybertino announced the launch of the world’s first interactive NFT via a partnership with digital asset price-tracking website CoinMarketCap. The first “roguelike” design available via CoinMarketCap was inspired by classic computer games and by the “to the moon” Bitcoin theme. The design of the unique NFTs can change based on exterior information. The first interactive NFT is linked to the price of Bitcoin and will change depending on the Bitcoin price movements; the astronaut depicted will float closer or further from the moon, depending on the price.

Cybertino CEO and Co-Founder Wilson Wei commented: “We are delighted to have secured such strong backing from these experienced investors for our efforts at this early stage in our development. This investment will supercharge our efforts to build the next generation web3.0 products with great user experiences.”

Even though infecting office documents with malware has been established for a long time, it is still very successful at tricking people. After creating a malicious macro on office documents, threat actors send the infected file to thousands of people via email and wait for possible victims. Macro is a series of commands bundled together to accomplish a task automatically.

According to recent Atlas VPN team findings, 43% of all malware downloads are malicious office docs. Harmful office files are popular among cybercriminals as they usually can evade many antivirus software from detection.

The findings are based on Netskope Threat Lab Cloud and Threat Report: July 2021 Edition. The research covers various office documents from all platforms such as Microsoft Office 365, Google Docs, PDFs, etc.

A year ago, in the second quarter of 2020, only 14% of all downloaded malware were malicious office docs. After that, in the third quarter of last year, the percentage jumped to 38%. Such an increase was mainly influenced by remote work as cybercriminals found malware-infected documents to be effective.

Later on, downloaded malicious office documents slightly decreased to 34% in Q4 2020 and Q1 2021. Despite that, downloaded malware as office documents went right back up to new highs at 43% the next quarter.

One of the most dangerous malware EMOTET was spread via Word documents before being disrupted in early 2021 by global law enforcement. What made EMOTET dangerous is that it opened doors for other malware installations such as information stealers, trojans, and ransomware.

It seems EMOTET’s success spread quickly in cybercriminal groups, inspiring more hackers to try out a similar technique. Another reason for malicious document success is that they can bypass antivirus and tend to manipulate being a trustworthy source.

For example, cybercriminals would mask malicious files and emails during the pandemic as registration for the vaccine or some other financial benefits. It is easier to make people fall for malware when it is associated with reliable documents.

Document-based malware protection

Malware-infected document attacks are made to take advantage of the user’s possible inability to recognize the risk. The best protection can only be achieved with a combination of cybersecurity awareness, training, and security software.

Do not open unsolicited attachments or links from unexpected emails. If the email is claiming to be a recognizable company or person, make sure the email address matches the actual organization’s address and look out for grammatical errors in the email itself.

Businesses should train their employees and educate them on cybersecurity risks. A significant amount of data breaches happen due to human error. Because of that, employees must be prepared to deal with phishing emails or any other type of cyberattack.

Make sure your device systems and software are updated to the latest version. New updates patch security vulnerabilities that malware actors often exploit. In addition, the latest version of antivirus software can recognize new malware threats.

Cybercriminals have benefited from the popularity of Microsoft Office, Google Docs by inserting malicious code into the files. Organizations must implement and maintain a cybersecurity strategy addressing both the technological and human components to protect users from falling victim to malware threats.

Misconfiguration of Firebase database by developers causes data risk in apps worldwide from food delivery to gaming apps

Avast, a global leader in digital security and privacy, has found over 19,300 Android apps exposing user data to the public due to a misconfiguration of the Firebase database, a tool Android developers can use to store user data. This affects a broad range of different apps, from lifestyle, workout, gaming to mail and food delivery apps in regions worldwide including in Europe, South-East Asia and Latin America.

Data exposed can include personally identifiable information (PII) collected by the apps, such as names, addresses, location data, and in some cases even passwords. Avast notified Google of its findings so they could inform app developers to take corrective action. 

Developers can use Firebase to facilitate developing mobile and web apps for the Android mobile platform, and they can keep their Firebase implementation visible to other developers so, technically, also visible to the public. When Avast Threat Labs researchers looked at 180,300 publicly available Firebase instances, they found that over 10% (19,300) were open, exposing the data to unauthenticated developers. These were open due to misconfiguration by the app developers.

These open instances put the data stored and used by the apps developed with Firebase at risk of theft. The data these apps store can include a variety of information such as personally identifiable information (PII) like names, birthdates, addresses, phone numbers, location information, service tokens and keys among other things that could be exposed by this. When developers use bad security practices, records can even contain plain text passwords.

“Each one of these open instances is a data breach event waiting to happen and can pose critical business, legal and regulatory risks if they happen. Potentially the personal information of over 10% of users of Firebase-based apps could be at risk,” explained Vladimir Martyanov, Malware Researcher at Avast. “Today, any company has an app - shops, gyms, postal services, or even environmental and donation apps, built for convenience, and often with good causes in mind. Even more so businesses should insist on a responsible development of their apps, making security and privacy a key part of the entire app development process, not just as a later ‘bolt on.”

Avast recommends developers to stay informed about potential risk of misconfigured databases and follow the best practices that Google has provided.

“We urge all developers to check their databases and other storage for possible misconfigurations to protect users' data and make our digital world safer,” said Vladimir Martyanov.

For more information, please read the full blog and research on Avast Decoded.

According to a recent study from market research firm Graphical Research, the Asia Pacific POS terminals market size is poised to expand at substantial CAGR during the forecast period. Adoption of cloud computing technology is likely to add fillip to Asia Pacific Pos terminals market outlook. Cloud-based POS systems will witness increased traction among retailers and restaurant owners in the region. Cloud technology will offset the hassle of on-premise hardware for data storage and streamline the production adoption.

Concerted efforts to embrace cashless economy will further stimulate the trend for POS terminals. While the Government of Singapore has set an audacious target to be a cashless economy by 2025, its Indian counterpart has launched the Digital India program. In terms of revenue, Asia Pacific POS terminals market is forecast to exceed USD 40 billion by 2026.

Use of biometric POS systems will be noticeable across the end-use applications for access control and improved security. Industry players are emphasizing R&D activities with facial recognition-based and fingerprint POS solutions. For instance, WeChat rolled out facial recognition-based POS system in August 2019. The solution can leverage offline payments by scanning faces of shoppers.