An anonymous reader shares a report: The companies behind the streaming industry, including smart TV and streaming stick manufacturers and streaming service providers, have developed a "surveillance system" that has "long undermined privacy and consumer protection," according to a report from the Center for Digital Democracy (CDD) published today and sent to the Federal Trade Commission (FTC). Unprecedented tracking techniques aimed at pleasing advertisers have resulted in connected TVs (CTVs) being a "privacy nightmare," according to Jeffrey Chester, report co-author and CDD executive director, resulting in calls for stronger regulation.

The 48-page report, How TV Watches Us: Commercial Surveillance in the Streaming Era [PDF], cites Ars Technica, other news publications, trade publications, blog posts, and statements from big players in streaming -- from Amazon to NBCUniversal and Tubi, to LG, Samsung, and Vizio. It provides a detailed overview of the various ways that streaming services and streaming hardware target viewers in newfound ways that the CDD argues pose severe privacy risks. The nonprofit composed the report as part of efforts to encourage regulation. Today, the CDD sent letters to the FTC [PDF], Federal Communications Commission (FCC), California attorney general [PDF], and California Privacy Protection Agency (CPPA) [PDF], regarding its concerns. "Not only does CTV operate in ways that are unfair to consumers, it is also putting them and their families at risk as it gathers and uses sensitive data about health, children, race, and political interests,â Chester said in a statement.

An anonymous reader shares a report: The arrival of energy-assisted magnetic recording (EAMR) technologies like Seagate's HAMR will play a crucial role in accelerating HDD capacity growth in the coming years. According to the new IEEE International Roadmap for Devices and Systems Mass Data Storage, we will see 60 TB hard disk drives in 2028. If the prediction is accurate, we will see HDD storage capacity doubling in just four years, something that did not happen for a while. Also, IEEE believes that HDD unit sales will increase.

IEEE's latest HDD development roadmap spans 2022 to 2037 and covers 15 years of hard drive evolution. The arrival of HAMR in 2024 will play a pivotal role in the increase in HDD capacity (even though Western Digital has managed to stay competitive with Seagate's HAMR HDDs using a set of its technologies) over the next few years. IEEE engineers expect HDDs to leapfrog to 40TB in 2025 and 60TB in 2028, doubling capacity from 30TB in 2024. By 2037, there will be 100TB of storage space, according to IEEE.

To get to those extreme capacities, HDD makers will have to increase the areal density of their platters steadily. To get to 40TB per drive, they will have to get to 2 TB/inch^2 in 2025 and then to over 4 TB/inch^2 in 2028 to build 60TB HDDs. By 2037, areal density will grow to over 10 Tb/inch^2. Increasing areal density will necessitate the use of new media, magnetic films, and all-new write and read heads.

"The Fight to Repair Newsletter is reporting that U.S. Senator Elizabeth Warren is calling out agricultural equipment giant John Deere for possible violations of the federal Clean Air Act and a years-long pattern of thwarting owners' ability to repair their farm equipment," writes longtime Slashdot reader chicksdaddy. From the report: Deere "appears to be evading its responsibilities under the Clean Air Act to grant customers the right to repair their own agricultural equipment." That is costing farmers an estimated $4.2 billion annually "causing them to miss key crop windows on which their businesses and livelihoods rely," Warren wrote in a letter (https://www.theverge.com/2024/10/3/24260513/john-deere-right-to-repair-elizabeth-warren-clean-air-act) dated October 2nd. The letter from Warren (PDF), a Senator from Massachusetts and strong repair advocate, is just the latest volley lobbed at Illinois-based Deere, an iconic American brand and the largest supplier of agricultural equipment to farms in the U.S. Deere controls an estimated 53 percent of the U.S. market for large tractors and 60 percent of the U.S. market for farm combines.

In recent weeks, Deere faced criticism, including from Republican presidential candidate Donald Trump, after laying off close to 2,000 U.S. based employees at facilities in Iowa and Illinois, moving many of those jobs to facilities in Mexico. The company has also been repeatedly called out for complicating repair and service of its farm equipment -- often relying on software locks and digital rights management to force farmers to use Deere dealers and authorized service providers for even the simplest repairs.

