I asked the US government for my immigration file and all I got were these stupid photos

“Welcome to the United States of America.”

That’s the first thing you read when you find out your green card application was approved. Those long-awaited words are printed on fancier-than-usual paper, an improvement on the usual copy machine printed paper that the government sends to periodically remind you that you, like millions of other people, are stuck in the same slow bureaucratic system.

First you cry — then you cry a lot. And then you celebrate. But then you have to wait another week or so for the actual credit card-sized card — yes, it’s green — to turn up in the mail before it really kicks in.

It took two years to get my green card, otherwise known as U.S. permanent residency. That’s a drop in the ocean to the millions who endure twice, or even three times as long. After six years as a Brit in New York, I could once again leave the country and arrive without worrying as much that a grumpy border officer might not let me back in because they don’t like journalists.

The reality is, U.S. authorities can reject me — and any other foreign national — from entering the U.S. for almost any reason. As we saw with President Trump’s ban on foreign nationals from seven Muslim-majority nations — since ruled unconstitutional — the highly vetted status of holding a green card doesn’t even help much. You have almost no rights and the questioning can be brutally invasive — as I, too, have experienced before, along with the stare-downs and silent psychological warfare they use to mentally shake you down.

I was curious what they knew about me. With my green card in one hand and empowered by my newfound sense of immigration security, I filed a Freedom of Information request with U.S. Citizenship and Immigration Services to obtain all of the files the government had collected on me in order to process my application.

Seven months later, disappointment.

USCIS sent me a disk with 561 pages of documents and a cover letter telling me most of the interesting bits were redacted, citing exemptions such as records relating to officers and government staff, investigatory material compiled for law enforcement purposes, and techniques used by the government to decide an applicant’s case.

But I did get almost a decade’s worth of photos taken by border officials entering the United States.

Seven years of photos taken at the U.S. border. (Source: Homeland Security/FOIA)

What’s interesting about these encounters is that you can see me getting exponentially fatter over the years while my sense of style declines at about the same rate.

Each photo comes with a record from a web-based system called the Customer Profile Management Service (CPMS), which stores all the photos of foreign nationals visiting or returning to the U.S. from a camera at port of entries.

Immigration officers and border officials use the Identity Verification Tool (IVT) to visually confirm my identity and review my records at the border and my interview, as well as checking for any “derogatory” information that might flag a problem in my case.

The government’s IDENT system, which immigration staff and border officials use to visually verify an applicant’s identity along with any potentially barring issues, like a criminal record. (Source: FOIA)

Everyone’s file will differ, and my green card case was somewhat simple and straightforward compared to others.

Some 90 percent of my file are things my lawyer submitted — my application, my passport and existing visa, my bank statements and tax returns, my medical exam, and my entire set of supporting evidence — such as my articles, citations, and letters of recommendation. The final 10 percent were actual responsive government documents, and some random files like photocopied folders.

And there was a lot of duplication.

From the choice files we are publishing, the green card process appears highly procedural and offered little to nothing in terms of decision making by immigration officers. Many of the government-generated documents was mostly box-ticking, such as verifying the authenticity of documents along the chain of custody. A single typo can derail an entire case.

The government uses several Homeland Security systems to check my immigration records against USCIS’ Central Index System, and verifying my fingerprints against my existing records stored in its IDENT system to ensure it’s really me at the interview.

USCIS’ Central Index System, a repository of data held by the government as applications go through the immigration process. (Source: FOIA)

During my adjustment-of-status interview with an immigration officer, my “disposition” was recorded but redacted. (Spoiler alert: it was probably “sweaty and nervous.”)

A file filled out by an immigration officer at an adjustment of status interview, which green card candidates are subject to. (Source: FOIA)

Following the interview, the immigration officer checks to make sure that the interview procedures are properly carried out. Homeland Security also pulls in data from the FBI to check to see if my name is on a watchlist, but also to confirm my identity as the real person applying for the green card.

And, in the end, two years of work and waiting came down to was a single checked box following my interview. “Approved.”

