Encrypted chat app Signal is adding payments to the services it provides, a long-expected move and one the company is taking its time on. A U.K.-only beta program will allow users to trade the cryptocurrency MobileCoin quickly, easily, and most importantly, privately.
If you’re in the U.K., or have some way to appear to be, you’ll notice a new Signal Payments feature in the app when you update. All you need to do to use it is link a MobileCoin wallet after you buy some on the cryptocurrency exchange FTX, the only one that lists it right now.
Once you link up, you’ll be able to instantly send MOB to anyone else with a linked wallet, pretty much as easily as you’d send a chat. (No word on when the beta will expand to other countries or currencies.)
Just as Signal doesn’t have any kind of access to the messages you send or calls you make, your payments are totally private. MobileCoin, which Signal has been working with for a couple years now, was built from the ground up for speed and privacy, using a zero-knowledge proof system and other innovations to make it as easy as Venmo but as secure as … well, Signal. You can read more about their approach in this paper (PDF).
MobileCoin just snagged a little over $11 million in funding last month as rumors swirled that this integration was nearing readiness. Further whispers propelled the value of MOB into the stratosphere as well, nice for those holding it but not for people who want to use it to pay someone back for a meal. All of a sudden you’ve given your friend a Benjamin (or perhaps now, in the U.K., a Turing) for no good reason, or that the sandwich has depreciated precipitously since lunchtime.
There’s no reason you have to hold the currency, of course, but swapping it for stable or fiat currencies every time seems a chore. Speaking to Wired, Signal co-founder Moxie Marlinspike envisioned an automatic trade-out system, though he is rarely so free with information like that if it is something under active development.
While there is some risk that getting involved with cryptocurrency, with the field’s mixed reputation, may dilute or pollute the goodwill Signal has developed as a secure and disinterested service provider, the team there seems to think it’s inevitable. After all, if popular payment services are being monitored the same way your email and social media are, perhaps we ought to nip this one in the bud and go end-to-end encrypted as quickly as possible.
Chinese users of the instant messenger Signal knew that the good times wouldn’t last long. The app, which is used for encrypted conversations, is unavailable in mainland China as of the morning of March 16, a test by TechCrunch shows. The website of the app has been banned in mainland China since March 15, according to censorship tracking website Greatfire.org.
Signal could not be immediately reached for comment.
The encrypted chat app was one of the few Western social networks that remained accessible in China without the use of a virtual private network. The likes of Facebook, Twitter and Instagram have long been blocked. In some way, a ban is a badge of honor, signifying a foreign app has reached a substantial user base in China that catches the attention of local authorities.
Signal is still available for download on Apple’s China App Store as of March 16, an indication that Apple hasn’t received a government order to remove the app, which is gradually gaining ground among China’s tech-savvy, privacy-conscious users. The app has 4.9 out of 5 from 37,000 ratings on the Chinese App Store.
Android stores in China are operated by a slew of third-party Chinese tech firms, which tend to comply strictly with local censors and don’t list Signal. Google Play is unavailable in the country.
The iOS version of Signal has been installed close to 510,000 times to date in China and recently crossed 100 million downloads across Apple’s App Store and Google Play combined globally, app analytics firm Sensor Tower told TechCrunch on March 16.
As of January, Telegram had amassed about 2.7 million installs on China’s App Store, compared to 458,000 downloads for Signal and 9.5 million times for WhatsApp. Like Signal, both Telegram and WhatsApp are still present on the China App Store, though access appears to require virtual private networks.
China’s elaborate Great Firewall has made many internet users experts on censorship circumvention. App bans are often layered as the Clubhouse case shows.
While the drop-in audio app wasn’t found on the Chinese App Store, users discovered ways to install it in foreign App Stores and used it freely without censorship-fighting tools until the app’s API was blocked. Even after that, China-based users realized they could listen once they entered a chat room through a VPN, as Clubhouse’s audio technology provider Agora remains accessible in China.
Foreign apps and websites are occasionally cut off in China and brought back, as with Microsoft’s search engine Bing. It’s unclear whether the Signal ban is permanent, but given the app’s growth, this could mark the end of its short life in China.
