New EU Payment Services Rules Target Online Fraud and Hidden Fees

Online platforms will face financial liability for fraud originating on their sites under new EU payment services rules agreed Thursday morning by European Parliament and Council negotiators.

The provisional agreement holds platforms responsible for reimbursing payment service providers when those providers have already compensated customers defrauded through scams hosted on the platforms. Platforms must remove fraudulent content after receiving notice or face these costs.

The framework introduces advertising restrictions for very large online platforms and search engines. Companies advertising financial services must demonstrate legal authorization in the relevant member state or prove they represent authorized entities. The measure builds on existing Digital Services Act protections.

Payment Provider Obligations

Payment service providers will bear liability for customer losses when they fail to implement adequate fraud prevention mechanisms. The rules apply to banks, payment institutions, technical service providers, and in certain cases, electronic communications providers and online platforms.

Providers must verify that payee names match account identifiers before processing transfers. When discrepancies appear, providers must refuse the payment and notify the payer. Providers must freeze suspicious transactions and treat fraudster-initiated or altered transactions as unauthorized, covering the full fraudulent amount.

The agreement addresses impersonation fraud, where scammers pose as provider employees to deceive customers. Providers must refund complete amounts when customers report fraud to police and inform their provider. Providers must share fraud-related information among themselves and conduct risk assessments with strong customer authentication.

Transparency and Access Measures

Customers receive full fee disclosure before payment initiation. ATM operators must display all charges and exchange rates before transactions proceed, regardless of operator identity. Card payment providers must clearly state merchant fees.

Retail stores can offer cash withdrawals between 100 and 150 euros without purchase requirements, targeting improved access in remote and rural areas. Withdrawals require chip and PIN technology. Merchants must ensure trading names match bank statement entries.

Market Competition

The legislation reduces barriers for open banking services. Banks must provide payment institutions non-discriminatory access to accounts and data. Users receive dashboards controlling data access permissions. Mobile device manufacturers must allow payment apps to store and transfer necessary data on fair terms.

All providers must participate in alternative dispute resolution when consumers choose this option. Providers must offer human customer support beyond automated systems. The agreement requires formal adoption before taking effect.

Image: Antoine Schibler / Unsplash

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans.

Read next: OpenAI Notifies API Users After Mixpanel Security Incident

by Irfan Ahmad via Digital Information World

OpenAI Notifies API Users After Mixpanel Security Incident

OpenAI is notifying customers of its API platform after a security incident within Mixpanel’s systems exposed limited analytics information. The issue occurred entirely in Mixpanel’s environment and did not affect OpenAI’s infrastructure or users of ChatGPT.

OpenAI reports that Mixpanel became aware of unauthorized access on Nov. 9 and provided an exported dataset to OpenAI on Nov. 25. The dataset contained names associated with API accounts, email addresses, approximate browser-based location, operating systems, browsers, referring websites, and organization or user identifiers. OpenAI states that no passwords, API keys, payment data, chat content, prompts, usage records, authentication tokens, or government IDs were involved.

During its investigation, OpenAI removed Mixpanel from production systems, reviewed the dataset, and began notifying impacted organizations, administrators, and users. The company has ended its use of Mixpanel and plans broader security reviews across its vendor ecosystem. It continues monitoring for signs of misuse and says it will update affected users if new information emerges.

• Also read: Want To Rank Better In ChatGPT? Data Shows Sites With Strong Authority And Depth Earn Most Citations

OpenAI advises API users to remain alert to potential phishing attempts, since names and email addresses were included in the dataset. It recommends caution with unexpected messages, verification that any communication attributed to OpenAI comes from official domains, avoidance of sharing sensitive credentials, and enabling multi-factor authentication. The company is not advising password resets or API key rotation because no account credentials were exposed.

Mixpanel has described its response to the incident. The company says it detected a smishing campaign on Nov. 8 and initiated incident-response measures that included securing affected accounts, revoking sessions, rotating compromised credentials, blocking malicious IP addresses, recording indicators of compromise in its monitoring systems, performing a forensic review with external specialists, and resetting passwords for all employees. Mixpanel reports that customers who did not receive direct communication were not affected.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next:

• How to Secure Your iPhone and Android Device Against Nation-State Hackers

• The Technology Consumers Will Spend More on in the Next 5 Years
by Asim BN via Digital Information World

The Technology Consumers Will Spend More on in the Next 5 Years

People who design, create, and sell tech products understand that the key to success is to identify trends early and rise to the occasion to meet consumer needs and spending patterns. The team at LLC Attorney compiled and analyzed data from Statista Market Insights to conduct a comprehensive study identifying which products consumers are expected to spend more on over the next five years..Those in the tech world will find plenty of things that interest them in the team’s results. They reveal the products that are expected to bring in the most revenue in a rapidly shifting economy.

