Luminar's New Lidar Could Dominate the Self-Driving Car Market

Self-driving cars are nearly ready for primetime, and so are the laser sensors that help them see the world. Lidar, which builds a 3-D map of a car’s surroundings by firing millions of laser points a second and measuring how long they take to bounce back, has been in development since 2005, when a guy named Dave Hall made one for the Darpa Grand Challenge, an autonomous vehicle contest. In the decade-plus since then, if you wanted a lidar for your self-driving car, Velodyne was your only choice.

Yet Velodyne’s one-time monopoly has eroded in recent years, as dozens of lidar startups came to life, and robocar makers found their own way. Google’s sister company Waymo put years and millions of dollars into developing a proprietary system. General Motors bought a lidar startup called Strobe. Argo AI, which is making a robo-driving system for Ford, acquired one called Princeton Lightwave.

The latest challenger is Luminar, the Silicon Valley-based startup that already has a deal with Toyota, plus three more manufacturers it declines to name. Today, Luminar is announcing the introduction of its newest lidar unit, with a 120-degree field of view (that’s enough to see what’s ahead of the car, but you’d need a couple to get a 360-degree view). And after a first production run of just 100 units, it’s ready to start cranking them out by the thousand—more than enough to meet today’s demand. And maybe, enough to make self-driving cars cheaper for everybody.

“By the end of this year, we’ll have enough capacity to equip pretty much every autonomous test and development vehicle on the road, globally,” says CEO Austin Russell, who dropped out of Stanford in 2012 when he was 17 years old to make Luminar his full-time gig. “This is no longer being built by optics PhDs in a handcrafted process. This is a proper automotive serial product.”

In its 136,000 square foot facility in Orlando (an optics industry hub), the company has dropped the build time for a single unit from about a day, to eight minutes. In the past year, it has doubled its staff, to about 350. It hired Motorola product guru Jason Wojack to head its hardware team. Alejandro Garcia came over from major auto industry supplier Harman to run manufacturing.

Luminar is playing catch up here. Last year, Velodyne opened a “megafactory” to ramp up production and built 10,000 laser sensors. President Marta Hall says it could build a million a year if it wanted to. But the ability to build lots of lidars isn’t enough to win here.

Lidar is a fantastic sensor—it’s more precise than radar and works in more conditions than cameras do—but it’s way too expensive. Velodyne’s top shelf unit, which sees in 360 degrees with a 300-meter range, costs about $75,000 a piece. Buying in bulk will drop that cost, but that’s still a hard price tag to bear, even on a fleet vehicle that can amortize costs over years of service.

At its Orlando production facility, Luminar can now make a lidar unit in about eight minutes—it used to take a day.

Luminar

Luminar made the cost question harder by making its lidar’s receiver (the that acts like your eye’s retina) out of indium gallium arsenide (InGaAs) instead of silicon. Why is this important? Well, to make your lidar “see” farther, you have to fire more powerful pulses of light. They have to be powerful so they have the strength to hit faraway objects and make it all the way back. Most lidars use lasers at the 905 nanometer wavelength. That’s invisible to humans. But if it hits an actual eyeball, like yours, with enough power, it can damage the retina. If you want to fire more powerful pulses (and have your lidar “see” farther) without blinding actual people, you can use the 1550 nanometer wavelength, which is further into the infrared part of the spectrum, and thus can’t penetrate a human eyeball.

Which brings us back to silicon. Receivers made of silicon, which is cheap, can’t detect light at the 1550 wavelength. InGaAs can, but it’s far more expensive. So the industry standard is to use silicon, run at 905 nanometers, and accept you just can’t send your lasers all that far.

But Russell insisted on the extra power, which meant 1550 nanometers, which meant using a receiver made of InGaAs. As a result, he can fire pulses 40 times more powerful than what his competitors shoot, so his lidar can see objects extremely dark objects—like, the kind that can absorb 95 percent of light—even from 250 meters away. He says no one’s lidar can see so well at such distance.

But seriously, InGaAs, as the French say, coute la peus des fesses*. A receiver array about the size of a big potato chip can cost tens of thousands of dollars, Russell says. So Luminar built its own. The result, now in its seventh iteration, is about the size of a strawberry seed. (The entire unit, including the laser and accompanying electronics, is about half a foot square and three inches deep.) That includes the chip that calculates, down to the second, how long the photon has been out in the world. It costs a piddling $3, obliterating Luminar’s cost concerns while allowing for that extra range and resolution. Russell wouldn’t reveal an exact price for the lidar as a whole, but says his customers are quite pleased. And when they’re finally ready to start offering you rides in their robo-taxis, maybe they won’t have to charge you as much for that trip home from the bar.

