News

Visa Adopts Blockchain For Cross-Border, Bank To Bank B2B Payments

Posted on by Andy Miller

Visa is integrating blockchain technology with its core systems to enable participant businesses to make direct, cross-border, bank to bank payments to other corporate participants.

B2B Connect

The news system called Visa B2B Connect is being built using the Hyperledger Fabric framework from the Linux Foundation, and will mean that, rather than paying another corporate by cheque, automated clearing house or wire transfer, all of which require intermediary banks and exchanges, payments can be made directly and instantly from bank to bank of corporate customers.

This will mean cost and time savings, and the ability to pay and get paid 24-hours a day, regardless of location, local time differences, and other problematic traditional banking anomalies such as data truncation, payment delays and compliance issues.

Suite of APIs

The Visa B2B Connect system essentially provides a suite of Application Programming Interfaces (APIs) which allow participating banks to automate B2B, cross-border and cross-currency payments, by developing an end-to-end B2B payments solution to onboard customers, set up their suppliers, check Visa B2B Connect foreign exchange rates and submit payments. Alternatively, banks can choose to integrate just a subset of the APIs to address more specific needs e.g. checking on the status of certain payments through the Visa B2B Connect site.

Expansion Plans

Although the new system will only work for those corporates signed-up as participants to Visa’s pilot scheme, there are already plans to expand it so that it will cover more than 30 global trade corridors and 90 markets by the end of this year.

Benefits

The benefits that the blockchain-based B2B Connect system offers include cryptographically secured B2B transactions, transaction transparency and predictability, and the peace of mind and security of operating within a trusted network where all parties are known participants on a permissioned blockchain operated by Visa.

Blockchain Lacking Functionality

Recent research by Gartner showed that Only 11% of CIOs have deployed or are in short-term planning with blockchain, partly because of the fact that, at the moment, blockchain is a technology and not a complete, ready to use application, and therefore, lacks business-friendly features like a user interface, business logic, data persistence and interoperability mechanisms.

What Does This Mean For Your Business?

For corporates, Visa’s B2B Connect system appears to unlock some of the long-promised benefits of blockchain in terms of fast and easy cross-border payments, security, transparency, and the reassurance of a trusted name in the payments world.  Also, the fact that a suite of APIs are available to participants means that the system can be set up relatively easily, thereby tackling the issue (as highlighted by the Gartner research) of confusion among corporate tech heads about how best to incorporate blockchain and worries about there being few ready to use, complete applications available.

For smaller businesses the hope of being able to use blockchain to add value, reduce costs and gain competitive advantages is being boosted by a growing Blockchain as a Service (BaaS) market which offers the chance to deploy distributed ledgers without the cost or risk of deploying it in-house, and without needing to find in-house developers.  The cloud-based CRM platform ‘Salesforce’ for example, is adding a low code, blockchain-powered service that will allow enterprise users to share data with third parties in a secure, transparent, and auditable way.

Google’s reCAPTCHA v3 System Prompts Privacy Criticism

Posted on by Andy Miller

The widely used Google  reCaptcha V3 bot-detecting login system has come in for some criticism after two security researchers claimed that one of the ways that Google determines whether you’re a malicious user depends on whether you have a Google cookie installed on your browser, which could also mean that the privacy of your browsing habits may also be at risk in using the system.

What Is reCaptcha V3?

Google’s reCaptcha V3 is the latest version of Google’s bot-detecting login system, introduced last autumn, that can detect abusive traffic/malicious user-behaviour on your website without user friction i.e. without the need to tick an ‘I am not a robot’ box, or identify items in pictures.  With this version of the reCaptcha system, background monitoring assigns a risk score to a user, which then enables the system to decide how to handle that user e.g. if a user with a high-risk score tries to log in, they may then be required to use two-factor authentication. From Google’s point of view, the idea is to give users a better experience and avoid the kinds of interactions that can inhibit users from intuitively and painlessly reaching their goals within a digital interface. With reCaptcha V3, Google may be happy with the trade-off between the possibility of some inconvenience for legitimate users versus greater protection for websites.

