Data security

Data security vendor and researcher Trustwave has appointed company veteran Michael Petitti as senior vice president of global alliances.

The fight over the security protections on the San Bernardino, Calif., iPhone is about more than a single device or Apple's product line.

The Central Bank of Bangladesh is threatening to sue the New York Fed over money wired out of its account. The Fed says it did nothing wrong, the transfer was authenticated and executed by Swift.

As the Central Bank of Bangladesh threatens to sue the Federal Reserve Bank of New York over at least $80 million stolen from its account there, the Fed says its systems were not compromised.

For financial institutions, there are scary parallels between the IRS' failure to protect sensitive personal information and their own such struggles.

A mature governance framework and risk culture that reaches all employees are among the attributes of a high-functioning "risk organization."

In focusing on private blockchains, banks make the same mistake companies made in the nineties when they favored private information networks over the open protocols of the Internet.

The tax agency's struggle to protect sensitive data mirrors banks' own, and its shortcomings can also be found at financial institutions.

In expanding Visa Token Service, the card brand is requiring issuers to stop using alternate personal account numbers in cloud-based mobile payments and instead converting to tokenization.

Encryption keys are vital to the secure operation of payment acceptance devices. But key transport protocols have not kept pace with the movement toward standardized encryption practices. This adds cost and complexity to payment infrastructure and processes.

In the payments industry, tokenization is often portrayed as a new or futuristic security method, better suited for the world of mobile wallets than the era of magstripe cards. But SeatGeak decided early on to make it a cornerstone of its mobile commerce experience.

Wells Fargo and Tangerine Bank are among those trying new communications tools that bring human conversations back into the channels where people bank by swiping and tapping.

New requirements and guidance from the Payment Card Industry Security Standards Council will be released to merchants in April, which is about six months earlier than its normal update cycle.

The Consumer Financial Protection Bureau on Wednesday ordered online payment processor Dwolla Inc. to pay a $100,000 fine for deceiving customers about its security practices — the first action it has taken related to data security.

With tighter security in the online and mobile channels, fraudsters are turning their attention to vulnerable contact centers, conning eager-to-please phone service reps into coughing up customer information or letting them reset passwords on other people’s accounts.

The U.S. migration to EMV chip cards has been rough, according to U.K.-based Creditcall, which hopes its new certification from First Data can smooth things out.

Cybercriminals and hackers are increasingly targeting people, and not just technology, in an attempt to breach financial institutions.

Capital One Financial in McLean, Va., has added Amazon's former chief information security officer to its board of directors.

Several major announcements took place at 2016's Mobile World Congress in Barcelona, but just as much activity was happening outside of the event. These big reveals demonstrate the increasingly global and digital nature of the payments industry.

The FBI's fight with Apple over access to a locked iPhone could undermine software security for financial institutions and their technology vendors and make it harder for banks to do business internationally or use cloud computing.