Why an eye scan could soon unlock Samsung and Apple phones

Leaked images and rumors surrounding the Galaxy Note 7 and 2018 iPhone suggest that users can unlock phones and potentially make purchases with an iris scanning camera. Here's how it would work.

Iris scanning may be coming to a smartphone near you as early as next month. Samsung's Galaxy Note 7 phone—to be released August 2—will very likely include iris recognition technology to unlock your phone. Apple may also roll out new iPhones with iris sensors in 2018, according to DigiTimes—delivering on user demand for biometric security checks over numeric passwords, but raising new practical and privacy concerns.

Iris scanning works by recognizing the flat, colored, ring-shaped membrane of the user's eye. Like a fingerprint, each person's iris is unique. While a retinal scan requires close proximity to an eyepiece, iris capture is more like taking a photograph.

"Smartphones have been improving camera quality, so it's natural and easy to add the iris scan," said Avivah Litan, an analyst at Gartner Research. "There is a lot of interest in iris scans and other biometrics among both consumers and employers, because the other security methods are being circumvented."

While Samsung and Apple would certainly be large deployments, they would not be the first to venture into eye-scanning security. Fujitsu launched the Arrows NX F-04G smartphone in Japan in 2015, and Microsoft's Lumia 950 XL followed later that year. Both phones feature built-in iris scanning user authentication.

Other companies offer similar security for mobile devices via an iris recognition software and camera hardware. And Windows 10's Hello feature lets you log into the OS using your face, iris or fingerprint.

Following the trail to iris scanning

Neither Samsung nor Apple has confirmed the rumors about their own iris tech, but it seems highly likely that the speculation is true. Samsung applied to trademark the "Galaxy Iris" and "Galaxy Eyeprint" monikers in the US, Europe, and South Korea in May.

Apple sources reported that the company was investigating iris scanning as early as 2014, and KGI security analyst Ming-Chi Kuo predicted in March that Apple's 2017 iPhone model might incorporate facial recognition technology (though the DigiTimes story released this week said it would be the 2018 model). The company owns a number of patents that include such technology, including a facial recognition system that relies on 3D rendering for increased accuracy.

Apple also acquired facial recognition specialist Emotient and real-time, 3D-rendering firm Faceshift. In January 2015, it was granted a patent for advanced eye-tracking technology that follows a user's gaze and relays the information to an on-screen graphical user interface.

Most smartphones will not require additional hardware to add this feature; rather, they can likely use existing front-facing cameras and build in an algorithm for the iris scan, said Alan McCabe, biometrics researcher and CEO of the startup My Software Prototype. "It's a bit surprising that Apple couldn't bring it out as an update to their standard OS," McCabe said. "Perhaps they're waiting for that next generation camera to come out."

According to the Samsung Galaxy Note 7 patent, the iris recognition system uses three lenses to capture the image signal, and then checks the iris of the user based on the image generated.

Rising popularity of biometric security practices

Apple brought biometric identification to the mass market with the iPhone's home button fingerprint sensor in 2013, a feature called Touch ID. This high-profile rollout helped drive wider adoption, according to a report from Juniper Research. More than 770 million biometric authentication applications will be downloaded each year by 2019, up from just six million in 2015, the report states—which will dramatically reduce dependence on alphanumeric passwords for smartphones.

By 2019, biometrics are expected to be a $25 billion industry, with more than 500 million biometric scanners in use around the world, according to Marc Goodman, an advisor to Interpol and the FBI. Eighty percent of consumers who expressed a preference said they think biometric authentication is more secure than traditional passwords, a OnePoll/Gigya survey found.

"Biometrics are growing in popularity because we cannot trust people based on their credentials, namely their ID cards and passwords," said Anil K. Jain, a Michigan State University professor who researchers biometrics. "Because of the lack of solid proof of identity, there is a growing need and requirement for using biometrics for homeland security, international travel, and financial transactions."

Millions of customers at Bank of America, JPMorgan Chase, and Wells Fargo banks now use fingerprints to log into their accounts via their phone. Wells Fargo also lets some customers scan their eyes with their phone camera to log into corporate accounts.

Iris recognition in particular is gaining popularity, as it is more accurate than fingerprinting, Jain said. However, existing tech that uses iris scans for authentication typically encounters problems with people wearing contacts or glasses, with changing lighting conditions, and with positioning the camera correctly. But these issues would likely be worked out over time, Litan says.