Online Education

In a ranking of non-grocery related items, online university education came in third for projected spending. The current market volume for online education is $94 billion and expected to increase to $136.6 billion by 2029, an increase of 9.92% (Projected Annual Growth Rate). Online education is popular because it can remove barriers faced by non-traditional students, by offering better flexibility and lower tuition. Online education exploded by necessity during the COVID-19 pandemic in 2020 and many students found they preferred this college experience. Improved video conferencing platforms have made online education an option that seriously competes with traditional in-person courses and the team clearly expects this trend to continue.

E-Services

An E-service is a remote offering of services. It can refer to online banking, government portals for tax processes or applications, a legal service, etc. This can even include online entertainment like gaming and streaming services. E-services rank at #8 on the team’s non-grocery list. The current market volume is $532.4 billion with a projected growth of $717.4 billion in 2029. That’s a 7.74% projected annual growth rate. E-services are convenient for consumers and as AI evolves, it becomes more cost-effective and streamlined for businesses. Since this is such a broad category of business, it’s no surprise that the E-service market will grow.

• Also read: Research Across Retailers Confirms Holiday Tactics Often Fail, Highlighting Evidence-Based Engagement Strategies

Online Food Delivery

Online food delivery is another market that’s boomed since 2020. Apps like DoorDash, Postmates, and Grubhub make it easy to get food directly to your door. When restaurants shut down during the pandemic, delivery was the only option for eating out. The current market value of online food delivery is $430 billion and expected to reach $563.4 billion in 2029 at a 6.99% growth rate. Over half of Americans consider online food delivery as an essential part of their lifestyle and it’s most popular among Millennials and Gen Z. Some projections say that “ghost kitchens” (these are kitchens that prepare food for delivery only with no sit-down restaurant) will account for half of drive-thru and takeaway orders by 2030.

Electronics

Heading further down the team’s ranking and analysis we see Electronics in the #16 spot, proving that there’s always a market for gadgets. The current market value is $99.4 billion expected to grow 4.10% to $116.6 billion in 2029. According to United Industries, TheBestSellingElectronics are smartphones, smart home devices, wearable health technology, laptops and tablets, electric vehicles, gaming consoles, and audio devices. These devices are very popular and an essential part of life for many people. They’re reliable technology products that will likely see steady to growing sales far into the future.

Media

While media can encompass some non-technological products, these days it encompasses many electronic and online-based products. The media economy is driven by technology used to create social media platforms and apps, video games, films and television, podcasts, art, music, and e-books. While print media and live performances are still popular in some spaces, they are more of a niche market with technology driving and defining the media landscape, for better or worse. Most media outlets have shifted to digital platforms, and our culture is tremendously influenced by social media. There is no divorcing technology from culture in this day and age, and we can see that reflected in the market. The current market volume for media is $14.3 billion and expected to increase to $16.8 billion at a respectable growth rate of 4.06%.

Technology’s Impact on the Food Market

LLCAttorney’s study found that food spending will increase the most in the past five years, which is no surprise since it’s one of the most essential purchases we make. However, we can look through the data and speculate on technology’s impact on food spending. For example, many people use an app to have groceries delivered. Studies indicate that more Americans are cooking at home, thanks in large part to plenty of resources online teaching them how to cook, meal plan, or order meal delivery kits. Technology is used for convenience and there’s no doubt that Americans want to find more convenient ways to feed themselves.

Impacts on Consumer Spending

Historical sales data, economic outlooks, and emerging patterns all fuel the projections on consumer spending and economic growth. Demographics can have a big impact on consumer spending. Younger people are more drawn to spend on technology, but aging people have a need for convenience, services, and health-related goods. Unexpected changes like wars or pandemics can shift the course of these projections, but overall we can see that technology is a driving force in economic development and market predictions.

Take a look at the infographic below for more insights:

Read next: 

• Gen Z Eschews Career Advisors as ChatGPT Becomes Their Go-To for Academic Advice, Study Shows

From our advertisers: AI-Powered Writing Is Becoming the New Workplace Standard — How Teams Are Leveraging Tools Like QuillBot to Communicate Faster and Smarter
by Irfan Ahmad via Digital Information World

How to Secure Your iPhone and Android Device Against Nation-State Hackers

US cybersecurity officials updated their mobile security recommendations this week, warning that sophisticated hackers are bypassing device protections by manipulating users directly.

