Archive for News and Events

Your Latest IT News Update

Facial Recognition Glasses For Covert Surveillance

The “iFalcon Face Control” AR glasses that incorporate an 8-megapixel camera in the frame and NNTC facial recognition technology (are due to go on sale next year) are reported to have already been deployed into several security operations.

<More>

Criminal Secrets Of The Dark Net Revealed

Recent Surrey University research, ‘Web Of Profit’ commissioned by virtualisation-based security firm Bromium has shown that cyber-criminals are moving to their own invisible Internet on the so-called ‘dark net’ to allow them to communicate and trade beyond the view of the authorities.

<More>

Mastercard’s AI-Based Digital Wellness Could Make Online Purchasing Easier and Safer

Mastercard has announced the introduction of its Digital Wellness program which utilises AI-based click-to-pay technology and new standards in order to provide an easier and safer online shopping experience.

<More>

Accounting Systems Too Complex (And Lack Investment)

A recent Barclaycard survey shows that 48 per cent of Chief financial officers (CFOs) think that current accounting systems are too complex.

<More>

Premium, Paid For Version Of Mozilla’s Firefox Planned

It has been reported that Mozilla will be introducing a (paid for) premium subscription-based Firefox service this October to run alongside the free, open-source Firefox browser.

<More>

Tech Tip – Night Light For Windows

If you leave your computer on and/or need to work late into the evenings, for example, the Windows 10 ‘night light’ feature enables the gradual limitation of the colour spectrum from your computer so that your body’s Melatonin (the bedtime-indicating chemical) isn’t impeded.

<More>

Facial Recognition Glasses For Covert Surveillance

The “iFalcon Face Control” AR glasses that incorporate an 8-megapixel camera in the frame and NNTC facial recognition technology (are due to go on sale next year) are reported to have already been deployed into several security operations.

US / Dubai Manufactured

The facial recognition-enabled smart glasses are made by American company Vuzix and use facial recognition algorithms from Dubai-based company NNTC.  It has been reported that the NNTC facial recognition algorithms rank in the top three for accuracy in the US government’s Face Recognition Vendor Test and can detect up to 15 faces per frame per second, thereby enabling them to identify a specific individual in less than a second.

To date, only 50 pairs of the facial recognition-enabled glasses have been produced, all of which have been sold to security and law enforcement and are, according to NNTC, being used as part of security operations in the United Arab Emirates capital Abu Dhabi.

The iFalcon Glasses Won’t Need An Internet Connection

The iFalcon Face Control glasses that are due to go on sale next year will come with a portable base station.  This will mean that they will have a portable connection to a stored a database of targets, thereby giving the user greater mobility as they won’t need an Internet connection for the software to function.

Similar Used In China

Facial recognition glasses have already been used by police forces in China last year in order to keep blacklisted people e.g. certain journalists, political dissidents, and human rights activists away from the annual gathering of China’s National People’s Congress.

Other Deployments

Known use of facial recognition for law enforcement already happens in the US through its incorporation with body cameras and CCTV cameras, and in the UK it has been used in deliberately overt trials and deployments e.g. a two-day trial in Romford, London by the Metropolitan Police in December 2018 using use vehicle-mounted cameras, at the Champions League final at the Millennium Stadium in Cardiff 2017, and at the Notting Hill Carnival in 2016 and 2017.

Criticism and Problems

The use of facial recognition technology at events and trials in the UK has, however, come under fire over several issues including poor levels of accuracy, a lack of transparency in how it is used, the possible infringement of privacy and data security rights e.g. what happens to images, and value for money in terms of deployment costs versus arrests.

This led to ICO head Elizabeth Dunham launching a formal investigation into how police forces use facial recognition technology (FRT) in the UK.

Data security and privacy are such thorny subjects for agencies, organisations and businesses alike that even though using facial recognition to help organise photos has been a standard feature across the social media industry, Microsoft is now issuing an update to its Windows 10 Photos app that prompts users to perform the almost impossible task of confirming that all appropriate consents from the people in the user’s photos and videos have been obtained in order to use facial recognition to find photos of friends and loved ones.  This move shifts the burden of responsibility away from Microsoft to the user.

What Does This Mean For Your Business?