Avoiding system breaches

Biometric systems are not foolproof: Hackers can create a biometric spoof, or an artificial object (like a fingerprint mold made of silicon) that can fool a system into granting access. Vendors can use different techniques to check for liveness, such as asking a person to blink, measuring blood flow in the eye, or using voice authentication to read the date and time. Still, it will be difficult to prove how accurate these measures are until the tech rolls out on a mass scale, Litan said.

And while these systems make it more difficult to impersonate someone, they need to have strong enrollment processes, lest a criminal register their own iris or fingerprint under someone else's name. This was a major problem with Apple Pay—while the security systems were strong, criminals could enroll as another person.

Litan predicts a rocky rollout of iris scanning smartphones, but said she believes the technology will improve greatly in the next few years. It could have implications in the future once we see more rollouts of the Internet of Things, she added—for example, you might soon be able to open doors by looking at a camera that scans your iris.

"Iris scans are coming, and you can start relying on them for authentication," Litan says. "Tech leaders should start evaluating what it could do for your organization—keep an eye on it, so to speak."

Democrats Ignored Cybersecurity Warnings Before Theft (BW)

• ‘Breach assessment’ might have exposed hackers on network
• WikiLeaks release of 20,000 e-mails disrupts party convention

The Democratic National Committee was warned last fall that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year. 

Instead, officials didn’t discover the breach until April. The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention.

The e-mails have devastated party leaders. Representative Debbie Wasserman Schultz, the DNC chairwoman, has agreed to resign at the end of this week’s convention. She was booed off the stage on opening day after the leaked e-mails showed that party officials tried to undermine the presidential campaign of Senator Bernie Sanders in favor of Hillary Clinton, who was formally nominated on Tuesday evening. Party officials are supposed to remain neutral on presidential nominations.

Russia Suspected

The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government. President Barack Obama suggested on Tuesday that Russia might be trying to interfere with the presidential race. Russian officials deny any involvement in the hacking and say they’re not trying to influence the election.

Donald Trump, the Republican presidential nominee, said Wednesday that he didn’t think Russia was behind the attack. But he also said he hoped the Russians would get their hands on e-mails that Clinton exchanged using a private server while she was secretary of state, to expose any e-mails she might have deleted.

The consultants briefed senior DNC leaders on the security problems they found, the people familiar with the matter said. It’s unclear whether Wasserman Schultz was present. Now, she is likely to face criticism over not only the content of the e-mails -- including one in which a party official proposes pushing stories in the news media questioning Sanders’s Jewish faith -- but also the failure to take steps to stop the theft in the first place.

“Shame on them. It looks like they just did the review to check a box but didn’t do anything with it,” said Ann Barron-DiCamillo, who was director of US-Cert, the primary agency protecting U.S. government networks, until last February. “If they had acted last fall, instead of those thousands of e-mails exposed it might have been much less.”

The assessment by Good Harbor Security Risk Management, headed by the former Clinton and Bush administration official Richard Clarke, occurred over two months beginning in September 2015, the people said. It included interviews with key staff members and a detailed review of the security measures in place on the organization’s network, they said.

Security Flaws

The review found problems ranging from an out-of-date firewall to a lack of advanced malware detection technology on individual computers, according to two of the people familiar with the matter. The firm recommended taking special precautions to protect any financial information related to donors and internal communications including e-mails, these people said.

The DNC paid $60,000 for the assessment, according to federal filings.

Mark Paustenbach, a spokesman for the DNC, declined to comment on the Good Harbor report. Emilian Papadopoulos, president of Washington-based Good Harbor, said he couldn’t comment on work done for a specific client.

Missed Warnings

The security review commissioned by the DNC was perhaps the most detailed of a series of missed warnings. Officials at both the Republican National Committee and the DNC received government briefings on espionage and hacking threats beginning last year, and then received a more specific briefing this spring, according to another person familiar with the matter.

Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings.

Papadopoulos said a risk analysis by his firm is designed to “help an organization’s senior leadership answer the questions, ‘What are our unique and most significant cyber security risks, how are we doing managing them, and what should we improve?’ ”

The firm typically recommends that clients conduct a so-called breach assessment to determine whether hackers are already lurking in the network, Papadopoulos said. He wouldn’t confirm whether such a recommendation was among those delivered to the DNC.

“We give recommendations on governance, policies, technologies and crisis management,” he said. “For organizations that have not had a compromise assessment done, that is one of the things we often recommend.”

It isn’t certain a breach assessment would have spotted the hackers, according to Barron-DiCamillo, but it would have increased the chances. “Why spend the money to have Good Harbor come in and do the recommendations and then not act on them?,” she asked.