DeepSee.ai, a startup that helps enterprises use AI to automate line-of-business problems, today announced that it has raised a $22.6 million Series A funding round led by led by ForgePoint Capital. Previous investors AllegisCyber Capital and Signal Peak Ventures also participated in this round, which brings the Salt Lake City-based company’s total funding to date to $30.7 million.
The company argues that it offers enterprises a different take on process automation. The industry buzzword these days is ‘robotic process automation,’ but DeepSee.ai argues that what it does is different. I describe its system as ‘knowledge process automation’ (KPA). The company itself defines this as a system that “mines unstructured data, operationalizes AI-powered insights, and automates results into real-time action for the enterprise.” But the company also argues that today’s bots focus on basic task automation that doesn’t offer the kind of deeper insights that sophisticated machine learning models can bring to the table. The company also stresses that it doesn’t aim to replace knowledge workers but help them leverage AI to turn the plethora of data that businesses now collect into actionable insights.
“Executives are telling me they need business outcomes and not science projects,” writes DeepSee.ai CEO Steve Shillingford. “And today, the burgeoning frustration with most AI-centric deployments in large-scale enterprises is they look great in theory but largely fail in production. We think that’s because right now the current ‘AI approach’ lacks a holistic business context relevance. It’s unthinking, rigid, and without the contextual input of subject-matter experts on the ground. We founded DeepSee to bridge the gap between powerful technology and line-of-business, with adaptable solutions that empower our customers to operationalize AI-powered automation – delivering faster, better, and cheaper results for our users.”
To help businesses get started with the platform, DeepSee.ai offers three core tools. There’s DeepSee Assembler, which ingests unstructured data and gets it ready for labeling, model review and analysis. Then, DeepSee Atlas can use this data to train AI models that can understand a company’s business processes and help subject-matter experts define templates, rules and logic for automating a company’s internal processes. The third tool, DeepSee Advisor, meanwhile focuses on using text analysis to help companies better understand and evaluate their business processes.
Currently, the company’s focus is on providing these tools for insurance companies, the public sector and capital markets. In the insurance space, use cases include fraud detection, claims prediction and processing, and using large amounts of unstructured data to identify patterns in agent audits, for example.
That’s a relatively limited number of industries for a startup to operate in, but the company says it will use its new funding to accelerate product development and expand to new verticals.
“Using KPA, line-of-business executives can bridge data science and enterprise outcomes, operationalize AI/ML-powered automation at scale, and use predictive insights in real time to grow revenue, reduce cost, and mitigate risk,” said Sean Cunningham, Managing Director of ForgePoint Capital. “As a leading cybersecurity investor, ForgePoint sees the daily security challenges around insider threat, data visibility, and compliance. This investment in DeepSee accelerates the ability to reduce risk with business automation and delivers much-needed AI transparency required by customers for implementation.”
Last month, Facebook-owned WhatsApp announced it would delay enforcement of its new privacy terms, following a backlash from confused users which later led to a legal challenge in India and various regulatory investigations. WhatsApp users had misinterpreted the privacy updates as an indication that the app would begin sharing more data — including their private messages — with Facebook. Today, the company is sharing the next steps it’s taking to try to rectify the issue and clarify that’s not the case.
The mishandling of the privacy update on WhatsApp’s part led to widespread confusion and misinformation. In reality, WhatsApp had been sharing some information about its users with Facebook since 2016, following its acquisition by Facebook.
But the backlash is a solid indication of much user trust Facebook has since squandered. People immediately suspected the worst, and millions fled to alternative messaging apps, like Signal and Telegram, as a result.
Following the outcry, WhatsApp attempted to explain that the privacy update was actually focused on optional business features on the app, which allow business to see the content of messages between it and the end user, and give the businesses permission to use that information for its own marketing purposes, including advertising on Facebook. WhatsApp also said it labels conversations with businesses that are using hosting services from Facebook to manage their chats with customers, so users were aware.
Image Credits: WhatsApp
In the weeks since the debacle, WhatsApp says it spent time gathering user feedback and listening to concerns from people in various countries. The company found that users wanted assurance that WhatsApp was not reading their private messages or listening to their conversations, and that their communications were end-to-end encrypted. Users also said they wanted to know that WhatsApp wasn’t keeping logs of who they were messaging or sharing contact lists with Facebook.