Widely Used

It has been reported that 650,000 websites already use reCaptcha v3, including 25% of the top 10,000 sites.  This makes any concerns about the system a potentially serious issue.

What’s The Problem?

The concern suggested by the two researchers, Marcos Perona and Mohamed Akrout, who have studied reCaptcha V3 is that, being a Google product, not only does it appear likely to deem a user less of a risk if they have a Google cookie on their browser i.e. they have a Google account and are signed in, but that cookies like these can also pass on data which is unnecessary for login, about a person’s browsing habits, thereby posing a possible threat to privacy.

The research found, for example, that those who went to a website with reCaptcha v3 while logged into their Google account were given a low-risk score by the system, whilst those who visited using private browsers such as Tor or a VPN were scored as high risk. Also, the research found that to make the risk-score system work properly, web admins need to embed reCaptcha v3 code on all pages on the website.  This will enable reCaptcha to learn about how website users act on the site over time, thereby assisting the machine learning algorithm to generate more accurate risk scores. Unfortunately, installing reCaptcha v3 every page of a website could mean that those signed into their Google account are unwittingly passing on data about every web page they go to that has embedded reCaptcha v3, thereby potentially having their privacy compromised to an extent.

What Does This Mean For Your Business?

It should be remembered that these are the conclusions of pieces of research which may or may not have valid points, but it certainly wouldn’t be the first time that Google has been accused of potentially causing concern in matters of user privacy. For example, a microphone was discovered in Google’s Nest Guard product that was not listed in tech spec (which was put down to an erroneous omission by Google), and in December last year, research by Internet Privacy Company DuckDuckGo reported evidence that could show that even in Incognito mode, users of Google Chrome can still be tracked, and searches are still personalised accordingly.

Users and businesses appreciate the value of frictionless interactions and positive experiences with websites, as well as both appreciating the need to keep introducing new versions of products with improved security to stay one step ahead of attackers.  Privacy, however, is also an important issue, both legally and personally, and the heightened concerns about it may mean that Google gets a little bad publicity where users feel that data may be unnecessarily gathered, or is collected in a way that doesn’t appear to be made entirely obvious.

New Electric Cars Will Emit Noise For Safety Reasons

Posted on by Andy Miller

In contrast to the vision of a quieter, close-future utopia where vehicles pass noiselessly by, a new law means that from 2021, all new four-wheel electric cars will be required to include a noise emitting device so that pedestrians can hear the cars approaching. At low speeds, at least.

Avas

The EU rules on the inclusion of a noise that is emitted at low speeds to help safeguard pedestrians dates back to 2014 when MEPs agreed that new models of electric and hybrid vehicles would have to make a noise similar to a combustion engine by 2019 and that all new electric and hybrid cars would need to audible by 2021.

The new legislation, which has been approved by the European Parliament, and has been welcomed by the UK government’s Roads Minister Michael Ellis, will mean the mandatory inclusion and use of Acoustic Vehicle Alerting Systems (Avas).  The Avas will emit a sound like a traditional car engine when the electric vehicle is reversing or travelling below 12mph/19km/h.  With electric engines being virtually silent, the hope is that the new law will reduce the risk posed to pedestrians, and particularly the visually impaired if they are not able to hear an electric car approaching.

Warning Sounds Already Developed

The challenges posed to pedestrian safety by electric vehicles that are ‘too quiet’ have long been anticipated by car manufacturers who have been developing electric warning sounds since 2011.  For example, many Nissan, Chevrolet, Honda, Hyundai, and Toyota models already have the noises.

Reasons For Move To Electric Cars

The shift towards investment by vehicle manufacturers in electrification is being driven by pressure from regulators in China, Europe and the US to cut carbon emissions from fossil fuels, and plans by China, India, France and the United Kingdom to phase out vehicles powered by combustion engines and fossil fuels between 2030 and 2040.

All the major car manufacturers, including GM, Volkswagen, Toyota, Mercedes-Benz, Jaguar Land Rover, Renault, Nissan, Mitsubishi and Volvo have been investing heavily in electric cars to bring the next wave of profits.  For example, back in January last year, the Ford Motor Co announced its plans to more than double its previously announced target of $4.5 billion investment in electric cars to $11 billion by 2022.  Ford’s aim was to have as many as 40 mainstream, hybrid and fully electric vehicles in its model line-up.