Microsoft gives its Edge web browser an unfair advantage and EU antitrust regulators should subject it to tough EU tech rules, three rival browsers and a group of web developers said in a letter to the European Commission. From a report: The move by Vivaldi, Waterfox, Wavebox and the Open Web Advocacy could boost Norwegian browser company Opera which in July took the European Commission to court for exempting Edge from the Digital Markets Act (DMA). [...] "Unfair practices are currently allowed to persist on the Windows' ecosystem with respect to Edge, unmitigated by the choice screens that exist on mobile," they said, pointing to Edge set as the default browser on all Windows computers. "No platform independent browser can aspire to match Edge's unparalleled distribution advantage on Windows. Edge is, moreover, the most important gateway for consumers to download an independent browser on Windows PCs."

PayPal completed its first business payment using its proprietary stablecoin as a way to demonstrate how digital currencies can be used to improve often-clunky commercial transactions. From a report: PayPal paid an invoice to Ernst & Young LLP on Sept. 23 using PYUSD, the stablecoin the firm launched last year, relying on an SAP SE platform to complete the transaction. SAP's platform, known as the digital currency hub, allows enterprises to send and receive digital payments instantly, around the clock. The invoice amount wasn't disclosed.

Stablecoins are cryptocurrencies usually designed to track traditional currencies one-to-one. PYUSD, which has a current market capitalization of almost $700 million, tracks the US dollar. While the consumer-facing benefits of stablecoins often dominate conversations, this payment demonstrates other use cases for the digital currency, according to Jose Fernandez da Ponte, PayPal's senior vice president of its blockchain, cryptocurrency and digital currency group.

An anonymous reader shares a report: Songs by Adele, Bob Dylan, Green Day, R.E.M., Burna Boy, Rush and many others are currently unplayable on YouTube in the U.S. due to a legal dispute between the platform and the performing rights organization SESAC. Attempts to play many, but not all, songs by those artists on Saturday met with the following message: "This video contains content from SESAC. It is not available in your country."

A similar dispute between Universal Music Group and TikTok raged on for several months earlier this year before being resolved. In a statement to Variety, a YouTube rep said: "We have held good faith negotiations with SESAC to renew our existing deal. Unfortunately, despite our best efforts, we were unable to reach an equitable agreement before its expiration. We take copyright very seriously and as a result, content represented by SESAC is no longer available on YouTube in the US. We are in active conversations with SESAC and are hoping to reach a new deal as soon as possible." A source close to the situation tells Variety that the previous deal actually does not expire until next week, and suggests that YouTube's move is a negotiating tactic. SESAC is far smaller than ASCAP and BMI -- with approximately 30,000 members and 1.5 million compositions while ASCAP has nearly 800,000 members -- but as the caliber of artists affected by the block shows, it represents a comparatively large percentage of the marketplace.

SpzToid shares a report: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the Internet-connected features of most modern Kia vehicles -- dozens of models representing millions of cars on the road -- from the smartphone of a car's owner to the hackers' own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any Internet-connected Kia vehicle's license plate and within seconds gain the ability to track that car's location, unlock the car, honk its horn, or start its ignition at will.

After the researchers alerted Kia to the problem in June, Kia appears to have fixed the vulnerability in its web portal, though it told WIRED at the time that it was still investigating the group's findings and hasn't responded to WIRED's emails since then. But Kia's patch is far from the end of the car industry's web-based security problems, the researchers say. The web bug they used to hack Kias is, in fact, the second of its kind that they've reported to the Hyundai-owned company; they found a similar technique for hijacking Kias' digital systems last year. And those bugs are just two among a slew of similar web-based vulnerabilities they've discovered within the last two years that have affected cars sold by Acura, Genesis, Honda, Hyundai, Infiniti, Toyota, and more.

The United Nations is set to vote on a treaty later this year intended to create norms for fighting cybercrime -- and the Biden administration is fretting over whether to sign on. Politico: The uncertainty over the treaty stems from fears that countries including Russia, Iran and China could use the text as a guise for U.N. approval of their widespread surveillance measures and suppression of the digital rights of their citizens. If the United States chooses not to vote in favor of the treaty, it could become easier for these adversarial nations -- named by the Cybersecurity and Infrastructure Security Agency as the biggest state sponsors of cybercrime -- to take the lead on cyber issues in the future. And if the U.S. walks away from the negotiating table now, it could upset other nations that spent several years trying to nail down the global treaty with competing interests in mind.

