Category: IT Security

First Direct Customers Can Pay By Siri

Posted on by Rob Burdett

First Direct customers can now make voice-activated payments to existing payees or mobile contacts via the Siri tool on their Apple iPhones, without logging into online banking or using their password.

Following Barclays

First Direct’s move to voice-activated payments follows the move by Barclays last August to allow its customers (with an Apple device with iOS 10 software or above, with fingerprint technology) to make payments using Apple’s voice-activated assistant, Siri.

Dutch Pioneers

Dutch banking group ING Netherlands are widely credited as being the pioneers of this kind of system when, back in 2014, they launched a voice-navigated banking app with a view to enabling biometric voice recognition as a replacement for PINs in the future.

Interface Between The Customer and Paym

In the case of First Direct, the Siri digital assistant acts as an interface between the customer and the Paym mobile payment system.

Paym is the service, launched by the Payments Council, that allows users to send and receive payments directly to a current account using only the mobile number of the account holder.

How Does It Work?

With the First Direct system, users simply tell Siri what amount they would like to pay, and the name of the person that they would like to pay using First Direct. The system then asks for verification using the fingerprint scanner or face ID tool on the payer’s mobile device. It has been reported that the money is then transferred instantly, and First Direct customers can make transfers of up to £350 daily using the new system.

What Will You Need?

Clearly, to use the system you will need to be registered for digital banking with First Direct. You will then need to activate Paym in the First Direct app, and make sure that you are using an iPhone that is capable of fingerprint or facial recognition so that your payments can be verified without a password.

What Does This Mean For Your Business?

For businesses, saving time and getting cash quickly into the business are important, and the First Direct system looks as though it is capable of helping both these things to happen. It also offers your business, suppliers, and other stakeholders a convenient way of paying while on the move.

Also, the biometric aspect (fingerprint or facial recognition) is believed to provide greater security than passwords.

Voice-activated assistants have proven popular with users, and it makes sense that they could be linked up with other technologies and systems to deliver greater value, convenience, and time savings. It is likely that other banks will now follow suit, and voice-activated assistants will be linked-up to a whole range of other services in the near future to benefit the business and the customer.

Fighting Exploitation Via Blockchain and Coke

Posted on by Rob Burdett

Coca-Cola, the US State Department, and 2 other companies are working on a project to used blockchain to fight forced labour worldwide.

What Is Blockchain?

Blockchain is an incorruptible peer-to-peer network (a kind of ledger) that allows multiple parties to transfer value in a secure and transparent way. Blockchain’s Co-Founder Nic Carey describes Blockchain as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”.

Forced-Labour

The International Labour Organisation estimates that there are nearly 25 million people working in forced-labour conditions worldwide, and 47% of them in the Asia-Pacific region.

The kind of work where there is known to be forced-labour varies, but many are engaged in work that contributes to products for food and beverage e.g. forced-labour in countries where sugarcane is produced.

A KnowTheChain (KTC), a partnership founded by U.S.-based Humanity United, showed that most food and beverage companies could be doing more solve the problem.

Coca-Cola Committed

As part of a new partnership, Coca-Cola has now committed to conduct 28 country-level studies on child labour, forced-labour, and land rights for its sugar supply chains by 2020.

Blockchain

Blockchain’s validation and digital notary capabilities are being used in the new project to create a secure registry for workers and their contracts. The project, involving Trust Accelerator (BTA), a non-profit organization, the US State Department, Coca-Cola, and U.S.-based Humanity United, will use blockchain to create a validated chain of evidence that will encourage compliance with labour contracts.

US tech company The Bitfury Group, will build the blockchain platform, while Emercoin will provide blockchain services.

Blockchain Used To Reduce Child Labour Too

Earlier this month it was reported that blockchain is also being used in a pilot project between car-maker BMW and start-up Circulor with a view to eliminating battery minerals produced using child labour. In that project, blockchain is being used to help provide a way to prove that artisanal miners are not using child labour in their cobalt mining activities. Bags of cobalt are given a digital tag which can be entered into blockchain using a mobile phone. The details of the digital tag can then be entered by each link in the chain of buyers, thereby providing a clear, verifiable trail, all the way from miner to smelter.

What Does This Mean For Your Business?