What Does This Mean For Your Business?

It may seem a little ironic that instead of being able to completely eradicate the noise pollution of traditional combustion engines, electric engines have ended up being too quiet and will require the specific inclusion of a noise.  Nevertheless, the noise will only be made at low speeds, and drivers will have the power to deactivate the noise-making devices in certain situations.

Car companies have been developing electric vehicles and have known about the need for a noise for many years, and as such, the development and inclusion of such a noise has been part of the overall investment and plans anyway.  The nature of the noise used by each manufacturer may, however, vary and provides another opportunity for differentiation and brand identity as each company works on its own ‘sound signature’.

For pedestrians, the visually impaired, and road safety campaigners, legislation to force companies to include a warning sound in their vehicles is good news and is one way in which road safety can be improved in a new era of electronic transportation.

E-Waste Inquiry

Posted on by Andy Miller

The growing number of connected electronic devices in use in the UK has led to an inquiry by the cross-party Environmental Audit Committee (EAC) which will focus on reducing ‘e-waste’ (dumped devices) and creating a circular economy.

Mostly As Landfill

One of the most startling statistics which has led to the EAC inquiry is that 90% of the 44.7 million tonnes of e-waste produced worldwide in 2017 ends up in landfill, is incinerated, is illegally traded or is otherwise treated in a sub-standard way.

Plastics & Precious Metals

The need to do something now to prevent an even bigger future problem has been heightened by recent reports of plastic waste and microplastic particles in the world’s oceans, sea creatures, and even frozen in arctic ice.  For example, figures (SAS.org) show that it is estimated there are 5.25 trillion macro and microplastic pieces floating in the open ocean weighing up to 269,000 tonnes.  The UK is also acknowledged to be a major exporter of waste to developing countries, many of which are not equipped to dispose of the waste in a socially and environmentally responsible way.

In the case of e-waste, plastic is just one of the components which could pose a serious environmental risk and could represent a missed opportunity to recycle valuable elements. For example, the UK currently produces 24.9kg of e-waste per person, which is nearly 10kg more than the European Union (EU) average.

In addition to large quantities of plastic, e-waste can include high value, difficult to obtain elements such as lithium, tantalum and tungsten, and other polluting and dangerous chemicals (up to 60 different metals and chemicals) which could pose a risk to public health, wildlife and the wider ecosystem if, for example, they got into the water supply via landfill.   

Need To Create A Circular Economy

In addition to investigating the e-waste problem, the EAC will be investigating the UK’s e-waste industry and looking at how a circular economy can be created for electronic goods.  A circular economy is an economic system aimed at minimising waste and making the most of resources.

What Does This Mean For Your Business?

We know that the growing number of devices is creating a massive e-waste problem, and it is good that the UK government is launching its own inquiry, hopefully bringing one more to the 67 countries that have enacted legislation to deal with the e-waste they generate. 

Some commentators have noted that, having a more digital and connected world could actually help to accelerate progress towards Sustainable Development Goals, thereby helping emerging economies, and ensuring that less precious minerals, metals and resources are dumped into landfill.

Some of the suggested ways to help deal with e-waste problem, and which will have an impact on many businesses, not least those who manufacture and sell devices, are looking at ways to dematerialise the electronics industry e.g. through device-as-a-service business models, better product tracking and take-back schemes, and entrepreneurs, investors, academics, business leaders and lawmakers working together to find ways to make the circular economy work.

Tech Tip – ‘Over’ App

Posted on by Andy Miller

Stylish and engaging social media posts are an important part of marketing communications.  The Over app has the tools to help you to quickly and easily create stylish designs packed with photos, images and text, ready for Instagram, Facebook and other social sites, as well as for posters and flyers.

Over has over 84,000 graphics, over 350 fonts, and over 500 customisable templates so that you can create posts to suit your requirements.

To get ‘Over’, go to the Google Play Store or Apple’s App Store.

