Page 10 - GS180201
P. 10
NewsBriefs
that it acquired Shift4 Corp., a payment gateway based
in Las Vegas. Company representatives said the newly
created entity, Shift4 Payments, will leverage Shift4's
patented payment technologies and Lighthouse Network's
family of integrated POS solutions.
Lighthouse Network CEO Jared Isaacman will take the
helm as Shift4 CEO when the transaction closes. He said
Shift4 has taken leadership in secure payment processing,
and rebranding as Shift4 Payments reflects a commitment
to power the company's extended family of software
Editor's Note: Following are excerpts from news stories recently posted brands with premium processing and a best-in-class
under Breaking Industry News on our home page. For links to these and payments platform.
other full news stories, please visit www.greensheet.com/breaking-
news.php?flag=previous_breaking_news. Critics deride Uber's bug bounty program
Western Union forfeits $60 million to NYDFS Security analysts have slammed Uber for what they deem
to be a selective approach to repairing software bugs.
Following an investigation by the New York Department The ride-sharing service pays informants a bounty for
of Financial Services set forth in Western Union Co.'s reporting vulnerabilities, but payouts have been uneven,
January 2017 deferred prosecution agreement (DPA) according to critics. ZDNet Security Editor Zack Whittaker
with the U.S. Department of Justice, its Western Union reported Jan. 21, 2018, that HackerOne, an Internet security
Financial Services Inc. subsidiary agreed to a consent firm and bug bounty program administrator, pays for bug
order with NYDFS on Jan. 4, 2018. In the DPA, the fixes according to severity levels. Some discoveries are
company acknowledged deficiencies in its money services marked "informative," but go unpaid, Whittaker noted.
compliance programs from 2004 to 2012. Under terms of Bug bounty programs are typically offered by software
the consent order, WUFSI agreed to pay $60 million to developers and websites, and provide recognition and
NYDFS to resolve violations of New York law arising out compensation to individuals who report bugs in their
of facts set forth in the DPA. software.
NRF 2018 highlights retail transformation New PCI standard for software-based
The National Retail Federation's 107th annual Convention PIN entry on COTS
and Expo opened Jan. 14, 2018, at Jacob Javits Convention The PCI Security Standards Council (PCI SSC), which
Center in New York City. The NRF expected record leads a global effort to increase payment security by
attendance, with 35,000 registered attendees and 600 providing industry-driven, flexible and effective data
exhibitors from more than 3,500 companies and 90 security standards and programs, released a new standard
countries. In opening remarks, NRF President and pertaining to commercial off-the-shelf devices (COTS)
Chief Executive Officer Matthew R. Shay said retail such as smartphones and tablets. The new PCI Software-
transformation is good for companies, employees and Based PIN Entry on COTS (SPoC) Standard contains
customers. "Retail is not dead," Shay added. "It is being requirements for developing secure solutions that enable
reshaped in response to shifting customer expectations EMV contact and contactless transactions with PIN entry
and buying behaviors." on the merchant's consumer-facing device using a secure
Jason's Deli confirms RAM-scraper attack PIN entry application in combination with a Secure Card
Reader for PIN.
Family-owned Jason's Deli, which operates 275 delis in
28 states, received notice on Dec. 22, 2017, that a large ETA-sponsored study identifies
quantity of payment card information associated with the top payments tech trends for 2018
business was for sale on the Dark Web. Law enforcement, The recently released IDC Market Spotlight, Payments
a threat response team and forensic experts began Trends to Watch in 2018, sponsored by the Electronic
investigating immediately and recently reported a breach Transactions Association, highlights new channels,
had occurred. It began June 8, 2017, and jeopardized the networks and opportunities for the acquiring community.
credit card information of approximately 2 million Jason's In particular, the report details the following five major
Deli customers. Criminals gained access by using random trends in payment technology: the new channels: voice,
access memory (RAM)-scraping malware at POS terminals artificial intelligence and the Internet of Things; the 'Point
at some, but not all, Jason's Deli locations. of Interaction': the changing state of the POS; software as
Shift4, Lighthouse consolidate technologies, brands the new hardware; evolving transmission networks; and
security: innovation to support new tools.
Lighthouse Network, a payment technology provider
previously known as Harbortouch, disclosed Jan. 15, 2018,
10
