Finovate Alumni News

On Finovate.com

  • Meniga Acquires Swedish Rewards Platform Wrapp.

Around the web

  • Featurespace partners with everis to help the business consultancy’s bank clients fight payment and account fraud.
  • TransferWise opens office in Belgium and applies for money transfer license as insurance against a no-deal Brexit outcome.
  • Hyatt launches bug bounty program with ethical hacker platform HackerOne.
  • Australian business bank Tyro unveils latest Alipay integration with  Sydney Airport retailer Heinemann Australia.
  • Entrust Datacard announces a pair of new board members, Val Rahmani and Cheri McGuire.
  • Capsilon reports that its core technology, Capsilon IQ, helped its clients’ customers save more than five million people hours collectively in 2018.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Europe Bets on Bug Bounties, HackerOne to Fight Fraud

The European Commission is beginning the new year with a major commitment to fight fraud – and is turning to the world of white hat hackers to help them do it. The EC announced this week that it has allocated up to  €850,000 ($966,000) for bug bounties: cash awards to programmers, developers, and others who are able to identify security vulnerabilities in 14 open source projects.

The EC’s bug bounty program will run in part via the platform provided by FinDEVr alum and ethical hacker HackerOne. The programs will cover open source software common in European infrastructure including streaming software Apache Kafka, content management framework Drupal, and a free SSH and telnet client for Windows called PuTTY. In addition to HackerOne, ethical hacking and bug bounty platform, Intigriti, will also be used for some projects.

Above: HackerOne co-founder Michiel Prins during his presentation on ethical hacking and bug bounties at FinDEVr London 2017.

The funds for the bug bounty program come from the EU Free and Open Source Software Audit (FOSSA) project run by the EC’s Directorate of General of Informatics (DIGIT). The initiative was launched in 2014 by German politician, EU parliamentarian, and Pirate Party member, Julia Reda, after security vulnerabilities were found in key open source software projects including the Open Source encryption library, OpenSSL.

“The Internet is built on Free and Open Source Software,” said Reda (pictured). “It is part of our every day lives. Therefore the European Commission and public administrations in general have a responsibility to ensure its stability, reliability and security – by investing in it.”

The EU bug bounty programs for HackerOne begin next week and run through mid-August for projects involving Filezilla, Apache Kafka, Notepad++, midPoint, and VLC Media Player, and until mid-December for PuTTY.

HackerOne participated in our developers conference, FinDEVr London 2017. Co-founder Michiel Prins presented Tapping Hackers to Improve Security, which introduced the concept of ethical “white hat” hackers and bug bounty programs as a way for institutions to uncover security vulnerabilities in their networks and systems.

Last fall the company announced that it secured a million dollar bug bounty contract with the Technology Transformation Service (TTS) of the U.S. General Services Administration. Over the summer, HackerOne worked with the U.S. Department of Defense, as part of its Hack the Marine Corps initiative to improve the cybersecurity on the public-facing websites on the Marine Corps Enterprise Network (MCEN).

Founded in 2012 and headquartered in San Francisco, California, HackerOne has raised $74 million in funding. The company includes New Enterprise Associates, Benchmark, and Dragoneer Investment Group among its investors.

Finovate Alumni News

On Finovate.com

  • Europe Bets on Bug Bounties, HackerOne to Fight Fraud.

Around the web

  • The Fintech Times reviews identity verification innovator Onfido in the wake of its “strongest year to date.”
  • Infosys Finacle to partner with Santander U.K., facilitating the integration of cash management solutions into existing ERP systems.
  • Diebold Nixdorf names Jeffrey Rutherford as its new permanent Chief Financial Officer, Julian Sparkes as SVP and Chief Digital Officer, and Hermann Wimmer as SVP, Global Retail.
  • Cloud Wars with Bob Evans interviews Q2 CIO Lou Senko.
  • Chesapeake Bank’s alternative lending division, Cash Flow, adds the Commercial Lending Center Suite from Jack Henry & Associates‘ ProfitStars division.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • Accenture Acquires Select Assets from Banking Software Provider Zafin.
  • Equifax Launches Ignite Solution in the U.K.

