OFAC sanctions against Russia-based Hydra, world’s largest darknet market, and Garantex, virtual currency exchange

The US Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Hydra, Russia’s dark web market, for participation in illegal cyber activities against the United States. Hydra is known for offering ransomware-as-a-service, hacking services and software, stolen personal information, counterfeit currency, and stolen virtual currency through its Russian-based website. OFAC has also sanctioned Garantex, an Estonian-based virtual currency exchange that runs most of its operations in Moscow.

Approximately 86% of illegal bitcoins received directly from the Russian cryptocurrency exchange in 2019 originated from Hydra, which the Treasury called "the world's largest and most prominent dark web market," according to blockchain researchers. The Treasury’s new sanctions prohibit US citizens from initiating or receiving "any contribution or provision of funds, goods, or services" to or from Hydra or Garantex. These sanctions are said to be part of a widespread effort to disrupt the spread of malicious cybercrime services, including ransomware activities that stem from Russia.

The Treasury, in collaboration with the US Department of Justice, the FBI, and the German Federal Criminal Police, terminated Germany's Hydra servers and seized US $25 million worth of Bitcoin.

For further information, see the US Treasury’s current press release at US Department of the Treasury Sanctions.

NatWest Group to reduce APP fraud via Bottomline technology solution

UK-based NatWest Group has partnered with Bottomline, provider of financial technology, in efforts to strengthen their agencies to combat authorised push payment fraud (APP) using Bottomline’s Confirmation of Payee (CoP) solution across the UK. 

Reports have indicated a significant increase in APP fraud in UK’s financial services sector. According to Pay.UK, it is considered a substantial risk to the reputation of the Faster Payment Scheme (FPS). This concern rose as a single FPS transaction limit has recently increased from £ 250,000 to £ 1m.

UK Finance has introduced Confirmation of Payee in order to curb and reduce APP fraud. This new fraud prevention service should enable participating banks, building associations and credit union customers to ensure that the account holder's name corresponds to the bank account number before making a payment. James Hodgson, Chief Product Officer Take Payments, NatWest Group, commented that Bottomline’s SaaS solution for Confirmation of Payee will speed up their agency clients' adoption of the latest beneficiary’s name verification services, protecting them from APP fraud.

Brazil-based bank migrates to cloud-based fraud solutions via FICO, avoiding US $20M per month in fraud losses

Itaú Unibanco, a global Brazil-based financial services company and the largest private financial institution in Latin America, announced the migration of its fraud management and customer communications to the cloud in efforts to avoid fraud losses in excess of US $20 million per month. Itaú Unibanco’s partnership with FICO, a predictive analysis and data science company, led them to integrate FICO’s Customer Communication Services for Fraud (CCS) as the main communication service for transaction confirmation for the bank’s customers. According to the press release, the deployment helped them reduce its costs per customer account by 15% and improve fraud detection of online transactions where cards are not present by 20%.

Ulisses Okamoto, Fraud Risk Management Superintendent, Itaú Unibanco, commented that Itaú Unibanco manages approximately a third of all credit cards issued in Brazil, processing more than 3.0 billion transactions in 2021. Okamoto further stated that these volumes warranted the move to cloud to help provide enhanced customer experience, increased security and reduced costs. During the pandemic, fraud attacks increased approximately 70-80% in the Brazilian market. However, they were reduced significantly through the use of cloud services.

Facial biometric payment solutions offered in Middle East through Visa and PopID alliance

Visa, global digital payment provider, partners with PopID, a consumer authentication service, to work together to bring acceptance of facial recognition payments to the Middle East. The purpose of the partnership is to provide cardholders with new, secure and innovative payment options.

The press release noted that the first operators to bring PopID's new facial biometric payment solution, PopPay, to the market are Costa Coffee, MMI and grocery chain Géant, in addition to Caesars Palace Dubai's Cove Beach and Coca-Cola Arena Dubai, both belonging to the Dubai Holding portfolio, a diverse global investment company headquartered in Dubai, United Arab Emirates (UAE). PopID signed a deal with Dubai Holding to establish a joint venture to launch PopPay in the Central and Eastern Europe (CEE) and Middle East and North Africa (MENA) regions. This should enable the adoption of the payment technology to spread across Dubai Holding’s wider ecosystem and partners across the region.

According to The Economist Intelligence Unit, 85% of business executives believe that biometrics will be used to authenticate the majority of payments over the next decade. Akshay Chopra, Head of Central Europe, Middle East and Africa (CEMEA) Innovation & Design, Visa, commented that “Facial biometric payments are at the forefront of payments innovation, providing cardholders a fast, seamless and most importantly, secure way to authenticate and make a payment.”

This alliance reportedly should enable issuing banks to let customers link their facial biometrics to their debit or credit cards for initiating payments, while acquiring banks will have the opportunity to distribute PopID's proprietary face pay terminals to traditional onsite companies. John Miller, CEO of PopID, stated they expect facial biometrics to become the global standard for payments.