Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital payment system. Show all posts
Online Payments
Blockchain Blockchain Payments Blockchain Technology Cyber Security Digital Payment Digital payment system Online Payments

How HesabPay and Algorand Are Enabling Humanitarian Aid and Financial Inclusion in Afghanistan

A sudden shift unfolded across Afghanistan once American and NATO troops left in August 2021. Power structures backed by Washington vanished almost overnight; chaos spread quickly through regions. Instead, authority shifted back into the hands of the Taliban - two decades after their last rule ended. Hardship deepened ever since, turning daily life into struggle for millions. Among the worst humanitarian emergencies today, the nation battles crippling poverty, hunger that reaches far, along with frozen financial systems. 

Right now, about 97 out of every 100 people in Afghanistan survive on less than what is considered a basic living standard. Close to twenty million individuals - half the country's residents - face severe shortages in reliable access to meals, reports the UN’s food aid agency. Over a million kids younger than five endure ongoing lack of proper nutrition, their growth stunted by months without balanced diets. While some manage to stay alive, future well-being frequently remains compromised due to lasting physical strain. When circumstances reach this level, outside help isn’t just helpful - it becomes something people depend on simply to continue breathing. 

Hardship deepens as economic strains mount. Drought drags on, world food costs climb, while aid linked to departing troops vanishes overnight - wrecking ways people earn a living. Few jobs exist; instead, each day brings another test just to stay alive for countless Afghan families. 

With sanctions in place, overseas funds locked up, banks barely functioning, yet cash hard to find, money flows have shrunk sharply nationwide. Because of these pressures, large numbers rely on support from global bodies like the WFP, UNICEF, along with key NGOs. Even so, amid ongoing challenges, a local tech venture named HesabPay introduced a digital payment system using Algorand's blockchain, aiming to send assistance straight to people. 

A digital form of the Afghan Afghani, supported by real money held in bank accounts, is released by HesabPay. Built on the Algorand blockchain, it handles transfers efficiently. Even without smartphones, people move money thanks to compatibility with basic handsets. Payments happen daily - for food, phone credit, power charges - without delays. Changing paper notes into electronic value takes place at local centers run by HesabPay. These spots stretch across every province, reaching distant regions others miss. Access stays open regardless of location because of this spread. 

A single QR card connects each user to their account, helping those without phones join easily. When someone pays, shops scan the code while confirmation comes via text message - no tech skills needed. Backing it up, checks grow stricter step by step: identity verified, banned parties screened, transactions watched using shared ledger tracking to block fraud before it spreads. With a network now reaching 400,000 individuals and 3,000 businesses across the country, HesabPay has handled close to 4.5 million transactions so far. 

Running on Algorand’s blockchain technology, it keeps transaction costs minimal - often zero - for consumers at storefronts. When assistance flows straight into the hands of women, results shift noticeably; household stability strengthens, community wellbeing rises. Efficiency isn’t the only outcome here. 

Now imagine a tool that quietly reshapes aid delivery - HesabPay does exactly that by using blockchain to build systems that grow easily, stay clear, and include more people. Where banks vanish or never existed, alternatives like this prove digital setups can reopen doors to basic needs while returning respect to those often left behind.
Read more »
Payment Fraud
Digital payment system Fake Apps Google Play Store Malware in Google Play Mobile Security Mobile Security News Payment Fraud

Japanese Payment System Attacked By Fake Security App

A new malware has been observed by the Research team at McAfee Corp. This malware is found to be attacking NTT DOCOMO customers in Japan. 

The malware that is distributed via the Google Play Store pretends to be a legitimate mobile security app, but in reality, it is a fraud malware designed to steal passwords and abuse reverse proxy focusing on NTT DOCOMO mobile service customers. 

The McAfee Cell Analysis team informed Google regarding the notoriety of the malware. In response, Google has made the application unavailable in Google Play Store and removed known Google Drive files that are associated with the malware. In addition to this, Google Play Shield has now alerted the customers by disabling the apps and displaying a warning. 

The malware publishes malicious fake apps on Google Play Store with various developer accounts that appear like some legitimate apps. According to a tweet by Yusuke Osumi, a Security Researcher at Yahoo, the attacker lures the victims into installing the malware in their systems by sending them an SMS message with a Google Play Store link, reportedly sent from overseas. Additionally, they entice the users by displaying a requirement to update their security software. 

