A BlueChilli startup is looking to make it easier for customers to pay for items even if they have left their wallet at home. Zwype is a virtual wallet and payment system that allows users to buy items at participating venues – such as cafes, restaurants and bars – without the need to swipe their credit card or pay by cash. Co-founder Matthew Bond says one of his co-founders works in the hospitality industry and “jumped at the idea” because his customers were always forgetting their credit cards in the first place or leaving them behind at the bar. “Our app allows users to leave their credit card, wallet and cash at home,” he says. “They can simply walk into an applicable venue, open a tab, show their phone with a unique number and when they want to pay they can walk out of the venue or close the tab and it will email a receipt.” The startup currently has more than 300 businesses in Brisbane, Sydney and Melbourne onboard – with plans to launch in Perth, Adelaide and Darwin shortly. “I’m a big believer that cash will be gone in about five years’ time and that in 10 years’ time credit cards will be gone,” Bond says. “You go anywhere these days and pay on credit card or go out for dinner with friends and no one has cash on them. It’s almost a chore to get cash out of an ATM. The first thing you do when you wake up in the morning is check your phone… why can’t it be a tool for paying for everything?” Bond says the Zwype system saves venues time and allows them to harness customer data to help them make smarter decisions. “It makes the relationship between the customer and venue more fluid,” he says. “When you walk into a venue and select it [on the app] your picture will turn up on their iPad as well as your name and favourite drink. So it creates more of a rapport between the customer and venue – rather than someone coming in, ordering something, paying their $5-10 and walking out.” As for what’s next for the startup, Bond says he hopes to raise some capital in the next few months once it gets some more traction. “We obviously want to spread our network and go international,” he says. “We have actually tested it at a bar in Bali to see if it would work – it proved you can pay anywhere in the world... but baby steps.” Follow StartupSmart on Facebook, Twitter, and LinkedIn.
Brisbane-based bitcoin startup Diamond Circle has opened a fundraising round via the Australian Small Scale Offerings Board, shortly after launching its bitcoin kiosk product. The bitcoin kiosk is an ATM that allows users to purchase bitcoins with a credit card. The startup also provides pay and wave bitcoin debit cards which allow distributors and merchants to accept bitcoins and earn commission by accepting bitcoins on purchases, providing cash-out facilities and for selling those bitcoin debit cards. Diamond Circle is looking to raise $1 million for 20% stake of the company. Its revenue for the 2013/14 financial year was $170,000, and it’s projecting revenue will increase to $12.7 million in 2014/15, $74 million in 2015/16 and $163 million in 2016/17. It plans to use the capital from the $1 million raise to distribute and enhance its MVP, strengthen its distributor/partner relationships, add further product lines and development, and marketing. Managing director Stephen Rowlison says the startup has solved the issue of bitcoin price volatility by linking traditional banking systems to the Diamond Circle debit card page. “Diamond Circle has developed a range of products and services that sit at the point of exchange from traditional ‘fiat’ currencies into cryptocurrencies and vice versa,” he says in the round’s offer document. “Innovations include a cashless crypto ATM (showcased at Amsterdam’s Global Bitcoin 2014 conference), merchant ready NFC-enabled PoS devices (both fixed and mobile) and a patented crypto Debit Card (“Bitwave” enabled, and designed for co-branding). “Whilst the technology behind the company may be applied to any cryptocurrency, the current marketing efforts concentrate on the best-known cryptocurrency, bitcoin…” The exit plan for the startup is for a trade sale in two to three years’ time, with a money transmission business being the likely acquirer. Follow StartupSmart on Facebook, Twitter, and LinkedIn.