Luminar’s R&D team also managed to increase the “dynamic range” of the receiver. Just like how your pupils dilate based on light conditions, lidar receivers are tuned to pick up pulses of a certain strength (the farther a photon goes before bouncing back, the weaker it becomes). If you set it to look for faint signals and it gets hit by a much stronger pulse, you can fry the receiver. “We have countless blown-up detectors,” Russell says. The current unit can handle a much greater range of pulse strengths, without even a wisp of smoke.

Meanwhile, Luminar’s already working on the next generation sensor. That one, Russell says, will be affordable enough to put in consumer cars—making the gift of sight little more than a commodity.


Rolling Toward Ready

Mexico data protection body to investigate possible links to Cambridge Analytica

MEXICO CITY (Reuters) – Mexico’s data protection body said on Monday it had opened an investigation into whether companies possibly linked to political consultancy Cambridge Analytica broke the country’s data protection laws.

The nameplate of political consultancy, Cambridge Analytica, is seen in central London, Britain March 21, 2018. REUTERS/Henry Nicholls

INAI, the transparency and data protection regulator, said it was looking at Mexican companies that worked with cellphone app Pig.gi, which gives users free top-ups in exchange for receiving ads and completing surveys.

The app cut ties with Cambridge Analytica in Mexico after the British company was accused by a whistleblower of improperly accessing data to target U.S. and British voters in recent elections.

Pig.gi, which has 1 million downloads in Mexico and Colombia combined, said it had shared results of two election polls of Mexican users with the consultancy and other partners.

Cambridge Analytica has denied Facebook data was used to help to build profiles on American voters and build support for Donald Trump in the 2016 U.S. presidential election.

Reporting by Christine Murray and Lizbeth Diaz; Editing by Michael Perry

Groups Allege YouTube Is Violating Law That Protects Kids

A coalition of more than 20 child-health, privacy, and consumer groups is asking the Federal Trade Commission to investigate whether YouTube is violating a federal law designed to protect children on the internet.

The groups are expected to file a complaint with the FTC on Monday. The relevant federal law, the Children’s Online Privacy Protection Act, or COPPA, requires website operators to obtain parents’ permission when collecting personal data about children younger than 13.

The complaint claims that a significant portion of popular content on YouTube is designed for kids, whose personal information—including IP address, geolocation, and persistent identifiers used to track users across sites—is unlawfully collected by Google and then used to target ads.

The complaint follows reports that some YouTube creators are targeting kids with disturbing videos, including some of kids in abusive situations. On Friday, BuzzFeed reported that the company will offer a safer, human-curated option for YouTube Kids, a version of the site for users under 13.

But the complaint to the FTC argues that most children aren’t watching YouTube Kids, which launched in 2015. They’re watching the same YouTube as the rest of us — and the company is aware of that, says Josh Golin, executive director of the Center of a Commercial Free Childhood, a nonprofit behind the complaint. The company could have moved popular children’s content like Peppa Pig or Sesame Street to YouTube Kids, says Golin, rather than leave videos where “kids are going to be exposed to data collection practices and be one click away from really disturbing content for children.” Human curation may be a good first step, “but changes to the YouTube Kids app do not absolve Google of its responsibilities to the millions of children that use the main YouTube site,” Golin says.

An ad for Barbie appearing on a child-directed video on YouTube’s mobile app from October 2017.

YouTube

A 2017 survey conducted by a market research firm specializing in children and families called YouTube “the most powerful brand in kids’ lives,” with 80 percent of American kids ages 6 to 12 using YouTube daily. A survey from October by Common Sense, another nonprofit group that signed the complaint, found that 71 percent of parents said their children watched YouTube’s website or app, whereas only 24 percent used the YouTube Kids app.

In a statement, a spokesperson for YouTube said, “While we haven’t received the complaint, protecting kids and families has always been a top priority for us. We will read the complaint thoroughly and evaluate if there are things we can do to improve. Because YouTube is not for children, we’ve invested significantly in the creation of the YouTube Kids app to offer an alternative specifically designed for children.”

