Data security

The correct strategy needs to be built around the mindset that the attackers might eventually succeed, and that with the right tools, the breach can be detected early, the extent of it can be controlled, and the attack can be stopped before a lot of damage is inflicted, writes Engin Kirda, a professor of computer science at Northeastern University.

A new set of principles by Envestnet’s Yodlee, Quovo and Morningstar's ByAllAccounts aims to settle a much-debated issue in data sharing: which party is liable when a hack occurs.

Security is a top priority for financial institutions around the world. In the past few weeks, the U.K.’s TSB Bank has learned the hard way that availability is even more important. And when availability is an issue, security can’t be ignored.

When EMV chip cards were launched in the U.S., the initial fear in the security and payment industries was that fraud would migrate to e-commerce. But the migration has actually moved further along to the more lucrative venue of real-time Fed-mandated ACH payments.

Ryan, McConnell say they have a deal on a bipartisan Dodd-Frank rollback; New York won more than $5 billion in settlements from big banks under the former AG.

Even as banks have built up their defenses, fraudsters continue to find new ways to try steal consumers’ identities to open accounts, take out loans or intercept payments.

Among the findings, credit unions may not be doing enough to protect against malware, which involved in nearly 40 percent of hacking incidents, as well as Trojan botnets and denial of service attacks.

The hackers gained entry to affected systems through a client-access portal and the company’s internal monitoring systems detected the intrusion.

Banks, technology developers and payment companies are all experimenting with new ways to identify consumers by their unique physical traits, with the ultimate goal of improving security while also streamlining customer onboarding and authentication.

A new strain of malware that targets cryptocurrency users — but not users of mainstream payment options like bank accounts — highlights how much the cybercrime game is changing behind the scenes.