It’s been a long, bumpy road for the Skully augmented reality motorcycle helmet brand. But under the leadership of Ivan Contreras, who acquired the assets of Skully in 2017, the helmet is finally shipping to its early backers.

That means anyone who paid $1,800 as part of the original Skully crowdfunding campaign will finally receive their helmets. Skully says it has already started shipping helmets to those early backers, as well as new customers who have placed orders.

This comes after TechCrunch got word last September that Skully would be making a comeback. At the time, Contreras wrote a letter to the Skully email list, saying “Although Skully Technologies has no formal obligation to the customers of the now defunct Skully Inc., we recognize that hundreds of Skully helmet enthusiasts around the world have contributed to this product and were understandably disappointed that they never received one. We are determined to make this right.”

That’s exactly what Contreras says he has begun doing. After spending $3 million of his own money, Skully is finally ready to ship the product to consumers.

It’s worth noting that Contreras isn’t just anyone. He’s made quite the name for himself in the motorcycle community, having led electric bike companies Torrot and GasGas. Skully FENIX AR helmet, unlike version one, is built with carbon fiber and features an anti-fog visor. It also comes with a heads-up display, turn-by-turn navigation, voice control, a rearview camera, smartphone connectivity via Bluetooth and hands-free music controls. Skully also has certification from the Department of Transportation, which sets minimum standards for all motorcycle helmets sold.

Why Contreras is keeping the Skully name is beyond me, but he says it’s because a vast community has grown around the brand. Given all the drama around Skully, one would think Contreras would want to make a clear distinction between the old company and his new one.

“We’ve found that people love the brand,” he told me. “It’s a lifestyle brand. People really don’t make an association with the older people that managed the bad Skully and the name.”

Bots went through the hype cycle faster than a speeding roller coaster, as the promise of chatting with a computer quickly turned sour. Now, Twilio wants to take another stab at this market with the launch of Autopilot, a new developer service for building omnichannel bot experiences.

“Omnichannel” is a word only a marketer could love, but the core idea behind Autopilot is to allow developers to build an application once and then deploy it to any support channel, no matter whether that’s SMS, chat, Slack, Alexa or the Google Assistant.

Autopilot handles all of the natural language understanding and machine learning necessary to build these bots and promises that developers can focus on the business logic and user experience. Developers can bring their own data to train the bots and teach them when to trigger which actions based on previous conversations.

Using style sheets, developers can tweak the language, tone of voice and other aspects of the bot’s responses to ensure that they are on brand. Those stylesheets may actually be the most interesting part of the service. Currently, they allow you to specify the overall personality and conversational style of the bot. In the future, though, this could enable businesses to create a personalized bot for every customer and give them exactly the right kind of experience that will make them feel more positive about a brand (feel free to start a discussion about the ethics of this in the comments).

When things go awry and the bots have to give up, then Autopilot can automatically transition the conversation to a human. Unsurprisingly, the service can be deeply integrated with Twilio’s Flex contact center service to enable those transitions. As Twilio noted, transitioning from bot to human isn’t exactly new, but think of all of the times when that happened to you. You probably had to give your account number to the bot or phone tree and then the human agent asked you for the same information again. That’s a waste of time for everybody. Autopilot promises to pass all of this information on to the agent in the Flex contact center so you can pay that water bill and move on with your life.

Autopilot, which shouldn’t be confused with marketing startup Autopilot (which also has a partnership with Twilio), is now available to all developers in public beta.

Making a payment over the phone, maybe because you are trying to change an airline ticket or to pay a last-minute bill, still feels like an antiquated process. You read your credit card number to an agent, then your expiration date and your security code. In the process, some number will inevitably get mixed up and you start the process again. Twilio wants to make that far easier. The company today announced Pay, a new product that aims to take the hassle and security concerns out of this process.

Twilio Pay, which is PCI-compliant, allows businesses to easily accept payments through their automated voice response systems or by their contact center agents. And all of this happens without having to give your credit card data to an agent. Instead, the agent or the phone tree can kick off the payment process, which is then handled by Pay and which has you enter your numbers securely. Your credit card data is then tokenized and securely processed and all the human agent sees is that the payment has been processed.

Twilio will charge $0.10 per successful transaction.

For developers, adding this functionality into an existing virtual call center or voice response system only take a few lines of code. Pay also will be integrated into Twilio Studio, the company’s drag-and-drop low-code environment. Unsurprisingly, Twilio’s Flex contact center solution — which we hear is growing rapidly — will also support it out of the box.