Sanity Check: Apple CarPlay / Android Auto ?

Apple CarPlay lets your car display a familiar, iOS-like interface. So too with Android Auto and its Google Now-ish display. But your new car has a built-in set of similar features that are ergonomically and technologically integrated. Should you plug your smartphone into the Apple CarPlay or Android Auto USB port and connect it to your car’s infotainment system, or just car-mount your smartphone, plug it into a charger and use it separately?

I recently picked up my new car, which features a very high-tech, dual-screen multimedia interface. I was forced to purchase the top-of-the-line “navigation system” in order to get the factory-installed sound system I wanted. (I’ll save my comments about that bitter pill for another column.) So, against my will, I am now the proud driver of a 2017 automobile with every bell and whistle the automaker sells.

Aside from some incredible semiautonomous driving features, the car has a natural language processing interface that lets you control a long list of features. It has a pretty impressive navigation system integrated with Google Earth that offers real-time traffic and weather and has full search, points of interest, a gas station finder, a national monument locater, and a way to store favorite destinations. It has a Bluetooth phone interface with visibility into your contacts, favorites, media, and more. It also has a multimedia entertainment/Internet package that includes Sirius XM, AM/FM radio, SD card readers, Bluetooth, Wi-Fi, aux inputs, an AT&T 6GB/month LTE data package, and two USB ports: one that just charges your device and one for Apple CarPlay. It also has a dedicated app (although it is not very good) that can unlock the car, find the car, geofence the car, alert you if the car goes over the speed limit, and enable you to send navigation information to the car.

Sounds Great, Right?

It sounds great because it is great. It’s the best and latest version of everything this particular automaker knows how to include in the vehicle. But …

My iPhone 6s has every entertainment and navigation feature mentioned above and much, much more. When combined with Apple CarPlay, which you get to by plugging your iPhone into the CarPlay-enabled USB port, it is more than competitive with the car’s built-in navigation and entertainment tools. And, most important, it will be continuously improved over the life of my car. The car’s internal system is what it is; it’s built-in and is unlikely to improve.

Apple CarPlay does not put your iPhone interface up on the car’s display screen. It puts familiar iOS icons on the display in a manner that gives you easy access to Apple maps, messages, music and your iPhone. The phone integration is exceptional. Your favorites, contacts, recent calls and voicemail are just a knob twist away. And while CarPlay integrates only a few entertainment apps – Spotify, iHeartRadio, NPR, At Bat, a podcast player and some others – its future is clear. You are only a software update (iOS 10) away from “a little piece of heaven.” CarPlay gives you access to Siri and has a very nice speech-to-text system for safe messaging while driving.

If I plugged my Samsung Galaxy s7 into an Android Auto–compatible car, I would have access to similar features, plus Google Now and Google Maps. If you’re an Android person, it’s as useful as CarPlay – actually more useful when you consider the quality of both Google Now and Google Maps. Wait until Google adds Waze to Android Auto – you will shop for a car based on its Googleyness.

Sanity Check

Which brings me to a harsh, cold, horrible, unfortunate, evil reality. Even with Apple CarPlay or Android Auto, I still need to car-mount my smartphone.

Back to Apple CarPlay: like many people who need to get from place to place, I am not fond of Apple Maps. I love Google Maps and I truly love Waze. I use Waze every time I get in any car (not just my own). If my iPhone is plugged into CarPlay, I can use Waze, but I can’t see it through the car’s infotainment display; I have to put my iPhone on a car-mount to see the map and visual reference cues, enter or confirm hazards and use other functions.

Did the car manufacturer give me a convenient place to mount my smartphone? Of course not. Do I want to stick my iPhone into the air vent and block the air conditioning, or do I want to stick it to my windshield and block my view? Neither option makes any sense.

Yep, I’m Still Insane

I need to car-mount my iPhone to use Waze and other non-CarPlay-compatible, non-built-in apps. So if I still need to car-mount my iPhone, do I really need to plug it into the CarPlay port? Why not just connect the phone via Bluetooth (to access the car’s built-in speaker phone, assuming that the iPhone’s speaker phone option isn’t loud enough) or Wi-Fi (for audio) and use my apps on the phone?

Perhaps, in the not-too-distant future, Google, Apple and the auto manufacturers will get this worked out. Until then, I’ll be driving around with an air vent iPhone mount and a cable running down the dashboard, tucked under the floor mat, up the center console and into one of the USB ports. Which one? I’ll keep plugging it into the one I always plug it into and hope for a different result – as you know, that’s the definition of insanity.

