Month: October 2018

Large e-commerce businesses have systems in place to fight online fraud, but smaller sellers with their own storefronts don’t always have the same advantages. Today, e-commerce platform Shopify is aiming to change that with its rollout of Fraud Protect for Shopify Payments. The service is initially available in the U.S.

The company had announced its plans to introduce fraud protection earlier this year at its Unite conference in Toronto, where it also debuted marketing app Shopify Ping and support for sellers managing inventory across multiple stores, among other things.

The company’s goal with anti-fraud systems is to protect online sellers against fraudulent chargebacks.

Shopify says its experience in processing millions of orders across its platform has allowed it to develop fraud detection technology that has the ability to accurately determine which orders are considered fraudulent. Its algorithms will now analyze incoming orders and decide if an order should be set as “protected.” If a fraudulent chargeback on a protected order then occurs, Shopify says it will automatically reimburse the merchant.

Before, merchants would have to manually review orders for fraud, which could be difficult – especially for smaller sellers who don’t know what to look for.

However, Shopify says the system isn’t just for the mom-and-pop merchants – it can aid bigger businesses, too, as it means lower operating costs.

Often, if merchants can’t handle fraud detection in-house, they’ll work with a partner who specializes in this technology. For example, Shopify competitor Bigcommerce integrates with Signifyd, an automated fraud detection service which merchants can opt to use.

In Shopify’s case, it’s offering the technology directly to its merchant partners – meaning it’s managing the risk itself, and eating the loss involved with fraudulent transactions, as needed. That could be a big selling point in its favor when merchants are looking for a home to set up their online storefront.

“We talk to merchants every day and one of the recurring themes we often encounter is the amount of time and effort they put into preventing fraud, and the anxiety and turmoil they put up with when dealing with a chargeback on an order they’ve already shipped,” said Andre Lyver, Head of Financial Solutions at Shopify, in  a statement. “With Fraud Protect, merchants will never have to think about fraud and chargebacks. They can fulfill all of their orders with peace of mind, knowing that Shopify has them covered if the order is fraudulent,” Lyver added.

The pricing for the service will vary, Shopify tells us, but will be a small percentage of the order amount that’s protected.

The company says it’s rolling out Fraud Protect to a select group of U.S. merchants to start, who will be notified via email as well as with a notification within Shopify. It plans to expand the service to more merchants in the near future.

Epic’s gotta do something with the money it’s printing through Fortnite purchases. Acquisitions appear to be at the top of that list, starting with Kamu, the Finnish startup behind Easy Anti-Cheat.

Epic has already deployed the anti-cheat software for its wildly popular sandbox survival game — it’s been a central piece of the gaming company’s strong anti-cheating stance. It is, as CEO Tim Sweeney puts it in the press release announcing the acquisition, “key to building a vibrant Fortnite multiplayer experience that’s fair for all players.”

Fortnite isn’t the only title currently leveraging Kamu’s best-known offering. The startup says Easy Anti-Cheat is currently used by north of 80 games, installed on 100 million PCs globally. Chances are pretty decent that if you’ve played a big name title in the past year, it’s already on your computer.

Kamu will continue to provide its service to non-Epic titles for the time being. Here’s Kamu CEO Simon Allaeys from the same release, “Joining the Epic family is not only a childhood dream come true, but a huge boost for our mission to help developers create beautiful gaming experiences. Battling cheating in games was just the start; today our products also help developers stay competitive by identifying player needs as quickly as they emerge.”

The acquisition also affords Epic the opportunity to set up shop in Kamu’s native Helsinki. Terms of the deal were not disclosed.

Google is adding an interesting new feature to its Slides presentation tool today that allows you to enable real-time automated captions to your live presentations. That’s a great feature for those who are hard of hearing or deaf, as well as those who understand better when they can read instead of listen.

The new feature comes from the same accessibility team that previously introduced improved screen readers, Braille and screen magnifier support to Google Docs, Sheets and Slides. The automated captioning project started at an internal hackathon and is now rolling out to all Slides users who use U.S. English as their default language and Chrome as their browser. Over time, Google plans to enable this feature for other languages, too.

To turn on this feature you simply press the new “CC” button on the Slides navigation box and then use your computer’s microphone like always.

While this is mostly an accessibility feature, it’s also a nice way of creating a written transcript of a presentation that can then be used for other purposes after the presentation is over.

