Senate Bill S8677B

2023-2024 Legislative Session

Relates to peer-to-peer mobile payment service security

download bill text pdf

Sponsored By

Current Bill Status Via A9340 - Passed Senate


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Delivered to Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions
Votes

Bill Amendments

2023-S8677 - Details

See Assembly Version of this Bill:
A9340
Law Section:
General Business Law
Laws Affected:
Add §399-jj, Gen Bus L; amd §403, Fin Serv L

2023-S8677 - Summary

Directs every peer-to-peer mobile service to require users to create a personal identification code associated with the user's account that is required to be used when certain actions are taken and to require users to set a monetary amount for intended transfers above which the use of a personal identification number will be required to authenticate the user's identity.

2023-S8677 - Sponsor Memo

2023-S8677 - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   8677
 
                             I N  S E N A T E
 
                             February 28, 2024
                                ___________
 
 Introduced  by Sen. HOYLMAN-SIGAL -- read twice and ordered printed, and
   when printed to be committed to the Committee on Internet and Technol-
   ogy
 
 AN ACT to amend the general business law, in  relation  to  peer-to-peer
   mobile  payment  service security; and to amend the financial services
   law, in relation to authorizing  the  financial  frauds  and  consumer
   protection unit to enforce such provisions
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may be cited as the  "Financial
 App Security Act".
   §  2. The general business law is amended by adding a new section 399-
 jj to read as follows:
   § 399-JJ. PEER-TO-PEER MOBILE PAYMENT SERVICE  SECURITY.  1.  FOR  THE
 PURPOSES OF THIS SECTION:
   (A)  "PEER-TO-PEER  MOBILE  SERVICE" MEANS ANY APP OR APP SERVICE THAT
 ALLOWS USERS TO SEND AND RECEIVE MONEY FROM THEIR MOBILE DEVICES THROUGH
 A LINKED BANK ACCOUNT OR CREDIT CARD OR DEBIT CARD USING ONLY A  RECIPI-
 ENT'S CELL PHONE NUMBER OR EMAIL ADDRESS.
   (B)  "BIOMETRIC AUTHENTICATION" MEANS EITHER FINGERPRINT OR FACE IDEN-
 TIFICATION FOR ACCESS TO A SERVICE, OR VERIFICATION OF AN IN-APP ACTION.
   2. EVERY PEER-TO-PEER MOBILE SERVICE SHALL REQUIRE USERS TO  CREATE  A
 PERSONAL  IDENTIFICATION CODE ASSOCIATED WITH THE USER'S ACCOUNT THAT IS
 A MINIMUM OF FOUR ALPHA-NUMERIC CHARACTERS ASSOCIATED  WITH  THE  USER'S
 ACCOUNT.  WHEN  CERTAIN ACTIONS ARE TAKEN, INCLUDING BUT NOT LIMITED TO,
 ACTIONS DEFINED IN SUBDIVISION FOUR OF THIS SECTION, THE PERSONAL  IDEN-
 TIFICATION NUMBER MUST BE USED TO AUTHENTICATE THE USER'S IDENTITY.  THE
 USE  OF SUCH PERSONAL IDENTIFICATION CODE MAY NOT BE SUBSTITUTED FOR ANY
 FORM OF BIOMETRIC AUTHENTICATION.
   3. EVERY PEER-TO-PEER MOBILE SERVICE SHALL  REQUIRE  USERS  TO  SET  A
 MONETARY AMOUNT FOR INTENDED TRANSFERS ABOVE WHICH THE USE OF A PERSONAL
 IDENTIFICATION  NUMBER WILL BE REQUIRED TO AUTHENTICATE THE USER'S IDEN-
 TITY.
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD14473-02-4
              

2023-S8677A - Details

See Assembly Version of this Bill:
A9340
Law Section:
General Business Law
Laws Affected:
Add §399-jj, Gen Bus L; amd §403, Fin Serv L

2023-S8677A - Summary

Directs every peer-to-peer mobile service to require users to create a personal identification code associated with the user's account that is required to be used when certain actions are taken and to require users to set a monetary amount for intended transfers above which the use of a personal identification number will be required to authenticate the user's identity.

2023-S8677A - Sponsor Memo

2023-S8677A - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  8677--A
 
                             I N  S E N A T E
 
                             February 28, 2024
                                ___________
 
 Introduced  by Sen. HOYLMAN-SIGAL -- read twice and ordered printed, and
   when printed to be committed to the Committee on Internet and Technol-
   ogy --  committee  discharged,  bill  amended,  ordered  reprinted  as
   amended and recommitted to said committee
 
