Data security

This dangerous "wild west" scenario of fraud and breaches is pushing improving or revamping online authentication to the top of this year’s to-do list for both online companies and governments, writes Robert Capps, vice president of business development for NuData Security.

Credit unions, trade associations and others wishing to join the Credit Union National Association's class action suit against Equifax have until the end of January to do so.

Payments security experts are warning of the risks to some merchants with payment systems that transmit cardholder data from the processor back to the point of sale from the Spectre and Meltdown computer chip flaws.

With less than three months before the PCI DSS Requirement 8.3 takes effect, all involved in the handling of cardholder data must take definitive steps to review, implement and upgrade their multifactor authentication strategies and implementation to assure compliance, writes Dirk Denayer, business solutions manager at VASCO Data Security.

Bankers could see higher costs as cloud computing vendors struggle to protect their systems from the latest hacking vulnerabilities.

Readers react to the Federal Housing Finance Agency considering changing its credit scoring policy, slam the possibility of enforcing mandatory penalties for data breaches at credit reporting agencies, weigh the possible nomination of a credit union regulator to the CFPB, and more.

If Congress doesn’t take the lead on protecting consumers from data breaches, states are more than ready to offer their own fixes. Bankers will also be keeping close tabs on bills related to marijuana, PACE loans and elder financial abuse.

The CFPB's recent freeze on collecting any personally identifiable information from companies it supervises is slowing investigations and could ultimately cripple the agency's enforcement function — and that may be the point.

The two senators are set to introduce a bill that would force such firms to pay $100 per customer whose personal information was compromised.

Despite impending data requirements, many small banks are still struggling with automating loan risk calculations.

From a focus on integration to increased fintech cooperation and more, here's a preview of some of the tech trends that will shape how credit unions do business in the coming year.

Account takeover's harder to quantify than payment fraud because it has so many elements and downstream impacts, writes Kevin Lee, trust and safety architect at Sift Science.

The widespread nature of the threat (most computer chips are vulnerable) and the reality that banks are always juicy targets mean bank officials must take a series of protective actions as soon as possible.

Overstock CEO and Wall Street gadfly Patrick Byrne wants to create a market free from trading practices he has long decried.

Twenty-two trade groups, including seven financial trade groups, sent a letter to House lawmakers calling for new data security standards that would preempt state law.

San Francisco-based Arxan Technologies, which got its start in 2001 providing security tools to protect gaming and medical-device applications, says financial services companies are one of the fastest-growing sectors seeking help in barricading their mobile apps from hackers.

In adding Martin Pfinsgraff, until recently the OCC's deputy comptroller for large-bank supervision, and retired Air Force Brig. Gen. Linda Medler, a cybersecurity expert, the regional bank says it is trying to build a board with expertise in fields of timely interest.

The people-helping-people model proffered by LendingClub and others quickly foundered, but several startups aim to bring it back with the help of distributed ledger technology.

The world’s biggest chipmakers and software companies, including Intel Corp. and Microsoft Corp., are coming to grips with a vulnerability that leaves vast numbers of computers and smartphones susceptible to hacking and performance slowdowns.

Cybersecurity systems, as sophisticated as they are, are clearly not doing the job. And maybe they never will, given that in the end the effectiveness of those systems can be overridden by workers inside the organization, writes Tal Vegvizer, director of research and development for Bufferzone.