Data security

Can the internet giants peek at bank data, or eavesdrop on conversations with customers, sent over their gadgets? Here are the facts and the fuzzy areas.

The National Institute of Standards and Technology is telling agencies and companies that collect or store data to change the way they have been protecting their networks — and its guidance is likely to soon spill over to financial services and payments.

All business categories are vulnerable to breaches, but hotels seem to attract the most attention.

Artificial intelligence is helping detect breaches the human eye can’t. But it also gives hackers an edge.

The commercial potential of internet-connected devices appears bound only by imagination and comfort. For security companies, there's a similar broad horizon as watches, refrigerators and other everyday items become tools for payments.

If tokenization can help us recapture liquidity not only for currencies, but by digitizing the value of all assets, time and work in a more flexible, fair exchange, that’s exciting, writes Jason English, vice president of protocol marketing for Sweetbridge.

An encrypted website and secure network aren’t very helpful when customers have been unknowingly routed to a criminal’s lookalike site, writes Simon Thorpe, director of product for Authy at Twilio.

The ransomware threat is likely to get a lot worse before it gets better — if it ever does. And small merchants and ATMs may be the most at risk.

Point-to-point encryption (P2PE) advanced with the Payment Card Industry data security standard's updated guidelines in 2015, but the technology has not held the spotlight much since then.

As the digital age reduces the wear on physical cards, how is it that some consumers are requesting new cards more frequently?

Readers react to USAA teaming up with Amazon’s Alexa, how a new Wells Fargo’s scandal could affect arbitration rules, a digital identity startup’s ambitions, and more.

A "smart" token is a regular token on steroids, transmitting the information needed to authorize the transaction together, including enhanced counterpart identity, transaction and invoicing data, writes Marten Nelson, vice president and co-founder of Token.

San Francisco-based startup UnifyID is developing an “implicit authentication” platform that requires no conscious actions by users to authenticate identities, and it’s just closed $20 million in fresh funding to support its growth.

A jumble of security vendors and lack of cohesive planning weaken many banks’ cybersecurity defenses, experts say.

As the digital age reduces the wear on physical cards, how is it that some consumers are requesting new cards more frequently?

Large banks like Wells Fargo have started using "cyber ranges" and "red teams" to respond to real cyberattacks on virtual versions of their real systems.

When breaches occur it is the standard practice for the notification to come directly from the company affected. The difference with Discover's service is that, because it's an opt-in program, its users may already be bracing themselves for bad news.

UniCredit, Italy's No. 1 bank, said hackers took biographical and loan data from 400,000 client accounts in one of the biggest breaches of European banking security this year.

The bank is drawing renewed scrutiny after a lawyer’s unauthorized release of sensitive client details for tens of thousands of accounts belonging to wealthy customers of its brokerage unit.

Cyberattacks are on the rise, but that doesn't mean becoming a victim is inevitable. The right preventative measures and best practices can help secure digital assets and customer data, writes Robert Fifield, co-founder of Payably.