OpenAI is planning to integrate a payment checkout system into ChatGPT in a bid to boost revenues. OpenAI is reportedly planning to take a share of eCommerce sales made via ChatGPT. That’s according to a report Wednesday (July 16) by the Financial Times (FT), which says this move is part of a plan by the artificial intelligence (AI) startup to derive new revenues from online shopping features. The company already displays products on its platform with the option of clicking through to online retailers, and inked a partnership with eCommerce platform Shopify in April. Now, sources told the FT, OpenAI hopes to integrate a checkout system into ChatGPT, to make sure users complete transactions within the platform. Sellers who make sales this way would pay a commission to OpenAI. PYMNTS has contacted OpenAI for comment but has not yet gotten a reply. The FT notes that this marks a shift in strategy for OpenAI, whose revenue has chiefly come from subscriptions to its premium services. Getting a slice of eCommerce sales would let OpenAI earn money from people using its free service. The report adds this move is another threat to Google’s business model, with consumers increasingly turning to AI chatbots for online search and shopping. OpenAI is already building its own browser in a separate challenge to Google, per a report last week by Reuters. While the feature is still in development, the sources told the FT that OpenAI and partners like Shopify have been presenting early versions to brands and discussing financial terms.
Sofi’s acquisition of Galileo enhancing its core functionalities such as BNPL services and advanced customer engagement tools powered by conversational AI, while enabling it to operate more like a vertically integrated fintech company
Since acquiring Galileo Financial Technologies in 2020, SoFi Technologies has deepened its fintech infrastructure by integrating Galileo’s payment processing and tech capabilities across its growing suite of offerings. Galileo plays a pivotal role in enabling core functionalities such as buy now, pay later (BNPL) services and advanced customer engagement tools powered by conversational AI. This backend support is critical to SoFi’s strategy of delivering a seamless, tech-forward financial experience to users. Operating under the same corporate umbrella has dramatically expanded integration opportunities. SoFi can now move more nimbly, embedding Galileo’s infrastructure directly into its product roadmap without the friction typical of third-party partnerships. This combination enhances speed to market, operational efficiency and the ability to innovate across digital banking, lending and personal finance tools. Furthermore, the relationship creates a feedback loop. Galileo not only powers SoFi’s products but also benefits from SoFi’s scale and user data, helping refine and expand Galileo’s platform for other clients. In essence, SoFi’s acquisition of Galileo has evolved from a strategic purchase into a foundational pillar, enabling SoFi to operate more like a vertically integrated fintech company, with tighter control over both user experience and the underlying tech stack driving its offerings.
Oracle launches MCP Server for Oracle Database to allow users to securely interact with core database platform and navigate complex data schemas using natural language, with the server translating questions into SQL queries
Oracle Corp unveiled MCP Server for Oracle Database, a new Model Context Protocol offering that brings AI-powered interaction directly into its core database platform to help developers and analysts query and manage data using natural language. The new MCP server enables LLMs to securely connect to Oracle Database and interact with it contextually while respecting user permissions and roles. MCP Server for Oracle Database allows users to interact with Oracle’s core database platform using natural language, with the server translating questions into SQL queries, helping users retrieve insights from data without needing to write complex code, making tasks such as performance diagnostics, schema summarization and query generation easier. The integration has been designed to simplify the process of working with SQL queries and navigating complex data schemas. MCP Server for Oracle Database AI agents can act as copilots for developers and analysts by generating code and analyzing performance. The protocol also supports read and write operations, allowing users to take action through the AI assistant, such as creating indexes, checking performance plans, or optimizing workloads. The AI agent operates strictly within the access boundaries of the authenticated user by using a private, dedicated schema to isolate the agent’s interactions from production data, allowing it to generate summaries or sample datasets for language models without exposing full records.