The final adjudication of an applicant’s green card. (Source: FOIA)

It’s no secret that you can FOIA for your green card file. Some are forced to file to obtain their case files in order to appeal their denied applications.

Runa Sandvik, a senior director of information security at The New York Times, obtained her border photographs from Homeland Security some years ago. Nowadays, it’s just as easy to request your files. Fill out one form and email it to the USCIS.

For me, next stop is citizenship. Just five more years to go.

Read more:

AeroGarden maker says hackers stole months of credit card data

Bad news for home gardeners: criminals might have your credit card data.

AeroGrow, the maker of the at-home garden kit AeroGarden, said in a letter to customers that its website had credit card scraping malware for more than four months.

The company said anyone who bought something through its website between October 29, 2018 and March 4, 2019 had their credit card number, expiration date and card verification value — also known as a security code — stolen by the malware. In most cases, that’s all someone would need to make fraudulent purchases,

A letter to customers, as submitted to the California attorney general’s office. (Screenshot: TechCrunch)

It’s the latest in a string of high-profile malware attacks targeting websites in the past year. Attackers will find a vulnerability often in the website running a company’s shopping cart and inject code that scrapes credit card data once it is entered into the form on the site. That data gets siphoned off and sent to a server controlled by the attacker. Because the code is running on the page, there’s no discernible or obvious way to tell if a website is affected.

One of the more well-known hacker groups includes Magecart, a collective of different hackers of varying skillsets, which attack websites large and small. In the past year, the hacker groups have targeted Ticketmaster, British Airways, and consumer electronics giant Newegg — and many more.

AeroGrow didn’t say how many customers were affected. We’ve reached out and will update if we hear back.

Affirm’s latest partnership brings its alternative financing to Walmart’s U.S. stores and website

Financial technology company Affirm, which offers consumers an alternative to cash and credit when paying for large purchases, has scored a notable new partner: Walmart. The companies announced this morning that Affirm’s financing options would be made available in over 4,000 Walmart Supercenters across the U.S., and will roll out to Walmart.com in the weeks ahead.

Customers will be able to check their eligibility for an Affirm loan online before heading into Walmart to shop, and then receive their decision in real-time, without a hit to their credit score. (If they move forward and use the loan, that’s when it would impact credit).

If approved, the customer can opt for a repayment term of 3, 6 or 12 month installments on purchases ranging from $200 to $2,000. Customers are also shown the exact repayment amount they’ll owe, with the interest displayed in dollars not as an interest rate. There are no other hidden fees.

Walmart’s on-store shoppers will receive a unique barcode that’s scanned at checkout by a Walmart associate, the company says.

The offering will go live across Walmart Supercenters nationwide, except in Iowa, West Virginia and Puerto Rico, and will be soon available on Walmart.com. (Some items don’t qualify for financing with Affirm, including alcohol, tobacco, groceries, pharmacy, personal care, firearms and money services.)

Before today, Affirm had partnered with Walmart-owned businesses Allswell and Hayneedle, but this deal is one of its largest to date.

The company over the past few years has focused largely on e-commerce partnerships to grow its business and today works with a number of online brands, including Casper, Wayfair, Tradesy, The RealReal, Shopify, Reverb, Betabrand, Expedia, Eventbrite, and others.

San Francisco-based Affirm, run by PayPal co-founder Max Levchin, is now one of several businesses offering consumers point-of-sale loans and installment plans along with Sezzle, Klarna, Afterpay, Square and more. These services may help people with bad credit or low credit scores make bigger purchases they couldn’t otherwise afford, as they’re unable to apply for traditional credit.

Affirm, for instance, uses its own formula for calculating risk and approving loans, which involves data science, artificial intelligence and machine learning technologies. 

Other consumers may prefer Affirm and the like because of the flexibility of its payment plans and transparent pricing. (Affirm touts that it has no deferred interest, compounding interest or late fees, for example.)

But critics warn these businesses can hurt credit scores and entice people to overspend. They’re often referred to as modern-day loan sharks, rebranded for millennials – a generation wary of carrying credit card debt.

The company’s Gen X and younger user base could be one reason why Walmart chose to work with Affirm, as it needs a way to reach millennial shoppers.

