Year: 2019

The digital payments market is forecast to balloon to $3 trillion by 2023, and today a startup that lets businesses implement not just payments, but also the many other related (and necessary) services that go along with them, by way of a single API, has raised a big round of funding to meet that demand.

Rapyd, a London-based startup that bills itself as a “fintech as a service” provider, has picked up $100 million, money it will use to expand its platform — which today lets customers use its API to enable checkout, funds collection, fund disbursements, compliance as a service, foreign exchange, card issuing and integration — as well as to make acquisitions and expand its team.

This brings the total raised by Rapyd to $160 million. We understand that the valuation in this latest round comes at a significant spike and is now at close to $1 billion.

“Rapid” is indeed the operative word when it comes to Rapyd: the company is not only riding a wave of strong growth, but this is the second funding round it has raised this year, after raising $40 million in February. Arik Shtilman, co-founder and CEO of Rapyd, says the total payments volume on the platform (that is, how much Rapyd is moving) has grown more than five times this year, and that next year it’s forecasting that its revenue run rate will triple compared to 2019.

Rapyd doesn’t disclose current revenue numbers, but it counts companies like Uber, other large marketplaces and digital and brick-and-mortar merchants among its customers, to give you an idea of the kinds of companies and businesses that use its white-label service.

This latest round is being led by Oak HC/FT with participation from Tiger Global, Coatue, General Catalyst, Target Global, Stripe, and Entrée Capital. GC and Stripe led its previous round. Stripe is currently one of the very biggest players in the world of venture-backed fintech startups: in September it announced a $250 million round that values it at over $35 billion. But interestingly, Stripe’s position in Rapyd, at least for now, is not tied to working with the company. Shtilman describes Stripe a “just a financial investor.”

The challenge that Rapyd has identified and is tackling is the fragmentation that exists in the global payments market: each region has its own preferred payment methods (not every consumer globally uses credit or debit cards, and even if they do, accepting them all involves payment deals at the local level), and increasingly there is a lot more regulatory compliance that needs to be followed when making or taking payments.

All of that is not a core competency of most businesses, and that has led to the emergence of fintech companies that knit all that together behind the scenes. Currently, Rapyd’s platform allows these customers to accept cash, bank transfers, e-wallets, and local debit card payments in over 100 countries; make disbursements in more than 170 countries; and multi-currency settlement in 65 currencies, numbers that Shtilman said are continuing to grow as it continues making more interconnection deals with local partners.

Rapyd is not the only company targeting that opportunity: Adyen, PayPal. WorldPay, and increasingly Stripe are among the other big names also providing services in this area. Rapyd’s unique selling point, however, lies in the fact that it offers its services through one Swiss army knife-style API, that continues to grow.

“We are excited to become investors in Rapyd and believe the Company is enabling global internet companies to improve their ability to accept local payments in emerging markets,”.  said Scott Shleifer, Partner, Tiger Global Management, in a statement.

Shtilman likes to compare his company to AWS when it comes to continually expanding services and features. He said that since its last funding round in February, the company has not only expanded the number of countries that it covers — he notes that Asia Pacific and Latin America are currently its fastest-growing regions — but it has added in more marketplace features like escrow account management and more compliance-related capabilities.

“We’ve had a significant boost in the platform and now have very large customers in the process of getting on board,” he added.

Given that so much of the e-commerce world is linked to the sale of physical goods (not just services), that presents an interesting opportunity for Rapyd to move into another big area of the ecosystem: logistics. Indeed, Shtilman noted that the company is currently working on its first partnerships in that area, which will likely first launch in Asia Pacific.

Whichever area Rapyd tackles after that, the main idea will be to continue to apply digitised processes to those that have traditionally been done manually, which not only helps to speed up transactions, but make them less prone to errors and more traceable. “With humans in the middle of transactions, it opens you up to disaster,” Shtilman noted.

“As financial services become increasingly digitized and global, Rapyd’s fintech-as-a-service approach has tremendous growth potential,” said Tricia Kemp, co-founder and managing partner at Oak HC/FT, in a statement. “We’re thrilled to back and partner with the Rapyd team as they tackle one of the biggest challenges in financial services by helping businesses navigate the complexity of local and cross-border digital payments.”