The covert and mobile nature of these new glasses not only seems to be somewhat dystopian and ‘big brother’ but could, in theory, provide a way for users to simply get around existing data protection and privacy laws e.g. GDPR.

As a society, we are to an extent, used to being under surveillance by CCTV systems, which most people recognise as having real value in helping to deter criminal activity, locate and catch perpetrators, and provide evidence for arrests and trials. The covert use of facial recognition glasses is, however, another step further on from this and from the deliberately overt and public trials of facial recognition in the UK to date.  As such, to be used in the UK, it will require faith to be put in the authorities that it is used responsibly, and that its accuracy is proven, and that rights groups are able to access facts, figures, and information about the technology, where and how it is used, and the results.  Presumably, the ICO may also have questions about the use of such glasses.

If there is no public transparency about their use, this could also result in suspicion, campaigning against their use and a possible backlash.

Criminal Secrets Of The Dark Net Revealed

Recent Surrey University research, ‘Web Of Profit’ commissioned by virtualisation-based security firm Bromium has shown that cyber-criminals are moving to their own invisible Internet on the so-called ‘dark net’ to allow them to communicate and trade beyond the view of the authorities.

What Is The Dark Net?

The dark net describes parts of the Internet which are closed to public view or hidden networks and are associated with the encrypted part of the Internet called the ‘Tor’ network where illicit trading takes place.  The dark net is not accessible to search engines and requires special software installed or network configurations made to access it e.g. Tor, which can be accessed via a customised browser from Vidalia.

Deeper

Infiltration and closing down of some of the dark net marketplaces by the authorities are now believed to have led to cyber-criminals moving to a more secure, invisible part of the dark net in order to continue communicating and trading.

How?

Much of the communication about possible targets and tactics between cyber-criminals now takes place on secure apps, forums and chatrooms.  For example, cyber-criminals communicate using the encrypted app ‘Telegram’ because it offers security, anonymity, and encrypted channels for the sale of prohibited goods.

Diverse Dark Net Marketplace

Posing as customers and getting first-hand information from hackers about the costs a range of cyber-attacks, the researchers were able to obtain shocking details such as:

  • Access to corporate networks is being sold openly, with 60% of the sellers offering access to more than 10 business networks at a time. Prices for remote logins for corporate networks ranged from only £1.50-£24, and targeted attacks on companies were offered at a price of £3,500.
  • Phishing kits are available for as little as $40, as are fake Amazon receipts and invoices for $52.
  • Targeted attacks on individuals can be purchased for $2,000, and even Espionage and insider trading are up for sale from $1,000 to $15,000.

Corporations Targeted

One thing that was very clear from the research is that cyber-criminals are very much focusing on corporations as targets with listings for attacks on enterprises having grown by 20% since 2016. The kinds of things being sold include credentials for accessing business email accounts.

Specific Industries

The research also showed that cyber-criminals are moving away from commodity malware and now prefer to tailor tools such as bespoke versions of malware as a way of targeting specific industries or organisations.  For example, the researchers found that 40% of their attempts to request dark net hacking services targeting companies in the Fortune 500 or FTSE 100 received positive responses from sellers, and that the services on offer even come with service plans for conducting the hack, and price tags ranging from $150 to $10,000, depending on the company to be targeted.

The industries that are most frequently targeted using malware tools that are being traded on the dark net include banking (34%), e-commerce (20%), healthcare (15%) and even education (12%).

Researchers also uncovered evidence that vendors are now acting on behalf of clients to hack organisations, obtain IP and trade secrets and disrupt operations.

What Does This Mean For Your Business?

The dark net is not new, but some commentators believe that the heavy-handed nature of some of the police work to catch criminals on the dark net is responsible for pushing criminal communication and trading activity further underground into their own invisible areas.  End-to-end encrypted communications tools such as Telegram mean that cyber-criminals can carry on communicating beyond the reach of the authorities.

The research should show businesses that there is now real cause for concern about the sensitive, informed and finely tuned approach that cyber-criminals are taking in their targeting of organisations, right from the biggest companies down to SME’s.  This should be a reminder that cyber-security should be given priority, especially when it comes to defending against phishing campaigns, which are one of the most successful ways that criminals gain access to company networks.

Law enforcement agencies also need to do more now to infiltrate, gather intelligence, and try to deter and stop the use of different forums, channels and other areas of the dark net in order to at least prevent some of the more open trading of hacking services and tools.