“We are focused on providing customers transparent, easy, and convenient ways to pay, and offering Affirm both in stores and online is one way to do that,” said Daniel Eckert, Senior Vice President of Walmart Services & Digital Acceleration, in a statement. “Providing multiple ways to shop and finance select items with no hidden fees is an important way we deliver on our promise to help our customers save money and live better,” he added.

 

 

Vision Direct reveals breach that skimmed customer credit cards

European online contact lens supplier Vision Direct has revealed a data breach which compromised full credit card details for a number of its customers, as well as personal information.

Compromised data includes full name, billing address, email address, password, telephone number and payment card information, including card number, expiry date and CVV.

It’s not yet clear how many of Vision Direct’s customers are affected — we’ve reached out to the company with questions.

Detailing the data theft in a post on its website Vision Direct writes that customer data was compromised between 12.11am GMT November 3, 2018 and 12.52pm GMT November 8 — with any logged in users who were ordering or updating their information on visionDirect.co.uk in that time window potentially being affected.

It says it has emailed customers to notify them of the data theft.

“This data was compromised when entering data on the website and not from the Vision Direct database,” the company writes on its website. “The breach has been resolved and our website is working normally.”

“We advise any customers who believe they may have been affected to contact their banks or credit card providers and follow their advice,” it adds.

Affected payment methods include Visa, Mastercard and Maestro — but not PayPal (although Vision Direct says PayPal users’ personal data may still have been swiped).

It claims existing personal data previously stored in its database was not affected by the breach — writing that the theft “only impacted new information added or updated on the VisionDirect.co.uk website” (and only during the aforementioned time window).

“All payment card data is stored with our payment providers and so stored payment card information was not affected by the breach,” it adds.

Data appears to have been compromised via a Javascript keylogger running on the Vision Direct website, according to security researcher chatter on Twitter.

After the breach was made public, security researcher Troy Mursch quickly found a fake Google Analytics script had been running on Vision Direct’s UK website:

The malicious script also looks to have affected additional Vision Direct domains in Europe; and users of additional ecommerce sites (at least one of which they found still running the fake script)…

Another security researcher, Willem de Groot, picked up on the scam in September, writing in a blog post then that: “The domain g-analytics.com is not owned by Google, as opposed to its legitimate google-analytics.com counterpart. The fraud is hosted on a dodgy Russian/Romanian/Dutch/Dubai network called HostSailor.”

He also found the malware had “spread to various websites”, saying its creator had crafted “14 different copies over the course of 3 weeks”, and tailored some versions to include a fake payment popup form “that was built for a specific website”.

“These instances are still harvesting passwords and identities as of today,” de Groot warned about two months before Vision Direct got breached.

How the 22-year-old founders of Brex built a billion-dollar business in less than 2 years

When Brazilian-born Henrique Dubugras and Pedro Franceschi met at 16 years old, they bonded over a love of coding and mutual frustrations with their strict mothers, who didn’t understand their Mark Zuckerberg-esque ambitions. 

To be fair, their moms’ fear of their hacking habits only escalated after their pre-teen sons received legal notices of patent infringements in the mail. A legal threat from Apple, which Franceschi received after discovering the first jailbreak to the iPhone, is enough to warrant a grounding, at the very least.

Their parents implored them to quit the hacking and stop messing around online.

They didn’t listen.

Today, the now 22-year-olds are announcing a $125 million Series C for their second successful payments business, called Brex, at a $1.1 billion valuation. Greenoaks Capital, DST Global and IVP led the round, which brings their total raised to date to about $200 million.

San Francisco-based Brex provides startup founders access to corporate credit cards without a personal guarantee or deposit. It’s also supported by the likes of PayPal founders Peter Thiel and Max Levchin, the former chief executive officer of Visa Carl Pascarella and a handful of leading venture capital firms. 

Brex is off to one of the most exciting starts we’ve ever seen,” IVP’s Somesh Dash said in a statement.

The financing makes them some of the youngest unicorn founders in history and puts them in a rare class of startups that have galloped into unicorn territory at such a fast clip. Brex was founded in the winter of 2017. It only launched publicly in June 2018.