Is CCTV Surveillance By Amazon Drones The Future?

Posted on by Andy Miller

An Amazon patent from 2015 appears to indicate that Amazon may consider ‘surveillance as a service’ using a swarm of its delivery drones armed with CCTV, as a monetising opportunity in the future.

Patent

The details in the patent foresee customers paying for a tiered service that employs the onboard cameras of Amazon’s delivery drones visiting users’ homes in-between delivery routes and filming irregularities and potentially suspicious activities.  For example, the cameras could potentially be programmed to detect evidence of break-ins and lurkers on/near a property, and the onboard microphones could even be programmed to detect suspicious noises such as breaking glass.

Tiered Service

It is thought that such a service could offer different tiers of service (reflected by different pricing) based upon factors such as frequency of visits e.g. daily or weekly, monitoring type e.g. video or still, and alert type e.g. SMS, email, a call or via app ‘push’ notifications.

Privacy

There are likely to be some obvious privacy concerns with a private company using its drones to film an area where it has a customer. However in doing so, avoiding filming an area where it does not have permission to film would present a challenge.

The Amazon patent suggests a possible remedy in the form defining a “geo-fence” around the area that does have permission to be filmed so that the drone’s surveillance activities can be focused (to an extent).  The patent appears to accept, however, that some filming of the outside area of the fence could occur.

National Surveillance Camera Day

In a world first, last week the UK played host to an awareness-raising National Surveillance Camera Day on 20th June as part of the National Surveillance Camera Strategy. As part of the day’s events, an “doors open” initiative allowed the public to see first-hand how surveillance camera control centres are operated at the premises of signatories to the initiative in the UK e.g. local authorities, police forces, hospitals, and universities.

Drone Research Reveals Negative Perceptions Among The Public

For the most part, people accept that the presence of CCTV surveillance cameras in public areas, operated by local authorities, and the presence of CCTV on business premises are generally for the greater good as a crime-reduction tool.

The same cannot be said for drone-based surveillance.  For example, new research from the PwC has shown that public perception remains a barrier to drone uptake in the UK.  The results of the research showed that less than a third of the public (31%) feel positive about drones, and more than two-thirds are concerned about the use of drones for crime.  In contrast, businesses appear to have a much more positive perception of drone use with 35% of business leaders saying that drones aren’t being adopted in their industry because of negative public perceptions despite the fact 43% of those business people who were surveyed believed that their industry would benefit from drone use.

What Does This Mean For Your Business?

Amazon is a company that has continued to grow and diversify into many different areas in recent years, embracing and pioneering many different technologies along the way, such as parcel delivery drones. It is not unusual for companies, particularly big tech companies to introduce many patents with many new ideas. In that sense, it’s difficult to criticise Amazon for wanting to get maximum (monetising) leverage from its delivery drones from a business perspective.

There remain, however, some serious challenges to the ideas in the drone surveillance patent including privacy concerns, and problems with current negative public perceptions of drones.  This will require education around case-use for drones, and re-assurance around regulation and accountability – this is a public company and could be one of many using the skies to offer the same service once the floodgates are opened.

For some businesses, however, as identified by the PwC and by Amazon’s patent, drones potentially offer some great new business opportunities.  It should also be noted that drones can offer some potentially life-saving opportunities, such as the human kidney for transplant that was delivered by drone, in the first flight of its kind, to a Medical Centre in Baltimore in May this year, thereby getting the organ to the surgeons much faster than by road.

For Drones it seems, there remains many opportunities and challenges to come.

Fraud Reported on Deliveroo and Just Eat App

Posted on by Andy Miller

Some Deliveroo and Just Eat customers have reported that their accounts have been used to buy food that they didn’t order, but both companies deny a data breach.

What Happened?

Several Deliveroo customers are reported to have been sent an email from the company stating that the email address linked to their account had been changed, after which it was found that food had been ordered through their account by using credit which an unknown person had obtained by claiming refunds for previous orders.

In the case of Just Eat, some customers also reported having their card details used to purchase food that they had not ordered.

Another Source

Both companies are reported to have denied that their systems had been breached and have said that the customer details used to fraudulently order the food were obtained from another, third-party source.