RedShield’s solution secures against DDoS and automated bot attacks by deploying an identity and intent challenge that requires a valid email address and a code sent to that email
RedShield has introduced a new cybersecurity feature called ‘Third Horizon’ to provide additional protection against Distributed Denial-of-Service (DDoS) and automated bot attacks. The technology disrupts attack methods and forces attackers to adapt in ways that traditional automated or artificial intelligence-driven tools cannot manage effectively. The Third Horizon feature challenges suspicious users seeking access to an application by requiring them to supply a valid email address and verify their identity using a code sent to that email. This adds complexity for attackers using automated systems, as they typically struggle to answer such requests at scale. RedShield’s service operates using a three-tiered architecture for threat defence. The first layer, the First Horizon, uses traffic profiling to block high-volume attacks and malicious traffic. The second layer focuses on sophisticated bot detection, targeting malicious bots attempting to appear as legitimate users. The Third Horizon provides an identity and intent challenge, requiring suspicious users to confirm an email address before accessing a site or application. Recent findings highlight the scale of the challenge facing organizations, with automated bots accounting for nearly half of all internet traffic in 2024 and DDoS attacks increasing 1800% globally from the third to the fourth quarter of last year. RedShield is extending its layered approach by offering the Third Horizon as an optional add-on service for customers requiring heightened protection.
Google’s AI agent discovers a critical SQLite vulnerability using threat intelligence and was able to actually predict that it was imminently going to be exploited for carrying out a cyberattack
Google is introducing a new approach to cybersecurity, focusing on artificial intelligence as the first line of digital defence. The company has introduced Big Sleep, an AI agent developed by Google DeepMind in collaboration with Project Zero, which has successfully stopped a security threat before it was launched. The tool is also being used to strengthen the security of open-source software, increasing defensive coverage. Google’s secure-by-design approach emphasizes human oversight, transparency, and privacy. In addition to Big Sleep, Google is infusing AI into its security infrastructure: Timesketch, the company’s open-source forensics platform, now integrates Sec-Gemini-powered agents to automate incident response. FACADE, an insider threat detection tool, processes billions of security events each day using contrastive learning, without relying on historical attack data. A new AI-assisted Capture the Flag challenge at DEF CON 33 will give participants hands-on experience working alongside AI agents in real-time cyber defence scenarios.
Yubico’s Enhanced PIN feature to offer comprehensive PIN management for users with enforcement policies and PIN complexity applied by default, always-on user verification and minimum PIN length of six characters
Yubico has introduced the YubiKey 5 – Enhanced PIN, offering additional PIN capabilities for enterprises in 175 countries and 24 territories. The product is pre-configured with features to improve PIN management and user enforcement, including a mandatory minimum PIN length and requirements for increased complexity. This helps organizations meet evolving policy, compliance, and audit requirements for user authentication. The Enhanced PIN features are available on the YubiKey 5 NFC and YubiKey 5C NFC models, specifically through the YubiKey as a Service platform. The company has expanded its YubiKey as a Service to include all European Union countries and expanded its YubiEnterprise Delivery to 117 locations globally. The expanded service and new key features reflect Yubico’s effort to address the challenges posed by a changing cybersecurity landscape and varying global regulatory requirements, supporting enterprise customers in their transition to more robust authentication systems.
Akeyless enables AI agents to authenticate using dynamic, just-in-time verifiable machine identities such as cloud IAM roles eliminating the need to embed secrets in code, containers, or pipelines
Akeyless, the Unified Secrets & Machine Identity Platform for the AI-driven Era, announced the launch of Akeyless SecretlessAI, a breakthrough solution purpose-built to secure the rapidly expanding universe of AI agents and Model Context Protocol (MCP) servers. Akeyless SecretlessAI™ eliminates the need to embed secrets in code, containers, or pipelines. Instead, it introduces dynamic, just-in-time secrets provisioning, where AI agents and MCP servers authenticate using verifiable machine identities — such as cloud IAM roles or Kubernetes service accounts. Akeyless extends traditional secrets management by integrating with advanced identity frameworks like SPIFFE (Secure Production Identity Framework for Everyone) through its SPIRE plugins, enabling a ‘secretless’ authentication model for workloads. Additionally, Akeyless offers built-in PKI-as-a-Service capabilities that automate the lifecycle of certificates, including issuance, renewal, and revocation, all within a secure and scalable SaaS platform. Based on centrally managed policies, Akeyless provisions ephemeral, tightly scoped secrets at runtime. This approach drastically reduces the window of compromise and supports Zero Trust and Least Privilege principles. The solution offers comprehensive auditing and centralized governance, providing visibility into every request and action. It enables policy-based access control and full lifecycle automation, empowering security and DevOps teams to enforce compliance without slowing innovation.
