Data security

PaymentSource's Daniel Wolfe sits down with Carey O'Connor Kolaja, AU10TIX's new CEO to discuss the rise in synthetic fraud, the fastest-growing financial crime, and how payments security has been changed by the pandemic.

The latest cyberattacks pointing to the Russian government show that U.S. federal agencies and banks still lack a clear, collaborative game plan.

Fallout from the coronavirus pandemic consumed the industry this year, but other events, including a scandal at the National Credit Union Administration and a credit union under fire for lack of board diversity, also made waves.

With Microsoft, Equifax and others acknowledging that the SolarWinds hack of U.S. government entities had affected their holdings, security teams and vendors have put the holiday aside while continuing around-the-clock surveillance to ensure no financial services or payments networks have been hacked.

As risk rises and budgets tighten post-pandemic, training all employees about security risks and conducting quarterly penetration tests helps to offset threats and potential losses.

By upgrading permissions and defining access, firms can get ahead of the new threat, says vArmour's Marc Woolword.

Remote learning and work heightens the security risk, says Pulse Secure's Mike Riemer.

Federal banking agencies want to give the industry a hard deadline for notifying their regulators about serious security breaches and failed system upgrades.

Paying on delivery with tokenization, biometric fingerprint cards, vein scanning or phone-to-phone with a variety of card payment options helps create a universe of consumer choice, convenience, personal preference and better fraud protection, says Radar Payments' Jane Loginova.

It has been 15 years since the federal banking agencies issued guidance on an institution’s obligation to inform its regulator about a cyberattack. A proposal to be unveiled this week could establish a more specific notification deadline.