A Look at the Weird, Wild World of Death Fraud (BW)

Author Elizabeth Greenwood tells you everything you need to know about faking your own demise (don’t).

A few years ago, as she delicately puts it, Elizabeth Greenwood decided that she had “screwed herself financially.” Saddled with more than $100,000 in college debt, she joked to a friend over dinner that her plan was to become a “highly sought-after public intellectual” who would pay it off by giving TED Talks. If that failed, her friend said, Greenwood could always fake her own death and disappear to a tropical island. She was intrigued by the notion.

In her book, Playing Dead: A Journey Through the World of Death Fraud (Simon & Schuster; $26), Greenwood peels the lid off a cottage industry devoted to helping people vanish. She tracks down Frank Ahearn, a foulmouthed New Yorker who claims to have helped more than 50 people disappear, charging them about $30,000 apiece. She swills Coronas with Steve Rambam, a cynical investigator who chases death fakers in the Philippines, where you can rent a corpse and hire locals to stage a mock funeral as evidence of your untimely expiration. She travels to England to meet John Darwin, who faked a canoeing accident in 2002 and collected more than £280,000 (about $371,000 today) in insurance benefits; and to Los Angeles, where she visits a woman who goes by the name Pearl Jr. who’s convinced that Michael Jackson faked his death and is now living secretly among us, waiting for the right moment to reveal himself. Greenwood also introduces us to people—and there are many—who pretended to die at the World Trade Center on Sept. 11 to scam charitable organizations.

The writer is generous with her subjects, letting them tell their stories and reveal their inner selves, however odious they turn out to be. By her own admission, she has something in common with them: She’s running from her past, too. Greenwood grew up in Worcester, Mass., a working-class town she abandoned for California. “I knew I wanted to get as far away as possible from binge drinking, the cult of the Red Sox, and North Face fleeces,” she writes. After acquiring a Valley girl accent, bleaching her hair blond, and purchasing cocktail dresses at Forever 21, she admits that she blends in with the con artists, braggarts, and other sketchy souls she encounters in the world of death fraud. She even goes shopping with one of her subjects, a California woman who was devastated to read a 2007 interview with her father, a crony of Andy Warhol’s. As far as the woman had known, her dad had been dead since the early 1970s. He’d faked a heroin overdose, in part, to escape her.

The questions animating Playing Dead are ghoulishly existential. “How do you occupy your days in your second life?” Greenwood asks. “And can you even disappear in the twenty-first century, when every move is monitored, if not by the U.S. National Security Agency, then by closed-circuit TVs and drones, phones transmitting our coordinates, and obnoxious friends tagging us on Facebook?” This makes her wit that much more welcome. Toward the end of the book, however, she undergoes a tearful catharsis and decides that normal life isn’t so bad after all. It’s a bit maudlin and unconvincing for a writer who seems otherwise to take such pleasure in her quest. Maybe she’s just exhausted after all the flights taken, beers quaffed, and cigarettes puffed along the way.

Writing a book as good as Playing Dead isn’t easy, but perhaps it’s less difficult than committing pseudocide. Few people seem to get away with it. After what must have been their umpteenth Corona together, Rambam, the investigator, shares this insight with the author: “Everybody I’ve caught on life insurance fraud, I tell them, ‘If you put this type of effort, money, and dedication into your life as a law-abiding citizen, you would’ve made just as much money.’ ”

The Future of Big Oil?

 At Shell, It’s Not Oil...

At Australia’s Curtis Island, you can see Big Oil morphing into Big Gas. Just off the continent’s rugged northeastern coast lies a 667-acre liquefied natural gas (LNG) terminal owned by Royal Dutch Shell, an engineering feat of staggering complexity. Gas from more than 2,500 wells travels hundreds of miles by pipeline to the island, where it’s chilled and pumped into 10-story-high tanks before being loaded onto massive ships. “We’re more a gas company than an oil company,” says Ben van Beurden, Shell’s chief executive officer. “If you have to place bets, which we have to, I’d rather place them there.”

Van Beurden

Van Beurden is betting on gas projects such as Curtis Island to address the central challenge facing all oil giants: how to survive in a world moving ever faster toward new ways of producing and consuming energy. A crucial element of Shell’s pivot toward gas was its $54 billion takeover of BG Group. The deal, which closed in February, gave the company Curtis Island, other massive LNG plants, and gas fields from the U.S. to Kazakhstan. It now has a 20 percent share of the global LNG market, scores of giant gas tankers prowling the seas, and double the production capacity of its closest competitor, ExxonMobil.