How’d they do it?

“I’ve had two failed attempts, one successful attempt and one on the way to being a successful attempt,” Brex CEO Dubugras told TechCrunch while reciting a lengthy resume.

At 14, when most of us were worrying about what the first year of high school would bring us, Dubugras was more concerned about what his next business attempt would be. He had already built a successful online game but was forced to shut it down after receiving those patent infringement notices.

Naturally, he used the cash he earned from the game to start a company — an education startup meant to help Brazilian students apply to American schools. He himself was hoping to get into Stanford and had learned quickly how little Brazilian students understood of the U.S. college application process.

In some respects, the company was a success. It garnered 800,000 users but failed to make any money. His small fortune wasn’t enough to scale the business.

“There aren’t a lot of VCs in Brazil that are willing to fund 15-year-olds,” Dubugras told TechCrunch.

Shortly after folding the edtech, he met Franceschi, a Brazilian teen from Rio — Dubugras is from São Paulo — who understood his appetite for innovation and was just as hungry for success. The pair got to talking and because of Franceschi’s interest in payments, they started Pagar.me, the “Stripe of Brazil.”

Pagar.me raised $30 million, amassed a staff of 100 and was processing up to $1.5 billion in transactions when it sold. Finally, they had a real success under their belt. Now it was time to relocate. 

“We wanted to come to Silicon Valley to build stuff because everything here seemed so big and so cool,” Dubugras said.

And come to Silicon Valley they did. In the fall of 2016, the pair enrolled at Stanford. Shortly after that, they entered Y Combinator with big dreams for a virtual reality startup called Beyond. 

“I think three weeks in we gave it up,” Dubugras said. “We realized we aren’t the right founders to start this business.”

He credits Y Combinator with helping him realize what they were good at — payments.

As founders themselves, Dubugras and Franceschi were hyper-aware of a huge problem entrepreneurs face: access to credit. Big banks see small businesses as a risk they aren’t willing to take, so founders are often left at a dead-end. Dubugras and Franceschi not only had a big network of startup entrepreneurs in their Rolodex, but they had the fintech acumen necessary to build a credit card business designed specifically for founders.

So, they scrapped Beyond and in April 2017, Brex was born. The startup picked up momentum quickly, so much so that the pair decided to drop out of Stanford and pursue the business full time.

Simplifying financial access

Brex doesn’t require any kind of personal guarantee or security deposit and it doesn’t use third-party legacy technology; its software platform is built from scratch.

It simplifies a lot of the frustrating parts of corporate expenses by providing companies with a consolidated look at their spending. At the end of each month, for example, a CEO can easily see how much the entire company spent on Uber or Amazon. 

Plus, Brex can give entrepreneurs a credit limit that’s as much as 10 times higher than what they’d receive elsewhere and they can issue cards, virtual cards at least, moments after the online application is complete.

“We have a very similar effect of what Stripe had in the beginning, but much faster because Silicon Valley companies are very good at spending money but making money is harder,” Dubugras explained.

As part of their funding announcement, Brex said it will launch a rewards program built with the needs and spending patterns of founders in mind. Beyond that, they plan to use the capital to hire engineers and figure out how to grow the business’s client base beyond only tech startups.

“We want to dominate corporate credit cards,” Dubugras said. “We want every single company in the world, whenever they do businesses expenses, to do it on a Brex card.”

Petal’s no-fee credit card for the credit score-less is now open to the public

Petal, the startup credit card company that’s offering a no-fee credit line to people without a credit history, is now publicly available.

Launched earlier this year by co-founders Jason Gross, Andrew Endicott, Andrew Ehrich, and Jake Arenas, Petal has received a $34 million credit facility from Jeffries and Silicon Valley Bank to bring its consumer lending product to the masses.

That money will take Petal beyond the few thousand customers that have trialed the company’s credit card in a pre-release to broad distribution for applicants.

Petal uses information from a customer’s bank account and payments to develop a credit score for individuals who haven’t had time to build up a financial picture that most banks or credit card companies use to create risk profiles and issue credit.