How safe is Microsoft Windows? After all, the list of malware that has caused major headaches worldwide over the last 15 years is long – viruses, worms and Trojans have forced computers to shut down, knocked South Korea offline and even overloaded Google’s servers. Now, how safe do you feel knowing that cash machines across the world run Microsoft Windows? An exploit has been discovered, apparently spread across Russia, India, and China, whereby cash machines can be turned into a free money vending machine. The hack requires re-starting the cash machine – essentially a Windows terminal – from a prepared CD that injects malware into the system to circumvent the security. At set times of the week, a unique code is generated and given to a “mule” who would approach the machine, enter the code, and withdraw up to 40 notes, anonymously and without trace. From skimming to hacking Attacks on ATMs (those more sophisticated than removing the cash machine and cutting into its safe) started around 10 years ago with card reader devices containing a tiny integrated camera and card reader. As a user withdraws cash, the device reads the account details from the card’s magnetic stripe and videos the pin number entered into the keypad. Earlier generations of ATM machines were often built around computer terminals running IBM’s OS/2 operating system (which started life as a joint IBM-Microsoft venture, and which somewhat ironically spawned Microsoft’s Windows NT, the grandparent of modern Windows, and IBM’s OS/2 when that project collapsed). Due to its more esoteric and rare nature there are far fewer attacks for OS/2, but now it is standard builds of Windows, potentially vulnerable to all the usual malware and exploits, that run modern ATMs. So it is not surprising that intruders have started to find ways inside the ATM’s card processing and cash dispensing systems. Malware that can offer external control to an ATM have been reported for some years, allowing attackers to dispense cash, record and print out card details and PIN numbers. Under the hood This latest malware is Backdoor.MSIL.Tyupkin, which while running continuously will only listen for commands on a Sunday and Monday night. The criminal gangs operating the malware generate a random, unique, six-digit keycode that activates the program, which is given to the “mule” who is withdrawing the money. Like previous efforts to crack into ATMs, the malware requires physical access to the ATM, typically by booting the ATM from a CD prepared to install the malware. At present the malware has been active on at least 50 ATMs in Russia and Eastern Europe, but also in the US, China and India. The malware is the file ulssm.exe, which is copied into the c:\windows\system32 directory and which is protected and maintained on the system between reboots by modifying the Windows registry (a database of configuration settings) so that Windows automatically runs the program at startup. The program then interacts with the ATM through the Extension for Financial Services (XFS) library, MSXFS.dll. To avoid detection it will only allow access controller commands on Sunday and Monday evenings. This shows an example of malware installing itself onto a system, updating the Windows registry to autorun when started (at 25:20), and then going into hiding. Playing catch up The threat of re-booting machines from CDs or bootable USB sticks in order to install malware and abusing Windows autorun feature to sustain the program in memory, is an exploit that has been common for over a decade. It seems few lessons have been learned in terms of securing physical access to the device, and also in the privileged rights that malware can gain. Even as companies focus on improving and securing the user interface, often the debugging and diagnostic side can provide further routes into a system. Versions of Windows used in embedded control systems are now sufficiently secure, but as ATM manufacturers use standard installations of Windows they are opening themselves up to further problems – not least because it allows hackers the opportunity to simulate and craft their malware on well-known versions of the operating system. However, at the core of this attack – as with those before it – is the need for physical access to the device, which implies an insider working in the bank. That means with monitoring of who has access to the cash machine, this can be prevented. The key lesson is that the ATM operating system is a weak link in the chain which needs to be closed. *This article originally appeared on The Conversation.