The new project involving Coca-Cola is another example of how blockchain is being used to ethically add value, genuinely reduce suffering and exploitation, and shows how this new technology can deliver social impact. One of the strengths central to blockchain is that it offers an incorruptible and transparent system that can provide a much greater, and more reliable level of proof that something has happened in the correct way in a value chain. Many different types of businesses can use blockchain to categorically prove a certain source and route for e.g. delivery, raw materials or production. This is proving to be particularly valuable to businesses where provenance is necessary to add to the monetary, ethical or other value of a product, service, and brand.

Tech Tip(s) – Browser Security

Posted on by Rob Burdett

Your Internet browser is one of your most-used applications, so it makes sense that you should make yours as secure as possible. Here are a few tips to help you do just that :

  • Use browsers that have built-in protection features such as Chrome, Firefox, Apple and Safari.
  • Utilise the security settings on your browser. Look under advanced settings, and select Privacy and Security e.g. restrict your device from visiting dangerous sites.
  • Use private / incognito browsing to avoid tracking.
  • Consider deactivating ‘ActiveX’. This add-on acts as a middleman between your PC and Java/Flash-based interactions in certain sites, thereby potentially creating security problems by giving malicious websites a window into your PC.
  • Consider disabling ‘JavaScript’. As well as making browsing quicker and simpler, this can stop cyber criminals from using JavaScript in malicious ways in order to infect your device.
  • Delete Cookies. Although they can be helpful for remembering accounts and passwords, they can also be targeted by cyber criminals because of the information they contain.
  • Beware of some browser extensions and add-ons. Even though they can add extra functionality, they can also pose a security risk as they can be exploited to inject malware.

As always (e.g. with cookie or javascript usage), it’s a case of weighing up benefits of functionality against potential risks and exploits. The more ‘stuff’ you have open/running … the more that can (potentially) go wrong.

Eight New Cyber Threats Every Second

Posted on by Rob Burdett

The latest McAfee Labs threat report shows that in the last quarter of 2017, organisations faced 8 new cyber threats a second as there was an 18% increase in the number of reported security incidents across Europe.

478 New Cyber Threats Every Minute

The report makes worrying reading as businesses and organisations try to secure their online and data security systems in preparation for the introduction of GDPR.

The McAfee Labs report shows an 18% increase in the number of reported security incidents across Europe with a specific focus the on adoption of newer tools and schemes, such as fileless malware, cryptocurrency mining and steganography.

Cytptocurrency Mining

The rocketing value of the cryptocurrency Bitcoin led to a big increase in cryptocurrency mining / cryptojacking in the last quarter of 2017. For example, cryptojacking involves installing ‘mining script’ code such as Coin Hive into multiple web pages without the knowledge of the website owners. The scammer then gets multiple computers to join their networks so that the combined computing power will enable them to solve mathematical problems. Whichever scammer is first to solve these problems is then able to claim / generate cash in the form of crypto-currency.

Also, at the end of 2017, ransomware operators were found to be hijacking Bitcoin and Monero wallets using Android apps developed exclusively for the purpose of cryptocurrency mining. Many criminals appear to have favoured Litecoin over Bitcoin because there was a lesser chance of exposure.

Fileless Malware Attacks

Another trend uncovered by the McAfee Labs threat report was the adoption of fileless malware and abusing Microsoft PowerShell, which showed a 432% surge over the course of 2017.

Fileless malware involves hijacking tools that are already built-in to Windows rather than installing software on a victim’s computer. It is designed to work in-memory (in the computer’s RAM) and is, therefore, very resistant to existing anti-computer forensic strategies, and is difficult to detect.

The MacAfee report showed a huge 267% growth in the use of the new PowerShell malware. Powershell is a legitimate tool (scripting language) that is built-in to Windows, and provides access to a machine’s inner core, including Windows APIs. This is why it has become a favoured route for fileless malware attacks.

Increase In Attacks On Healthcare

One other disappointing trend uncovered in the McAfee Labs threat report is the dramatic 210% overall increase in incidents against healthcare organisations in 2017. It is believed that these attacks were facilitated by organisational failures to comply with security best practices, or to address many known vulnerabilities in medical software.

What Does This Mean For Your Business?

The report highlights how businesses now face risks on an unprecedented scale, and how, particularly with GDPR on the way, businesses need to prioritise cyber and data security. A collaborative and liberalised information-sharing approach should be taken to improve attack defences and combat escalating asymmetrical cyber warfare.

Cyber-criminals always try to combine the highest returns in the shortest time with the least risk. This is why tactics like cryptojacking, stealthy fileless PowerShell attacks, and attacks on soft targets such as hospitals have become so popular over the last year.

