Data security

The ongoing threat of data breaches serves as a reminder that every business is subject to PCI DSS compliance, no matter their size. Any company that handles cardholder data in any way must adhere to PCI DSS standards, which can be time-consuming and expensive, writes Matt VanderZwaag, director of product development at US Signal.

Forget the stereotype that a cybercriminal has to be tech-savvy to get the job done. Their true gift is in social engineering.

The hack's core trick highlights an area of cybersecurity which is often neglected: hardware connected to computer networks which laymen wouldn’t normally consider a computer.

Rather than ban screen scraping, financial institutions should improve secure account connectivity so that consumers can share data with the apps they want to use.

Multifactor authentication is table stakes in today's breach-heavy environment. Falling short of that standard creates a dangerously high threat, according to David Vergara, head of security product marketing for OneSpan.

Europe's new data privacy rules have forced banks to get creative to protect sensitive data from in appropriate access or breaches.

Within hours of learning about the breach, Brinker International, parent company of the Chili’s chain, issued a news release, website notice and social media advisories informing consumers and other interested parties of the incident, writes John Gunn, CMO of OneSpan.

The regulatory relief law passed this spring contained a measure to stop synthetic fraud, but the provision is incomplete.

Tokenization as a technology is suitable to support multiple payment use cases via a single system, ensuring emerging commercial models and the ability to adapt to new requirements are not constrained by an inflexible security framework, writes David Worthington, vice president of payments at Rambus.

The regulatory relief law passed this spring contained a measure to stop synthetic fraud, but the provision is incomplete.

Overreliance on the smartphone risks mistaking device authentication for user authentication.

The Bank Policy Institute was formed following the merger of The Clearing House Association and the Financial Services Roundtable.

Rather than ban screen scraping, financial institutions should improve secure account connectivity so that consumers can share data with the apps they want to use.

If fintechs can prove effective at overcoming fraud challenges as they scale their customer base, they’ll be able to better capitalize on their unique position of operating independent of legacy platforms as they create a more financially connected consumer experience, writes Dave Excell, founder and CTO of Featurespace.

For years, bitcoin believers have tried to distance the digital coin from the perception that it's only used for criminal activity. New insights into Russian meddling in the U.S. election aren't helping.

Mastercard has become the latest major card network to suffer a high profile crash. With its Thursday incident coming hard on the heels of Visa’s crash last month many experts wonder if blockchain technology could prevent future card network outages.

About a month after Visa's European outage, Mastercard encountered a similar glitch for a brief period of time on Thursday.

As banks beef up defenses, hackers are targeting the weaker link: customers.

Even though much of PCI data is stored and maintained on mainframes, many are currently not being evaluated or scanned accurately for PCI DSS compliance, writes Ray Overby, co-founder and president of Key Resources.

The Bank of England, together with the Financial Conduct Authority and the Prudential Regulation Authority, has cautioned U.K. banks to prepare for cyberattacks and technical failures.