It’s worth noting that Microsoft recently introduced similar caption/transcription support for live meetings in its Teams product. Both Google, AWS and Microsoft offer their speech-to-text technology as APIs for developers, too, and a number of developers are now starting to build similar features into their applications based on these services.

A week after Google launched a game streaming service “Project Stream“ in beta, Microsoft’s touting its own take on the category. Project xCloud is, naturally, an Xbox game streaming service, designed to  bring the console’s titles to a slew of different platforms.

Outlined via blog post, the service is the latest offering to offer gamers the promise of cross-platform autonomy, bringing CPU-heavily titles to the PC and mobile devices. Public trials of the service will kick off next year. For now, the company is busily recruiting developers to bring content to the service and testing in private beta.

Those tests involve running titles on smartphones and tablets, played with bluetooth Xbox controllers or via touch. The latter, naturally, presents its own sorts of challenges. Games developed for complex consoles don’t necessarily translate to touch.

Says Microsoft,

Cloud game-streaming is a multi-faceted, complex challenge. Unlike other forms of digital entertainment, games are interactive experiences that dynamically change based on player input. Delivering a high-quality experience across a variety of devices must account for different obstacles, such as low-latency video streamed remotely, and support a large, multi-user network. In addition to solving latency, other important considerations are supporting the graphical fidelity and framerates that preserve the artist’s original intentions, and the type of input a player has available.

For now, the service is far from public. Microsoft certainly has the hardware/gaming/enterprise expertise to pull it off, but execution is still a ways off, unlike Google’s recent Assassin’s Creed Odyssey demo, which is currently being offered in public beta. 

A UK union that represents the interests of Uber drivers has called a 24 hour strike for tomorrow.

Ride-hailing giant Uber may not be comfortable thinking of the people who do the driving on its platform as workers but, in 2016, a UK employment tribunal ruled against its classification of a group of then current and former drivers as independent contractors after they brought a legal challenge; and again in 2017 when Uber lost its first appeal against the tribunal ruling.

Though Uber’s appeal continues.

Today one of the unions that campaigns on behalf of individuals providing labor on so-called ‘gig economy’ platforms, the Independent Workers Union of Great Britain (IWGB), announced the strike action by Uber drivers.

It said Uber drivers are demanding an end to unfair deactivations (described by the union as ‘de facto dismissals’); an increase in fares to £2 per mile (vs the current rate of £1.25p/m in London); a 10% reduction in commissions paid by drivers to Uber (currently 25% for UberX); and calling for Uber to immediately apply the tribunal judgement and implement “employment conditions that respect worker rights for drivers, including the payment of at least the minimum wage and paid holidays”.

The union argues Uber drivers should be classified as Limb (b) workers under UK law, rather than ‘independent contractors’ as the company claims.

It’s asking Uber users to respect the strike and not use the app tomorrow.

The chair of the IWGB’s United Private Hire Drivers branch is James Farrar, who was one of the former Uber drivers who brought the 2016 tribunal action against the company.

The 24 hour strike will take place on October 9, from 1pm, in London, Birmingham and Nottingham.

The IWGB said participating drivers will stage protests outside Uber’s offices in all three cities at the start of the strike.

In a response statement emailed to TechCrunch an Uber spokesperson told us:

“We are always looking to make improvements to ensure drivers have the best possible experience and can make the most of their time driving on the app. That’s why over the last few months we’ve introduced dozens of new features, including sickness, injury, maternity and paternity protections. An academic study last month found that drivers in London make an average of £11 an hour, after accounting for all of their costs and Uber’s service fee. We continue to look at ways to help drivers increase their earnings and our door is always open if anyone wants to speak to us about any issues they’re having.”

A company spokesman also flagged up a number of changes Uber has made in the UK since the tribunal ruling, including expanding a free insurance product it offers to drivers and couriers including sickness, injury and maternity & paternity payments across Europe.

The spokesman also pointed to a number of other changes it’s made, such as to paid waiting times, in-app tipping, and discounted access to savings products such as pensions and free skills courses.

He also flagged Uber’s recent launch of a new driver app with real-time earnings tracking and access to data insights intended to help drivers boost their earnings; and a 24/7 telephone support line for drivers and passengers (which was actually a requirement of London’s transport regulator).

The company also says it has formalized how it listens to and responds to driver feedback in every city it operates in — albeit, not well enough to steer off this latest strike.

All the changes it flags might well be positive steps in terms of improving Uber drivers’ lot but if UK judges continue to find these folks should in fact be classified as workers Uber will find itself having to shell out a whole lot more money to keep operating in Europe.