While the treaty is not set for a vote during the U.N. General Assembly this week, it's a key topic of debate on the sidelines, following meetings in New York City last week, and committee meetings set for next month once the world's leaders depart. The treaty was troubled from its inception. A cybercrime convention was originally proposed by Russia, and the U.N. voted in late 2019 to start the process to draft it -- overruling objections by the U.S. and other Western nations. Those countries were worried Russia would use the agreement as an alternative to the Budapest Convention -- an existing accord on cybercrime administered by the Council of Europe, which Russia, China and Iran have not joined.

Ars Technica's Dan Goodin reports: Last week, NIST released its second public draft of SP 800-63-4, the latest version of its Digital Identity Guidelines. At roughly 35,000 words and filled with jargon and bureaucratic terms, the document is nearly impossible to read all the way through and just as hard to understand fully. It sets both the technical requirements and recommended best practices for determining the validity of methods used to authenticate digital identities online. Organizations that interact with the federal government online are required to be in compliance. A section devoted to passwords injects a large helping of badly needed common sense practices that challenge common policies. An example: The new rules bar the requirement that end users periodically change their passwords. This requirement came into being decades ago when password security was poorly understood, and it was common for people to choose common names, dictionary words, and other secrets that were easily guessed.

Since then, most services require the use of stronger passwords made up of randomly generated characters or phrases. When passwords are chosen properly, the requirement to periodically change them, typically every one to three months, can actually diminish security because the added burden incentivizes weaker passwords that are easier for people to set and remember. Another requirement that often does more harm than good is the required use of certain characters, such as at least one number, one special character, and one upper- and lowercase letter. When passwords are sufficiently long and random, there's no benefit from requiring or restricting the use of certain characters. And again, rules governing composition can actually lead to people choosing weaker passcodes.

The latest NIST guidelines now state that:
- Verifiers and CSPs SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords and
- Verifiers and CSPs SHALL NOT require users to change passwords periodically. However, verifiers SHALL force a change if there is evidence of compromise of the authenticator. ("Verifiers" is bureaucrat speak for the entity that verifies an account holder's identity by corroborating the holder's authentication credentials. Short for credential service provider, "CSPs" are a trusted entity that assigns or registers authenticators to the account holder.) In previous versions of the guidelines, some of the rules used the words "should not," which means the practice is not recommended as a best practice. "Shall not," by contrast, means the practice must be barred for an organization to be in compliance. Several other common sense practices mentioned in the document include: 1. Verifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.
2. Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.
3. Verifiers and CSPs SHOULD accept all printing ASCII [RFC20] characters and the space character in passwords.
4. Verifiers and CSPs SHOULD accept Unicode [ISO/ISC 10646] characters in passwords. Each Unicode code point SHALL be counted as a single character when evaluating password length.
5. Verifiers and CSPs SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords.
6. Verifiers and CSPs SHALL NOT require users to change passwords periodically. However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
7. Verifiers and CSPs SHALL NOT permit the subscriber to store a hint that is accessible to an unauthenticated claimant.
8. Verifiers and CSPs SHALL NOT prompt subscribers to use knowledge-based authentication (KBA) (e.g., "What was the name of your first pet?") or security questions when choosing passwords.
9. Verifiers SHALL verify the entire submitted password (i.e., not truncate it).

Google has restricted the creation of new accounts for Russian users, state news agencies cited Russia's digital ministry as saying on Thursday. Reuters: Google has been under pressure in Russia for several years, particularly for not taking down content Moscow considers illegal and for blocking the YouTube channels of Russian media and public figures since Moscow's invasion of Ukraine. "The ministry confirms that Google has restricted the creation of new accounts," Interfax quoted the digital ministry as saying. "Telecom operators have also recorded a significant reduction in the number of SMS messages sent by the company to Russian users."

An anonymous reader shares a New Yorker story: Ultimately, the iPhone 16 does little to meaningfully improve on the experience I had with the 12, besides, perhaps, charging with a USB-C, as my laptop does, cutting down on the number of cords I have to keep track of. Instead, the greatest leaps in Apple's hardware are largely directed at those niche users who are already invested in using tools such as artificial intelligence and virtual reality. The company has announced that, within a month or so, the new phones will be able to operate its proprietary artificial-intelligence system, which means that users may soon be relying on A.I. to perform daily personal tasks, like navigating their calendars or responding to e-mails. The 15 and 16 Pros can take three-dimensional photos, designed for V.R., using the Apple Vision Pro. Thus far, I don't use A.I. tools or V.R. with any frequency and have no intention of doing so on my iPhone.