New threats for this year, such as cyber-criminals developing botnets exploiting the Internet of Things (IoT) will pose more challenges to businesses and the security industry.

New Threat From Fileless Powershell Exploits

Posted on by Rob Burdett

Businesses now face the growing threat of fileless hacking and fileless malware attacks facilitated by the PowerShell scripting language that is already built-in to Windows.

Surge Reported

The latest McAfee Labs threat report shows what an emerging and dangerous threat the exploiting of the PowerShell scripting language has become. Taking the last quarter of 2017, the adoption of fileless malware via Microsoft PowerShell showed a 432% surge.

How Does It Work?

Microsoft PowerShell is a scripting language that’s built-in to the Windows OS. Its main legitimate uses include running background commands, checking services installed on the system, terminating processes, and the managing configurations of systems and servers.

The Microsoft PowerShell scripting language provides access to your computer’s inner core, including unrestricted access to Windows APIs. Also, because it is a legitimate part of your computer’s Operating System, any commands it executes are usually ignored by security software, and it provides no signature for antivirus software to detect. Another crucial aspect of Powershell is that it can run remotely through WinRM. For these reasons, it has become an ideal route for cyber-criminals.

Controlling Computers Using Powershell

A hack via Powershell involves attackers getting to PowerShell remotely through WinRM, enabling them to get through Windows Firewall, run more PowerShell scripts complete with admin control. Even if WinRM is turned off, it can be turned on remotely through WMI using a single line of code.

Also, through Powershell, once an attacker obtains a username and password for one computer, the path to complete compromise of the whole enterprise system is laid open.

Recent Fileless Malware Attacks

It has been reported that PowerShell malware arrives via spam email, and it is the embedded code in the email that contains the PowerShell commands. This code usually contains instructions to download another payload to carry out the primary malicious activity.

The McAfee Threat report shows how recent attacks have used Powershell to download malware of the Bartallex (.bat and .vbs files) and Dridex families onto the systems of victims in what are now popularly known as fileless malware attacks.

What Does This Mean For Your Business?

The combination of PowerShell providing legitimate access to computer’s and its subsequent ability to be ignored by security software, as well as the ability to run it remotely through WinRM make it a low risk, low cost and potentially and potentially high return tactic for cyber-criminals. This means that fileless hacks and fileless malware attacks are now a serious and present risk to businesses and organisations of all kinds.

The stealth factor, plus the fact that it goes under the radar of normal antivirus software makes detection very difficult. The one clear chance to stop it appears to be not opening the malicious email that contains the code that begins the attack. Companies and organisations need to make sure that all staff are trained to recognise and resist social engineering tactics, and to be made aware of the risk of downloading and installing applications that they do not understand or trust.

Facebook Ads That Target Your Beliefs

Posted on by Rob Burdett

In a new trial involving a small number of users in the UK, Facebook has said that it will be testing the targeting of adverts based on users’ specific political and religious beliefs.

Why?

According to Facebook, the trial will help the social media platform to process and manage its customer data, so that it will be in a better position to ensure compliance with GDPR when it comes into force in May this year.

The severity of the fines associated with the enforcement of GDPR for large companies such as Facebook e.g. a fine for a breach of up to €20 million or 4% of their global annual turnover, whichever is greater, is likely to be a big motivator behind a trial that could improve how Facebook processes and stores data.

How Could Targeting Adverts This Way Be Of Help?

The trial appears to be using adverts for consenting participants to focus on testing and improving how the company handles the required greater consent from data subjects that GDPR will bring, and to ensure that sensitive data is better protected.

One other important result of the trial will be to enable the testing of facial recognition. Facebook is exploring how it can successfully give users an opt-in for facial recognition, which will form part of a measure to stop online impersonations by informing users whenever their faces have been used elsewhere on the site.

The Trial

It has been reported that the trial will work by first asking a number of UK users for permission to allow advertisers to target them on the basis of their political and religious beliefs, and their listed interests.

It is understood that Facebook will also ask users whether they are happy for their public information that identifies them (e.g. their faith and politics) to remain visible for everyone and, if permission is given, Facebook will provide an opt-in for allowing the information to be used to personalise content, and also act as one of the signals for relevant suggesting ads. This will include targeted advertising based upon things like politics, sexuality and faith.

Worries

Some people have expressed fear that opting-in to elements of the trial could enable extremists to use targeted advertising for recruitment propaganda. Facebook has denied this.