The Cybersecurity and Infrastructure Security Agency released revised guidance on November 24, adding new warnings about social engineering tactics targeting encrypted messaging apps. While the recommendations target high-risk individuals in government and politics, the advice applies to smartphone users globally.

Why the Update Matters

Nation-state hackers from foreign countries breached commercial telecommunications networks in 2025. They stole customer call records and intercepted private communications for targeted individuals. The attacks prompted CISA to expand its December 2024 mobile security guidance.

The threat extends beyond technical vulnerabilities. Hackers are tricking people into compromising their own security.

Four New Warnings About Messaging Apps

CISA identified specific tactics hackers use against apps like Signal and WhatsApp:

Fake security alerts. Hackers claim your account is compromised to trick you into giving them control. They send messages that look like security warnings, even inside the app itself, requesting PINs or one-time codes. Be suspicious of unexpected security alerts.

Malicious QR codes and invitation links. Avoid scanning group-invitation links or QR codes from unknown sources. Verify group invitations by contacting the creator through a different channel.

Compromised linked devices. Foreign threat actors abuse the legitimate linked devices feature to spy on Signal conversations, according to a February 2025 Google report. Check your messaging app's linked devices section. Remove anything you don't recognize immediately.

Message retention. Turn on message expiration features that automatically delete sensitive messages after a set time. Check workplace policies first if using a work device.

Essential Security Steps for Everyone

Switch to encrypted messaging. Use apps like Signal that provide end-to-end encryption and work across iPhone and Android. Standard text messages are not encrypted.

Stop using SMS for security codes. Hackers with access to phone networks can intercept text messages. Use authentication apps like Google Authenticator or Microsoft Authenticator instead. Physical security keys like Yubico or Google Titan offer the strongest protection.

Some services default to SMS during account recovery even after you disable it. Check each account individually.

Use a password manager. Apps like 1Password, Bitwarden, Google Password Manager, or Apple Passwords generate strong passwords and alert you to weak or compromised ones. Protect your master password with a long, random passphrase.

Set a carrier PIN. Most mobile phone carriers let you add a PIN to your account. This blocks SIM-swapping attacks where hackers transfer your number to their device. Add the PIN, then change your carrier account password.

Update everything regularly. Enable automatic updates on your phone. Check weekly to ensure updates installed correctly.

Buy recent hardware. Older phones cannot support the latest security features, even with software updates. New hardware includes protections that older models physically cannot run.

Skip personal VPNs. Free and commercial VPNs often have questionable privacy policies. They shift risk from your internet provider to the VPN company, frequently making things worse. Work VPNs required by employers are different.

iPhone Security Settings

Enable Lockdown Mode. This feature restricts apps, websites, and features to reduce attack opportunities. Some functions become unavailable.

Turn off SMS fallback. Go to Settings, Apps, Messages and disable Send as Text Message. This keeps messages encrypted between Apple users.

Use iCloud Private Relay or encrypted DNS. Private Relay masks your IP address and encrypts DNS queries in Safari. Free alternatives include Cloudflare's 1.1.1.1, Google's 8.8.8.8, or Quad9's 9.9.9.9 DNS services.

Review app permissions. Check Settings, Privacy & Security to see which apps access your location, camera, and microphone. Revoke unnecessary permissions.

Android Security Settings

Choose secure phones. Buy from manufacturers with strong security records and long update commitments. Android maintains an Enterprise Recommended list of devices meeting security standards. Look for phones with hardware security modules, monthly security updates, and five-year update guarantees.

Enable RCS encryption. Only use Rich Communication Services when end-to-end encryption is enabled. Google Messages enables this automatically when all participants use the app.

Configure encrypted DNS. Set up Android Private DNS with Cloudflare's 1.1.1.1, Google's 8.8.8.8, or Quad9's 9.9.9.9.

Check Chrome security settings. Confirm Always Use Secure Connections is enabled to force HTTPS. Enable Enhanced Protection for Safe Browsing for extra protection against phishing and malicious downloads.

Verify Google Play Protect is running. This scans apps for malicious behavior. Hackers try to trick users into disabling it. Check app scans regularly and exercise caution if using third-party app stores or sideloading apps from other sources.

Limit app permissions. Go to Settings, Apps, Permissions Manager. Remove unnecessary access to location, camera, and microphone.

The Bigger Picture

CISA says to assume all communications between mobile devices and internet services face interception or manipulation risks. No single fix eliminates all threats, but combining these protections significantly reduces vulnerability.