For Shell, grappling with increasingly ambitious government commitments to slow climate change, gas has much to recommend it. It’s considered a crucial “bridge fuel” in the transition to a low-carbon future, because gas-fired power plants are far cleaner than those that burn coal. They’re also relatively cheap to build and easy to switch on and off, making them a natural complement to solar and wind generation. Shell is also working to create a market for gas-fueled vehicles, especially ships and heavy trucks that, unlike cars, won’t go electric soon. If Shell gets it right, gas is “not just going to be a bridge” but a lucrative part of the energy mix indefinitely, Van Beurden says.

He faces substantial obstacles in his quest, including the high cost of production and the continued abundance of cheap coal. Investors such as Jim Chanos, president of investment firm Kynikos Associates, argue there’s a global glut of LNG, and in June the International Energy Agency downgraded gas growth forecasts, saying “markets will struggle to absorb” new supplies. The price of LNG for delivery to Northeast Asia, home to the biggest importers, is down 30 percent in the past year.

The most important long-term challenge may be the rise of renewables. In Mexico and Morocco, producers of solar and wind power have promised to supply electricity at some of the lowest rates from any source, according to Bloomberg New Energy Finance. Global investment in renewables is outpacing that in fossil fuels 2 to 1, and batteries to store power when the sun doesn’t shine or the wind doesn’t blow are getting cheaper and improving in capacity—which also bolsters the case for electric cars. “The transformation to a world led by renewables is going to be faster” than oil executives think, says Mark Moody-Stuart, a former Shell chairman who now serves on the board of Saudi Aramco.

Shell prides itself on taking a longer and more clear-eyed view of the future than its rivals. In the 1970s it began drafting “Shell Scenarios,” detailed analyses of global politics and economics, and their implications for energy demand. It’s been less hesitant than competitors such as ExxonMobil—the only private oil company that’s larger—to acknowledge the need to cut carbon emissions and invest in greener energy as a hedge. This year it created a unit for renewables, and Van Beurden in June told investors that Shell “strongly supports” global agreements to limit climate change.

As Shell plots a course through the new business environment, Van Beurden is pushing to deliver on the promise of the BG deal. That means discovering ways to drive down the cost of LNG facilities, by, for example, accepting a little less reliability in exchange for simpler designs, says gas business head Maarten Wetselaar. It will also require finding new customers to make up for lower-than-expected gas demand in countries such as China. Shell last year became Jordan’s first LNG supplier, making deliveries to a brand-new import terminal on the Gulf of Aqaba. Yet the company is postponing some projects: On July 11 it delayed building an export terminal on Canada’s Pacific coast, citing “global industry challenges.”

Those worries haven’t slowed the pace at Curtis Island, where a supertanker loaded with fuel departs every three days. Next to its two production units, the mangroves have been cleared for a third that could increase capacity by 40 percent. For such a sprawling operation, the facility is relatively quiet, with only 300 employees. Most of the time, the only noise is a muffled, high-pitched whir—the sound of miles of metal turning gas into cash, at least for now.

The bottom line: Shell’s purchase of BG Group increased its lead in LNG production, but the rapid rise of renewables makes that a risky bet.

HSBC Bankers Are First Individuals Charged in U.S. Currency Case

• HSBC Official Said to Face Charges in FX Rigging Probe
• Mark Johnson arrested at Kennedy Airport Tuesday in New York
• Cairn Energy said to be the unidentified front-running victim

Federal agents surprised an HSBC Holdings Plc executive as he prepared to fly out of New York’s Kennedy airport around 7:30 p.m. Tuesday, arresting him for an alleged front-running scheme involving a $3.5 billion currency transaction in 2011.

Mark Johnson, HSBC’s global head of foreign exchange cash trading in London, was held in a Brooklyn jail overnight and will appear in court Wednesday, according to prosecutors. The U.S. unsealed a complaint against him and Stuart Scott, the bank’s former head of currency trading in Europe, making them the first individuals to be charged in the long-running probe.

The arrest and charges are a coup for the Justice Department, which has struggled to build cases against individuals in its investigation into foreign-exchange trading at global banks. U.S. prosecutors once had so much confidence in the quality of evidence they were gathering thanks to undercover cooperators that in September 2014, then-Attorney General Eric Holder said he expected charges against individuals within months. The U.K. Serious Fraud Office also found it difficult to make cases against currency traders and announced in March that it was dropping its efforts.