What Does This Mean For Your Business?

This story is more proof that the seriousness of the implications of GDPR is hitting home, particularly with those companies that stand to lose in a big way if they are found not to be compliant. Although the subject of targeted advertising is an emotive one that can make us feel a bit uneasy as Internet users in terms of privacy, it is at least good news that this Facebook trial could lead to better protection of our personal data by a platform that arguably knows more about us than most.

With X-day now past this story should be another reminder that its time for companies everywhere to think about double-checking that their own systems and procedures will be GDPR compliant.

Location Based Marketing … Creepy?

Posted on by Rob Burdett

MoviePass CEO, Mitch Lowe, has caused controversy by telling the Hollywood audience at the Entertainment Finance Forum that his MoviePass app can track and gather information about users before and after their trip to the movies.

What Is MoviePass?

MoviePass, based in New York, offers a service whereby, for a flat monthly fee ($9.95 per month), users can go and watch unlimited number of movies in cinemas, with some restrictions. It could be described as a kind of Netflix for moviegoers.

Location Tracking

According to the MoviePass CEO, the company’s app has location-tracking built-in. What some commentators have described as ‘creepy’ though is that the app can track your movements long before and after you’ve been to watch a movie.

Why?

What MoviePass prefers to call ‘location-based marketing’ is reportedly being used to improve the customer’s experience of the service and create more opportunities for subscribers to enjoy all the various elements of what the company thinks make up a good movie night. The company says that by tracking customers and gathering data along the way, it can “create a full-featured movie-going experience”.

How?

The big idea is that subscribers may want refreshments before or after the movie, and may have to travel some distance to the cinema. By knowing a subscriber’s location and route, MoviePass can then, via the phone app, give the subscriber details like discounts on transportation, finding places to park nearby, coupons for nearby restaurants, and other similar opportunities.

What Kind Of Data Is Gathered?

According to online reporting of CEO Lowe’s speech, as well as your location, the MoviePass app is also capable of gathering “an enormous amount of information,” which includes your address, which Mr. Lowe says can be used for demographic information.

Criticism

What MoviePass may see as a kind of personalised, helpful marketing idea, critics appear to see as a potentially dangerous invasion of privacy that could have security consequences for MoviePass subscribers.

What Does This Mean For Your Business?

Using new technology to improve marketing and customer experiences is all very well, but the point here is that customers need to be informed exactly what happens to their data, what is collected by the app, how it’s stored and for how long. This will enable them to make an informed choice, give consent, or decline. In a time when cyber-crime and data mismanagement and theft appear to be rife, customers value their privacy and data security more than ever. Companies need to be transparent about their intentions and methods, and need to be able to show customers that they can be trusted with their valuable personal data.

Also, in this case, it appeared to come as a shock about the capabilities of the app, and to some commentators, it may have appeared to be an inappropriate way and style to reveal what the app is capable of. This is likely to prompt complaints from some customers, and could harm the reputation of MoviePass.

If you are worried about the security implications of apps of this kind, for example, you could try to limit location data collection by going into your phone’s app settings. One other, obvious way to avoid any problems with the app would be to avoid MoviePass for now.

The introduction of GDPR in May this year is also likely to have implications for how MoviePass deals with the data of any EU citizen subscribers, as the company will need to comply with the new Regulation.

One Hour To Take Down Illegal Content

Posted on by Rob Burdett

New measures by the EU will mean that technology companies will have as little as just one hour to take down illegal and terror content, or face penalties under new legislation.

Why Only One Hour?

The new measure, which has reportedly been met with dismay by the big tech companies such as Google and Facebook (who will arguably be most seriously affected), is focused mainly on terror-related content. The logic is that because terrorist content is considered to be most harmful in the first hours of its appearance online, all companies will, therefore, be required to remove such content within only one hour from its referral, as a general rule.

Other illegal content that is being targeted by the new measures includes incitement to hatred and violence, child sexual abuse material, counterfeit products and copyright infringement content.

3 Months To Report Back

As well as the news that tech companies must remove the most serious content within one hour, the EC has also announced that any tech company that is responsible for people posting content online will have only three months from now to report back to the EU on what they were doing to meet the new targets it has set.