Changes to how credit card transactions are handled at point-of-sale will come into effect in Australia this Friday, August 1. Magnetic stripe and signatures will no longer be the primary method for verification – instead, a chip-enabled card and PIN will be required. In order to support the new types of credit cards, merchants are required to upgrade their hardware or look at an alternate solution. There are still some situations where the customer isn't required to provide a PIN: Contactless payments under $100 in value (i.e. payWave, PayPass) Any payments $35 or under in value The credit card has been issued by an overseas bank. In this situation they will be able to sign for their purchases. Europe is already on chip and pin, however, the USA is still using magnetic stripe, but this looks to be changing. One benefit for merchants to invest in the upgrade is that the card schemes (Visa, Mastercard, AmEx) will cover the merchant for any chargebacks associated with a chip and PIN based transaction. There have been some reports industries such as hospitality are concerned about the impact this change will have on other parts of their business, like tipping. Ben Fuller from point-of-sale provider ImPOS sees an opportunity for new software systems to improve these parts of the business. “Those saying it is the death of tips for wait-staff, haven’t made themselves aware of how the transition has been successfully handled in other countries. With our POS solution we're leaving a space for the customer to ‘sign-off’ on the tip at the bottom of the bill. It is simple and if carried out correctly with the right dialogue, will result in more tips, not less,” Fuller says. Stolen at the shop, spent on the web Building a more secure payments infrastructure with chip and PIN is a positive step. However, according to the Australian Payments Clearing Association (APCA), roughly 70% of Australian credit card fraud occurs in a card-not-present environment (i.e. online, phone or mail credit-card transactions). Generally, credit cards are stolen at an ATM or checkout, then illegally used online, where a PIN is not required. These regulatory advancements may result in more fraud being driven towards contactless cards and online transactions. Software-based solutions At Pin Payments we're seeing a segment of small businesses ditching their hardware terminals in favour of our simple software-based solution. Businesses processing a small number of transactions each month can find the up-front cost and long contract terms associated with hardware card terminals don't make financial sense. Software solutions like this on the market offer a way to process card transactions on a pay-as-you-go basis, with the transaction fee being the only cost to merchants. When it comes to risk, for merchants using our mPOS at markets, pop-up stores and similar, we always recommend they take steps to reduce risk of fraud. A simple tool can be to ask for photo identification that matches with the name on the credit card provided. The move to chip and PIN is welcome, and it has the ability to significantly reduce the incidence of card “skimming” in retail environments. Skimming is the term used to describe the illegal harvesting of card details from modified ATMs and checkout terminals. Web and mobile software tools provide a larger opportunity to protect consumers, potentially eliminating sensitive card details from transactions entirely. Progressive businesses such as Clipp are using a secure card-on-file method to allow bars and restaurants to charge customers through a mobile app. Uber are doing the same for taxis and limousines. With chip and PIN hardware, skimming can be reduced. With software, skimming can be eliminated. If credit card or bank details don't need to be handled at the time of the transaction, then there's no useful information for thieves to harvest. Australia is moving ahead of some other markets (such as the US) in consumer protection practices, and these new regulations around point-of-sale hardware will benefit consumers. Still, there remains plenty of room for improvement as payments continue to go online and mobile. Chris Dahl is from Pin Payments, an Australian start-up providing businesses with simple new ways to get paid.
Online payments company Stripe is running a trial with US customers that allows them to accept bitcoin payments, but there is no definite date as to when this will be available in Australia. Still a controversial currency, bitcoin has slowly been gaining traction in Australia, with a Bitcoin Barcamp held recently and the first bitcoin ATM being installed in Sydney – at a pastry shop in Roseberry. If Stripe’s trial proves successful, they plan on making bitcoin payments available in Australia and other countries. It will be the first major online payments platform to support bitcoin. Stripe recently opened up to Australian merchants in private beta, setting up a presence here led by entrepreneur and venture capitalist Susan Wu. Stripe cofounder and president John Collison told StartupSmart the inclusion of bitcoin as a payment option won’t have an immediate impact, with some education around bitcoin still needed in the community. "People selling online aren't going to shift all their sales to bitcoin overnight, or even in the next few months,” he says. “There's some education needed on what accepting bitcoin means and what the advantages are.” He says Stripe will need to make the consumer buying experience better. “That'll take time, but we're pretty excited about this addition,” Collison says. “Breaking down economic barriers is one thing both Stripe and bitcoin have in common." According to Re/Code, once implemented, merchants who decide to use Stripe to accept bitcoin payments will automatically be paid out in the local currency of their choice. They set the price for their product or service in a local currency and Stripe automatically calculates for their customers what that will cost in bitcoin. Neither Stripe nor its customers will hold onto the bitcoin, meaning the businesses that accept bitcoin will not be subject to the volatility of its price. Local Stripe competitor Pin Payments currently has no plans to implement Bitcoin. Pin Payments Founder Grant Bissett says Bitcoin doesn't solve a real problem for their customers. "In the longer term it's likely that we would consider using Bitcoin - or one of the many other emerging cryptocurrencies, but not as a customer-facing product, " he told StartupSmart. Bissett says sites like Coinjar have a great product and are already providing Bitcoin support for local merchants. "In the relatively conservative banking environment in which Pin Payments operates, we feel that maintaining a moat between regulated and unregulated payment activities will benefit all participants in the local payments industry, in turn improving the offerings for businesses and consumers in the region," he says.