Stripe is the first payments processor that Twilio has worked with, but the platform is open to others as well.

Twilio Pay is now in public preview and will become generally available in the first half of 2019. It’ll be available in the U.S. and a number of international markets. That international availability is mostly about the markets that Twilio’s partners support.

Jessica Santana and Evin Robinson were riding the subway home from a college leadership conference when they realized they were getting off at the same stop.  It turned out, they had grown up in the same neighborhood, no more than 5 blocks apart.

Years later, both Santana and Robinson were working six-figure jobs in the tech practices of elite corporations but were disheartened by the homogeneity of their surroundings.

The tech industry is the primary generator of new jobs in the US, but the inaccessibility of resources and practical education left students in neighborhoods like Jessica and Evin’s unprepared and unqualified in the eyes of recruiters.

So the pair met at a local Starbucks and on the back of a napkin, they outlined what would become New York on Tech (NYOT).

By offering comprehensive computational courses and a broad professional network, NYOT hopes to provide under-resourced students in New York City with the skills and infrastructure needed for a successful career in tech.

Real skills have led to real results

What began as a passion project with just 20 students has blossomed into an organization helping more than 1000 students across the city.

Unlike the higher-level computer science classes Santana and Robinson saw offered in schools, NYOT aims to focus on more functional skills that are applicable to the day-to-day work of tech professionals.

The program caters its curriculums specifically towards areas it believes are in high demand from today’s hiring managers, including front-end and back-end web development, mobile development and UX design.

Classes are located at the offices of corporate partners, where students get direct mentorship from engineers and observe how technical skills are actually implemented in various roles. 

Graduates of NYOT are then given the opportunity to interview for internships at each partner organization, where they can gain practical experience and bolster resumes to be more competitive for future recruiting.

The organization points to successes both inside and outside the classroom, noting 100% of graduates in 2016 received admission into four-year colleges, many with scholarships to top engineering programs.

NYOT students have also landed paid internships and jobs with major companies that include Facebook, Google, and Comcast.  And while the organization admits corporate partners were initially hard to come by, NYOT’s partnership roster now includes some of the most influential names in tech, business and education, such as Twitter, Morgan Stanley and Columbia University.

To date, NYOT has been built largely without city government sponsorship, funded mainly by corporate partnerships, schools, and philanthropic donations.

The company offers its programs for free and partners with schools in high poverty areas of New York City where 50% of students or more are eligible for free lunch.

But NYOT thinks of itself not just as a non-profit providing educational training but as a deep-impact talent accelerator, supplying already capable students with the key resources they lack.

“People automatically think these students are disconnected youth because we say low income and people of color.  They think they’re uninterested in the technology industry”, said the founders.  “That is not true.  They come from areas that are low income or under-resourced but the population of students we work with is super smart, driven, hungry, and motivated.”

Offering more to more people

Going forward, the company plans to add curriculums that it believes fit the future needs of employers, including classes centered on cyber security, artificial intelligence, and machine learning.

On top of serving more students in the New York metropolitan area, Santana and Robinson hope they can bring what they’ve done in New York to a national scale and expand to communities across the country. 

However, the founders emphasize that they will focus on slow effective scaling, crafting curriculums specific to each locality.  “The work we do is really embedded in community.  We’re not designing for that community but designing with it”, said Robinson.

Santana and Robinson’s broader goal is bigger than “diversity” and inclusion.”

“In the industry, we use words like diversity and inclusion.  While we and our work value diversity and inclusion, this is about economic justice”, said Santana. 

“Think about job automation and job displacement.  If our students aren’t getting the most critical training, how can we expect them to compete for the jobs of today and tomorrow?  This is not just about diversity or inclusion, it is about positioning our country’s talent strategy.”

NYOT is now seeing extremely high demand for slots in its programs.  With more qualified applicants than they can actually accept, Santana and Robinson hope to bring on more volunteers to help them break down the barriers of access for as many kids as they can.

“I think any company scaling today has to have a crypto strategy. This is the start of ours,” Omni founder and CEO Tom McLeod tells me. His on-demand property storage and rental marketplace raised $25 million in XRP coins back in January in what some saw as an opportunist move to capitalize on the cryptocurrency boom. That industry has since gone bust, and XRP is in the cross-hairs of regulators who may classify it as a security with extra restrictions.

Now Omni has a way to get rid of some of its XRP. It’s beginning to let people get paid in the coin when they rent their stuff to fellow Omni users. Their balance of earnings is held in USD, but they can cash out to XRP at any time with no fee.