“This case demonstrates the criminal division’s commitment to hold corporate executives, including at the world’s largest and most sophisticated institutions, responsible for their crimes,” Assistant Attorney General Leslie Caldwell said in an e-mailed statement.

The two allegedly conspired to take advantage of inside information about an unidentified company’s plans to sell part of its stake in an Indian subsidiary, according to the complaint. The client was Cairn Energy Plc, which was selling the unit to Vedanta Resources Plc, according to people with knowledge of the transaction. HSBC was hired to trade about $3.5 billion in proceeds of the sale to pounds. Johnson and Scott began buying pounds in the days before the transaction, anticipating that they would cause the price of pounds to spike -- a practice known as “ramping” -- then execute the transaction, making the pounds they’d bought earlier more valuable, according to the complaint.

‘Element of Surprise’

Scott and Johnson -- his supervisor at the time -- told the client the deal should take place at 3 p.m. “so there’s an element of surprise” to get a better rate, according to the complaint, which quoted from recorded phone calls and messages between the two and their client. There was less liquidity at the 3 p.m. fix than the one at 4p.m., making it easier to manipulate, though they told their client they were about the same.

They and other traders they directed ramped the price, sending the pound to its highest in two days at 2:56 p.m. London time. When Scott told Johnson the client was still going ahead with the full transaction despite the spiking price, Johnson said “Ohhhh, f***ing Christmas,” according to the complaint. In the end, HSBC and the men’s internal accounts reaped about $8 million from the front-running, according to Brooklyn U.S. Attorney Robert Capers.

“The defendants allegedly betrayed their client’s confidence, and corruptly manipulated the foreign exchange market to benefit themselves and their bank,” Caldwell said. Johnson and Scott blamed the pound’s rise on an unidentified Russian bank in their conversations with the client afterwards, according to the complaint.

Rob Sherman, an HSBC spokesman, and Peter Carr, a Justice Department spokesman, declined to comment. Johnson and his lawyer, Frank Wohl, didn’t immediately respond to calls seeking comment. Contact information for Scott wasn’t immediately available in U.K. directories.

Extradition Concerns

Both men are British citizens. The U.S. complaint was kept under seal for fear Johnson, 50 and a resident of both the U.S. and U.K., would flee if he heard about it, according to the document. Agents moved quickly to arrest Johnson, who works in London and New York, to avoid difficulties that could arise in extraditing him, according to a person with knowledge of the matter. HSBC wasn’t made aware of the plans to arrest Johnson, another person said, asking not to be identified because the details aren’t public.

Scott left the bank in 2014 after it agreed to pay $618 million to settle currency-rigging investigations by the U.K. Financial Conduct Authority and the U.S. Commodity Futures Trading Commission. The 43-year-old remains in the U.K., and the U.S. is likely to seek extradition, according to one of the people.

Johnson’s arrest comes more than a year after five global banks pleaded guilty to charges related to the rigging of currency benchmarks. HSBC, though it settled regulatory cases, is still being investigated by the Justice Department. The bank has set aside $1.3 billion for possible settlements, according to an August filing.

Antitrust, Fraud

The Justice Department’s investigation into the manipulation of currency markets by the world’s biggest banks has looked at two issues: whether bankers from competing institutions colluded to sway benchmarks in their favor in violation of antitrust laws and whether bankers were committing fraud with client orders. The charges against Johnson and Scott were brought by federal prosecutors in Brooklyn working with the Justice Department’s fraud section in Washington.

Separately on Tuesday, the U.S. Federal Reserve banned former UBS Group AG trader Matthew Gardiner from the banking industry for life for his role rigging currency benchmarks. Gardiner used electronic chat rooms, with names including The Cartel and The Mafia, to facilitate the rigging of foreign-exchange benchmarks and to disclose confidential customer information to traders at other banks, the Fed said in a statement Tuesday. That matter is separate from the one involving Johnson, the people said.

Gardiner has been helping U.S. prosecutors who are trying to build currency-rigging cases against individuals for violation of antitrust laws, two people familiar with the matter told Bloomberg News in April. He hasn’t been publicly charged and it isn’t clear if he has been granted immunity for cooperation. A lawyer for Gardiner didn’t respond to an e-mail seeking comment.

It’s Not a Housing Bubble, It’s Just Expensive...(BW)

Despite record home prices in some big cities, the U.S. market is nowhere near as bad as it was a decade ago.