Mastercard’s AI-Based Digital Wellness Could Make Online Purchasing Easier and Safer

Mastercard has announced the introduction of its Digital Wellness program which utilises AI-based click-to-pay technology and new standards in order to provide an easier and safer online shopping experience.

The Program

The Mastercard Digital Wellness program provides tips and resources that are designed to help businesses (especially small and independent businesses) protect themselves from cyber-attacks and data breaches. The program includes Secure Remote Commerce, Mastercard’s Cyber Readiness Institute (a collective of business leaders), and The Global Cyber Alliance which provides SMBs with free cyber-security tools.

New Click-To-Pay Checkout System

Coming out of the Digital Wellness Program is Mastercard’s new click-to-pay checkout system which is enabled by Mastercard’s deployment of EMVCo’s (Europay, Mastercard, Visa) specification. The standards that make up EMVCO’s specification provide a foundation that enables the processing of e-commerce transactions in a consistent, streamlined fashion over a variety of digital channels and devices, including smartphones, tablets, PCs and other connected devices.

This means that the click-to-pay checkout system can be used for all kinds of online shopping, across multiple devices, and across cards, and can replace old key-entry checkout systems.

Tokenization and NuData

The click-to-pay checkout system incorporates tokenization and NuData, which represent Mastercard’s AI and machine learning tech. NuData can prevent fraud by (for example) monitoring website traffic changes, analysing changes in browsers and web surfing speeds, and verifying all the user data that makes a user unique (such as an individual’s scroll speed on their device).

The inclusion of AI technology means greater security and no need for customers to enter passwords when they pay.

The Advantages

The key advantages of the click-to-pay checkout system from the Digital Wellness Program are that:

  • It tackles the problem that customers feel unease when it comes to paying for things online because of the added security.
  • It’s fast and easy – the instant click-to-pay with no need for passwords tackles the reluctance of online shoppers to create a new user account.
  • Merchants who adopt the system have a system from a known and trusted provider that could give them a better chance of preventing fraud.

These factors mean that the system could make customers more likely to feel comfortable shopping for things on smaller websites or with unknown retailers.

What Does This Mean For Your Business?

For Mastercard, this is a way of selling its services to the huge market of smaller and independent businesses.

For merchants, it’s a way for them to leverage the latest AI tech to protect themselves and their customers from fraud, and tackle popular known barriers to purchases from smaller retailers online i.e. worries about security and the unwillingness to take the time to set up a new user account when they want to buy something.

For customers, the system should provide a safe and fast purchasing experience which can only reflect well on the merchant.  It remains to be seen, however, how many merchants take up the new system and what the cost versus benefit implications will be.

Accounting Systems Too Complex (And Lack Investment)

A recent Barclaycard survey shows that 48 per cent of Chief financial officers (CFOs) think that current accounting systems are too complex.

Complex Systems

According to the survey, some of the main reasons that CFO’s find their accounting systems to be too complex are that they are not digitised enough and too are labour intensive.  This is the reason why 44% of CFOs say that they would want more automation when they upgrade.

Not Investing Could Be Affecting Bottom Line

The Barclaycard survey also found that a Chief Financial Officer’s (CFO’s) leadership style and willingness to invest in their financial and accounting software has a real impact on their businesses’ bottom line.  For example, over a fifth (22%) of finance heads believe their accounting software is out of date, which, according to Barclaycard, could mean that UK CFOs are missing out on £6.7 billion each year by not taking advantage of early payment discounts.

Complex And Out Of Date

According to Barclaycard’s survey results, even though 85% of the CFOs surveyed said they recognise the need to continuously invest in their accounting systems, this is clearly not happening and this may be because more than three-quarters (77%) admit to not having time and resources to find the right one.

This lack of investment and time, coupled with apparent resistance to change in many businesses appears to have led to a situation whereby 22% of businesses are using out-of-date accounting software, with 40% of businesses not having upgraded their accounting software for five years!

Missing Out

Barclaycard’s survey indicates that because many accounting software systems are outdated, companies can’t automate payments to meet supplier conditions for an early settlement discount, and this could mean that UK corporates are missing out on of £14.4bn of saving per year (the equivalent of £75,389 per business).

