Data security

BMO is betting that newly popular biometric authentication options can solve an age-old problem—the headaches business travelers face when managing smaller expenses.

In the coming years, biometrics will be the leading security metric to protect payment systems, but a single ultra-hack could derail this progression permanently.

EBay has become a member of the Fast Identity Online (FIDO) Alliance, making it the first e-commerce company to achieve FIDO certification.

The attention around tokenization — replacing static account numbers with a one-time-use token — has been good for security but worrying for businesses that rely on a static identifier for future reference.

Marriott International's efforts to acquire Starwood Hotels and Resorts Worldwide — combining two major hotel chains that have suffered data breaches — should force both chains to reexamine the way they handle sensitive payment card data.

Fallout from widespread data breaches hurts many payment industry sectors, but this year's tax-filing season brings fresh pain for the prepaid card industry, with new details out connecting prepaid cards with some of last year's biggest tax refund fraud busts.

The capacity for EMV cards to swiftly and drastically reduce payment card fraud in the U.S. is by no means assured.

Banks have to know a lot about their customers, who generally trust them to keep personal information secure. Who better to serve as digital identity providers in a post-password world?

Ryan Singer, CEO and cofounder of startup Blockchain Health, discusses the problems with the traditional "shared secrets" method of verifying identities, and the possibilities opened up by mobile computing devices.

Around the world, technology companies, governments and even some banks are coming up with new, safer and easier ways for people to prove they are who they say they are. Generally the goal is to allow people to be authenticated once by a trusted identity provider (a role banks could play) rather than share sensitive information with countless third parties, as they do today. Here we highlight just a few of the many organizations innovating in this space.

The U.S. shift to EMV — once considered as viable as the U.S. shift to the metric system — is well underway. Here are some of the latest signs of progress, as well as some of the biggest pain points.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Asking for static information like a mother's maiden name seems increasingly passé, since shared "secrets" can be stolen or gleaned from the Internet. But without a brilliant alternative, and done with care, knowledge-based authentication still has value.

Hackers linked to the Iranian government launched cyber-attacks on some four dozen U.S. financial institutions and a flood-control dam above New York City in forays meant to undermine U.S.markets and national security, according to federal prosecutors.

Hackers linked to the Iranian government launched a series of cyber-attacks on U.S. financial institutions including Bank of America Corp. and the New York Stock Exchange, federal prosecutors say.

We may have more in common than we let on, there are some things that I think Canadians are doing better than their counterparts, including the U.S. and that includes fraud management.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

The tension between the desire of government agencies to gain more access with greater ease, and the public’s evolving perception of data privacy rights, is ongoing and writ large in the case of FBI vs. Apple, which brings the complexities regarding security technology such as encryption to light.

Many moons after the U.S. payment industry adopted a largely chip-and-signature approach to EMV instead of chip-and-PIN security that’s standard elsewhere, rising merchant chargebacks are leading some to question the wisdom of PIN-free payments.