Home prices have hit record highs in some major U.S. metropolitan areas, and house-flippers are behaving like it’s 2005: It’s no wonder people are chattering about another housing bubble.

But residential real estate isn’t in a speculative bubble, industry observers contend. Instead, a low inventory of available homes is driving prices higher—prices, however, will eventually recede as buyers throw up their hands, or as more new homes come on line. The structural issues that led to the housing collapse last decade aren't present.

“The havoc during the last cycle was the result of building too many homes and of speculation fueled by loose credit,” said Jonathan Smoke, chief economist at Realtor.com. “That’s the exact opposite of what we have today.”    

To illustrate his point, Smoke compiled an index based on six factors he deemed crucial to the housing boom and bust of the mid-2000s, including price appreciation, the prevalence of house-flipping, and share of buyers who used mortgage financing. (The other factors are price-to-income, price-to-rent, and housing starts-to-household formation.) Then he benchmarked the index to 2001, a year when the housing market was fairly valued.

Last year, only six metro areas exceeded the benchmark by 10 percent, with San Jose coming in highest, at 19 percent above 2001 levels. In 2005, there were 29 cities that were at least that bubbly, as the chart below shows:

The local markets that look the most like a bubble are, unsurprisingly, places where population is growing faster than housing supply. That includes California cities where zoning regulations have slowed or prevented new construction, as well as Texas markets in which rising land and labor costs, and some lingering aftershocks from the bust, have held back housing starts. Meanwhile, the share of U.S. households that rent is near 50-year highs, helping to drive up rental prices and giving investors across the country incentive to snatch up for-sale homes.  

Prices in Austin and the San Francisco Bay Area, among other places, are probably unsustainable, Smoke said. That could be bad for buyers who get in at the top of the market and bad for the local economy if high housing costs spur talented workers to move away. “We could have a housing cost-induced economic slowdown because people can’t make the housing market work,” Smoke said.

Figuring out how to create enough new housing to meet demand is a tricky question. In one scenario sketched out by Smoke, faster economic growth would lead to higher interest rates, leading banks to lend more easily to homebuyers. In another, a bad economy could slow household growth, dampening demand. Right now, builders are starting new homes at a modest clip despite significant demand, probably because the cost of building them outweigh the prices homes are fetching. “If you were a builder and you could do it, wouldn’t you?” Smoke asked.

The current housing market isn’t without some pockets of speculation, said Daren Blomquist, senior vice president at RealtyTrac. A rule of thumb for investors who flip homes is to buy at a 30 percent discount to the local market, he said. That leaves room to fix up the house and sell at a profit. In the first quarter of 2016, flippers in Denver were buying at a 14 percent discount to market prices, and flippers in Orange County, Calif., were buying at an 11 percent discount.

“They’re riding the wave of rising home prices,” Blomquist said. “They’re not buying low—they’re hoping that they can sell high.”

How Social Media Helped Defeat the Turkish Coup (BW)

The attempted coup d'etat by a faction of Turkey's armed forces on Friday failed for many reasons, including divisions among the military and repeated missteps by the plotters.

Social media and mobile communications also played an important role. And it wasn't the first time this combination has enabled citizens to express their will and have a say in deciding who governs them and why.

Judging from available information, the rebellious faction of mid-level army officers sought to implement the classic playbook for military takeovers -- what in the old days would have been labeled a "colonels' coup," as opposed to one led by generals. They closed key transportation routes, tried to secure both parliament and the presidential offices, and attempted to capture high-ranking officials, including President Recep Tayyip Erdogan and top military brass. They also took over state media outlets, and used state television to broadcast their message and prematurely declare victory.

The instigators soon realized that this classic approach was not sufficient, and moved to take control of private television channels, even shutting down the Turkish affiliate of CNN, an event that was broadcast live around the world.

The objective was conventional: By denying citizens access to alternative sources of news, the rebels would be able to control the narrative, dictating the information that was going out and its interpretation. They would also use this control to energize their small group of collaborators and attempt to persuade others to join them, particularly other factions of the military.

But the putschists failed to sufficiently update the standard coup playbook to take into account the realities of social media and mobile technology. As a result, their attempt to control the information available to ordinary citizens was only partial and the military's message was soon drowned out by domestic and international news outlets with much greater powers of amplification. Then, the advantage the military had initially gained through the element of surprise quickly eroded.

Within hours of the beginning of the coup, Erdogan used the video capability on his mobile phone to communicate with the nation, urging Turks to take to the streets and stand up to the rebels. His message was amplified on social media channels, such as Facebook and Twitter, and supplemented by images of people standing in front of tanks and on top of them. 