Europe’s top court has ruled that pre-checked consent boxes for dropping cookies are not legally valid.

Consent must be obtained prior to storing or accessing non-essential cookies, such as tracking cookies for targeted advertising. Consent cannot be implied or assumed.

It’s a decision that — at stroke — plunges websites into legal hot water in Europe if their cookie notices don’t ask for consent first. As many don’t, preferring not to risk their ability to track users for ad targeting.

Now they could be risking a big fine under EU privacy laws if they don’t obtain valid consent for tracking.

Sites that have relied upon opting EU users into ad-tracking cookies in the hopes they’ll just click okay to make the cookie banner go away are in for a rude awakening.

Or, to put it another way, the ruling should put a stop to some, er, ‘creative’ interpretations of the rules around cookies that manage to completely miss the point of the law…

ehem

The decision is also likely to influence the ongoing reform of ePrivacy rules — which govern online tracking.

While the outcome of that very heavily lobbied piece of legislation remains to be seen today’s ruling is clearly a win for privacy.

Planet49 case

The backstory to today’s ruling is that a German court asked the CJEU for a decision in a case relating to a lottery website, Planet49, which had required users to consent to the storage of cookies in order to play a promotional game.

In an earlier opinion an influential advisor to the court also took the view that affirmative action not simple inaction must be necessary to constitute consent.

Today the CJEU agreed, handing down a final judgement which makes it plain that consent can’t be assumed — it requires an active opt-in from users.

In a punchily brief press release the court writes:

In today’s judgment, the Court decides that the consent which a website user must give to the storage of and access to cookies on his or her equipment is not validly constituted by way of a prechecked checkbox which that user must deselect to refuse his or her consent.

That decision is unaffected by whether or not the information stored or accessed on the user’s equipment is personal data. EU law aims to protect the user from any interference with his or her private life, in particular, from the risk that hidden identifiers and other similar devices enter those users’ terminal equipment without their knowledge.

The Court notes that consent must be specific so that the fact that a user selects the button to participate in a promotional lottery is not sufficient for it to be concluded that the user validly gave his or her consent to the storage of cookies.

Furthermore, according to the Court, the information that the service provider must give to a user includes the duration of the operation of cookies and whether or not third parties may have access to those cookies.

So, to sum up, pre-checked consent boxes (or cookie banners that tell you a cookie has already been dropped and pointlessly invite you to click ‘ok’) aren’t valid under EU law. 

Furthermore cookie consent can’t be bundled with another purpose (in the Planet49 case the promotional lottery) — at least if that fuzzy signal is being used to stand for consent.

There’s also an interesting new requirement which looks set to shrink the ability of service operators to obfuscate how persistently they’re tracking Internet users.

For consent to cookies to be legally valid the court now says the user must be provided with some specific information on the tracking, namely: How long the cookie will operate, and who their data will be shared with. So, er, awkward…

“Extending information requirement to include cookie configuration details is an interesting twist that will provide more information to users,” Dr. Lukasz Olejnik, an independent cybersecurity advisor and research associate at the Center for Technology and Global Affairs at Oxford University, told us.

“Sites will need to be wary to be sure that the user-facing text matches the actually used values of max-age or expires attributes. It is also interesting to wonder if sites will want to provide similar information about other cookie attributes.”

Safe to say, there will be some long faces in the ad industry today.

“The Court has made clear that consent should always be manifested in an active manner, and may not be presumed. Therefore, online operators should ensure that they do not collect consent by asking users to unclick a pre-formulated declaration of consent,” said Luca Tosoni, a research fellow in computers and law at the University of Oslo, also commenting on the court ruling.

ePrivacy reform

As we’ve reported before very many sites and services in Europe have, at best, been playing lip-service to EU cookie consent requirements — despite the advent of tighter rules coming into force last year under the General Data Protection Regulation (GDPR), which says that consent must be specific, informed and freely given to be a valid legal basis. And despite — more recently — further guidance from DPAs clarifying the rules around cookie consent.

“Before the entry into force of the GDPR, the conditions for consent were interpreted differently across Europe. Today’s judgment is important as it brings some clarity on what should be considered valid consent under EU data protection law,” Tosoni also told us, saying he expects the ruling to result in changes to many cookie notifications.