Around the web

  • Enveil brings data in use security to the Azure Marketplace.
  • City of Charlotte and Charlotte Douglas International Airport upgrade to Passport’s real-time, connected platform.
  • Australia’s largest credit union, CUA, launches new chat app powered by Kony’s DBX.
  • Equifax unveils its integrated portfolio of data, analytics, and visualization tools, Equifax Ignite, in the U.K.
  • Temenos announces partnership with Tunisia’s Banque de l’Habitat.
  • GreatHorn meets SOC 2 standards for security, availability, and confidentiality after completion of attestation report.
  • Gitlab’s Kathy Wang and James Ritchey talk with HackerOne about why they decided to launch a bug bounty program.
  • Digital gifting solution provider Swych brings blockchain technology to its platform.
  • Fenergo wins Fintech Exporter of the Year award from Asia Matters.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • Priority Payment Systems to Offer Sezzle’s Shop Now, Pay Later Solution.
  • The ID Co. Launches NoMo Cashflow Tracking App.

Around the web

  • IDG’s Techworld features U.K.-based insurtech innovator, Anorak. The company was also selected to participate in the Plug and Play Insurtech innovation platform in November.
  • Silicon Republic highlights Meniga in its roundup of “cool start-ups from Reykjavik.”
  • In partnership with the U.S. Department of Defense, HackerOne uncovers 150 cybersecurity vulnerabilities during Hack the Marine Corps challenge.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • Cracking the Fintech Code: Secrets to Success for Fintech Start-ups.
  • Salt Edge Serves Up Open Banking Payment Infrastructure for Testing.

Around the web

  • Earnix forges strategic alliance with automated machine learning innovator, DataRobot.
  • IdentityMind Global partners with digital currency risk assessment specialist, CipherTrace.
  • HackerOne now accepts Bitcoin and Bitcoin Cash payments for bug bounties courtesy of new partnership with BitPay.
  • Fiserv taps Lee Cameron as new managing director for EMEA.
  • Siam Commercial Bank is the first bank on Ripple’s RippleNet to pioneer multi-hop, a feature that allows payment settlement on behalf of other financial institutions on the network.
  • Danske Bank leverages Featurespace’s ARIC fraud hub to reduce fraud.
  • Risk Ident wins Best eCommerce Technology Innovation at the London eCommerce Awards.
  • Banco Fassil is the first Bolivian company to migrate its ATM network to TranzAxis from Compass Plus.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Million Dollar Bounty: HackerOne Secures Contract from the General Services Administration

The white hat hackers of HackerOne have won a $2 million bug bounty contract with the Technology Transformation Service (TTS) of the U.S. General Services Administration.

The firm, which employs ethical hackers to find security vulnerabilities in client websites before the bad guys do, has worked with the TTS for a little over a year now. The new contract extends the partnership, providing a base performance period of six months, with an additional nine option periods lasting six months each for a total of five years.

Marten Mickos, CEO of HackerOne, called the contract “a reminder of the leadership role that the U.S. federal government has taken in vulnerability disclosure.” The GSA in particular has shown a strong interest in using bug bounties – i.e., cash prizes to hackers who discover and report vulnerabilities – and is the first civilian agency to leverage these programs to improve its website security.

“Over the last year, GSA has proved to be one of the fastest government agencies in regards to resolution time,” Mickos said, “resolving vulnerabilities markedly faster than the global average for government bug bounty programs.”

The contract with the GSA comes just over a month after the company announced inking a deal with the U.S. Department of Defense to unleash its squad of white hat hackers on the public-facing websites of the Marine Corps Enterprise Network (MCEN). The Hack the Marine Corps bug bounty challenge in August was the latest iteration of the San Francisco, California-based company’s work with the DoD, having also launched similar campaigns with the Army, the Air Force, and the Defense Travel System over the past two years.

Founded in 2012, HackerOne presented Tapping Hackers to Improve Security at our developers conference, FinDEVr London, last summer. The presentation discussed how external, white hat hackers can help companies uncover cybersecurity flaws, and how they can move toward more comprehensive vulnerability disclosure programs.

Since inception, HackerOne has helped 1,000+ companies and organizations find and fix more than 76,000 cybersecurity vulnerabilities, earning white hat hackers $32 million in bug bounties.

Finovate Alumni News

On Finovate.com

  • Onfido to Help Crowdfunding Platform Indiegogo Fight Fraud.