YouTube’s terms tell kids under 13 years old not to use the service, so Google could argue that kids are watching with their parents and permission is implied. However anyone can watch videos on YouTube without an account. The complaint points out that kids often watch on a mobile device, likely by themselves. In 2015, the company said it launched YouTube Kids as a mobile app “because of this reality – that we’re all familiar with – 75 percent of kids between birth and the age of 8 have access to a mobile device and more than half of kids prefer to watch content videos on a mobile device or a tablet.” COPPA applies to websites that have “actual knowledge” that they are collecting or maintaining kids’ personal information, even if the collection is unintentional.

The complaint claims that YouTube’s advertising practices suggest that executives know children are watching. For example, Google Preferred, a premium service that helps advertisers place their ads in top videos on YouTube’s main site, includes the category “Parenting & Family,” which features channels like ChuChuTV Nursery Rhymes & Kids Song, which has more than 15 million subscribers.

Targeting kids can be lucrative. The complaint points to a popular YouTube channel called Ryan ToysReview, in which a 6 year old reviews toys. The site, which has more than 20 billion views, generated $11 million in revenue last year, according to Forbes.

Targeting Kids

  • After criticism about advertising to kids, YouTube Kids launched an ad-free version, available to parents, for a monthly subscription.
  • Facebook followed YouTube’s lead, launching an ad-free messaging app for kids as young as 6 years old.
  • Most of the experts who vetted Messenger Kids were paid by Facebook

Buy This Oversold Blue-Chip Bank With A 5.4% Dividend

On April 4th, Bloomberg reported that HSBC (HSBC) is considering an exit or sale from smaller consumer operations such as Bermuda, Malta, and Uruguay. In addition, the bank plans to expand its asset management division and is currently looking at a potential merger with a rival.

In our view, the news confirms that the group’s management will remain committed to transforming HSBC into a more focused and more efficient banking institution. More importantly, even though HSBC’s operations in Bermuda, Malta, and Uruguay are small compared to the group’s total assets, we believe a potential sale of these units would have a positive impact on the bank’s capital position, supporting stock buybacks and special dividends.

The recent rise in LIBOR should support HSBC’s NIM

LIBOR has grown by more than 130bps since the beginning of the year. Such a notable increase is currently among the most widely discussed topics. Several analysts suggest that this is an early indicator of a bear market or even a severe financial crisis. In our view, the increase has been driven by idiosyncratic reasons, in particular, higher supply of short-term Treasuries and lower demand from corporates due to the US tax reform.

Source: Bloomberg

With that being said, despite the reasons of the rise in LIBOR, HSBC should benefit from higher short-term rates. As shown below, the bank discloses its NII (net interest income) sensitivity to a shift in yield curves. However, this analysis is based on a parallel shift, while yield curves in most global economies continue to flatten.

Source: Company data

What is important here is that HSBC has a variable-rate loan book. More importantly, a significant part of its credit portfolio is priced off short-term rates. This suggests to us that the rise in LIBOR should be a positive for the bank’s asset yields and its NIM.

Source: Company data

One may argue that higher short-term rates will also affect HSBC’s funding costs, especially given that wholesale sources and corporate deposits are generally tied to the short-end of the yield curve. The caveat here is that HSBC has a unique funding position. As shown below, the bank has one of the lowest LtD (loans-to-deposits) ratios among European banks. In other words, HSBC does not need expensive deposits in order to fund its loan growth. HSBC had been struggling from abundant liquidity for many years as a low interest rate environment has virtually crippled its NIM. Given that rates have started rising, the bank’s excessive liquidity is gradually turning into a positive that will protect HSBC’s NIM in a rising interest rate environment.

European banks: Loans-to-deposits ratio

Source: Bloomberg, Renaissance Research

Saudi Aramco’s IPO

Saudi Aramco (Private:ARMCO) has appointed HSBC as an adviser on its much-awaited IPO. JPMorgan (JPM) and Morgan Stanley (MS) will also act as consultants. As such, HSBC is the only non-US bank that will have a crucial role in Aramco’s IPO.

Anecdotal evidence suggests that while many US and UK investors are skeptical on Saudi Aramco’s IPO, as state-owned oil companies have been underperforming their private peers for quite a while now, Chinese investors would be interested in Aramco’s shares. Hong Kong Exchanges and Clearing (OTCPK:HKXCF) (OTCPK:HKXCY) plans to introduce the so-called Primary Connect program, which would allow mainland Chinese investors to participate in initial public offerings on the HKEX.