The guidance acknowledges that organizations may already require some measures like secure communication platforms and multi-factor authentication. Where they don't, individuals should implement these protections themselves.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next:

• Study Finds AI Tools Already Match Human Skills in More Than a Tenth of U.S. Wage Value

• Want To Rank Better In ChatGPT? Data Shows Sites With Strong Authority And Depth Earn Most Citations
by Web Desk via Digital Information World

Want To Rank Better In ChatGPT? Data Shows Sites With Strong Authority And Depth Earn Most Citations

A new analysis of 129,000 domains and more than 216,000 pages, conducted by SERanking, offers one of the clearest looks yet at how ChatGPT chooses its sources.

The study tested assumptions around domain authority, recency, structured markup, and new formats like LLMs.txt. The results point to a set of consistent patterns that influence whether a page appears in an AI response. Many common claims did not hold up under the data.

The strongest signal across the dataset is the number of referring domains. Sites with more than 32,000 referring domains are more than three times as likely to be cited compared with those that have only a few hundred. Once a domain reaches that threshold, citation growth rises sharply. This trend aligns with Domain Trust performance. Domains above DT 90 earn nearly four times the citations of those below DT 43. Page Trust also matters. Pages scoring above 28 average more than eight citations, which matches the broader pattern that ChatGPT responds to signals of authority spread across a domain.

Traffic plays a significant role but only at higher levels. Domains with fewer than 190,000 monthly visitors cluster in the same citation range. A clearer lift starts when traffic passes that point. Sites with more than ten million monthly visitors average roughly eight citations. The homepage appears to be a central factor. Domains with about eight thousand organic visitors to their homepages are about twice as likely to be cited as those with only a few hundred. Rankings show a similar pattern. Pages that average positions between one and forty five receive about five citations. Pages ranked between sixty four and seventy five average about three.

Content depth and structure contribute meaningfully. Long form articles outperform shorter ones. Pages above two thousand nine hundred words average more than five citations, while those under eight hundred words average just over three. The effect is even stronger for smaller sites where length influences citations by about sixty five percent more than it does for major domains. Pages rich in statistics show stronger results. Articles with more than nineteen data points average more than five citations. Pages with expert input average more than four citations compared with roughly two for those without. Clear structure also helps. Pages with sections between one hundred twenty and one hundred eighty words gain about seventy percent more citations than those with very short sections.

• Also read: Gen Z Eschews Career Advisors as ChatGPT Becomes Their Go-To for Academic Advice, Study Shows

Freshness matters less than many expect, but updates make a clear difference. Newer content performs only slightly better than content that is several years old. The strongest lift appears when pages have been updated within the past three months. Updated articles average about six citations, almost double the figure for pages that have not been refreshed recently.

The study also examined formats such as FAQ sections and question based titles. On the surface, pages with FAQ sections or question styled headings seem to underperform. But the model’s interpretation shows that missing these sections can be a negative signal. Their impact improves when combined with strong authority and depth. They act as supporting elements rather than primary drivers.

Social presence emerged as one of the clearest contributors. Domains with millions of brand mentions on Quora and Reddit perform about four times better than those with very few. Even smaller sites can use these platforms to build trust signals if they participate in discussions and generate genuine mentions. Review sites show a similar pattern. Domains present on platforms such as Trustpilot, G2, Capterra, Sitejabber, and Yelp average between four and six citations. Those absent average less than two.

Technical performance shows a consistent relationship. Fast loading pages with an FCP under zero point four seconds average almost seven citations, while slower sites fall to about two. A similar pattern appears in Speed Index results. INP scores behave differently though. Pages with moderate INP, around zero point eight to one point zero, perform best. Extremely fast INP scores tend to appear on simpler pages that attract fewer citations overall.

The study found little benefit from LLMs.txt files. They showed no meaningful impact on citation likelihood and even reduced predictive accuracy during testing. FAQ schema markup also showed minimal influence. Pages without it averaged slightly more citations than those using it, which suggests that LLMs respond more strongly to logical structure in the content itself.

All in all, the results point to a hierarchy that favors authority, depth, structure, technical quality, and visible engagement across platforms. Smaller domains can compete when they produce thorough content, maintain clear structure, update consistently, and build authentic presence on discussion and review sites. Large domains benefit most from their existing trust signals but still gain from fast, well maintained pages.

The data shows that AI models reward the same fundamentals that shape strong websites more broadly.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans.