 AN  ACT  to  amend the general business law, in relation to peer-to-peer
   mobile payment service security; and to amend the  financial  services
   law,  in  relation  to  authorizing  the financial frauds and consumer
   protection unit to enforce such provisions
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1. This act shall be known and may be cited as the "Financial
 App Security Act".
   § 2. The general business law is amended by adding a new section  399-
 jj to read as follows:
   § 399-JJ. PEER-TO-PEER  MOBILE  PAYMENT  SERVICE  SECURITY. 1. FOR THE
 PURPOSES OF THIS SECTION:
   (A) "PEER-TO-PEER  MOBILE  SERVICE"  MEANS  ANY  APP  OR  APP  SERVICE
 PROVIDED DIRECTLY TO USERS BY AN ENTITY THAT IS NOT AN INSURED DEPOSITO-
 RY INSTITUTION AND THAT:
   (1)  DIRECTLY  OR  INDIRECTLY  RECEIVES  AND  HOLDS MONEY BELONGING TO
 USERS, OR  THAT  FACILITATES  TRANSACTIONS  BETWEEN  INSURED  DEPOSITORY
 INSTITUTIONS BUT EXISTS SEPARATELY FROM SAID INSTITUTIONS; AND
   (2)  THAT  ALLOWS USERS TO SEND AND RECEIVE MONEY THROUGH THEIR MOBILE
 DEVICES FROM A LINKED BANK ACCOUNT OR CREDIT CARD OR DEBIT CARD USING  A
 RECIPIENT'S CELL PHONE NUMBER OR EMAIL ADDRESS OR USERNAME.
   (B)  "BIOMETRIC AUTHENTICATION" MEANS EITHER FINGERPRINT OR FACE IDEN-
 TIFICATION FOR ACCESS TO A SERVICE, OR VERIFICATION OF AN IN-APP ACTION.
   2. EVERY PEER-TO-PEER MOBILE SERVICE SHALL REQUIRE USERS TO  CREATE  A
 PERSONAL  IDENTIFICATION CODE ASSOCIATED WITH THE USER'S ACCOUNT THAT IS
 A MINIMUM OF FOUR NUMERIC CHARACTERS ASSOCIATED WITH THE USER'S ACCOUNT.
 WHEN CERTAIN ACTIONS ARE TAKEN, INCLUDING BUT NOT  LIMITED  TO,  ACTIONS
 DEFINED IN SUBDIVISION FOUR OF THIS SECTION, THE PERSONAL IDENTIFICATION
 NUMBER  MUST  BE  USED  TO AUTHENTICATE THE USER'S IDENTITY.  THE USE OF
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD14473-05-4
              

2023-S8677B (ACTIVE) - Details

See Assembly Version of this Bill:
A9340
Law Section:
General Business Law
Laws Affected:
Add §399-jj, Gen Bus L; amd §403, Fin Serv L

2023-S8677B (ACTIVE) - Summary

Directs every peer-to-peer mobile service to require users to create a personal identification code associated with the user's account that is required to be used when certain actions are taken and to require users to set a monetary amount for intended transfers above which the use of a personal identification number will be required to authenticate the user's identity.

2023-S8677B (ACTIVE) - Sponsor Memo

2023-S8677B (ACTIVE) - Bill Text download pdf

                             
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  8677--B
 
                             I N  S E N A T E
 
                             February 28, 2024
                                ___________
 
 Introduced  by Sen. HOYLMAN-SIGAL -- read twice and ordered printed, and
   when printed to be committed to the Committee on Internet and Technol-
   ogy --  committee  discharged,  bill  amended,  ordered  reprinted  as
   amended  and  recommitted  to  said committee -- committee discharged,
   bill amended, ordered reprinted as amended  and  recommitted  to  said
   committee

 AN  ACT  to  amend the general business law, in relation to peer-to-peer
   mobile payment service security; and to amend the  financial  services
   law,  in  relation  to  authorizing  the financial frauds and consumer
   protection unit to enforce such provisions
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1. This act shall be known and may be cited as the "Financial
 App Security Act".
   § 2. The general business law is amended by adding a new section  399-
 jj to read as follows:
   § 399-JJ. PEER-TO-PEER  MOBILE  PAYMENT  SERVICE  SECURITY. 1. FOR THE
 PURPOSES OF THIS SECTION:
   (A) "PEER-TO-PEER  MOBILE  SERVICE"  MEANS  ANY  APP  OR  APP  SERVICE
 PROVIDED DIRECTLY TO USERS BY AN ENTITY THAT IS NOT AN INSURED DEPOSITO-
 RY INSTITUTION AND THAT:
   (1)  DIRECTLY  OR  INDIRECTLY  RECEIVES  AND  HOLDS MONEY BELONGING TO
 USERS, OR  THAT  FACILITATES  TRANSACTIONS  BETWEEN  INSURED  DEPOSITORY
 INSTITUTIONS BUT EXISTS SEPARATELY FROM SAID INSTITUTIONS; AND
   (2)  WHOSE PRIMARY FUNCTIONALITY IS TO ALLOW USERS TO SEND AND RECEIVE
 MONEY THROUGH THEIR MOBILE DEVICES FROM A LINKED BANK ACCOUNT OR  CREDIT
 CARD  OR  DEBIT  CARD  USING  A  RECIPIENT'S  CELL PHONE NUMBER OR EMAIL
 ADDRESS OR USERNAME.
   (B) "BIOMETRIC AUTHENTICATION" MEANS EITHER FINGERPRINT OR FACE  IDEN-
 TIFICATION FOR ACCESS TO A SERVICE, OR VERIFICATION OF AN IN-APP ACTION.
   2.  EVERY  PEER-TO-PEER MOBILE SERVICE SHALL REQUIRE USERS TO CREATE A
 PERSONAL IDENTIFICATION CODE ASSOCIATED WITH THE USER'S ACCOUNT THAT  IS
 A MINIMUM OF FOUR NUMERIC CHARACTERS ASSOCIATED WITH THE USER'S ACCOUNT.
 WHEN  CERTAIN  ACTIONS  ARE TAKEN, INCLUDING BUT NOT LIMITED TO, ACTIONS
 DEFINED IN SUBDIVISION FOUR OF THIS SECTION, THE PERSONAL IDENTIFICATION
 NUMBER MUST BE USED TO AUTHENTICATE THE USER'S IDENTITY.    THE  USE  OF
 
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.