We believe Aramco’s IPO would strengthen HSBC’s position in the region. In our view, it would also underpin the fact that HSBC is a global banking group with unique access to Chinese investors.

Buybacks and dividends

HSBC pays a $0.51 dividend per ordinary share or $2.55 per ADR. That corresponds to a 5.4% dividend yield, based on the current ADR price. We believe that a 5.4% dividend from a global blue-chip bank with a strong presence on Asian markets looks very attractive.

Additionally, it is also worth noting that the bank has temporarily suspended its buyback program due to technical reasons related to the issuance of additional Tier 1 capital. We expect HSBC to announce a new buyback in the second half of 2018.

Final thoughts

The shares have fallen by almost 15% since January, and we believe this sell-off represents a great opportunity to buy a global bank with an attractive dividend yield. HSBC has excess capital, thanks to its US unit, and, as a result, we expect the bank to announce a new buyback program in the second half of the year.

If you would like to receive our articles as soon as they are published, consider following us by clicking the “Follow” button beside our name at the top of the page. Thank you for reading.

Disclosure: I am/we are long HSBC, JPM.

I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.

Facebook says data leak hits 87 million users, widening privacy scandal

SAN FRANCISCO (Reuters) – Facebook Inc (FB.O) said on Wednesday that the personal information of up to 87 million users, mostly in the United States, may have been improperly shared with political consultancy Cambridge Analytica, up from a previous news media estimate of more than 50 million.

Chief Executive Mark Zuckerberg said in a conference call with reporters that Facebook had not seen “any meaningful impact” on usage or ad sales since the scandal, although he added, “it’s not good” if people are unhappy with the company.

Shares rose more than 3 percent after the bell.

Zuckerberg told reporters that he accepted blame for the data leak, which has angered users, advertisers and lawmakers, while also saying he was still the right person to head the company he founded.

“When you’re building something like Facebook that is unprecedented in the world, there are going to be things that you mess up,” Zuckerberg said, adding that the important thing was to learn from mistakes.

He said he was not aware of any discussions on the Facebook board about him stepping down, although directors would face a challenge if they wanted to oust him because Zuckerberg is the controlling shareholder.

He said he had not fired anyone over the scandal and did not plan to. “I’m not looking to throw anyone else under the bus for mistakes that we made here,” he said.

Facebook first acknowledged last month that personal information about millions of users wrongly ended up in the hands of Cambridge Analytica.

Zuckerberg will testify about the matter next week before the U.S. House Energy and Commerce Committee.

London-based Cambridge Analytica, which has counted U.S. President Donald Trump’s 2016 campaign among its clients, disputed Facebook’s estimate of affected users. It said in a tweet on Wednesday that it received no more than 30 million records from a researcher it hired to collect data about people on Facebook.

Zuckerberg, on the call with reporters, said Facebook should have done more to audit and oversee third-party app developers like the one that Cambridge Analytica hired in 2014.

FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/File photo

“Knowing what I know today, clearly we should have done more,” he said.

Going forward, he said, Facebook was taking steps to restrict which personal data is available to third-party app developers, and he said it might take two more years to fix Facebook’s problems. (bit.ly/2Ejpktb)

“We’re broadening our view of our responsibility,” Zuckerberg said.

Most of the up to 87 million people whose data was shared with Cambridge Analytica were in the United States, Facebook Chief Technology Officer Mike Schroepfer wrote in a blog post. (Graphic: bit.ly/2q5r5pl)

Shares in Facebook closed down 0.6 percent on Wednesday to $155.10. They have tumbled more than 16 percent since the Cambridge Analytica scandal broke.

The previous estimate of more than 50 million Facebook users affected by the data leak came from two newspapers, the New York Times and London’s Observer, based on their investigations of Cambridge Analytica.

Zuckerberg said Facebook came to the higher estimate by looking at the number of people who had downloaded a personality quiz app created by Cambridge University academic Aleksandr Kogan, or about 270,000 people, and then adding in the number of friends they had.

Cambridge Analytica has said that it engaged Kogan “in good faith” to collect Facebook data in a manner similar to how other third-party app developers have harvested personal information.

The scandal has kicked off investigations by Britain’s Information Commissioner’s Office, the U.S. Federal Trade Commission and by some 37 U.S. state attorneys general.

Nigeria’s government will investigate allegations of improper involvement by Cambridge Analytica in that country’s 2007 and 2015 elections, a presidency spokesman said on Monday.