“National courts and data protection authorities across the EU will need to follow the Court’s interpretation when assessing whether controllers have validly obtained consent. In turn, this should lead to more harmonization in enforcement across Europe, in particular with regard to cookie notices. Thus, I would expect many operators to change their non-compliant consents to conform with the ruling.”

EU law on cookie consent dates back much earlier than the GDPR — to the prior Data Protection Directive and the still in force ePrivacy Directive — Article 5(3) of which specifies that for cookies to be used users must give opt-in consent after being provided with clear and comprehensive information (with only a limited exception for ‘strictly necessary’ cookies).

Although European legislators have been trying for years to agree on an update to the ePrivacy Directive.

A draft proposal for an ePrivacy Regulation was introduced by the Commission at the start of 2017. But negotiations have been anything but smooth — with a blitz of lobbying from the adtech and telecoms industries pushing against a firm requirement for opt-in consent to tracking.

The CJEU’s clarity that consent is required to store and access cookies pushes in the opposite direction. And that firm legal line protecting individual privacy from background tracking technologies should be harder for legislators to ignore.

“Today’s ruling is likely to have a significant impact on the ongoing negotiations on the ePrivacy Regulation which is set to regulate cookie usage, an issue on which European legislators are struggling to find an agreement,” Tosoni also told us, adding: “In the past, the Court’s rulings have had an important impact on the development of the GDPR.”

In the meanwhile, the judgement should at least force some of the more cynical and/or stupid cookie banners to be quietly replaced with something that at least asks for consent.

Cookie walls

That said, the ruling does not resolve all the problems around cookie consent.

Specifically the court has not waded into the contentious forced consent/cookie wall issue. This is where a site requires consent to advertising cookies as the ‘price’ for accessing the sought for service, with the only other option being to leave.

Earlier this year the Dutch DPA deemed cookie walls to be illegal. But the agency’s interpretation is open to legal challenge. Only the CJEU can have the final word.

In the Planet49 case the court sidestepped the issue — saying the referring court did not ask it to rule on the question of “whether it is compatible with the requirement that consent be ‘freely given’, within the meaning of Article 2(h) of Directive 95/46 and of Article 4(11) and Article 7(4) of Regulation 2016/679, for a user’s consent to the processing of his personal data for advertising purposes to be a prerequisite to that user’s participation in a promotional lottery, as appears to be the case in the main proceedings”.

“In those circumstances, it is not appropriate for the Court to consider that question,” it wrote.

Likely it’s doing so because another case is already set to consider that question. Tosoni says he expects the Orange Romania case — which is pending before the court — to further clarify the requirements of valid consent in the context of it being ‘freely given’.

“Some uncertainty on the requirements of valid consent remains. Indeed, in today’s judgment, the Court has primarily clarified what constitutes unambiguous and specific consent, but the Court has, for example, not clarified what degree of autonomy a data subject should enjoy when choosing whether or not to give consent for the latter to be considered “freely given”,” he said.

“Today’s judgment does not provide an answer on the legality of cookie walls, which require consent to access the underlying service.  The Court found that it was unable to address this point, as the referring German court had not asked the ECJ to assess the legality of making participation in a lottery — the service at issue in the case — subject to giving advertising cookie consent.  Further clarity on this issue may come from the Orange Romania case, which is currently pending before the ECJ.”

We’ve reached out to the IAB Europe for a response to the ruling and to ask what advice it will be issuing to its members. At the time of writing it had not yet responded to these questions. 

A team of security researchers found they could tap into Webex and Zoom video meetings because many weren’t protected with a code.

Researchers at Cequence, a startup focused on protecting applications from scraping and account takeovers, programmed a bot to cycle through lists of valid meeting IDs and get access to active conference calls. The vulnerability works because many companies and users don’t protect their meetings with a password, either for convenience or they had not checked their default settings, coupled with a limited pool of meeting IDs.

By targeting the platforms’ APIs, they were able to automate the process.

The researchers reported the flaws to both Cisco, which owns Webex, and Zoom in July. Both companies have since pushed out fixes.

The attack would not be silent, however: callers who successfully access a meeting are announced. But it represents

Cisco said it was “not aware” of any malicious exploitation of the vulnerability on its platform. Zoom said it was “grateful” to the researchers, adding that it improved its server protections to prevent bot attacks.