The Survey

This survey, conducted on behalf of Barclaycard conducted by Opinium Research in February 2019, was carried out among 500 senior financial decision makers in companies with turnover of £6.5 million or more and who do not outsource their accounts payable.

What Does This Mean For Your Business?

Even though the research was conducted by Barclaycard, which has an interest in accounting systems, it does highlight some of the challenges and barriers to upgrading that many businesses face, such as not having the time, money, and other resources to help them invest in a new system, thereby making them miss out on possible savings from early settlement discount.

It is not just with accounting systems that businesses would like to reduce complexity and increase automation where possible but struggling with accounting technology and systems is certainly not uncommon.  For many small businesses, it’s often a case of using desktop accounting software with related third-party apps and integration without much software training and asking the accountant for technology advice.  For example, a recent Zoho and AccountingWeb report showed that small businesses ask their accountants for technology advice 83% of the time, and 40% of those accountants say they are asked technology questions up to 20 times a month.

Premium, Paid For Version Of Mozilla’s Firefox Planned

It has been reported that Mozilla will be introducing a (paid for) premium subscription-based Firefox service this October to run alongside the free, open-source Firefox browser.

Why?

Mozilla’s share of the (free) browser market has been squeezed by some heavy competition from Google’s Chrome browser and although the Firefox browser is present on many computers and is used to sell people services, it isn’t actually making Mozilla any money.  Also, Mozilla relies heavily on revenue that it receives from search companies that pay to be featured in the Firefox browser, with much of that money coming from its competitor Google. Mozilla, therefore, is looking to diversify and find a way to build its own additional independent revenue stream from the bundling of value-adding services that it already has.

What?

Reports indicate that the new paid for bundled service could include:

  • VPN bandwidth that exceeds what’s available (free) via Mozilla’s ProtonMail VPN partnership i.e. giving paying customers for its new service access to a premium level VPN bandwidth.
  • An as yet, unspecified allotment of secure cloud storage.

Other possible parts of the bundled subscription service could include (although this has not been confirmed):

  • Mozilla’s free file transfer service “Firefox Send”.
  • Mozilla’s password manager “Lockwise”.
  • Firefox Monitor, Mozilla’s service, similar to HaveIBeenPwned.com, which allows you to check whether your personal information has been compromised by any of the numerous data breaches.
  • The “Pocket” application, also known as “Read It Later” which helps with managing a reading list of articles from the Internet by letting you save web pages and videos to Pocket in just one click. Mozilla acquired this service in 2017, and it already has a Premium version available for $45 per year.
  • Tools from ‘Scroll’ (a start-up working with Mozilla) that could result in users of the new premium service getting access to certain news sites.

How Much?

Current reports indicate that the premium Firefox service could cost users around the $10 per month mark.

Still Free Firefox

Mozilla has announced that it won’t charge for existing Firefox features as part of its shift to offering subscription services and that the free Firefox browser will continue to run as normal.

What Does This Mean For Your Business?

For Mozilla, this offers a way to diversify and generate a stream of revenue that isn’t connected to Google and monetises the synergies that it can get from a bundle of some of the products and services that it already owns. It’s also another way to compete in a tough browser market where there is one very strong and dominant market leader that already monetises popular advertising services that display across other browsers and platforms.

For users, access to a premium level VPN bandwidth and secure cloud storage from a known and trusted brand may justify a monthly subscription, particularly with some of the other value-adding services that could be bundled in and may not have been tried businesses to date.

Tech Tip – Night Light For Windows

If you leave your computer on and/or need to work late into the evenings, for example, the Windows 10 ‘night light’ feature enables the gradual limitation of the colour spectrum from your computer so that your body’s Melatonin (the bedtime-indicating chemical) isn’t impeded.

When a screen is left on it emits blue light which can keep you overly awake.  With the night light setting on, warmer colours are displayed which can help you sleep.  Windows knows what time zone your computer is in so scheduling it for your sunset and sunrise should be easy.

To activate night light:

Go to ‘Settings’, click on ‘System’.

Put night light ‘On’ and click on ‘night light settings’ to select ‘colour temperature’.  You will also see a ‘Turn on Now’ button to help you get the right colour temperature.

Under ‘Schedule’, toggle ‘Schedule night light’ to ‘On’.