The company has previously said that if it had to provide all the ~50,000 ‘self-employed’ Uber drivers on its platform in the UK with workers’ rights it would cost its business “tens of millions” of pounds.

Uber’s next appeal against the tribunal judgement will be heard later this month, on 30 and 31 October. 

Walmart is teaming up with MGM and others on original content for a free, ad-supported streaming service operated by Vudu . According to reports from Variety, Reuters, and CNBC, Walmart-owned Vudu will license original series created by MGM for this service, which will be based on franchises from MGM’s film and TV catalog. The shows will be family-friendly in nature, and exclusive to Vudu.

The news follows rumors that Walmart was working on its own subscription video-on-demand Netflix competitor, but Vudu says there’s nothing planned on that front for the time being. However, it’s not being ruled out for the future, the company noted.

Instead, the focus for now will be on short-form originals that will debut on Vudu’s “Movies On Us” service. Launched two years ago in October 2016, “Movies On Us” was Walmart’s first foray into ad-supported free streaming. The service today includes 5,000 movies and TV shows that consumers can watch for free, interrupted by the occasional ad break. It complements Vudu’s rental and purchase library of 150,000 films.

The new original series from MGM will arrive in the first quarter of 2019, and were described as “family-friendly, advertiser-friendly content.” The size of Walmart’s investment was unknown, but Vudu did tell Variety that it’s not intending to be a studio or create hundreds of new series. In other words, Walmart is not trying to take on Netflix here, nor is it spending billions of dollars on this effort.

MGM and Vudu also didn’t disclose what sort of series are being developed, but MGM’s film and TV library offers a lot of options, as Variety noted. It includes movies like James Bond, Rocky, RoboCop, Pink Panther, 21 Jump Street and The Hobbit franchises, for example.

Vudu plans to license more shows from others beyond MGM, but didn’t disclose details about those plans at this time.

LinkedIn, the social network for the working world with close to 600 million users and now under the wing of Microsoft, has announced an acquisition as it continues to work on expanding the ways that people already on the platform use it. It has acquired Glint, a startup that provides employment engagement services for businesses and other organizations.

Terms of the deal are not being disclosed. For some context, Glint had raised nearly $80 million — including these rounds for $27 million and and $20 million in the last two years — was valued at around $220 million in its last round according to PitchBook. Investors included Bessemer Venture Partners, Norwest Venture Partners, Shasta Ventures and Meritech Capital Partners.

The news was announced both by LinkedIn and Glint itself in blog posts.

Daniel Shapero, VP of Talent Solutions at LinkedIn, said that the team from Glint will join LinkedIn and continue to work as a salient entity within it under current Glint CEO and founder Jim Barnett.

One big focus for LinkedIn over the years has been how to expand the amount of engagement — and therefore revenue — it derives from paying customers, and in particular businesses that are on its platform. Today some of LinkedIn’s revenue generating products include premium memberships, recruitment (Talent Soutions) and education, by way of Lynda.com. Glint is another step ahead in that wider strategy to build out more services for those users, alongside existing services like education, CRM tools and, most recently, business intelligence.

And the blog post from Shapero, who heads up Talent Solutions, is another indication of how this will fit into LinkedIn’s recruitment business. Today a business might use LinkedIn for recruitment. Now, tomorrow, it can continue to use LinkedIn for more services around those employees once they have been hired. Glint’s current list of products including Employee Engagement, Employee Lifecycle, Manager Effectiveness, and Team Effectiveness. As we have described before, Glint works by way of employee surveys, which it then analyzes using machine learning, natural language processing and predictive analytics. Its reports measure how employees feel about things like management, compensation and workplace culture and makes suggestions for how companies can improve their scores.

The idea is that this helps to reduce the expense of recruiting and training new employees.

LinkedIn has already been building out solutions to help employees with their career development (for example with its educational products), and this will play an adjacent role on the company-wide front, since some of the feedback can be used to help tailor training courses for employees, and so on.

“We believe that Glint has uncovered a modern HR best practice that every company should do: Regularly gather employee feedback on work, culture, and leadership, and give leaders the tools they need to translate those insights into action,” Shapero writes. “At LinkedIn, as a customer of Glint, we’ve experienced the value that this brings first-hand. Glint provides executives with the tools to answer questions about the health and happiness of the talent they have, while giving managers at all levels the access and insight they need to improve.”

LinkedIn tells me that Glint will not be shutting down its existing service as it integrates into LinkedIn.