“In every other crypto investment scenario, you have to risk your cash — this way you can put items you already own to work for you and have them earn XRP while you relax,” says McLeod. “With this integration, you can basically double dip on ownership-as-investment by both unlocking liquidity early and investing some or all of the proceeds back into the crypto markets.”

Many users may not want XRP or to have anything to do with crypto. They can luckily ignore the feature. But they won’t be able to ignore Omni’s aggressive push to get people renting their stuff out.

Omni began as a just a storage service, now available in San Francisco and Portland. You schedule a pick up, its reps come to your place, they photograph the condition of your items, and haul them away to be stored in warehouses where space is cheaper than inside the city at users’ homes. The insane convenience of the service is you can request any of your items to be returned in as little as a few hours, so it’s almost like they never left your place. Most traditional self-storage units aren’t open 24/7 and it’s a big hassle to go pick up your stuff, often requiring a truck.

Omni is essentially Amazon Web Services for physical goods. And the thought is that once self-driving vehicles and warehouse robots improve, much of the work to schlep your stuff around would be automated. The monthly recurring storage fees created a reliable business model, and suddenly having to make room for all your goods at home kept users from churning.

But long-term, Omni sees rentals as its cash cow. Instead of the items you store just sitting in the warehouse, it’s created a two-sided marketplace where anyone can rent those items without causing any additional work for the owner, who simply gets paid while Omni keeps a cut.

Unfortunately, Omni is now trying to pressure users into storing goods separately so they can be rented instead of as plastic bins or suitcases full of goods. So at the start of 2019 it’s doubling the monthly cost of storing a large closed container, box or bag from $7.50 to $15 per month. That’s pretty steep, and a significant hike.

“Marketplace is driving Omni growth, and has always been the core of the long-term vision,” says McLeod. “Closed containers don’t grow the business, but move almost as much. We’re basically the same price as competitors now for them. It also makes it potentially more likely that small items will be itemized. We’re going to launch kits/playlists that will allow for grouping in the coming months.”

The XRP integration could potentially save Omni money on transaction fees. But the whole idea sounded a lot better when cryptocurrency was perceived as a gold rush rather than a gamble.

Fintech startup N26 is growing quite rapidly. Building a startup is hard, but building a startup that manages your bank account is even harder given the increased scrutiny. German weekly magazine Wirtschaftswoche published an article that questioned N26’s identification processes. According to Wirtschaftswoche, it’s quite easy to create an account with a fake ID document.

“One or two people got through with a fake ID document. And we detected that afterward. Unfortunately, we didn't detect it in real time,” co-founder and CEO Valentin Stalf told me. “Unfortunately, it can happen.”

But Stalf also insisted that it’s not a widespread problem and that all banks face the same issue. According to him, N26 complies with all regulations when it comes to onboarding.

Currently, N26 has three different procedures depending on the country and works with a third-party company called SafeNed for some of the verification procedures.

In many countries, you can initiate a video call with someone so that they can check your ID and compare it with your face. In Germany, you can also print a document, go to the post office with an ID document and make a post employee check that you are actually you.

In some countries, you can open an N26 account by uploading a photo of your ID document and a selfie. Other banks also take advantage of this procedure. For instance, it’s a common process in the U.K.

More generally, other banks also have to deal with fake ID documents. But security is never perfect. That’s why you can’t simply eradicate the issue. You can try to keep the fake ID rate as low as possible.

“Security is our top priority at N26, which is why secure identification processes and constant review of our security and monitoring mechanisms to prevent identity theft are of great importance to the company,” the company told me in a statement.

In other words, N26 monitors this fake ID rate. And N26 also has ongoing transaction monitoring for those who have already opened a bank account. The company tries to detect fraudulent activity as quickly as possible.

You might think that uploading a photo of your ID document leads to more fraudulent activity. But N26 has noticed that there’s a higher fraud rate for customers who go to the post office to check their ID document.

So fraud is nothing new in the banking industry. Nobody has eradicated fraud, and nobody will. In fact, many startups (such as DreamQuark) are working on improving fraud detection using machine learning and more sophisticated processes. But even artificial intelligence won’t solve this problem altogether.

All eyes are on N26 because it’s the hot new thing. But if you look at what’s happening, it’s a pretty boring story. “In one of the articles they said we used weaker method to grow faster. This is complete bullshit,” Stalf told me.

This story is a great example that it can be tough to manage your startup’s reputation. Building trust takes a long time. But it can go away much more quickly. That might be why N26 debunked the issue so intensely.

Here’s N26’s full statement:

Security is our top priority at N26, which is why secure identification processes and constant review of our security and monitoring mechanisms to prevent identity theft are of great importance to the company.