Operational Measures

The EC recommendations are that a set of operational measures will be used to ensure faster detection and removal of illegal content online, to reinforce the cooperation between companies, trusted flaggers and law enforcement authorities, and to increase transparency and safeguards for citizens. These operational measures will be:

  • Clearer ‘notice and action’ procedures. Companies should set out easy and transparent rules for notifying illegal content. These should include fast-track procedures for ‘trusted flaggers’. Also, to avoid unintended removal of content which is not illegal, content providers should be informed about such decisions and have the opportunity to contest them.
  • More efficient tools and proactive technologies. This means that companies should set out clear notification systems for users. These should include proactive tools to detect and remove illegal content, in particular for terrorism-related content and for content which does not need contextualisation to be deemed illegal, such as child sexual abuse material or counterfeited goods.
  • Stronger safeguards to ensure rights. To ensure that decisions to remove content are accurate and well-founded, companies should put in place effective and appropriate safeguards. These should include human oversight and verification, in full respect of fundamental rights, freedom of expression and data protection rules.
  • Special attention to small companies. The technology industry should, through voluntary arrangements, cooperate and share experiences, best practices and technological solutions, and this shared responsibility should particularly benefit smaller platforms with more limited resources and expertise.
  • Closer cooperation with authorities. If there is evidence of a serious criminal offence or a suspicion that illegal content is posing a threat to life or safety, companies will be required to promptly inform law enforcement authorities, and EC Member States should establish the appropriate legal obligations.

The recommendations are in addition to on-going work with the technology industry through voluntary initiatives to ensure that the internet is free of illegal content, and are intended to reinforce actions taken under different initiatives.

Response From The Tech Industry

Although Facebook has said that it shares the European Commission’s goal, the industry association EDiMA, (which includes Facebook, Google, and Twitter) has stressed that the one-hour turn-around time could harm the effectiveness of service providers’ take-down systems rather than help.

What Does This Mean For Your Business?

As the Vice-President for the Digital Single Market Andrus Ansip has pointed out, online platforms have become many people’s main gateway to information. For this reason, and if we accept that what is illegal offline is also illegal online, many people feel that these widely used technology platfoms now have a responsibility to provide a secure environment for their users. Many businesses are advertisers on these platforms, and are likely to share a desire to rid them of illegal content.

While some popular tech platforms have continued to resist what some see as too much censorship, interference, or over-regulation, the frequency and severity of terrorist attacks in Europe and the role and influence of platforms in spreading information, true or false (e.g. the US election) has given governments the fuel, impetus, and feeling of justification to try and apply more force to tech companies. The EC’s view is that the spread of illegal content online undermines the trust of citizens in the Internet and poses security threats, and the new operational measures could, along with any self-regulation, speed up the process of clearing illegal content.

The scale and frequency of illegal content posting has posed serious cost and resources challenges to tech platforms in recent years.

Blockchain Used To Reduce Child Labour

Posted on by Rob Burdett

Blockchain Used To Reduce Child Labour Blockchain, the same technology that powers the Bitcoin cryptocurrency, is being tested in a pilot project between car-maker BMW and start-up Circulor with a view to eliminating battery minerals produced using child labour.

What Is Blockchain?

Blockchain is an incorruptible peer-to-peer network (a kind of ledger) that allows multiple parties to transfer value in a secure and transparent way. Blockchain’s Co-Founder Nic Carey describes Blockchain as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”.

Battery Mineral Problem

The pilot between BMW and Circulor is focusing on reducing child labour by finding a way to avoid using any cobalt that is mined in unregulated artisanal mines in Democratic Republic of Congo. At the moment one fifth of cobalt is mined in a way that often uses child labour.

How Can Blockchain Help?

The pilot project is using Blockchain to help provide a way to prove that artisanal miners are not using child labour in their cobalt mining activities.

Each bag of cobalt produced by an artisanal miner will be given a digital tag. This tag will be entered into Blockchain using a mobile phone. The details of the digital tag will then be entered by each link in the chain of buyers, thereby providing a clear, verifiable trail, all the way from miner to smelter. Since Blockchain is ‘incorruptible’, provided all organizations throughout the supply chain will be involved in the project, the Blockchain evidence should be accurate.

Challenges

Challenges to the system being tested in the pilot could include cobalt mined by a child could simply being mixed in with ‘clean’ cobalt prior to processing.

Used In Similar Industries

There is every reason to think that Blockchain could help with ethical cobalt mining and supply because it has been used in a similar way by the diamond industry to provide a forgery-proof record of a diamond’s lifecycle.

What Does This Mean For Your Business?

