Data security

Visa Inc. is trying a new gambit offset consumers' irritation with hassles surrounding the messy EMV chip-card migration—it's introducing a winsome young woman to console the masses.

Data breaches aren’t going away. What’s also frustrating for those tasked with protecting data is that poor consumer habits regarding online security aren’t going away, either. Weak passwords shared across all online accounts continue, despite ever-growing threats.

Candi Wolff of Citigroup and Anita Eoloff of Wells Fargo are two of the most powerful banking lobbyists in the nation’s capital, but they don’t think the transformation of their once male-dominated field is done, nor do they think everything about the past should be abandoned.

Yahoo says no bank account or card data has been compromised in its massive data breach. Yet hackers could use their ill-gotten personal information about customers to mess with bank accounts.

Consumers using PayPal to complete an e-commerce transaction on a Lenovo laptop computer will be able to use an embedded fingerprint reader instead of a static password.

Financial services IT teams must think like cybercriminals and develop an offensive approach to security at a time when threats are growing in frequency and sophistication.

The U.S. shift to EMV-chip card security hasn't been smooth. Many companies saw the card networks' Oct. 1, 2015 fraud liability shift date as a starting point rather than a deadline, and even the companies that thought they would be unaffected by the EMV transition found themselves dealing with major headaches.

Bashas' Inc., Arizona's largest independent grocery chain, was certain it was prepared for the October 2015 EMV liability shift. After all, it had begun purchasing terminals for all of its 1,400 checkout lanes a year in advance.

Verified by Visa — which typically functioned as a way to improve security by adding a password to the online payment process — is phasing out the use of static passwords. Visa's plan is a chance to improve the standard for authenticating online commerce.

Banks continue to gather ID documents manually from would-be customers, even ones who sought to open accounts online. Bringing the manual process into the digital age is the goal of several startups.

Replacing gas pump hardware is a big, disruptive move for any fuel seller, but with the sector's EMV liability shift only a year away, more companies are facing the inevitable.

Cloud-based technology is bringing mobile shopping and payments to more companies, but it also increases risk due to the complexity of how these more open and remote technology tools get used.

In order to successfully and scalably combat card-related fraud and digital payments hacking, organizations need to rely less on standards like EMV and PAN/PRN, and recognize today’s currency is no longer just about money.

There's no tech solution in the world that can prevent cybersecurity attacks. To mitigate risks, however, banks can apply four controls after they first determine their risk tolerances.

Troy Leach, chief technology officer for the PCI Council, sat down with PaymentsSource to reflect on the council's performance to date and where it is headed in the coming years.

Mixed messaging on fin tech doesn't just emanate from the halls of Congress. It can also be found at the regulatory level as well.

Regulations proposed by New York State regulators provide stricter and more specific guidance than banks have received from the federal agencies, especially in areas like data encryption and multifactor authentication.

Even with advanced technology, fraudsters need a lot of help to get their hands on secure payment or personal data. One in five businesses apparently are unwittingly providing that help by not performing any security testing, according to new research.

When a mobile banking vendor told a San Antonio Federal Credit Union it didn't have the capabilities it wanted, the institution took a note from Facebook's strategy with Messenger and created a companion app.

Ant Financial, the payments affiliate of Alibaba Group Holding Ltd., acquired EyeVerify Inc., to expand services using the U.S. startup’s biometric authentication technology for securing consumers’ online data and transactions.