Social media also played a critical role in relaying -- in real time -- domestic and international support for the president and for Turkey's democratically and legitimately elected government. These messages came from some of Erdogan's internal political critics, too, who used Twitter to condemn the attempted coup, which they said wouldn't bring the right kind of change. 

Foreign leaders, including President Barack Obama, echoed the support for Turkish democracy and for Erdogan. 

The international and domestic engagement did more than simply feed the curiosity of ordinary Turkish citizens. It countered the certainty about the outcome that the small group of officers in control of state media and some key installations had tried to convey. It also undermined the coup plotters' attempts to convey a state of siege. The flow of information encouraged, empowered and mobilized Turks to confront the rebels and their tanks.

The population went from being passive recipients to proactive participants in the country's present and future. And by challenging the information being transmitted by the captured media sources, they prevented the small group of mid-level officers from turning pre-emptive claims of victory into reality.

A significant number of Turks collectively formed what advancing military forces fear most -- crowds of civilians blocking their path and complicating their operational plans. The strength of the people was transmitted both domestically and internationally through images on social media of civilians standing up to rebel soldiers in the streets. This signaled that the rebels were not winning, and diminished the chances that they would ultimately prevail.

Sensing defeat, hundreds of rebellious soldiers started surrendering and road blockades were lifted. The images that filled social media showed that citizens had again found a way to have a deterministic role in their political destiny -- particularly when it comes to how they are governed and by whom.

This is not the first time that social media and mobility played an important role in influencing outcomes, or allowed ordinary citizens to play a greater part in ensuring that a tiny minority is unable to impose its will on the majority. And it is not the first time that the will of the people prevailed with the help of technology. For example, in 2011 and 2013, millions of ordinary Egyptians, enabled by social media, stunned the world with their collective action, taking to the streets to influence how they would be governed.

In helping to foil a coup against a legitimately elected government, social media reinforced democracy. This is the flip side of the tragic use of this same technology to influence and radicalize the disenfranchised.

History will record that the rogue Turkish officers and their followers failed to understand how social media has changed the traditional dynamics of military coup d'etats. It contributed to avoiding an outcome that, at a minimum, would have created huge uncertainty in one of the largest European countries and a member of NATO. That would have been yet another development that "expert opinion," both in the public and private sectors, had not predicted. Now the challenge for Turkey is to ensure that the legacy of the failed coup will be the strengthening of the country's democracy and its legitimate institutions.

This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

Tesla Autopilot Too Much, Too Soon,

Consumer Reports Warns:

The bible of American commerce says the feature gives drivers a "false sense of security."

In an unusual move, Consumer Reports has called Tesla's Autopilot "Too Much Autonomy Too Soon" and called on the automaker to disable the hands-free feature until its safety can be improved. The system has come under increased scrutiny in the wake of a fatal May 7 crash in Florida, which U.S. safety regulators are investigating.

"By marketing their feature as 'Autopilot,' Tesla gives consumers a false sense of security," said Laura MacCleery, vice president of consumer policy and mobilization forConsumer Reports, in the article published Thursday. The article continues: 

"In the long run, advanced active safety technologies in vehicles could make our roads safer. But today, we're deeply concerned that consumers are being sold a pile of promises about unproven technology. 'Autopilot' can't actually drive the car, yet it allows consumers to have their hands off the steering wheel for minutes at a time. Tesla should disable automatic steering in its cars until it updates the program to verify that the driver's hands are on the wheel."

More than 70,000 Tesla cars are equipped with Autopilot worldwide, and drivers must actively choose to engage the system. In a blog post about the Florida accident, Tesla stressed that those cars have driven more than 130 million miles while using the feature, giving Tesla valuable data in real-world driving conditions. Some customers see the system as an enormous asset during grueling commutes, but YouTube is also filled with videos of people taking risks with it. 

"Tesla is consistently introducing enhancements proven over millions of miles of internal testing to ensure that drivers supported by Autopilot remain safer than those operating without assistance," said Tesla in a statement Thursday. "We will continue to develop, validate, and release those enhancements as the technology grows. While we appreciate well-meaning advice from any individual or group, we make our decisions on the basis of real-world data, not speculation by media."

And don't expect Tesla Chief Executive Officer Elon Musk to heed the call for a name change. Tesla has always said that Autopilot "functions like the systems that airplane pilots use when conditions are clear. The driver is still responsible for, and ultimately in control of, the car."