The Blockchain technology has always shown huge promise, beyond simply being used in digital currencies. One of its key strengths is that trust is embedded into the incorruptible system. This means that businesses can use it to categorically prove a certain source and route for e.g. delivery, raw materials or production. This could be particularly valuable to businesses where provenance of some kind is necessary to add to the monetary, ethical or other value of a product or service.

After first being used in the financial, legal and public sectors, Blockchain is now being used by businesses and organisations around the world in many other different ways such as:

  • Using the data on a Blockchain ledger to record the temperature of sensitive medicines being transported from manufacturers to hospitals in hot climates. The ‘incorruptible’ aspect of the Blockchain data gives a clear record of care and responsibility along the whole supply chain.
  • Using an IBM-based Blockchain ledger to record data about wine certification, ownership and storage history. This has helped to combat fraud in the industry and has provided provenance and re-assurance to buyers.
  • Shipping Company Maersk using a Blockchain-based system for tracking consignments that addresses visibility and efficiency i.e. digitising a formerly paper-based process that involved multiple interactions.
  • Start-up company ‘Electron’ building a Blockchain-based system for sharing information between those involved in supplying energy which could speed up and simplify the supplier switching process. It may also be used for smart grid processes, such as local load-balancing of supply and demand.
  • Australian start-up Zimrii developing a Blockchain-based service that allows independent musicians to sell downloads to fans, distribute the proceeds between collaborators, and allow interaction with managers.

Blockchain still has huge untapped potential for all kinds of businesses and could represent a major opportunity to improve services, and effectively tackle visibility, transparency and efficiency issues.

Amazon’s $1 Billion ‘Smart Doorbell’ Purchase

Posted on by Rob Burdett

Amazon has paid $1 billion for ‘Ring’, a smart doorbell company, so that it can improve how it delivers parcels, and compete with Google and Apple in expanding the opportunities for their digital assistants and app ecosystems.

What Is Ring?

Ring, run by CEO Jamie Siminoff, is a US company that primarily manufactures ‘smart doorbells’. These doorbells work by recording live videos of customers’ doorsteps, then sending the videos to their smartphones.

Filming Couriers

There are obvious security benefits for customers from an innovative IoT product of this kind. In this case however, there is also a big benefit for Amazon in helping its customers trust its new service which allows couriers open people’s front doors and put deliveries inside. The new service, which was first announced in October last year, requires a leap of faith from customers, as they have to trust couriers to enter their premises unaccompanied to deliver parcels (while being filmed).

In the original plans for the service, smart locks and Cloud Cam cameras were to be used to monitor couriers who would scan a package barcode outside the door, and once the delivery has been verified online, the camera would record the delivery person unlock the door (using an app) and making the delivery. The purchase of ‘Ring’ enables Amazon to acquire the system to operate this service effectively in the marketplace very soon.

Part Of A Bigger Battle

The purchase of Ring for $1 billion is further serious evidence of Amazon competing with multiple rivals for all aspects of our homes, and invariably, our business premises.

For example, back in September 2017, Nest (owned by Alphabet / Google) released an internet-connected intruder alarm, a video-streaming doorbell, and a door lock system that was developed in collaboration with Yale. Nest has also just announced that it will be incorporating Google Assistant into its products so that they will work with Google Home.

It is, therefore, not just the lure of the lucrative and growing smart home security market that Amazon has been interested in, but also the competition among the big players – Google, Apple and Amazon – to link up their digital assistants with many different smart home devices e.g. to control the lighting, heating, and now the security.

What Does This Mean For Your Business?

Many businesses receive frequent parcel deliveries during the day, and this type of service may, therefore, be a useful one (particularly for smaller businesses), and could minimise disruption and help efficiency. Amazon has the parcel delivery network, the services e.g. Amazon Business (its online trade counter), and now its point of delivery security system.

This product is an example of how multiple technologies have linked together to provide another new business opportunity in a new and growing market. Some critics have, however, pointed out that this service requires some serious faith and trust from customers, and that it would only take a few incidents to kill that trust and to force the expensive idea onto the back burner. There is still, of course, the broader, general problem of IoT security, which has not been fully addressed in many other products, and could still prove to be the Achilles Heel in this one.

This story is also an example of how Amazon is expanding and diversifying into many different aspects of our home and business lives e.g. parcel delivery, groceries, and now smart security. The story is also an example of how the big home digital assistant manufacturers are now locked in competition to expand the number of products and services that link up to their devices e.g. Amazon Echo, and this market could provide many business opportunities for many other tech companies and manufacturers in the along the way.