Data security

The U.S. shift to EMV — once considered as viable as the U.S. shift to the metric system — is well underway. Here are some of the latest signs of progress, as well as some of the biggest pain points.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Asking for static information like a mother's maiden name seems increasingly passé, since shared "secrets" can be stolen or gleaned from the Internet. But without a brilliant alternative, and done with care, knowledge-based authentication still has value.

Hackers linked to the Iranian government launched cyber-attacks on some four dozen U.S. financial institutions and a flood-control dam above New York City in forays meant to undermine U.S.markets and national security, according to federal prosecutors.

Hackers linked to the Iranian government launched a series of cyber-attacks on U.S. financial institutions including Bank of America Corp. and the New York Stock Exchange, federal prosecutors say.

We may have more in common than we let on, there are some things that I think Canadians are doing better than their counterparts, including the U.S. and that includes fraud management.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

The tension between the desire of government agencies to gain more access with greater ease, and the public’s evolving perception of data privacy rights, is ongoing and writ large in the case of FBI vs. Apple, which brings the complexities regarding security technology such as encryption to light.

Many moons after the U.S. payment industry adopted a largely chip-and-signature approach to EMV instead of chip-and-PIN security that’s standard elsewhere, rising merchant chargebacks are leading some to question the wisdom of PIN-free payments.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

Eduardo Saverin, a cofounder of Facebook, is set to buy the assets of Jumio in bankruptcy proceedings of the startup focused on online identity verification.

Technology at many banks has been assembled haphazardly over years. That makes for complex systems with lots of connections. Those points are prime targets for cybercriminals to find a way in.

A cybersecurity panel at the Women in Finance and Technology Symposium Thursday explored ways to enhance communication and collaboration between different branches of government working to strengthen the nation's cyberdefenses.

Like any well-run business, the Dridex cybercrime gang is growing and diversifying. It's stepping up its efforts to break into banks, through increased phishing attacks and ransomware.

As government and private sectors build up their defenses against mounting cyberattacks, a sharper focus on the "risk in the seams" of payments and data networks is needed, experts say.

American Express has filed a notice with the attorney general in California informing some of its cardholders that their account information may have been compromised.

American Express has filed a notice with the Attorney General in California, informing some of its cardholders that their account information may have been compromised.

Merchants that postponed their EMV migration are feeling the sting of losses connected to the EMV liability shift. They are now shoring up their fraud defenses and—in some cases—speeding up their EMV-migration plans.

Biometric authentication has been "replacing" passwords for a long time, but for the most part accounts still rely more on remembered credentials than physical identifiers.