Either select ‘Sunset to sunrise’ or select ‘Set hours’ and enter custom times for the night light to turn on and off.

Your Latest IT News Update

Employee Subject Access Requests Increasing Costs For Their Companies

Research by law firm Squire Patton Boggs has revealed (one year on from the introduction of GDPR ) that companies are facing cost pressures from a large number of subject access requests (SARs) coming from their own employees.

<More>

Salesforce Adding Blockchain Platform To CRM

The Salesforce cloud-based CRM platform is adding a low code, blockchain-powered service that will allow users to share data with third parties in a secure, transparent, and auditable way.

<More>

US Visa Applicants Now Asked For Social Media Details and More

New rules from the US State Department will mean that US visa applicants will have to submit social media names and five years’ worth of email addresses and phone numbers.

<More>

GCHQ Eavesdropping Proposal Soundly Rejected

A group of 47 technology companies, rights groups and security policy experts have released an open letter stating their objections to the idea of eavesdropping on encrypted messages on behalf of GCHQ.

<More>

Amazon Pop-Up Stores

Amazon is launching a pilot scheme which will enable 100 small online businesses to get the opportunity to sell their goods in 10 Amazon pop-up stores in UK high streets.

<More>

Tech Tip – Sleep App That Could Help You Work

We spend one-third of our lives asleep, and it has been estimated that around £30bn and 200,000 working days are lost in the UK each year through a lack of good sleep (gov.uk).  The Rise app shows you how to get better sleep, and keeps a record of your sleeping progress, thereby helping you to feel better and be more productive at work.

<More>

Employee Subject Access Requests Increasing Costs For Their Companies

Research by law firm Squire Patton Boggs has revealed (one year on from the introduction of GDPR ) that companies are facing cost pressures from a large number of subject access requests (SARs) coming from their own employees.

SARs

A Subject Access Requests (SAR), which is a legal right for everyone in the UK, is where an individual can ask a company or organisation, verbally or in writing, to confirm whether they are processing their personal data and, if so, can ask the company or organisation for a copy of that data e.g. paper copy or spreadsheet.  With a SAR, individuals have the legal right to know the specific purpose of any processing of their data, what type of data being processed and who the recipients of that processed data are, how long that data stored, how the data was obtained from them in the first place, and for information about how that processed and stored data is being safeguarded.

Under the old 1998 Data Protection Act, companies and organisations could charge £10 for each SAR, but under GDPR individuals can make requests for free, although companies and organisations can charge “reasonable fees” if requests are unfounded, excessive (in scope), or where additional copies of data are requested to the original request.

Big Rise In SARs From Own Employees = Rise In Costs

The Squire Patton Boggs research shows that 71% of organisations have seen an increase in the number of their own employees making official requests for personal information held, and 67% of those organisations have reported an increase in their level of expenditure in trying to fulfil those requests.

The reason for the increased costs of handling the SARs can be illustrated by the 20% of companies surveyed who said they had to adopt new software to cope with the requests, the 27% of companies who said they had hired staff specifically to deal with the higher volume of SARs, and the 83% of organisation that have been forced to implement new guidelines and procedures to help manage the situation.

Why More Requests From Employees?

It is thought that much of the rise in the volume of SARs from employees may be connected to situations where there are workplace disputes and grievances, and where employees involved feel that they need to use the mechanisms and regulations in place to help themselves or hurt the company.

What Does This Mean For Your Business?

This story is another reminder of how the changes made to data protection in the UK with the introduction of GDPR, the shift in responsibility towards companies, and the widespread knowledge about GDPR can impact upon the costs and workload of a company with SARs.  It is a reminder also, that companies need to have a system and clear policies and procedures in place that enables them to respond quickly and in a compliant way to such requests, whoever they are from.

The research has highlighted an interesting and perhaps surprising and unexpected reason for the rise in the volume of SARs, and that there may be a need now for more guidance from the ICO about employee SARs.

Salesforce Adding Blockchain Platform To CRM

The Salesforce cloud-based CRM platform is adding a low code, blockchain-powered service that will allow users to share data with third parties in a secure, transparent, and auditable way.

