Data security

The hurdles to broader EMV adoption in the U.S. have many causes, but to the consumer the end result is typically the same: A longer payment process with no immediate gain.

Nearly half of bank data security incidents in 2015 involved compromised web applications, according to a closely watched annual report from Verizon released Tuesday.

When you make a payment on a website using a HTTPS connection, Transport Layer Security (TLS) encryption is what makes your payment transfer over the public internet secure. Unfortunately, it's riddled with security flaws.

Multi-factor authentication will be required for administrative access to card data and systems for Payment Card Industry data security compliance this week.

The breach experienced by Mossack Fonseca did more than expose sensitive tax documents for global figures in politics and business. It's also a warning sign for any company that manages large amounts of financial and transaction data.

There's plenty of criticism of the U.S. chip card migration, including its pace, the pressure on merchants to upgrade and the lingering confusion over how to use the cards. But Visa painted a more bullish picture of the migration.

Issuers still have a choice of whether to require PIN authentication for EMV-chip cards, but David Nelms, chairman and CEO of Discover Financial Services, says the chip-and-PIN path increasingly makes the most sense for U.S. payment cards going forward.

We have been clear from the start that the date fixed by the card networks for liability shift was far too aggressive and essentially resulted in a Christmas present to card issuers.

Federal prosecutors broadened a case linked to what the U.S. called a multiyear criminal enterprise centering on hacks of publishing and financial firms including JPMorgan Chase & Co., according to court records in Manhattan.

In the conclusion of a three-part interview, Ryan Singer, a blockchain-tech entrepreneur, explains why bankers should care about Washington's resurgent efforts to insert back doors into security systems.

Despite the enormous hype and investment surrounding biometric technology, U.S. Bank's Elavon predicts that fingerprint, "selfie" and voice-based authentication will not render passwords obsolete anytime soon.

On any given day, there are countless articles circulating about the issues associated with EMV and how it will soon be replaced by the next big thing. However, EMV is here to stay, and, despite some who claim otherwise, that’s a good thing.

When EMV came to market in Europe in the 1990s, it entered a world with a much less robust communications infrastructure than what the U.S. has today. So, following the launch of EMV in the U.S., Visa decided it was time to break some old habits.

A closer look at a strangely named piece of malicious software shows it makes crafty use of drive-by downloads and Web injections to fool users into complicity with online banking fraud.

While beneficial for businesses and consumers, Nacha's new rule for same day transactions will require banks and other financial institutions to review thousands of additional transactions per day, leading to a significant increase in costs, not to mention an increased potential for fraud due to volume and rapidness of review.

As mobile wallets become more popular they'll also become more popular targets for fraud. Banks ought to improve enrollment guidelines and other security tools in plotting their mobile-wallet strategy.

Cyberthieves using malicious software discovered by IBM Security have stolen $4 million from business customers of two dozen financial services providers this month, IBM said.

Experts from across the payments industry gathered in Los Angeles for SourceMedia's annual Card Forum and Expo. Here are some of the biggest ideas discussed at this year's event.

Biometric authentication is coming to numerous e-commerce merchants who may not realize that it will be a part of their checkout process, depending on the issuers involved.

President Barack Obama has appointed MasterCard CEO Ajay Banga to an administrative commission focusing on Web security.