These latter concerns seem valid, given that Facebook recently made its messaging systems across Facebook, Messenger and Instagram interoperable. One has to wonder when similar integrations will make their way to WhatsApp.
Today, WhatsApp says it will roll out new communications to users about the privacy update, which follows the Status update it offered back in January aimed at clarifying points of confusion. (See below).
Image Credits: WhatsApp
In a few weeks, WhatsApp will begin to roll out a small, in-app banner that will ask users to re-review the privacy policies — a change the company said users have shown to prefer over the pop-up, full-screen alert it displayed before.
When users click on “to review,” they’ll be shown a deeper summary of the changes, including added details about how WhatsApp works with Facebook. The changes stress that WhatsApp’s update don’t impact the privacy of users’ conversations, and reiterate the information about the optional business features.
Eventually, WhatsApp will begin to remind users to review and accept its updates to keep using WhatsApp. According to its prior announcement, it won’t be enforcing the new policy until May 15.
Image Credits: WhatsApp
Users will still need to be aware that their communications with businesses are not as secure as their private messages. This impacts a growing number of WhatsApp users, 175 million of which now communicate with businesses on the app, WhatsApp said in October.
In today’s blog post about the changes, WhatsApp also took a big swipe at rival messaging apps that used the confusion over the privacy update to draw in WhatsApp’s fleeing users by touting their own app’s privacy.
“We’ve seen some of our competitors try to get away with claiming they can’t see people’s messages – if an app doesn’t offer end-to-end encryption by default that means they can read your messages,” WhatsApp’s blog post read.
This seems to be a comment directed specifically towards Telegram, which often touts its “heavily encrypted” messaging app as more private alternative. But Telegram doesn’t offer end-to-end encryption by default, as apps like WhatsApp and Signal do. It uses “transport layer” encryption that protects the connection from the user to the server, a Wired article citing cybersecurity professionals explained in January. When users want an end-to-end encrypted experience for their one-on-one chats, they can enable the “secret chats” feature instead. (And this feature isn’t even available for group chats.)
In addition, WhatsApp fought back against the characterization that it’s somehow less safe because it has some limited data on users.
“Other apps say they’re better because they know even less information than WhatsApp. We believe people are looking for apps to be both reliable and safe, even if that requires WhatsApp having some limited data,” the post read. “We strive to be thoughtful on the decisions we make and we’ll continue to develop new ways of meeting these responsibilities with less information, not more,” it noted.
All change in the capital as the Biden administration takes charge, and thankfully without a hitch (or violence) after the attempted insurrection two weeks earlier.
In this week’s Decrypted, we look at the ongoing fallout from the SolarWinds breach and who the incoming president wants to lead the path to recovery. Plus, the news in brief.
The cyberattack against SolarWinds, an ongoing espionage campaign already blamed on Russia, claimed the U.S. Bureau of Labor Statistics as another federal victim this week. The attack also hit cybersecurity company Malwarebytes, the company’s chief executive confirmed. Marcin Kleczynski said in a blog post that attackers gained access to a “limited” number of internal company emails. It was the same attackers as SolarWinds but using a different intrusion route. It’s now the third security company known to have been targeted by the same Russian hackers after a successful intrusion at FireEye and an unsuccessful attempt at CrowdStrike.
Today, I disclosed publicly that @Malwarebytes had been targeted by the same nation state actor that attacked SolarWinds. This attack is much broader than SolarWinds and I expect more companies will come forward soon.
— Marcin Kleczynski (@mkleczynski) January 19, 2021
In an email to WhatsApp head Will Cathcart, the nation’s IT ministry said the upcoming update to the app’s data-sharing policy has raised “grave concerns regarding the implications for the choice and autonomy of Indian citizens… Therefore, you are called upon to withdraw the proposed changes.”
“Such a differential treatment is prejudicial to the interests of Indian users and is viewed with serious concern by the government,” the ministry wrote in the email, a copy of which was obtained by TechCrunch. “The government of India owes a sovereign responsibility to its citizens to ensure that their interests are not compromised and therefore it calls upon WhatsApp to respond to concerns raised in this letter.”