Blockchain

Blockchain, the technology that was famously behind the bitcoin cryptocurrency, has been described by its Co-Founder Nic Carey as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”.  Blockchain is an open-source, free technology that acts as an incorruptible peer-to-peer network / a kind of ledger that allows multiple parties to transfer value in a secure and transparent way.

Salesforce Blockchain Platform

Salesforce is positioning its Blockchain platform as a low-code system that has been customised to fit with Salesforce’s flagship Lightning CRM product.  The Blockchain platform has been built on the open source technology developed by Hyperledger Sawtooth. Salesforce Blockchain is currently only available to select design partners but will have its general release in 2020.

Why Blockchain?

Many businesses and organisations are now finding that they need to harness and share large amounts of data with a growing network of partners and third parties.  This sharing needs to be accomplished, however, in a way that is secure and incorruptible, and transparent and with a clear audit trail.  There is, of course, also the need to save costs, reduce inefficiencies, and make the process of sharing data as fast and easy as possible.

Also, in terms of the broader function of a CRM system, companies and organisations need the most up-to-date and effective way to verify and maintain contracts, send transactions, and essentially “automate trust”. Blockchain offers all these benefits.

Blockchain-as-a-Service

Salesforce is one of a growing number of tech brands getting in the rapidly growing BaaS market which offers enterprises the chance to deploy distributed ledgers without the cost or risk of deploying it in-house, and without needing to find in-house developers.

Tech commentators have noted, for example, that Microsoft and many other big tech companies, including Amazon and Oracle, are now looking to make the most of the growing blockchain as a service (BaaS) market. Microsoft was one of the first software vendors to offer BaaS on its Azure cloud platform as far back as 2015, but the predictions are that from the end of this year onwards, the market (estimated to be worth $7billion) will start to grow rapidly.

Real World Examples

Salesforce is already reporting ways that its new Blockchain platform is making a positive difference, such as at S&P Global Ratings which is using the service to reduce the time it takes to review and approve new business bank accounts.

There are now plenty of other examples of how Blockchain technology is being used (and is about to be used) in the real business world to add value, increase efficiencies, create opportunities and provide innovative ways of meeting old business challenges.  These include:

  • Using the data on a blockchain ledger to record the temperature of sensitive medicines being transported from manufacturer to hospital in hot climates. The ‘incorruptible’ aspect of the blockchain data gives a clear record of care and responsibility along the whole supply chain.
  • Using an IBM-based blockchain ledger to record data about wine certification, ownership and storage history. This has helped to combat fraud in the industry and has provided provenance and re-assurance to buyers.
  • Shipping Company Maersk using a blockchain-based system for tracking consignments thereby offering visibility and efficiency i.e. digitising a formerly paper-based process that involved multiple interactions.
  • Start-up company ‘Electron’ building a blockchain-based system for sharing information between those involved in supplying energy which could speed up and simplify the supplier switching process. It may also be used for smart grid processes, such as local load-balancing of supply and demand.
  • Data storage solutions company Seagate Technology (Seagate), and IBM working together and using Blockchain and advanced cryptographic product identification technology to reduce disk-drive product counterfeiting.
  • Facebook is reported to be developing its own blockchain-based cryptocurrency that will enable its users to have a PayPal-like experience when purchasing advertised products, as well as providing authentication and an audit trail.

What Does This Mean For Your Business?

For Salesforce customers, particularly the smaller customers, having Blockchain-as-a-Service as part of their CRM should enable them to solve some of their biggest data-sharing challenges (security, trust, and transparency) in a way that doesn’t require lots of code, and in a way that doesn’t require the considerable cost or risk of trying to develop and deploy it in-house.

The benefits of blockchain technology are just starting to be realised and exploited by many different companies around the world, and the BaaS market looks set to grow rapidly with the big tech companies and brands all looking to compete by offering different Blockchain-based services to businesses and organisations of all sizes.

Blockchain has already proven itself to be a technology that can save time and costs, provide fast and secure traceability, visibility and efficiency, and provide a real competitive advantage for companies that are willing to investigate how it could be used to add value to their particular business.

Even governments and cities around the world have realised the benefits and are committing considerable resources to Blockchain. For example, Dubai has committed to putting all of its documents on blockchain in the next few years and has founded a public-private initiative called the Global Blockchain Council to foster the development and use of blockchain technology in and between local government teams, local businesses and international start-ups.