The fact that I do not need an iPhone 16 is a testament not so much to the iPhone's failure as to its resounding success. A lot of the digital software we rely on has grown worse for users in recent years; the iPhone, by contrast, has become so good that it's hard to imagine anything but incremental improvements. Apple's teleological phone-design strategy may have simply reached its end point, the same way evolution in nature has repeatedly resulted in an optimized species of crab. Other tech companies, meanwhile, are embracing radical departures in phone design. Samsung offers devices that fold in half, creating a smaller screen that's useful for minor tasks, such as texting, and a larger one for watching videos; Huawei is upping the ante with three folds. The BOOX Palma has become a surprise hit as a smartphone-ish device with an e-ink screen, similar to Amazon's Kindle, which uses physical pixels in its display. Dumbphones, too, are growing more popular by intentionally doing less. Apple devices, by contrast, remain effective enough that they can afford to be somewhat static.

California Governor Gavin Newsom has signed a law (AB 2426) to combat "disappearing" purchases of digital games, movies, music, and ebooks. The legislation will force digital storefronts to tell customers they're just getting a license to use the digital media, rather than suggesting they actually own it. From a report: When the law comes into effect next year, it will ban digital storefronts from using terms like "buy" or "purchase," unless they inform customers that they're not getting unrestricted access to whatever they're buying. Storefronts will have to tell customers they're getting a license that can be revoked as well as provide a list of all the restrictions that come along with it. Companies that break the rule could be fined for false advertising.

The Tor Project: Today the Tor Project, a global non-profit developing tools for online privacy and anonymity, and Tails, a portable operating system that uses Tor to protect users from digital surveillance, have joined forces and merged operations. Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats. In short, coming together will strengthen both organizations' ability to protect people worldwide from surveillance and censorship.

Countering the threat of global mass surveillance and censorship to a free Internet, Tor and Tails provide essential tools to help people around the world stay safe online. By joining forces, these two privacy advocates will pool their resources to focus on what matters most: ensuring that activists, journalists, other at-risk and everyday users will have access to improved digital security tools.

In late 2023, Tails approached the Tor Project with the idea of merging operations. Tails had outgrown its existing structure. Rather than expanding Tails's operational capacity on their own and putting more stress on Tails workers, merging with the Tor Project, with its larger and established operational framework, offered a solution. By joining forces, the Tails team can now focus on their core mission of maintaining and improving Tails OS, exploring more and complementary use cases while benefiting from the larger organizational structure of The Tor Project.

This solution is a natural outcome of the Tor Project and Tails' shared history of collaboration and solidarity. 15 years ago, Tails' first release was announced on a Tor mailing list, Tor and Tails developers have been collaborating closely since 2015, and more recently Tails has been a sub-grantee of Tor. For Tails, it felt obvious that if they were to approach a bigger organization with the possibility of merging, it would be the Tor Project.

Hackers linked to the Chinese government have broken into a handful of U.S. internet-service providers in recent months in pursuit of sensitive information, WSJ reported Wednesday, citing people familiar with the matter. From the report: The hacking campaign, called Salt Typhoon by investigators, hasn't previously been publicly disclosed and is the latest in a series of incursions that U.S. investigators have linked to China in recent years. The intrusion is a sign of the stealthy success Beijing's massive digital army of cyberspies has had breaking into valuable computer networks in the U.S. and around the globe.

In Salt Typhoon, the actors linked to China burrowed into America's broadband networks. In this type of intrusion, bad actors aim to establish a foothold within the infrastructure of cable and broadband providers that would allow them to access data stored by telecommunications companies or launch a damaging cyberattack. Last week, U.S. officials said they had disrupted a network of more than 200,000 routers, cameras and other internet-connected consumer devices that served as an entry point into U.S. networks for a China-based hacking group called Flax Typhoon. And in January, federal officials disrupted Volt Typhoon, yet another China-linked campaign that has sought to quietly infiltrate a swath of U.S. critical infrastructure.