After the customer’s identity is verified, we carry out ongoing transaction monitoring along with numerous other security measures, in a bid to prevent criminal activity such as money laundering and terrorist financing.

We therefore take the findings put forward by Wirtschaftswoche very seriously, will analyse the facts and take appropriate measures if necessary.

Contrary to the statement in Wirtschaftswoche, the use of photo verification by N26 is legally compliant. N26 works with a regulated payment service provider, SafeNed, in this regard. SafeNed is a UK business which is authorised and regulated by the UK Financial Conduct Authority (FCA) with regards to the prevention of money laundering and terrorist financing. SafeNed verifies its customers using the Photo Ident process, which is compliant with UK law.

According to the German Money Laundering Act, N26 is allowed to use a third party regulated in the EU, in this case a payment service provider in the UK, for the verification of customers (Section 17 (1) GwG). The respective verification procedure is then determined by the law applicable to the third party (in the above example, therefore, by UK law). This understanding is also confirmed by BaFin in its interpretation and application notes on the German Money Laundering Act (p. 67 et seq.) for customers not resident in Germany.

Twitter is making a change to how its tweet reporting procedures will work. Before, Twitter had experimented with both showing or hiding the tweet you reported, but users told the company they sometimes needed to refer back to the tweet – like when they’re trying to report it to law enforcement, for example. Now, Twitter says it will hide the tweet behind an informational notice, but allow you to tap the notice to view the tweet again.

In addition, the company is also making it more transparent to users whether a deleted tweet was deleted by the user or because Twitter took an action. If the latter, these same informational notices will display.

Going forward, Twitter says that once it has determined that a tweet should be deleted, it will display a notice that states the tweet is unavailable because it violated the Twitter Rules. This will also include a link to those rules and an article that provides details on how Twitter enforces its rules.

This notice will be displayed both on the account’s profile and on the specific tweet’s page for 14 days after the tweet is deleted.

This will roll out to the Twitter app and Twitter.com on the web in the coming weeks, the company says.

Meanwhile, if you’re the one who reported a tweet, Twitter will hide this tweet from your view.

In the past, Twitter had tried both showing and hiding the reported tweet, because some users said they needed to access it for other reasons, while others simply never wanted to see it again. Most recently, Twitter had been hiding the reported tweets, we’re told.

The new process offers a compromise between showing and hiding these tweets.

While the tweet is hidden by default, if you do need to see it, the option is available with a tap on the notice.

The company demonstrates what this reporting and enforcement flow looks like, in a video it shared on its Twitter Safety account, posted this morning.

The change is the latest in a series of updates, feature release, and new procedures and policies that Twitter has been rolling out in recent months. The company has been trying to crack down on the rampant abuse and harassment that occurs on its platform, while also being careful about making sure its rules are understood and properly enforced.

Not everyone believes that Twitter is doing a good job at this yet, or that it will ever really be able to solve issues around online abuse and hate speech, which afflict so many social media platforms today.

Tumblr has disclosed a security vulnerability on its site that in some cases could have exposed account information.

The bug was found in the part of the site that recommends other Tumblr blogs to users, according to a blog post. The blogging site said the “recommended blogs” module — only visible to logged-in users — could have exposed some account information associated with the blog.

Tumblr didn’t disclose much about how the bug worked, but said that a blog owner’s email address, scrambled password (both hashed and salted) and their self-reported location, as well as previously used email addresses and the last login IP address.

The discovering security researcher contacted Tumblr and the bug was fixed within a day, and the bug finder was awarded an unknown amount from Tumblr’s bug bounty program. (Disclosure: Tumblr and TechCrunch are both owned by Oath, a division of Verizon.)

Tumblr said that it has so far found “no evidence” that the bug was abused and “nothing to suggest” that unprotected account information was accessed, but wanted to “be transparent” about the incident.

That’s good news on one hand, but it’s early days and that may change. It’s near-impossible for companies to confirm for absolute certain that a bug wasn’t exploited, often until data turns up somewhere. And, because often bugs exploit vulnerabilities in software that look like authorized commands, it’s difficult to differentiate between legitimate and malicious data requests.

Tumblr’s disclosure is the latest incident in a string of security blunders at high profile tech companies. Facebook recently confirmed 29 million accounts were improperly accessed, Twitter said that a year-long bug could have exposed some private direct messages, and just last week Google said it would shut down its Google+ social network after a security incident exposed a half-million accounts.