Reporting by David Ingram in San Francisco; Additional reporting by Arjun Panchadar in Bengaluru and Eric Auchard in London; Editing by Lisa Shumaker

Spotify shares attract all ages, not just Millennials

NEW YORK (Reuters) – The buzzy debut of Spotify Technology SA (SPOT.N) on the New York Stock Exchange on Tuesday drew retail investors across generations, not just the Millennials who make up the largest proportion of the music streaming service’s customer base, retail brokerages said on Wednesday.

FILE PHOTO: The Spotify logo is displayed after the stock began selling as a direct listing on the floor of the New York Stock Exchange in New York, U.S., April 3, 2018. REUTERS/Lucas Jackson

Spotify’s listing was hotly followed, as it went public via the unusual method of a direct listing, without selling new shares. There was demand for the stock, and shares ended up 12.9 percent on their first day of trade on the New York Stock Exchange. On Wednesday, the shares ended the day’s session at $145.87, down 2.1 percent from Tuesday’s close.

Social media platform Snap Inc’s (SNAP.N) high-profile IPO last year had been notable for being popular with Millennials, the primary user base for the company’s mobile app Snapchat. But though Millennials are also a key demographic for Spotify, the Swedish company’s listing did not draw disproportionate interest from that generation.

Demand was seen across age groups, according to brokerages Fidelity and TD Ameritrade.

“There’s good interest in it,” said J.J. Kinahan, TD Ameritrade’s chief market strategist, who is based in Chicago. “It’s pretty well split across age groups.”

Fidelity said among its customers, baby boomers were slightly more active in trading Spotify shares than Millennials or members of Generation X. Baby boomers made nearly one-third more trades than Millennials and 20 percent more trades than members of Generation X. A similar pattern holds for other tech IPOs, a Fidelity spokesman said.

Retail investor behavior indicated some caution about jumping in.

On StockTwits, a social media platform whose users are mostly retail investors, only 40 percent of members were bullish on Spotify ahead of the debut. Negative sentiment toward the IPO rose as the date approached and the expected trading price climbed, said Pierce Crosby, StockTwits director of business development, based in New York.

“Our community is as bearish as they’ve ever been (about Spotify),” Crosby said.

On the site, users posted messages expressing concerns about Spotify’s lack of profits and competition from companies such as Apple Inc (AAPL.O).

High-profile IPOs of companies associated with the tech sector have had a mixed track record in the past year. Shares of MuleSoft Inc (MULE.N) and Roku Inc (ROKU.O), which went public in March 2017 and September 2017, respectively, have climbed more than 100 percent since those companies’ IPOs. On the other hand, shares of Snap and Blue Apron Holdings Inc (APRN.N) have fallen below their IPO prices.

Individual investors who spoke with Reuters similarly expressed reservations about buying Spotify shares.

“I think a lot of similarly situated retail investors still view many of the VC-backed, marketplace tech companies as destined IPO flops,” said Layla Tabatabaie, an entrepreneur and advisor to tech startups who lives in New York.

Others said they would only consider buying the stock at a lower price.

“It’s certainly a strong company in regards to the service it offers,” said Jonathan Johnson, a relationship banker in Portland, Oregon. “I’d consider buying it but not at these (price) levels.”

Reporting by April Joyner; additional reporting by Sinéad Carew in New York; Editing by David Gregorio

Exclusive: Facebook CEO says no plans to extend all of European privacy law globally

SAN FRANCISCO (Reuters) – Facebook Inc (FB.O) Chief Executive Mark Zuckerberg said on Tuesday the social network had no immediate plans to apply a strict new European Union law on data privacy in its entirety to the rest of the world, as the company reels from a scandal over its handling of personal information of millions of its users.

FILE PHOTO: Facebook Founder and CEO Mark Zuckerberg speaks on stage during the annual Facebook F8 developers conference in San Jose, California, U.S., April 18, 2017. REUTERS/Stephen Lam/File Photo

Zuckerberg told Reuters in a phone interview that Facebook already complies with many parts of the law ahead of its implementation in May. He said the company wanted to extend privacy guarantees worldwide in spirit, but would make exceptions, which he declined to describe.

“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” said Zuckerberg. He did not elaborate.

His comments signal that U.S. Facebook users, many of them still angry over the company’s admission that political consultancy Cambridge Analytica got hold of Facebook data on 50 million members, may soon find themselves in a worse position than Europeans.