"The cyber threat posed by the Chinese government is massive," said Christopher Wray, the Federal Bureau of Investigation's director, speaking earlier this year at a security conference in Germany. "China's hacking program is larger than that of every other major nation, combined." U.S. security officials allege that Beijing has tried and at times succeeded in burrowing deep into U.S. critical infrastructure networks ranging from water-treatment systems to airports and oil and gas pipelines. Top Biden administration officials have issued public warnings over the past year that China's actions could threaten American lives and are intended to cause societal panic. The hackers could also disrupt the U.S.'s ability to mobilize support for Taiwan in the event that Chinese leader Xi Jinping orders his military to invade the island.

Tony Isaac shares a report from WOSU Public Media: Silicon Valley has the reputation of being the birthplace of our hyper-connected Internet age, the hub of companies such as Apple, Google and Facebook. However, a pioneering company here in central Ohio is responsible for developing and popularizing many of the technologies we take for granted today. A listener submitted a question to WOSU's Curious Cbus series wanting to know more about the legacy of CompuServe and what it meant to go online before the Internet. That legacy was recently commemorated by the Ohio History Connection when they installed a historical marker in Upper Arlington -- near the corner of Arlington Center and Henderson roads -- where the company located its computer center and corporate building in 1973. The plaque explains that CompuServe was "the first major online information service provider," and that its subscribers were among the first to have access to email, online newspapers and magazines and the ability to share and download files. CompuServe, founded in 1969 in Ohio as a subsidiary of Golden United Life Insurance, began as a computer time-sharing service for businesses. In 1979, it launched an online service for consumers, partnering with RadioShack since they "were key in reaching early computer users."

Acquired by H&R Block in 1980, CompuServe became a leader in digital innovations like email, online newspapers, and chat forums, with The Columbus Dispatch becoming the first online newspaper. "... it turned out that what was most popular is not reading reliable news sources, but just shooting the breeze with your friends or arguing with strangers over politics," said former tech journalist and early Compuserve user Dylan Tweney.

Despite competing with Prodigy and AOL through the 1990s, CompuServe struggled with the rise of the internet. AOL acquired the company in 1997, but CompuServe remains a digital pioneer for fostering online communities. "For a lot of people, CompuServe was a connection to the world and their first introduction to the idea that their computer could be more than a computer," said Tweney. "It was a communications device, an information device."

An anonymous reader quotes a report from the Hollywood Reporter: In a major coup for the artificial intelligence company, Stability AI says that Avatar, Terminator and Titanic director James Cameron will join its board of directors. Stability AI is the firm that developed the Stable Diffusion text-to-image generative AI model, an image- and video-focused model that is among those being closely watched by many in Hollywood, particularly in the visual effects industry. In fact, Stability AI's CEO, Prem Akkaraju, is no stranger to the business, having previously served as the CEO of visual effects firm WETA Digital. Sean Parker, the former president of Facebook and founder of Napster, also recently joined the AI firm as executive chairman.

As a director, Cameron has long been eager to push the boundaries of what is technologically possible in filmmaking (anyone who has seen the Terminator franchise knows that he is also familiar with the pitfalls of technology run amok). He was among the earliest directors to embrace the potential of computer-generated visual effects, and he continued to use his films (most recently Avatar: The Way of Water) to move the entire field forward. "I've spent my career seeking out emerging technologies that push the very boundaries of what's possible, all in the service of telling incredible stories," Cameron said in a statement. "I was at the forefront of CGI over three decades ago, and I've stayed on the cutting edge since. Now, the intersection of generative AI and CGI image creation is the next wave. The convergence of these two totally different engines of creation will unlock new ways for artists to tell stories in ways we could have never imagined. Stability AI is poised to lead this transformation. I'm delighted to collaborate with Sean, Prem, and the Stability AI team as they shape the future of all visual media."

Microsoft unveiled detailed security reforms Monday, five months after CEO Satya Nadella pledged to prioritize cybersecurity following major breaches. The 25-page Secure Future Initiative report [PDF] outlines technical and governance changes addressing criticisms in an April 2024 Cyber Safety Review Board report that deemed Microsoft's security culture "inadequate."