Confident Security offers an end-to-end encryption tool that wraps around foundational models, guaranteeing that prompts and metadata can’t be stored, seen, or used for AI training
Startup Confident Security aims to be “the Signal for AI.” The company’s product, CONFSEC, is an end-to-end encryption tool that wraps around foundational models, guaranteeing that prompts and metadata can’t be stored, seen, or used for AI training, even by the model provider or any third party. The company wants to serve as an intermediary vendor between AI vendors and their customers — like hyperscalers, governments, and enterprises. CONFSEC is modeled after Apple’s Private Cloud Compute (PCC) architecture, which “is 10x better than anything out there in terms of guaranteeing that Apple cannot see your data” when it runs certain AI tasks securely in the cloud. Like Apple’s PCC, Confident Security’s system works by first anonymizing data by encrypting and routing it through services like Cloudflare or Fastly, so servers never see the original source or content. Next, it uses advanced encryption that only allows decryption under strict conditions. Finally, the software running the AI inference is publicly logged and open to review so that experts can verify its guarantees. CONFSEC is also well-suited for new AI browsers hitting the market, like Perplexity’s Comet, to give customers guarantees that their sensitive data isn’t being stored on a server somewhere that the company or bad actors could access, or that their work-related prompts aren’t being used to “train AI to do your job.”
Bitcoin DeFi has ballooned 20x since start of 2024 as builders bet on yield
A new report by Arch Network, shared with CoinDesk, shows that the total value locked (TVL) in Bitcoin-native protocols has surged from $307 million in January 2024 to $6.36 billion by mid-2025 — a 20-fold increase driven by lending apps, stablecoins, and institutional inflows. The data paints a picture of a shifting narrative away from “digital gold” and toward programmable, yield-bearing bitcoin. Lending and borrowing protocols are the most frequently cited usage protocols, mentioned by 59% of the respondents. Bitcoin-backed stablecoins followed (41%), then DEXs (32%) and real-world assets like tokenized real estate (29%). These aren’t speculative side bets — they’re early signs of product-market fit, especially for users who want access to liquidity without selling BTC. 36% still keep their Bitcoin in cold storage, citing a lack of confidence in current DeFi platforms. Another 25% avoid Bitcoin DeFi due to high perceived risk, while 60% of all respondents flagged smart contract exploits as the top security concern. “Bitcoin’s true potential lies beyond being a passive store of value,” Arch CEO Matt Mudano said. “Unlocking its liquidity is the next frontier.” “If even a fraction of Bitcoin’s $2 trillion market cap gets productive,” said DPI Capital’s Shahan Khoshafian, “the upside is massive.”
Payments optimization is crucial as report says almost all cross-border shoppers want to pay with local currency
Payments Optimization: Powering Global eCommerce Growth,” reveals that despite widespread digital adoption, cross-border payments still pose significant challenges for merchants. The report highlights that not all merchants prioritize shopper convenience in international transactions, but optimizing these digital payment experiences is crucial for maximizing global sales and meeting consumers’ evolving expectations. Key obstacles include consumer concerns over long delivery times, fear of fraud, difficulties with returns, and unexpected high transaction fees, which negatively impact conversion rates. The report emphasizes the importance of local payment experiences, as nearly all cross-border shoppers expect to pay using their preferred, customary methods and 94% in local currencies. Digital payments are rapidly becoming the cornerstone of global eCommerce, with digital wallets, account-to-account transfers, and buy now, pay later solutions accounting for 79% of global eCommerce value by 2030. One-click checkout is a powerful tool for optimizing online transactions, with 84% of shoppers considering it an important factor when deciding where to shop. The report emphasizes that optimization is an ongoing process that requires continuous attention to digital payment acceptance, transparent communication, and efficient delivery and return mechanisms. The integration of advanced fraud solutions, often powered by artificial intelligence and machine learning, is essential for securing transactions and building trust. The report concludes that payments are no longer just a commodity but a critical competitive differentiator for businesses expanding globally.