Read next: Study Finds AI Tools Already Match Human Skills in More Than a Tenth of U.S. Wage Value
by Asim BN via Digital Information World

Study Finds AI Tools Already Match Human Skills in More Than a Tenth of U.S. Wage Value

A new analysis from researchers at MIT and Oak Ridge National Laboratory outlines how current AI systems already match human capabilities across a significant share of the labor market. The Iceberg Index, the study’s central measure, shows that digital AI tools can technically perform tasks linked to about eleven point seven percent (11.7%) of total U.S. wage value. The estimate covers roughly one point two (1.2) trillion dollars in work spread across finance, healthcare, administrative services, and professional roles.

The researchers stress that this figure reflects technical exposure rather than predicted job loss. The index measures where AI systems can perform skills found in existing occupations and maps those capabilities across 151 million workers. It does not attempt to forecast adoption timelines or employment outcomes. Instead, it gives policymakers and businesses a forward-looking view of skill overlap that traditional workforce data cannot capture.

To build the index, the team created a detailed digital representation of the labor market using more than 32,000 skills, 923 occupations, and 3,000 counties. Each worker appears as an agent with a skill profile and geographic location. The same skill taxonomy is applied to more than 13,000 AI-powered tools such as copilots and workflow systems. When combined, these datasets show where human and AI capabilities intersect and how much wage value is tied to tasks that AI systems already demonstrate in practice.

One section of the study focuses on what it calls the Surface Index, a view limited to current visible AI adoption. This portion of the labor market is concentrated in computing and technology roles and represents about two point two percent of wage value, or roughly 211 billion dollars. That cluster captures the most publicized examples of automation in software development and related fields. The broader Iceberg Index expands beyond those areas and reveals that the scale of potential task coverage is much larger and reaches well outside major tech hubs.

The analysis shows that administrative, financial, and professional service jobs account for much of the hidden exposure. These roles rely on cognitive and document-processing tasks that AI tools can already perform. As a result, every state registers measurable exposure even when local economies have small technology sectors. The study points specifically to manufacturing regions where white-collar coordination and support functions show far higher exposure than commonly assumed.

Several states have already integrated the index into early planning efforts. Tennessee, North Carolina, and Utah worked with the research team to test model accuracy and explore how policy choices might influence local outcomes. Officials can use the platform to examine county-level skill patterns and experiment with training programs or workforce investments before allocating significant funds.

The study also compares the index with traditional benchmarks such as GDP, income, and unemployment. These indicators show little alignment with the broader Iceberg Index and explain only a small share of state-to-state variation in exposure. This gap suggests that familiar economic signals may not reflect how AI capabilities intersect with real work, making skill-based measures more useful for anticipating transitions.

The authors note several limitations, including the focus on digital AI tools rather than robotics and the decision to measure technical capability rather than adoption behavior. Even with these boundaries, the index offers one of the clearest views yet of how AI fits into the structure of the modern workforce. The findings point to an economy in which AI reaches far beyond visible technology jobs and into routine tasks across the country, creating a need for workforce strategies that match the scale of the transition.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans.

Read next: EU Member States Agree on Draft Online Child Protection Rules Without Mandatory CSAM Scanning
by Web Desk via Digital Information World

EU Member States Agree on Draft Online Child Protection Rules Without Mandatory CSAM Scanning

European Union member states have reached a common position on draft legislation aimed at strengthening online child protection, stopping short of requiring global technology companies to identify or remove child sexual abuse material. As per Reuters, the announcement was made Wednesday by the European Council.

The new Council text differs from a 2023 European Parliament proposal, which would have mandated that messaging services, app stores, and internet providers report and remove known and newly detected abusive content, including grooming materials. Under the Council’s draft, providers are now required to assess the risks of their services being used to disseminate such material and implement preventive measures where necessary. Enforcement is delegated to national authorities rather than the EU.

Companies could still voluntarily check for abusive content "beyond April next year", when current online privacy exemptions expire. The legislation also establishes an EU Centre on Child Sexual Abuse, designed to support member states in compliance and provide assistance for victims.

The Council’s approach has been described as less prescriptive than earlier proposals, focusing on risk assessment rather than compulsory monitoring or scanning. Some critics have raised concerns that allowing companies to self-assess could have implications for privacy and encrypted communications.

The European Parliament has separately called for minimum ages for children accessing social media, but no binding legislation on this issue currently exists.

EU member states must now finalize details with the European Parliament before the regulation can become law.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by human. Image: DIW-AIgen

Read next: Gen Z Eschews Career Advisors as ChatGPT Becomes Their Go-To for Academic Advice, Study Shows
by Asim BN via Digital Information World