Password Sharing

Deliveroo is reported as saying that cyber-criminals know that people re-use passwords for multiple online services and that they can obtain login credentials gained from other breaches on other sites to try to access Deliveroo accounts.  This clearly indicates that Deliveroo believes that password sharing may have been a key factor in this fraud.

Expect To Lose Money To Online Fraud

Online fraud is now so prevalent that it appears that many people are resigned to the fact that they will be directly affected, and the message about the dangers of password sharing is not getting through.

For example, the UK National Cyber Security Centre research from April shows that 42% of Brits expect to lose money to online fraud by 2021.

The UK Cyber Survey found also that 70% believe they will likely be a victim of at least one specific type of cyber-crime over the next two years, and that 37% of those surveyed agree that losing money or personal details over the internet is unavoidable these days. The survey also found that fewer than half of those questioned used a separate, hard-to-guess password for their main email account.

1234 Still Most Popular + Dark Net

It’s not just password sharing that’s the problem but also that many people still appear to be choosing obvious passwords.  For example, the NCSC’s recent study into breached passwords revealed that 123456 featured 23 million times, making it still the most widely used password on breached accounts.

Also, recent Surrey University research showed that cyber-criminals now have their own invisible Internet on the so-called ‘dark net’ to allow them to communicate and trade beyond the view of the authorities, and that login details obtained from previous breaches are relatively cheap and easy to buy there.

Not The First Time For Deliveroo

It should be noted that, even though Deliveroo appears to have put the burden of responsibility elsewhere for these recent attacks, some customers had their accounts hacked and unordered food purchases were made back in 2016.  At the time the company also blamed the problems on passwords that had been stolen from another service in a major data breach, although some security commentators have suggested that Deliveroo should now look at whether its security systems are secure enough.

What Does This Mean For Your Business?

If Deliveroo and Just Eat’s claims are to be believed, users of these and many other services may be leaving themselves open to fraud by making bad password choices and/or may be unaware that they are using login credentials that have already been stolen or can be obtained by methods such as credential stuffing. Making good password choices is a simple but important way that we can protect ourselves, and Action Fraud suggests that we should all use strong, unique passwords for online accounts and enable two-factor authentication where it is available.

Ideally, passwords should never be shared between accounts because if one breach has taken place on one site, login details can very quickly be tried on other sites by cyber-criminals.  For example, in January a collection of credential stuffing lists (login details taken from other site breaches) containing around 2.7 billion records, including 773 million unique email address and password combinations was discovered being distributed on a hacking forum.

Websites such as https://haveibeenpwned.com/ enable you to check whether your email address and login details have already been stolen in data breaches from other websites and platforms.

Suspected Russian Disinformation Campaign Rumbled

Posted on by Andy Miller

An investigation by the Atlantic Council’s Digital Forensic Research Lab (DFRLab) claims to have unearthed a widespread disinformation campaign aimed at influencing online conversations about several topics, that appears to originate in Russia.

Facebook Accounts

Sixteen suspected Russian fake accounts that were closed by in early May 2019 led researchers to an apparent campaign which stretched across 30 social networks and blogging platforms and used nine languages. The campaign appeared to be focused away from the main platforms such as Facebook and Twitter and was played out instead on blogging sites, subreddits, and online forums.

Even though the scale of the apparent disinformation operation appears to be beyond the abilities of  a small or ad hoc group (the scale has been described as “remarkable”), and that the operation appears to have been working out of Russia,  the DFRLab has pointed out that there is not enough real evidence to suggest that the Russian state / Kremlin is behind it and that the investigation is still ongoing.

What Kind Of Disinformation?

It has been reported that the broad topic areas of the disinformation appear to reflect Moscow’s foreign policy goals e.g. Ukraine, Armenia, opposition to NATO, although conversations have been started and steered around subjects relating to Brexit, Northern Ireland, the recent EU elections, immigration, UK and US relations, the recent turmoil in Venezuela and other issues. Some of the disinformation is reported to have included:

Fake accounts in 2018 of an alleged plot, apparently discovered by Spanish intelligence, to assassinate Boris Johnson.