Through an in-app alert earlier this month, WhatsApp had asked users to agree to new terms of conditions that grants the app the consent to share with Facebook some personal data about them, such as their phone number and location. Users were initially provided until February 8 to comply with the new policy if they wished to continue using the service.
“This ‘all-or-nothing’ approach takes away any meaningful choice from Indian users. This approach leverages the social significance of WhatsApp to force users into a bargain, which may infringe on their interests in relation to informational privacy and information security,” the ministry said in the email.
The notification from WhatsApp prompted a lot of confusion — and in some cases, anger and frustration — among its users, many of which have explored alternative messaging apps such as Telegram and Signal in recent weeks.
An advertisement from WhatsApp is seen in a newspaper at a stall in New Delhi on January 13, 2021. (Photo by Sajjad HUSSAIN / AFP) (Photo by SAJJAD HUSSAIN/AFP via Getty Images)WhatsApp, which Facebook bought for $19 billion in 2014, has been sharing some limited information about its users with the social giant since 2016 — and for a period allowed users to opt-out of this. Responding to the backlash last week, the Facebook-owned app, which serves more than 2 billion users worldwide, said it was deferring the enforcement of the planned policy to May 15.
WhatsApp also ran front-page ads on several newspapers in India, where it has amassed over 450 million users, last week to explain the changes and debunk some rumors.
New Delhi also shared disappointment with the timing of this update, which to be fair WhatsApp unveiled last year. The ministry said that it was reviewing the Personal Data Protection Bill, a monumental privacy bill that is meant to oversee how data of users are shared with the world.
“Since the Parliament is seized of the issue, making such a momentous change for Indian users at this time puts the cart before the horse. Since the Personal Data Protection Bill strongly follows the principle of ‘purpose limitation,’ these changes may lead to significant implementational challenges for WhatsApp should the Bill become an Act,” the letter said.
On Tuesday, India’s IT and Law Minister Ravi Shankar Prasad also offered a loud advice to Facebook. “Be it WhatsApp, be it Facebook, be it any digital platform. You are free to do business in India but do it in a manner without impinging upon the rights of Indians who operate there.”
Be it WhatsApp, Facebook or any other digital platform they are free to do business in India but it should be done in a manner without impinging upon the rights of Indians who operate it. The sanctity of personal communications needs to be maintained: @rsprasad at #15IDS pic.twitter.com/p33qynU6Ur
— RSPrasad Office (@OfficeOfRSP) January 19, 2021
India’s answer to WhatsApp has completely moved on from messaging.
Hike Messenger, backed by Tencent, Tiger Global and SoftBank and valued at $1.4 billion in 2016, earlier this month announced that it was shutting down Sticker Chat, its messaging app.
The startup, founded by Kavin Bharti Mittal, this month pivoted to two virtual social apps called Vibe and Rush, said Mittal, who is the son of telecom giant Airtel’s chairman Sunil Bharti Mittal.
In a series of tweets earlier this month, Kavin said that India will never have a homegrown messenger that makes inroads in the world’s second largest market unless it chooses to ban Western companies from operating in the nation. “Global network effects are too strong,” he said. WhatsApp has amassed over 450 million users in India, its biggest market by users.
Mittal described opportunities in building virtual worlds as a “much better approach for today’s world that is unconstrained by cheap, fast data and powerful smartphones.”
In recent years, Hike made bets on stickers and emojis to cater to the younger population in India. In a meeting with TechCrunch in late 2019, Mittal said that the startup was overwhelmed with the engagement stickers on its platform and was working to automate development of personalized stickers.
In a different meeting last year, Mittal showcased emojis that replicated human expressions and a virtual hangout place called HikeLand. Vibe is the rebranded version of HikeLand and the emojis Hike developed will continue to be available to users on both the newer apps, Mittal said earlier this month.
Hike, which has raised more than $260 million to date, had enough runway last year, Mittal said, who hinted that the startup may raise more capital a year later.
Hike also attempted to build its own operating system through acquisition of a startup called Creo. In 2018, Hike launched Total OS that aimed to cater to users with low-cost Android smartphones and slow internet data.
The startup later shut down the project. Mittal told TechCrunch that the arrival of Reliance Jio, which prompted Airtel and Vodafone to lower mobile data tariff on their networks, solved the data issues in the country and Total OS was no longer needed in the market.