“We use more data than credit history to make credit decisions,” says Jason Gross, Petal’s co-founder and chief executive. “They’re common sense metrics about your finances: how much you make save and spend every month.”

Gross says this window into its customers spending habits allows his company to issue credit lines with higher limits than its competitors and with annual financing rates that are among the lowest for first time borrowers.

Annual percentage rates begin at 14% and are up to 25%, which is the standard for the industry, says Gross. And Petal offers credit limits that are, in many cases, ten times higher than its competitors. Another difference between Petal and its older competitors is the company’s elimination of all fees.

“We want to eliminate traps and fees. We have no fee. No late fees, international fee, or over the limit fees,” says Gross. Petal makes its money on the interest it pays and the transaction charges it receives from vendors when its customers use its card. 

“We want you to pay on time and we want you to build your credit,” says Gross. It’s also transparent about how much interest rates will wind up costing its users, Gross says. “Before you carry an interest on Petal… we show you how much it’s going to cost you… .you have a minimum payment and the statement balance…. All of the costs associated with the minimum payment… we make that information clear,” he said.

Those credit limits and the card’s transparent approach to costs and fees make up for the lack of other perks that cardholders would get with competing lenders.

And, Gross stresses that Petal is for first time borrowers, primarily. People who are looking to rebuild their credit score will likely not be approved for a Petal card. Indeed, the company’s demographics skew younger and solidly middle class, according to Gross.

The typical applicants for the Petal card are in their 20s, and are making somewhere between $30,000 and $70,000 per year.

In the market for the past year, Petal has issued cards to over 1,000 early adopters and is on pace to hit 10,000 borrowers signed up with the company by the end of the year.

The company, which most recently raised a $13 million round Valar Ventures, The Social Entrepreneurs Fund, Third Prime, The Gramercy Fund, Story Ventures, RiverPark Ventures, Ride Ventures and other institutional investors.

In fact, investors are throwing a lot of money at the credit space, and specifically trying to find a way to get at the thin-file customers that are Petal’s target audience. Deserve, a startup backed by Accel Partners (among others) is also pitching potential borrowers with a similar approach.

It’s certainly an important market to address.

“If you look at folks who are thin-file, credit invisible, those who don’t have an accurate score, they’re predominantly young people but they’re disproportionately groups that have historically lacked access to financial services,” Gross has previously saidsaid. “Minorities, immigrants, if you lack a score — or an accurate score — it can cost you very real money throughout your life. Having no score, you’re treated as subprime, you won’t qualify for most financial products, or they’ll be more expensive and inferior.”

Macy’s credit card processors stop working on Black Friday

 It’s one of the biggest shopping days of the year, but retail giant Macy’s can’t get its credit card processors to work. Customers have been waiting in lines across the United States to buy discounted items, only to find out that the machines won’t take credit cards or gift cards. Some Bloomingdale’s stores, which are owned by Macy’s, may have also been… Read More

It’s not your imagination, you are waiting longer for an UberPOOL using your commuter card

 Use a commuter benefits card to take UberPOOL? You might have noticed you have a much longer wait time to get a ride than those using just a regular credit card. We first received a tip that this might be happening to commuters, so I asked around and found out several other commuter card-carrying friends were experiencing the same thing. This morning I had one of these friends test it out and… Read More

Sift raises $1.5 million to unlock your credit cards

 Did you know that your credit cards can do amazing things? Aside from drawing you into crippling debt while forcing you to be part of the vast cycle of economic servitude, credit cards also offer cash-back on purchases, protection on items you buy, and refunds! That’s what Sift wants to help you unlock. “We unlock thousands of dollars worth of hidden credit card benefits. Think… Read More

Nova Credit launching from Y Combinator to give immigrants access to U.S. credit

novacredit (1) Access to credit and establishing a credit history aren’t a luxury for people living in the US, they’re a necessity. A credit score is required to rent most apartments, get credit cards, and essentially make a way in the modern American world But for millions of immigrants (roughly 15 million) landing on U.S. shores — even ones who had successful jobs abroad —… Read More