The European law, called the General Data Protection Regulation (GDPR), is the biggest overhaul of online privacy since the birth of the internet, giving Europeans the right to know what data is stored on them and the right to have it deleted.

Apple Inc (AAPL.O) and some other tech firms have said they do plan to give people in the United States and elsewhere the same protections and rights that Europeans will gain.

Shares of Facebook closed up 0.5 percent on Tuesday at $156.11. They are down more than 15 percent since March 16, when the scandal broke over Cambridge Analytica.

PUSH FOR DATA PRIVACY

Privacy advocacy groups have been urging Facebook and its Silicon Valley competitors such as Alphabet Inc’s (GOOGL.O) Google to apply EU data laws worldwide, largely without success.

“We want Facebook and Google and all the other companies to immediately adopt in the United States and worldwide any new protections that they implement in Europe,” said Jeff Chester, executive director of the Center for Digital Democracy, an advocacy group in Washington.

Google and Facebook are the global leaders in internet ad revenue. Both based in California, they possess enormous amounts of data on billions of people.

Google has declined to comment on its plans.

Zuckerberg said many of the tools that are part of the law, such as the ability of users to delete all their data, are already available for people on Facebook.

“We think that this is a good opportunity to take that moment across the rest of the world,” he said. “The vast majority of what is required here are things that we’ve already had for years across the world for everyone.”

When GDPR takes effect on May 25, people in EU countries will gain the right to transfer their data to other social networks, for example. Facebook and its competitors will also need to be much more specific about how they plan to use people’s data, and they will need to get explicit consent.

GDPR is likely to hurt profit at Facebook because it could reduce the value of ads if the company cannot use personal information as freely and the added expense of hiring lawyers to ensure compliance with the new law.

Failure to comply with the law carries a maximum penalty of up to 4 percent of annual revenue.

It should not be difficult for companies to extend EU practices and policies elsewhere because they already have systems in place, said Nicole Ozer, director of technology and civil liberties at the American Civil Liberties Union of California.

Companies’ promises are less reassuring than laws, she said: “If user privacy is going to be properly protected, the law has to require it.”

Reporting by David Ingram and Joseph Menn in San Francisco; Additional reporting by Salvador Rodriguez; Editing by Peter Henderson and Bill Rigby

Asia's cryptocurrency arbitrage boom fizzles, but profits persist

SHANGHAI/SINGAPORE (Reuters) – When China closed its local cryptocurrency exchanges late last year, an underground ecosystem of bitcoin “mules” and peer-to-peer platforms sprung up to allow bitcoin trading to thrive, away from regulators’ watchful eyes.

FILE PHOTO: A token of the virtual currency Bitcoin is seen placed on a monitor that displays binary digits in this illustration picture, December 8, 2017. REUTERS/Dado Ruvic/Illustration/File Photo

Li, a Canada-based Chinese banker in his 20s, is one of these underground traders. He buys cryptocurrencies in other markets and sells them at a premium to investors in China, who cannot otherwise get them.

At the height of the frenzied demand for bitcoins in January, when prices of the digital currency were hovering close to $20,000 after a 20-fold jump during 2017, Li and other traders were able to sell bitcoins in China for 30 to 40 percent more than they cost elsewhere.

But in a matter of months, the premium for bitcoins in China has fallen to around 7 percent or less as a flood of bitcoin mules, who physically carry cash across borders for the trades, has swamped the arbitrage business. Cryptocurrency funds and individual computer-assisted traders have also piled into the market.

The boom has eaten away the spreads and shown how fast the galloping cryptocurrency markets can change course.

“The market’s kind of taken a downturn; there is less general appetite in this space,” said John DeCleene, an assistant fund manager running the fintech and cryptocurrency investments at Overseas Chinese Investment Management.

“It is too many players entering this market, but also less of the hype we saw in December-January, when people were paying a 30 percent premium because they expected 10 times gains overnight.”

DeCleene launched a $5 million Singapore-based global fund in November to invest in cryptocurrencies, blockchain-related equities and some exploratory arbitrage trading. He said it has generated a 58 percent return so far.

BITCOIN MULES

Bitcoin arbitrage thrived last year as the cryptocurrency grew more volatile and some governments stepped in with rules to curtail trading.

The simplest geographical arbitrage involved buying bitcoin in unregulated markets such as Thailand, or ones that have legalised bitcoin trading such as Japan, and selling them in banned markets such as South Korea, China or India.