Zoom caught flack in July when it failed to remove a web server from Macs when users uninstalled the app, causing a security scare. The company fixed the issue, but Apple was later forced to intervene to ensure all Mac users were protected.

Cequence earlier this year secured $17 million in its Series B backed by Dell Technologies Capital and Shasta Ventures, bringing the total raised to $30 million.

Rhino, the insurtech startup incubated by Kairos and co-founded by Kairos CEO Ankur Jain, has today announced the close of a $21 million Series A round led by Kairos and Lakestar.

Rhino was founded in 2017 with the goal of putting the billions of dollars that are locked up in cash security deposits to renters, all while protecting landlords and their property. As it stands now, landlords usually take one month’s rent to cover any damage that might be done to the apartment during the lease. This is piled on top of first and sometimes last month’s rent, and even at times a broker’s fee of one month’s rent, which adds up to an incredibly steep cost of moving.

Because of certain regulations, this money is held in an individual escrow account and can’t really generate interest, which results in billions of dollars zapped out of the economy and instead sitting dead in some account.

Rhino is looking to give renters the option to pay a small monthly fee (as low as $3) to cover an insurance policy for the landlord. Rhino is itself a managing general agent, allowing the company to both sell and create policy plans for landlords through partnerships with carriers.

Thus far the startup has saved renters upwards of $60 million in 2019, with users in more than 300,000 rental units across the country.

“The greatest challenge is working against legacy and industry norms,” said Rhino CEO and cofounder Paraag Sarva. “That start has begun, but there is a huge amount of inertia behind the status quo and that is far and away what we are most challenged by day in and day out.”

To help speed up the process, Rhino is working alongside policymakers to enact change on a federal level.

Alongside the funding announcement, the company is announcing its new policy proposal that was created in collaboration with federal, state and local government officials. The policy essentially allows for renters to be given a choice when it comes to cash deposits, including allowing residents to cover security deposits in installments or use insurtech products like Rhino to cover deposits.

Rhino says it will be sharing the policy proposal with 2020 Presidential candidates on both sides of the aisle.

Rhino is one of a handful of companies that has been incubated by Kairos, a startup studio led by Ankur Jain with the goal of solving the biggest problems faced by everyday Americans. The studio focuses on housing and healthcare, with companies such as Rhino, June Homes, Little Spoon, Cera and a couple startups still in stealth.

Meet DataHawk, a French startup that wants to build a sort of App Annie for Amazon listings. The company lets you track products and search results so that you can learn more about your competitors and your space.

This sort of products is becoming increasingly relevant as more and more products sold on Amazon are listed directly on Amazon by third-party companies on Amazon’s marketplace.

If you’re selling products on Amazon, chances are that your performance depends on search results. Many customers search for a product and look at the first results. So you want to rank as high as possible on important keywords.

With DataHawk, you can track any keyword and see how the results evolve over time. This way, if your sales drop, now you know why. The platform can help you tweak your listings to rank higher.

You can also track products directly to spot changes in the product title, price, reviews and description. Because DataHawk uses scrapping, you’re not limited to your own products — you can monitor products from your competitors.

You can visualize data from the DataHawk interface or export everything to Excel spreadsheets. You can also receive email alerts.

DataHawk has raised $1.3 million from Axeleo Capital and business angels. The company has 140 clients so far, with 80% of them in the U.S. Clients include PharamaPacks, Pfizer and L’Oréal. It currently tracks 2.6 million products every day.

The company operates as a software-as-a-service with a free plan to try out the service and monthly plans that get more expensive as you track more products and keywords.

If you’ve been to an airport recently, you’ve probably spotted a ton of iconic Away suitcases. The company has built one of the most successful consumer brands in recent years, and it’s just getting started. That’s why I’m excited to announce that Away co-founder and Chief Brand Officer Jen Rubio will join us at TechCrunch Disrupt Berlin.

Away has been around since 2015, long before a ton of direct-to-consumer brands took over Instagram ads. Thanks to this early bet, thoughtful design and amazing branding, Away has managed to sell over 1 million suitcases.