US-based start-up Pebble has confirmed it will begin shipping its ‘smartwatch’ on January 23, eight months after it smashed its $100,000 Kickstarter goal and raised more than $15 million.
The founder of drive-through coffee franchise Muzz Buzz insists there’s no difference between coffee and car washing, after announcing plans to grow the brand by way of a car wash service.
A new recycling “ATM” will take an old mobile phone and pay an agreed price on the spot, taking the concept of bartering to a new level.
I see so many start-ups that simply waste money, unintentionally (I've invested in them).
Start-ups have been urged to reassure consumers of the security of their sites, after a report revealed 95% of consumers would terminate their relationship with a company if it mishandled their data.
Eftpos Australia has applauded a move by the RBA Payments System Board, which has raised concerns about multi-network debit cards, and is calling for a voluntary agreement on the issue.
Westpac is the latest of the big four banks to launch a mobile payments app, Westpac Mobile PayWay, for small businesses. But how does it measure up to its rivals?
An LA bakery called Sprinkles has installed the world’s first cupcake ATM, answering the prayers of consumers who crave a late-night sugar hit.
The Commonwealth Bank has become the latest bank to target small businesses with its newly launched payments app, which offers near-field capabilities but is limited to iPhone users.
New research reveals more Australians do their banking online rather than visiting a branch, although industry experts say face-to-face service still resonates with small business customers.
A new report has revealed that investors are seeing increased potential in the ATM market, prompting a renewed call for a cap on ATM fees.
Eftpos fraud has almost tripled in the last financial year due to skimming and electronic forgery, according to new figures from the Australian Payments Clearing Association.
Start-up businesses could soon be provided a greater choice in their banking options following a proposed expansion by Australia Post into the financial services industry. The Future Fund is reportedly in talks with the government about rolling out new ‘financial supermarket’ services in a bid to prop up ailing Australia Post branches. David Murray, the Future Fund chairman, has been quoted as saying that Australia Post could provide services including deposits and loans, processing of financial transactions, an ATM network and even superannuation products. The potential move will be watched closely by small businesses, which have consistently complained about a lack of choice and competition in the banking market. The situation has become particularly acute in the last three years, with many lenders refusing to back start-up businesses. Although lending by the ‘big four’ banks has increased, a number of other funding sources has dried up, leaving fledgling entrepreneurs short of options in securing finance. Council of Small Business of Australia chief executive Peter Strong told SmartCompany that he broadly supported the proposal. "We've got to see the detail, but I would be supportive of that measure because it would create something new, and competition in this area is a good thing. We've mentioned our support for the portable account number before, and this is a good example of a situation where you could use it." "In some parts of cities, you still need to drive to the bank and the parking is quite bad, it's too far away from your other destinations and so on. But if you have an alternative post-office nearby, which could even be a smaller venue, you may find that it's easier for you to go there." "I also think it will make it easier for some SMEs in rural areas where there isn't a lot of competition. On terms of ease of access, this will make it much easier for a lot of SMEs."
The Greens will continue to push for new regulation on banks to place caps on savings account charges and ban $2 ATM fees.
The post-election wash-up has continued, with small business advocates demanding a seat at the tax summit table.