Shared screenshots of a false exchange between Democratic Unionist Party leader, Arlene Foster, and chief EU Brexit negotiator, Michel Barnier, which appeared to show a secret negotiation behind Theresa May’s back. Also, false information was spread about the Real IRA.

The publishing of a fraudulent letter in French, German, and broken English, featuring a screenshot of a letter allegedly written by Italian-Swedish MEP Anna Maria Corazza was published on various platforms as an attempt to influence the European Parliament elections in May 2019.

Failed and Discovered

The main reasons why the disinformation essentially failed and was discovered were that:

  • Communications were generally not sent via the main, most popular social media platforms.
  • The campaign relied on many forged documents and falsehoods which were relatively easy to spot.
  • So much trouble was taken to hide the source of the campaign e.g. each post was made on a single-use account created the same day and not used again, that the messages themselves hardly saw the light of day and appeared to lack credibility.

What Does This Mean For Your Business?

The fact that someone / some power is going to the trouble to spread disinformation on such a scale with regard to influencing the politics and government of another country is worrying in itself, and the knowledge that it is happening may make people more sceptical about the messages they read online, which can help to muddy the waters on international relations even more.

If messages from a foreign power are used to influence votes in a particular way, this could have a serious knock-on effect on the economy and government policy decisions which is likely to affect the business environment and therefore the trading conditions domestically and globally for UK businesses.  Some have described the current time as being a ‘post-truth’ age where shared objective standards for truth are being replaced by repeated assertions of emotion that are disconnected from real details.  This kind of disinformation campaign can only feed into that and make things more complicated for businesses that need to be able to have reality, truth, clear rules, and more predictable environments to help them reduce risk in business decisions.

Florida Town Pays £475,000 To Hackers To Restart Municipal Computer Systems

Posted on by Andy Miller

Hackers who shut down the municipal computers of Riviera Beach (a suburb of Palm Beach) in a ransomware attack have just earned themselves $600,000 (£475,000) when the local council decided they had no choice but to pay them.

What Happened?

An email containing a virus was opened by an employee.  The result was that the ransomware (malware) shut down Riviera Beach’s computer systems and encrypted the files.  This meant that the email system, the system that allowed 911 dispatchers to be able to enter calls into the computer, water pump stations, and staff pay systems were all seriously disrupted.  Staff were forced to revert to a manual, paper-based admin system.

Vote

The local Council, which has since voted to spend $1 million on new computers and hardware to prevent further hacks, voted to pay the hackers their $600,000 (£475,000) ransom demand to unlock the computer systems and prevent file deletions.  The money was paid in the bitcoin crypto-currency and the payment has been covered by the town’s insurance policy.

No Guarantees

One of the problems of paying hackers who have acted dishonestly in the first place is that there is no guarantee that they will honour their agreement and turn systems back on, which is why many online security experts advocate never paying hacker demands.  Also, if, as in this case, a large ransom is reported to have been paid, this may embolden other hackers to keep using this method of attack e.g. on other council systems.

Fastest Growing Malware Threat

In the US, the Department of Homeland Security has reported that ransomware is the fastest growing malware threat, with City governments in Atlanta, Newark, N.J. and Sarasota all being hit by ransomware schemes. Ransomware attacks have caused major problems with baggage displays and email at Cleveland Hopkins International Airport, computers at the Port of San Diego, (back in 2018) the 100-bed Hancock Regional Hospital in the suburbs of Indianapolis, and threats have even been made to entire towns and cities e.g. city of Leeds, Alabama was attacked and a $55,000 ransom was demanded.

Other Examples of Ransomware Attacks

Back in 2017, guests at the Brandstaetter hotel at the Romantik Seehotel Jaegerwirt resort in Austria were locked out of their rooms and other areas of the hotel including the bar after the hotel was targeted by a ransomware attack.  The hotel paid the €1,500 demand.

This month in the UK’s biggest private forensic company, Eurofins Forensic Services, which carries out DNA testing, toxicology, firearms testing and computer forensics for UK police forces was hit with a ransomware attack which has caused disruption to its IT systems in several countries.