More recently, the company has started to expand to other travel gear, such as backpacks, weekenders and organizers. Away now even has a handful of brick-and-mortar stores in the U.S. and London.

Earlier this year, the startup raised a $100 million round at a $1.4 billion valuation. Back in 2018, Away even said that it was already profitable.

Jen Rubio has been instrumental to Away’s success. She was the head of social media at Warby Parker when she thought about building Away. And I’m sure she has many tips for the next-generation of direct-to-consumer entrepreneurs.

Buy your ticket to Disrupt Berlin to listen to this discussion — and many others. The conference will take place December 11-12.

In addition to panels and fireside chats, like this one, new startups will participate in the Startup Battlefield to compete for the highly coveted Battlefield Cup.

---

Jen Rubio is the co-founder and Chief Brand Officer of Away, a global lifestyle brand that’s working to transform the entire travel experience. Under her leadership, Away has been named one of Fast Company’s “World’s Most Innovative Companies,” one of TIME’s “50 Most Genius Companies,” one of LinkedIn’s “Top Startups,” and a Forbes “Next Billion Dollar Start-Up.”

Before starting Away, Jen built her career as a branding, creative, and social media expert, redefining how customers and brands connect at companies like Warby Parker and AllSaints. She has been named to Fortune’s 40 Under 40, the Forbes 30 Under 30 list for Marketing and Advertising, Inc.’s 30 under 30 list, and NRF’s People Shaping Retail’s Future list. She lives in New York.

Great news for time-strapped early-stage startup founders across Europe and beyond! We’re extending our application deadline to the Startup Battlefield at Disrupt Berlin 2019 on 11-12 December. If you’re ready to launch your startup on a global stage and complete for glory, cash, media attention and investor love, it’s time to act.

Apply to Startup Battlefield before the new deadline window expires on October 4 at 11:00 p.m. PT.

Applying to and participating in a Startup Battlefield is free — no fees, no equity, just good old-fashioned value. You have nothing to lose and much to gain. TechCrunch editors will sift through hundreds of applications and select only 15-20 startups — the best of the best — to step onto the Main stage at Disrupt Berlin.

Selected founders all receive intensive (and free) pitch coaching from TechCrunch editors. Their expertise will help you prepare your pitch and perfect your demo. During the Battlefield, you’ll have just six minutes to present your case in front of the judges — a panel of technologists and investors — followed by a Q&A.

If you survive round two, you’ll do it all over again in front of a fresh set of equally smart judges. And while only one outstanding startup will walk away with the coveted Disrupt Cup and the $50,000 prize, all participating teams benefit from massive media and investor exposure. It’s a potentially life-changing opportunity.

All the thrilling action takes place on the Disrupt Main stage in front of thousands of avid startuppers, journalists and investors. Plus, we record and live-stream the entire event around the world.

So far, Startup Battlefield pitch competitions have launched 857 stellar tech companies, which form our Startup Battlefield alumni community. They’ve collectively raised $8.9 billion and produced 112 exits. You’ll join the ranks of companies like Vurb, Dropbox, Mint, Yammer and many more.

The Startup Battlefield takes place at Disrupt Berlin 2019 on 11-12 December. Don’t be so busy that you miss this extended opportunity to shine a bright spotlight on your startup. Apply to Startup Battlefield before 11:00 p.m. PT on October 4. Come and show the world what you can do!

Need passes to Disrupt Berlin? Buy them here, get the super early-bird price and save up to €600.

Is your company interested in sponsoring or exhibiting at Disrupt Berlin 2019? Contact our sponsorship sales team by filling out this form.

If you could digitize whole, real-world locations you’d automatically improve the planning for big infrastructure projects that require buildings, bridges tunnels and the like. Some $94 trillion in infrastructure investment is required by 2040 globally to sustain global growth predictions, yet infrastructure is one of the least digitized sectors in the global economy.

SenSat is a UK company using AI to create digital representations of real-world locations. It’s now raised a $10 million Series A funding round, led by Internet giant Tencent, with participation from Sistema Venture Capital.

SenSat creates ‘digital twins’ of locations. The result is an accurate, digital and up-to-date copy of the real world in a machine-readable format. This enables industries, such as infrastructure, to make more informed decisions about big projects. This improves safety, cost-efficiency, waste generation, project collaboration, and reduces the carbon generated in the project.