Unlike Google, which only came clean about the bug after the decision not to inform customers was revealed by the Wall Street Journal, at least Tumblr went public before it was forced to.

A Tumblr spokesperson did not return a request for comment.

Tesla CEO Elon Musk, the company’s largest shareholder, intends to buy another $20 million in common stock, a move that appears to be in response to a recent settlement with the U.S. Securities and Exchange Commission, according to a filing Wednesday.

The 8-K document detailed a settlement agreement between Musk, Tesla and the SEC over allegations of securities fraud connected to his August 7 “funding secured” tweet about taking the electric automaker private. A federal judge approved the settlement Tuesday.

At the bottom of the 8-K, Tesla outlined Musk’s plans to buy $20 million in stock. The statement read:

Separate and apart from the settlement, Elon has notified Tesla that he intends to purchase from Tesla, and Tesla expects that it will issue and sell to Elon, $20 million of Tesla’s common stock during the next open trading window at the then-current market price.

As part of the settlement, Musk has agreed to pay a $20 million fine and step down as chairman of the board for at least three years. He will still keep a board seat and has not admitted or denied any of the SEC’s allegations.

Tesla will pay a separate $20 million fine. The company also agreed to monitor and pre-approve Musk’s communications through channels such as Twitter and the Tesla blog to determine if any of the information is material, and thereby should be disclosed.

With Gartner estimating that there will be 150 billion connected devices by 2030 — many of them mission critical, such as powering major national infrastructure — the risk and realisation that these devices aren’t secured properly is leading some cyber security experts to predict that there is a large-scale disaster waiting to happen. And the problem is only getting worse. By some estimates, on average there are 127 new devices connected to the internet every second.

Enter: Crypto Quantique, a startup out of company builder Entrepreneur First that has been patiently toiling away for the last couple of years trying to solve the IoT security problem. Specifically, the company has developed what it claims is “the world’s first quantum driven secure chip (QDSC)” on silicon, which, when combined with cryptographic APIs, it says is capable of providing any connected device with a scalable and easy to implement “end-to-end” security solution.

Moreover, by employing advanced techniques in cryptography and quantum physics, its makers say the Crypto Quantique QDSC is unique to every device and entirely unclonable, which makes it almost impossible to hack. That’s quite a claim.

“There are security complexities in IoT, many stakeholders, including OEMs, manufacturers, integrators and designers are involved in developing and implementing the IoT,” Shahram Mossayebi, co-founder of Crypto Quantique, told me over email. “Each stakeholder is faced with different threat vectors and thus has different security requirements and produces devices based on very different architectures. Currently there is no clear approach to securing the IoT, which is also impacted by the lack of basic security tools that would allow stakeholders to build their own security solutions”.

To that end, he explained that security must start from the device, then travel through the network and finally reach the IoT device’s backend services. In other words, proper end-to-end security is required to protect IoT devices and infrastructure.

At the heart of this is “root of trust” — the ability for a device to authenticate itself and be a trusted member of a network — which, conversely, is also the weakest link. Data traveling throughout the network also needs strong encryption, of course. Finally, with IoT devices being in the billions, there’s an issue of cost: any secure solution can’t be prohibitively expensive to implement on a per device basis or be fragmented across multiple third-party providers.

“We have created a root-of-trust by harnessing quantum processes in semiconductors to generate unique, unclonable and tamper evident cryptographic keys,” says Mossayebi. “We call it quantum driven secure chip (QDSC) and it is the first ever of its kind in the world. Because of the uniqueness and way in which the keys are generated there is no requirement to store the keys on the device because the keys can be retrieved on demand. This eliminates secure storage requirements and leakage of sensitive information.

“In addition to building the QDSC, we also provide the cryptographic APIs and manage the end to end security to remove the multiple parties involved in the security chain and provide an all-in-one solution. This means there are no ‘open windows’ in connectivity when it comes to security. Once a QDSC is placed in a device it links directly to the owner system (i.e. public or private cloud) through CQ’s cryptographic APIs, where it is managed automatically and remotely while the device is in the field. This is the most advanced security product for the IoT, enabling new industrial revolutions such as Industry 4.0”.

As I said, big (and very interesting) claims, indeed.

On that note, Mossayebi says Crypto Quantique is aimed at any connected device that needs to stay secure, from traffic lights to a SCADA machine used in critical infrastructure. “Currently, we are working with leaders in different fields such as defence, aerospace, energy, industrial IoT manufacturers and enterprise hardware appliance manufacturers. The applications vary from securing satellites and drones to securing energy grids, sensors in critical infrastructure and data centres,” he says.