Microsoft said it implemented significant security upgrades to its Entra ID and Microsoft Account systems, introducing Azure-managed hardware security modules for access token signing keys. The company has also purged 5.75 million inactive tenants to minimize potential attack vectors and adopted a new testing system with secure defaults to prevent legacy-related security issues. Concurrently, Microsoft has enhanced its network tracking capabilities, now monitoring over 99 percent of its physical network through a centralized inventory system, which aids in firmware compliance and logging.

Internal security measures have been tightened, with engineering teams facing stricter access controls. Personal access tokens are now limited to seven days, SSH access has been disabled for internal engineering repositories, and access to critical engineering systems has been restricted to fewer groups. Additionally, Microsoft has extended its audit log retention period to a minimum of two years, bolstering its ability to investigate and respond to potential security incidents.

Salon looks closer at a new $51,744-per-violation AI regulation officially approved one month ago by America's FTC — calling it a financial blow "If you're a digital media company whose revenue comes from publishing AI-generated articles and fake product reviews.

But they point out the rules also ban "product review suppression." Per the ruling, that means it's a violation for "anyone to use an unfounded or groundless legal threat, a physical threat, intimidation, or a public false accusation in response to a consumer review... to (1) prevent a review or any portion thereof from being written or created, or (2) cause a review or any portion thereof to be removed, whether or not that review or a portion thereof is replaced with other content."

Finally... The rule makes it a violation for a business to "provide compensation or other incentives in exchange for, or conditioned expressly or by implication on, the writing or creation of consumer reviews expressing a particular sentiment, whether positive or negative, regarding the product, service or business...." [T]he new rule also prevents secretly advertising for yourself while pretending to be an independent outlet or company. It bars "the creation or operation of websites, organizations or entities that purportedly provide independent reviews or opinions of products or services but are, in fact, created and controlled by the companies offering the products or services."

In an earlier statement, FTC Consumer Protection Bureau head Sam Levine, said the new rule "should help level the playing field for honest companies. We're using all available means to attack deceptive advertising in the digital age," he said.
Thanks to long-time Slashdot reader mspohr for sharing the article.

An anonymous reader quotes a report from Bloomberg: Walmart customers will soon have the option to pay directly from their bank accounts with instant transfers for online purchases. The enhanced feature is a flash point in the escalating tensions between merchants and the card networks setting the fees for payment processing. The world's largest retailer has offered pay-by-bank through Walmart Pay since earlier this year. Until now, the transactions were akin to digital checks and took roughly three days to finalize when being processed through The Automated Clearing House, the same network often used for bill payments or paycheck deposits. Soon, customers opting for pay-by-bank transactions will see the purchase reflected in their bank account balance instantly -- and Walmart will receive the funds immediately. [...]

Walmart's upgraded pay-by-bank offering will be rolled out in 2025. The transactions will occur over bank technology provider Fiserv's NOW Network, which integrates with The Clearing House's Real Time Payments network and the Federal Reserve's FedNow. Until now, large retailers hesitated to launch real time payment options because many banks were not connected to an instant settlement system, meaning their customers would not be able to use the product. NOW Network aims to connect to as many banks as possible to reach 100% of deposit accounts by combining its own network with RTP and FedNow. The instant pay-by-bank product will be available for online checkout on Walmart.com. The Bentonville, Arkansas-based retailer already has customers set up a profile when they shop online. If they opt to add pay-by-bank as a payment option on their profile, they will enter their bank login credentials to connect their account. Fiserv's AllData platform connects with their bank clients and vendors including Plaid, MX, Akoya and Finicity to link and authenticate consumer accounts. With this instant pay-by-bank product, consumers will avoid stacked pending transactions, which can open them up to the risk of overdraft or non-sufficient fund fees from their bank. "When the transaction processes as a real time payment, customers get immediate access to see that payment come through, I see it hit my account and I can properly budget," said Jamie Henry, vice president of emerging payments at Walmart. "It's not as if I've got this phantom payment out there that's going to take place a couple days down the road."

Residents of California can now store their driver's license or state ID in Apple or Google Wallet, according to an announcement today. Apple also shared the news. TechCrunch reports: Californians with an ID in the Apple Wallet or Google Wallet app can use their mobile devices to present their ID in person at select TSA security checkpoints and businesses. They can also use the app to verify their age or identity in select apps. Other states that already support digital driver's licenses and state IDs include Arizona, Colorado, Georgia, Maryland, and Ohio.