James Dean, Co-Founder and CEO of SenSat says: “SenSat has a simple but profound goal: to build the third platform, an intelligent eco-system that translates the real world into a version understandable to AI. This technology will help us to build a more sustainable future, using the wealth of new insight to help humans make better decisions.”

Pony Ma, CEO and Founder, Tencent added: “We believe the first stage of the internet, the consumer internet, is drawing to a close, and the second stage, the industrial internet, is kicking off. SenSat are really well-positioned to introduce mass digital automation to traditionally offline industries that have not yet partaken in the digital revolution.”

SenSat’s is Mapp platform allows Infrastructure companies to interact with their workplaces digitally by allowing digital automation to help them make better decisions with real-world data.

Mapp has more than 30 international infrastructure companies using it now. As part of a project with Murphy Group for the UK National Grid, SenSat digitized a 52 km underground transmission line as a part of the Triton Knoll offshore wind farm project, resulting in reducing time on site by 200%, it claims.

Fintech startup Bunq is launching in 22 additional markets today. It is now going to be available in all European Union markets as well as Norway and Iceland. Overall, users can sign up in 30 countries.

In addition to today’s geographic expansion, the company is enabling Apple Pay and Google Pay support for Travel Card users in the Netherlands, France, Germany, Spain, Italy, Belgium and Ireland.

Bunq wants to create a bank account that works better. Originally from the Netherlands, Bunq is already available in Germany, Italy, Spain, France, Ireland and Belgium.

In those countries, you can open a full-fledged bank accounts. You get your own IBAN and debit card for a monthly subscription fee.

More recently, Bunq also launched a (nearly) free tier called the Bunq Travel Card. The Travel Card is all about saving on banking fees. It isn’t a true bank account, it just complements your existing bank account.

When sign up to the Travel Card, you can top up an electronic wallet and then spend money using your Bunq Mastercard. The main advantage is that Bunq uses the standard Mastercard exchange rate but doesn’t add any markup fee. Most traditional banks charge you 2 or 3 percent for foreign transactions.

While Bunq doesn’t offer a credit line, the Travel Card is technically a credit card. It means that you can use it for hotel security deposits or car rentals just like a normal credit card. But Bunq still checks whether you have enough money on your Bunq account before processing a transaction.

Bunq is launching the Bunq Travel Card in 22 new countries, not the premium bank accounts. You can get a Travel Card for a one-time fee of €9.99 and there’s no monthly subscription fee.

Here’s the full list of new countries launching today: Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, Greece, Hungary, Latvia, Lithuania, Luxembourg, Malta, Poland, Portugal, Romania, Slovakia, Slovenia, Sweden, the United Kingdom and non-EU countries Norway and Iceland.

Fintech startup Bnext has raised a $25 million funding round. The Spanish company is building a banking product and has managed to attract 300,000 active users.

DN Capital, Redalpine and Speedinvest are leading today’s funding round. Existing investors Founders Future and Cometa are also participating. Other investors include Enern, USM and Conexo.

When you open a Bnext account, you get a card and you can upload money to your account. Bnext accounts aren’t technically bank accounts — the company has an e-money license. You can then use your card and spend money anywhere around the world without any foreign transaction fee. You can also freeze and unfreeze your card from the app.

“As of now we'll stick to the e-money license, as our international expansion plans complicate potential passporting of banking licenses. We will first need to understand in which countries makes more sense to get a banking license, and then we'll make a decision,” co-founder and CEO Guillermo Vicandi told me.

You can also connect to your traditional bank accounts from the Bnext app. This way, you can manage your money from a single app.

And Bnext takes this one step further by offering financial products from third-party companies as well. It’s clear that the company wants to build a financial hub, the only finance app that you need.

You can lend money to small and medium businesses and earn interests through October, you can save money using Raisin, you can get a loan, a mortgage, an insurance product, etc. Bnext generates revenue from those partnerships.

While Bnext only operates in Spain for now, the company has managed to attract 300,000 active users. It processes €100 million in transactions every month ($109 million).

Up next, Bnext plans to offer premium plans with more features and individual IBANs. The company also plans to expand to Latin America, starting with Mexico later this year.