A second form occurred between exchanges, when nimble-footed traders bought cryptocurrencies cheaply on lesser-known exchanges and sold them for a profit on more liquid and widely used platforms.

There were huge price differences to exploit.

In early January, when the price of bitcoin was $17,600 on Bitstamp, the Luxembourg-based digital currency exchange, it was being quoted at 25 million won ($23,630) in South Korea, implying a 34 percent “kimchi premium”.

As China’s ban expanded from an initial prohibition on issuing new cryptocurrency to a shutdown of exchanges, premiums rose and traders quickly found new ways of doing business.

At first, it was limited to closed groups on the popular messaging platform WeChat and meetings at bars, where potential bitcoin buyers could meet sellers.

Then peer-to-peer platforms such as CoinCola, websites belonging to former Chinese exchanges Huobi and OKCoin, and even the retail platform Taobao became hubs for “over-the-counter” (OTC) cryptocurrency trading, conducted outside of formal exchanges and far more difficult for regulators to police.

“The big Chinese traders are all using CoinCola or going direct to each other through other OTC platforms,” like WeChat or AliPay, said Christian Grewell, a professor of business and interactive media arts at NYU in Shanghai who has lectured extensively on cryptocurrencies and blockchain technology.

AliPay is China’s leading online payment platform.

Another option, bank transfers between buyers and sellers, is “almost untraceable”, Grewell added, as it is difficult to prove that a transfer is related to a cryptocurrency transaction.

A trader in her 20s in Shanghai said she buys bitcoins in the United States to sell over the counter in China. On each trip to the U.S., she illegally carries $30,000 to $40,000 in cash, she added.

“Selling and buying bitcoins on those OTC websites is the same as shopping on Taobao,” said the trader.

BIG COMPETITION

Hedge funds that can execute arbitrage trades quickly and at a fraction of the cost are squeezing individual traders, said Ramani Ramachandran, the chief executive of digital exchange Zenprivex.

Peter Kim of KIT Trading, part of Vulpes Investment Management, manages a $10 million cryptocurrency arbitrage operation.

“In the beginning, when there is 30 percent arbitrage, obviously you can travel to Thailand, buy bitcoins, send them to China, Japan, Korea and sell them. That’s easy,” said Kim, who was formerly an options arbitrage trader.

“But that opportunity is not going to last very long. And even though it is not as blatantly there, there are still many ways to profit from it, especially for someone like me who is used to making 3 basis points on a trade,” he added.

The arbitrage funds operate much like retail traders, buying and selling cryptocurrencies simultaneously on two different platforms, but on a much larger scale. That allows them to profit from smaller spreads.

Some retail traders, including Li, have turned to lesser-known cryptocurrencies such as Tether, which bills itself as being pegged to the U.S. dollar.

Tether is popular with Chinese seeking to move their cash discreetly overseas, as it is not volatile. That demand means it trades at a 2.5 percent to 3.5 percent premium in China, although the number was as high as 10 percent in January.

Li said his arbitrage activity nets him about $18,000 a month on a trading volume of about half a million dollars.

Although that is a tidy sum, it is far less than what frantic traders made late last year.

“The easy arbitrage is going to be much less prevalent now than it used to be,” Kim said.

Reporting and writing by Vidya Ranganathan; Additional reporting by Cynthia Kim in SEOUL; Editing by Gerry Doyle

Saks, Lord & Taylor hit by payment card data breach

NEW YORK (Reuters) – Hudson’s Bay Co said on Sunday that data from card payments in some of its Saks and Lord & Taylor stores in North America had been compromised.

The Lord & Taylor flagship store building is seen along Fifth Avenue in the Manhattan borough of New York City, U.S., October 24, 2017. REUTERS/Shannon Stapleton

The Canadian retail company said it had identified the issue and taken steps to contain it, adding that “there is no indication” so far that the issue had affected the company’s e-commerce or other digital platforms.

Customers will not be liable for fraudulent charges that may result from the issue, the company said.

The stores involved include Saks Fifth Avenue, Saks OFF 5TH and Lord & Taylor, the company said.

Reporting by David Henry in New York; Editing by Bill Rigby

MuslimCrypt Steganography App Helps Jihadists Send Secret Messages

ISIS has long taken full advantage of secure communication tools, and utilized mainstream communication platforms in unexpected ways. Extremist groups even develop their own software at times to tailor things like encrypted messaging to their specific needs. One such project is the clandestine, unfortunately named communication tool MuslimCrypt, which uses an encryption technique called steganography to spread secret messages. And while many of these homegrown tools don’t live up to their promised protections, a new evaluation of MusilmCrypt by the Middle East Media Research Institute reaches a basic, but crucial conclusion: MuslimCrypt’s steganography works.