This way, the victim ignorantly installs the fraudulent app from Google Play Store and ends up installing the malware. The malware asks the user for a community password but cleverly enough, it claims the password is incorrect, so the user has to enter a more precise password. It does not matter if the password is incorrect or not, as this community password can later be used by the attacker for the NTT DOCOMO fee services and gives way to online funds. 

Thereafter, the malware displays a fake ‘Mobile Security’ structure on the user’s screen; the structure of this Mobile Security structure interestingly resembles that of an outdated display of McAfee cell security. 

How does the malware function

A native library called ‘libmyapp.so’ written in Golang, is loaded through the app execution. When the library is loaded, it attempts to connect with C&C servers utilizing an Internet Socket. WAMP (Internet Software Messaging Protocol) is then employed to speak and initiate Distant Process Calls (DPC). When the link is formulated, the malware transmits the community data and the victim’s phone number, registering the client’s procedural commands. The connection is then processed when the command is received from the server like an Agent. Wherein, the socket is used to transmit the victim’s Community password to the attacker, when the victim enters his network password in the process.

The attacker makes fraudulent purchases using this leaked information. For this, the RPC command ‘toggle_wifi’ switch the victim’s Wi-Fi connection status, and a reverse proxy is provided to the attacker through ‘connect_to’. This would allow connecting the host behind a Community Handle Translation (NAT) or firewall. With the help of a proxy, now the attacker can ship by request through the victim’s community network. 

Along with any other methods that the attackers may use, the malware can also use reverse proxy to acquire a user’s mobile and network information and implement an Agent service with WAMP for fraudulent motives. Thus, it is always advised by Mobile Security Organizations to be careful while entering a password or confidential information into a lesser-known or suspicious application.

Read more »
UPI
Digital payment system Technology UPI

UPI Turns Webless

 

While UPI has grown in popularity since its inception in 2016, it has yet to reach rural areas where smartphone ownership is low and internet access is spotty. Volumes should increase as more low-cost handsets connect to the UPI system, promoting financial inclusion. 

This could be India's Unified Payments Interface's next great step (UPI). Governor of the Reserve Bank of India Shaktikanta Das introduced UPI123Pay, a digital software that allows users of feature phones to send money, on Tuesday. They will be equipped to do almost everything that smartphone users can on this payment platform, with the exception of scan-and-pay. There is no need for an internet connection. 

All that is required is a feature phone connected to a bank account, and funds can be transmitted to any other UPI user without the usage of a credit card. This should significantly boost the use of India's proprietary platform for cashless transactions. 

UPI transfers have already increased as a result of the pandemic, with over 4.5 billion worth over $8.3 trillion reported in February, up from just over 1.3 billion worth 2.2 trillion two years ago. The tally is expected to rise.
Read more »
Line Pay
Data Breach data security Data threats Digital payment system GitHub Line Pay

LINE Pay leaked 133,000 Users' Data to GitHub

Yesterday, digital messaging and payment facility platform ‘LINE Pay’ – released a statement in which it said that around 133,000 clients’ payment data was erroneously published on GitHub between September and November this year. The incident affected more than 51,000 Japanese users and around 82,000 Taiwanese and Thai users.

Data detailing individuals in a LINE Pay promotional program that was organized between late December 2020 and April 2021 was accidentally uploaded to the collaborative coding crèche by an employee. After the attack findings, the company has notified its customers and the fintech division of the company has issued an official apology letter and assured its users of future protection. 

The data that has been leaked includes the time, date, amount of transactions, and user and franchise store identification numbers. However, telephone, addresses, credit card, and bank account numbers were not leaked, the names of the customers and other credentials could be accessed with little effort. 

Additionally, many political figures and dignitaries stopped using this app since the July 2021 cyberattack. Also, Japanese government officials have stopped using this app when it was discovered that important information was being leaked to China. Prior to the discovery, Japan extensively used this communication app for many regional official communications. 

GitHub--headquartered in California, USA, has been a subsidiary of Microsoft since 2018. The platform is commonly used for organizing open-source projects for software development (As of November 2021, GitHub reports having over 73 million developers). It provides the distributed version control and source code management (SCM) functionality of Git and its own factors. Besides the aforementioned, it also offers access control and several collaboration features such as feature requests, bug tracking, task management, continuous integration, and wikis for every project.
Read more »
Subscribe to: Comments (Atom)