Around the web

  • The Technology Transformation Service of the U.S. General Services Administration awards $2 million bug bounty contract to HackerOne.
  • Mortgage Cadence integrates LoanBean’s income calculation solution into its end-to-end loan origination platform.
  • Minnesota-based Glenwood State Bank ($289 million in assets) to deploy Jack Henry SilverLake core banking platform.
  • Avaloq taps former Credit Suisse executive Michael Pahlke as Chief Service Delivery Officer (CSDO).
  • ID.me founder and CEO Blake Hall earns spot on Washingtonian’s Tech Titans 2018: Washington’s Top Tech Leaders.
  • Infosys announces plans to open tech hub in Arizona and hire 1,000 Americans by 2023.
  • PromonTech integrates its POS platform, Borrower Wallet, with GSF Mortgage.
  • Forbes features Tina Hsiao is COO at WePay.
  • Fenergo doubles revenue for 2nd year & expands into new market segments.
  • ISARA partners with DigiCert and Gemalto to develop digital certificates and secure key management for connected devices.
  • Flywire partners with Allianz Global Assistance to enable families to purchase Allianz’s GradGuard Tuition Protection Plan.
  • Trustly’s Pay N Play solution to power Gaming Innovation Group fast-registration and withdrawal feature.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • DefenseStorm Forges Strategic Partnership with Alogent.
  • FinovateFall 2018: Be There … In Times Square.

Around the web

  • Ripple reaches milestone as its RippleNet network is now live in more than 40 countries across six continents.
  • Bambu, Exate Technology, and Market IQ are among the seven startups selected for Plug and Play ADGM’s three-month accelerator program.
  • AlphaPoint appoints Moishe Gubin to its board of directors.
  • CallVU to provide an international credit company with biometric authentication via its digital engagement platform.
  • Enveil and Payfone earn spots on the 2018 SINET 16 Innovators roster.
  • Fifth Domain features Hacker One in a look at how white hat hackers could help improve voting machine security.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

HackerOne to U.S. Marine Corps: We’ve Got Your Six

Who defends the defenders? When it comes to the U.S. Marine Corps and the challenge of cybersecurity, the U.S. Department of Defense goes with the white hackers of HackerOne.

“Success in cybersecurity is about harnessing human ingenuity,” HackerOne CEO Marten Mickos explained. “There is no tool, scanner, or software that detects critical security vulnerabilities faster or more completely than hackers. The Marine Corps, one of the most secure organizations in the world, is the latest government agency to benefit from diverse hacker perspectives to protect Americans on and off the battlefield.”

For its sixth bug bounty program, Hack the Marine Corps, the Defense Department has again enlisted hacker-powered cybersecurity firm, HackerOne, to improve security on the public-facing websites of the Marine Corps Enterprise Network (MCEN). The program began with a live hacking event in Las Vegas, Nevada on Sunday. This kickoff event featured nearly 100 white hat hackers who spent nine hours testing and probing the Marine Corps’ public-facing websites for security vulnerabilities. The hackers filed 75 unique valid security vulnerability reports that day, winning more than $80,000 in prize money for their efforts. The bug bounty program continues until August 26th.

HackerOne co-founder Michiel Prins during his presentation “Tapping Hackers to Improve Security” at FinDEVr London 2017.

Hack the Marine Corps is part of the Hack the Pentagon crowdsourced cybersecurity program initially launched by the Department of Defense’s Defense Digital Service (DDS) and HackerOne in 2016. The Marine Corps commitment to improving cybersecurity has grown since then to include the creation of a cyberspace career track for service members. In fact, during the Vegas event, members of the U.S. Marine Corps Cyberspace Command (MARFORCYBER) worked alongside the invited security professionals on both offensive and defensive cyber teams.

“Information security is a challenge unlike any other for our military,” DDS Director Chris Lynch said. “Our adversaries are working to exploit networks and cripple our operations without ever firing a weapon. Sometimes, the best line of defense is a skilled hacker working together with our men and women in uniform to better secure our systems.” More than 5,000 vulnerabilities have been reported in government systems since Hack the Pentagon was launched.

In addition to Hack the Pentagon and Hack the Marine Corps, bug bounty challenges have also been launched with the Army (December 2016), the Air Force (April 2017), and, this spring, the Defense Travel System.

Founded in 2012, San Francisco, California-based HackerOne participated in our developers conference, FinDEVr London, last summer. The company’s presentation, Tapping Hackers to Improve Security, underscored the role and value of bug bounty programs as part of a comprehensive strategy to develop an effective cybervulnerability disclosure program.

More than 1,000 organizations including Google, Nintendo, Lufthansa, and Starbucks have leveraged HackerOne’s white hat hackers to find and fix vulnerabilities before they are discovered by cybercriminals. HackerOne has helped companies resolve more than 76,000 vulnerabilities, resulting in the awarding of more than $32 million in bug bounties to ethical hackers.