MuslimCrypt was first released by unknown actors on January 20 in a private, pro-ISIS Telegram channel, and like other steganographic tools, it hides information in plain site. Think of writing in invisible ink, except instead it’s encoding a digital message in an otherwise unremarkable piece of software. And while steganography has of late been linked to malicious hacks, MuslimCrypt brings the technique back to its clandestine communication roots. (In fact, Osama bin Laden was apparently a regular practitioner.)

Specifically, MuslimCrypt hides information in images that can be shared or posted freely because only the recipient will know to check it for the secret message. MuslimCrypt doesn’t come with a manual or provenance, so MEMRI researcher Marwan Khayat worked to trace the tool’s history on Telegram, look into the users who talked about and posted it, vetted the tool in an attempt to confirm that downloading it wouldn’t be dangerous, and then examined it in a software sandbox to determine how to use the tool. He then focused on testing its ability to actually encode information in image files—JPEGs and TIFs—and then facilitate extraction of that data on the receiver’s end. Given that ISIS and its sympathizers use active multimedia propaganda campaigns, there are a lot of places for messages to hid.

“It’s really fascinating actually that they’re using steganography,” Khayat says. “I found random pictures online, checked that you can embed a message and checked that you can extract it, and compared the two images visually. Someone online who sees the resulting image, there’s no way to tell. So to me it is working.”

Though the algorithms driving MuslimCrypt remain mysterious, the fact that the tool works in any capacity is a significant first step. But Khayat notes that just because the tool is functional doesn’t necessarily mean that its users have actually leaned on it for clandestine communication yet. “Think about it as a jihadi,” Khayat says. “I hid a message inside and then I have it on my computer then what? Where do I send it?”

Steganography’s value as a secret communication tool makes it unsurprising that jihadis would eventually adopt the technique, says Simon Wiseman, chief technology officer at the British network security firm Deep Secure, which works on malicious steganography defense. “Trying to communicate covertly is the traditional view of steganography, and MuslimCrypt is a standard application intended to do the encoding and decoding,” Wiseman notes. Meanwhile, “detection through analysis is very difficult to do accurately so [investigators] may try to spot the distribution of the tool. I guess the next phase of the operation for MuslimCrypt would be to disguise that and create covert distribution.”

Analysts point out that once a group discovers steganography’s benefits, they’ll naturally evolve and refine their techniques. But MuslimCrypt’s murky origins pose the biggest barrier to understanding more about its intended uses and the real goals behind the project. “Part of the issue is we don’t know who released it,” Khayat says. He tried to trace the digital personas who talked about and posted MuslimCrypt in the Telegram group “MuslimTec DE/EN 2,” including admin Mahed Razzul/@DrAlman and user Bayyi Almani/@BayyiAlmani. The names all indicate a German-speaking origin or affiliation, and the users sometimes write in German, but Khayat emphasizes that all of this could easily be a false flag. And when he tried to trace the personas, he instantly hit a dead trail.

“They know they’re being monitored on Telegram, they know people are watching them,” Khayat says. “They could be actual jihadis or the whole thing could be some intelligence agency or anything else, I have no clue.”

Fear of spy-agency influence could also itself be the motivation for the creation of MuslimCrypt, though. Diwakar Dinkar, a research scientist at the security firm McAfee who monitors steganographic advances, points out that countless steganography tools are available online precisely because it’s difficult to know which ones have been cracked by security agencies. “Just as a safeguard people build their own,” Dinkar says. “In fact, designing your own steganography algorithm isn’t difficult. Anyone who has sound knowledge of coding and a bit of mathematics can do it.” Dinkar analyzed the MuslimCrypt binary himself and saw some potentially suspicious attributes, like a possible key logger. But there was nothing that made Dinkar definitively conclude that the tool is malware. “It seems to be just a legitimate software tool which is used for secure or hidden communication,” he says.

MEMRI’s Khayat plans to investigate MuslimCrypt further, but the findings so far reinforce to him that the tool represents an important step in jihadist communication technology. “Steganography is not really just a science, it’s like art and science together. And it seems like it’s working.” After all, as Khayat puts it, “You can’t examine every image everywhere all the time.”