Assembly Bill A9340A

2023-2024 Legislative Session

Relates to peer-to-peer mobile payment service security

download bill text pdf

Sponsored By

Current Bill Status - Passed Senate & Assembly


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Delivered to Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions

Bill Amendments

co-Sponsors

2023-A9340 - Details

See Senate Version of this Bill:
S8677
Law Section:
General Business Law
Laws Affected:
Add §399-jj, Gen Bus L; amd §403, Fin Serv L

2023-A9340 - Summary

Directs every peer-to-peer mobile service to require users to create a personal identification code associated with the user's account that is required to be used when certain actions are taken and to require users to set a monetary amount for intended transfers above which the use of a personal identification number will be required to authenticate the user's identity.

2023-A9340 - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   9340
 
                           I N  A S S E M B L Y
 
                               March 6, 2024
                                ___________
 
 Introduced by M. of A. LEE -- read once and referred to the Committee on
   Consumer Affairs and Protection
 
 AN  ACT  to  amend the general business law, in relation to peer-to-peer
   mobile payment service security; and to amend the  financial  services
   law,  in  relation  to  authorizing  the financial frauds and consumer
   protection unit to enforce such provisions

   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1. This act shall be known and may be cited as the "Financial
 App Security Act".
   § 2. The general business law is amended by adding a new section  399-
 jj to read as follows:
   § 399-JJ. PEER-TO-PEER  MOBILE  PAYMENT  SERVICE  SECURITY. 1. FOR THE
 PURPOSES OF THIS SECTION:
   (A) "PEER-TO-PEER MOBILE SERVICE" MEANS ANY APP OR  APP  SERVICE  THAT
 ALLOWS USERS TO SEND AND RECEIVE MONEY FROM THEIR MOBILE DEVICES THROUGH
 A  LINKED BANK ACCOUNT OR CREDIT CARD OR DEBIT CARD USING ONLY A RECIPI-
 ENT'S CELL PHONE NUMBER OR EMAIL ADDRESS.
   (B) "BIOMETRIC AUTHENTICATION" MEANS EITHER FINGERPRINT OR FACE  IDEN-
 TIFICATION FOR ACCESS TO A SERVICE, OR VERIFICATION OF AN IN-APP ACTION.
   2.  EVERY  PEER-TO-PEER MOBILE SERVICE SHALL REQUIRE USERS TO CREATE A
 PERSONAL IDENTIFICATION CODE ASSOCIATED WITH THE USER'S ACCOUNT THAT  IS
 A  MINIMUM  OF  FOUR ALPHA-NUMERIC CHARACTERS ASSOCIATED WITH THE USER'S
 ACCOUNT. WHEN CERTAIN ACTIONS ARE TAKEN, INCLUDING BUT NOT  LIMITED  TO,
 ACTIONS  DEFINED IN SUBDIVISION FOUR OF THIS SECTION, THE PERSONAL IDEN-
 TIFICATION NUMBER MUST BE USED TO AUTHENTICATE THE USER'S IDENTITY.  THE
 USE OF SUCH PERSONAL IDENTIFICATION CODE MAY NOT BE SUBSTITUTED FOR  ANY
 FORM OF BIOMETRIC AUTHENTICATION.
   3.  EVERY  PEER-TO-PEER  MOBILE  SERVICE  SHALL REQUIRE USERS TO SET A
 MONETARY AMOUNT FOR INTENDED TRANSFERS ABOVE WHICH THE USE OF A PERSONAL
 IDENTIFICATION NUMBER WILL BE REQUIRED TO AUTHENTICATE THE USER'S  IDEN-
 TITY.
   4.  THE  FOLLOWING  ACTIONS  REQUIRE  USE OF A PERSONAL IDENTIFICATION
 NUMBER WHEN USING A PEER-TO-PEER MOBILE SERVICE:
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
              

co-Sponsors

2023-A9340A (ACTIVE) - Details

See Senate Version of this Bill:
S8677
Law Section:
General Business Law
Laws Affected:
Add §399-jj, Gen Bus L; amd §403, Fin Serv L

2023-A9340A (ACTIVE) - Summary

Directs every peer-to-peer mobile service to require users to create a personal identification code associated with the user's account that is required to be used when certain actions are taken and to require users to set a monetary amount for intended transfers above which the use of a personal identification number will be required to authenticate the user's identity.

2023-A9340A (ACTIVE) - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  9340--A
 
                           I N  A S S E M B L Y
 
                               March 6, 2024
                                ___________
 
 Introduced  by  M.  of  A.  LEE,  OTIS  -- read once and referred to the
   Committee on Consumer Affairs and Protection -- committee  discharged,
   bill  amended,  ordered  reprinted  as amended and recommitted to said
   committee
 
 AN ACT to amend the general business law, in  relation  to  peer-to-peer
   mobile  payment  service security; and to amend the financial services
   law, in relation to authorizing  the  financial  frauds  and  consumer
   protection unit to enforce such provisions
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may be cited as the  "Financial
 App Security Act".
   §  2. The general business law is amended by adding a new section 399-
 jj to read as follows:
   § 399-JJ. PEER-TO-PEER MOBILE PAYMENT SERVICE  SECURITY.  1.  FOR  THE
 PURPOSES OF THIS SECTION:
   (A)  "PEER-TO-PEER  MOBILE  SERVICE"  MEANS  ANY  APP  OR  APP SERVICE
 PROVIDED DIRECTLY TO USERS BY AN ENTITY THAT IS NOT AN INSURED DEPOSITO-
 RY INSTITUTION AND THAT:
   (1) DIRECTLY OR INDIRECTLY  RECEIVES  AND  HOLDS  MONEY  BELONGING  TO
 USERS,  OR  THAT  FACILITATES  TRANSACTIONS  BETWEEN  INSURED DEPOSITORY
 INSTITUTIONS BUT EXISTS SEPARATELY FROM SAID INSTITUTIONS; AND
   (2) WHOSE PRIMARY FUNCTIONALITY IS TO ALLOW USERS TO SEND AND  RECEIVE
 MONEY  THROUGH THEIR MOBILE DEVICES FROM A LINKED BANK ACCOUNT OR CREDIT
 CARD OR DEBIT CARD USING  A  RECIPIENT'S  CELL  PHONE  NUMBER  OR  EMAIL
 ADDRESS OR USERNAME.
   (B)  "BIOMETRIC AUTHENTICATION" MEANS EITHER FINGERPRINT OR FACE IDEN-
 TIFICATION FOR ACCESS TO A SERVICE, OR VERIFICATION OF AN IN-APP ACTION.
   2. EVERY PEER-TO-PEER MOBILE SERVICE SHALL REQUIRE USERS TO  CREATE  A
 PERSONAL  IDENTIFICATION CODE ASSOCIATED WITH THE USER'S ACCOUNT THAT IS
 A MINIMUM OF FOUR NUMERIC CHARACTERS ASSOCIATED WITH THE USER'S ACCOUNT.
 WHEN CERTAIN ACTIONS ARE TAKEN, INCLUDING BUT NOT  LIMITED  TO,  ACTIONS
 DEFINED IN SUBDIVISION FOUR OF THIS SECTION, THE PERSONAL IDENTIFICATION
 NUMBER  MUST  BE  USED  TO AUTHENTICATE THE USER'S IDENTITY.  THE USE OF
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.