What Does This Mean For Your Business?

Ransomware is a popular attack tool because it is often relatively cheap to create and use, it can spread easily (like WannaCry), the attackers can remain anonymous, and it yields the main motivation for many attacks – financial gain. In the case of Riviera Beach, the attackers focused on local government networks as they were most likely to be easy to penetrate and attack, in this case using a phishing email and relying on human error of staff to open it.

UK businesses and other organisations should, therefore, be warned that all staff should be made aware of the threat of suspicious emails and updates, how to spot them, and what to do (and not do) if they identify one.  Keeping security software up to date and regularly backing up critical data is important, as is assessing the possible danger and false economy of staying with old operating systems as long as possible.

In order to provide maximum protection against prevalent and varied threats businesses should adopt multi-layered security solutions and accept that there is a real likelihood that they will be targeted, thereby helping them to make better preparations.  Businesses should implement the most up to date security solutions, keep up to date with virtual patching, and education of employees in order to mitigate risks from as many angles (‘vectors’) as possible.

Having workable and well-communicated Disaster Recovery and Business Continuity Plans in place is also an important requirement.

Fire-Prone MacBook Pros Recalled

Posted on by Andy Miller

Apple has announced a recall of some older generation 15-inch MacBook Pro units due to the fire risk posed by a tendency for the battery to overheat.

Repair and Replace Free

Apple is offering a recall and replacement program for units that were sold primarily between September 2015 and February 2017 with the company offering to replace affected batteries, free of charge due to a potential battery fire risk.

Service options for affected customers include finding an Apple Authorized Service Provider (through the online tool), making an appointment at an Apple Retail Store, or contacting Apple Support to arrange mail-in service via the Apple Repair Centre.

Serial Number

The eligibility for the program is determined by the serial number product which can be checked on Apple’s website here:

https://support.apple.com/15-inch-macbook-pro-battery-recall

Second Time

This is the second time that this generation of MacBook Pro units has been recalled.  Back in June 2018 and after numerous complaints over two years and even an online petition by a customer, Apple decided to offer free repairs or replacements for the butterfly keyboard on its MacBook and MacBook Pro laptops.  The petition from the time, which attracted over 21,000 signatures, claimed that every one of Apple’s MacBook Pro models, 13in and 15in, were sold with a keyboard that could become defective at any moment because of a design failure.  Apple responded by launching a program which meant that Apple or an Apple Authorised Service Provider could service eligible MacBook and MacBook Pro keyboards, free of charge.

Apple iPad Battery Gas Leak

To make things worse, in August 2018 the leaking of vapours from a damaged iPad battery led to an Amsterdam shop being evacuated and 3 staff being treated for breathing problems caused by the released gas. The fire brigade was called and attended, but there were no reports of any actual flames/fire coming from the affected iPad. Staff had, however, initially reacted to the smoking iPad by putting it in a sand-filled fire bucket. At the time, however, other online reports indicated that similar faults had occurred elsewhere since Apple had started its iPhone battery replacement programme.

Apple Adapter – Fire Risk

In May this year, Apple recalled two different types of plug adapter because of a possible risk of electric shock.  The affected plugs were the two-prong AC wall plug adapter that came with Macs and some iOS devices between 2003 and 2010, and the three prong plug that was included with Apple’s World Travel Adapter Kit.

What Does This Mean For Your Business?

This latest fire-risk recall appears to be part of pattern that could indicate that some Apple products/components/accessories have been released for sale despite having some potentially serious risks, but that the company (perhaps after some time has elapsed and complaints have been made) has made an effort to admit to risks and at least offer repair and replacement programs.

Apple is one of those brands however, that has built a strong reputation for products that are user-friendly, reliable, not prone to the security risks of PCs for example, and for products that look stylish.  As such the company has built a loyal base of fan-like supporters, many of whom are prepared to accept fire and electric shock risk hiccups, and carry on paying premium prices as they perceive the products to be worthy of their generally positive image and relatively high prices.

It is good to note that this product repair and replacement program was offered swiftly, but it is worrying that the same model has been the subject of two such recall programs to date.  Let’s hope it’s the last.