The timing of this announcement is also notable: LinkedIn is kicking off its big Talent Solutions conference and this helps set the tone for where it’s hoping to take the division.

Updated with more about what happens to Glint post-acquisition

A lot of secure sites are set to grind to a halt with security error messages in the next version of Google Chrome, after the browser will drop trust for a major HTTPS certificate provider following a series of security incidents.

Chrome 70 is expected to be released on or around October 16, when the browser will start blocking sites that run older Symantec certificates issued before June 2016, including legacy branded Thawte, VeriSign, Equifax, GeoTrust and RapidSSL certificates.

Yet despite more than a year to prepare, many popular sites are not ready.

Security researcher Scott Helme found 1,139 sites in the top one million sites ranked by Alexa, including Citrus, SSRN, the Federal Bank of India, Pantone, the Tel-Aviv city government, Squatty Potty and Penn State Federal to name just a few.

Ferrari, One Identity and Solidworks were named on the list but recently switched to new certificates, escaping any future outages.

You can check any website by pulling up the console in Chrome on any website. (Image: TechCrunch)

HTTPS certificates encrypt the data between your computer and the website or app you’re using, making it near-impossible for anyone — even on your public Wi-Fi hotspot — to intercept your data. Not only that, HTTPS certificates prove the integrity of the the site you’re visiting by ensuring the pages haven’t been modified in some way by an attacker.

Most websites obtain their HTTPS certificates from a certificate authority, which abide by certain rules and procedures that over time become trusted by web browsers.

If you screw that up and lose their trust, the browsers can pull the plug on all of the certificates from that authority.

That’s exactly why Google called it quits on Symantec certificates last year. The search giant, and others, accused Symantec of issuing misleading and wrong certificates — and later, it was discovered that Symantec allowed non-trusted organizations to issue certificates without the required rigorous oversight. That has forced thousands of sites to trash their paid-for certificates and replace them with new ones to prevent their site from flagging up with error messages once the Chrome 70 deadline hits.

But, just as much as browsers can lose trust in a certificate authority, it can also gain the trust of new ones.

Let’s Encrypt, a provider of free HTTPS certificates, gained trust from all the major browser makers — including Apple, Google, Microsoft and Mozilla — earlier this year. To date, the non-profit has issued more than 380 million certificates.

Fortnite Battle Royale was undoubtedly the big game of 2017, and 2018 is shaping up to be very similar. And with such popularity inevitably comes a swath of critics.

Take, for example, YouTuber Max Box. Using Fortnite’s replay mode, Max Box created a YouTube video that shows what Fortnite would look like in first-person mode.

The video is slightly buggy, but it’s about as close as we may ever get to seeing what Fortnite would look like in first person.

As it stands now, Fortnite uses third-person view, showing the player a view of themselves and the rest of the world from the perspective of their character’s right shoulder. Because of these mechanics, players are able to peek over cover or around walls without exposing themselves to incoming fire.

Because third-person view allows gamers to see their character in full, it also makes Epic’s main Fortnite revenue generator, premium skins and emotes, all the more valuable.

For those reasons, it seems unlikely that Epic would introduce a first-person mode.

That said, Epic will face new competition in the Battle Royale space with the introduction of CoD: Black Ops 4 Blackout mode on October 12. The game jumps in the ring with Fortnite, PUBG and H1Z1 as a first-person Battle Royale shooter.

Navionics, an electronic navigational chart maker owned by tech giant Garmin, has secured an exposed database that contained hundreds of thousands of customer records.

The MondoDB database wasn’t secured with a password, allowing anyone who knew where to look to access and download the data.

The company’s main products give boat, yacht and ship owners better access to real-time navigation charts, and boasts the “world’s largest cartography database.”

Bob Diachenko, Hacken.io’s newly appointed director of cyber risk research, said in a blog post that the 19 gigabyte database contained 261,259 unique records, including customer names and email addresses. The data also and information about their boat — such as latitude and longitude, boat speed and other navigational details — which Diachenko said likely updating in real-time.

After Diachenko contacted the company, Navionics shut down the server. A spokesperson did not return an email requesting comment.

It’s the latest in a string of MongoDB -based exposures. For years, the database was designed to sit behind firewalls and was not automatically password protected. Since more database have become connected directly to the internet, MongoDB refreshed its software to include a password by default. But many outdated installations are still unsecured.

Many exposed MongoDB databases have been accessed by hackers, had their contents downloaded and then wiped, and held to ransom.

MongoDB is one of the most widely used database providers in the world.