Data security

The capacity for EMV cards to swiftly and drastically reduce payment card fraud in the U.S. is by no means assured.

Banks have to know a lot about their customers, who generally trust them to keep personal information secure. Who better to serve as digital identity providers in a post-password world?

Ryan Singer, CEO and cofounder of startup Blockchain Health, discusses the problems with the traditional "shared secrets" method of verifying identities, and the possibilities opened up by mobile computing devices.

Around the world, technology companies, governments and even some banks are coming up with new, safer and easier ways for people to prove they are who they say they are. Generally the goal is to allow people to be authenticated once by a trusted identity provider (a role banks could play) rather than share sensitive information with countless third parties, as they do today. Here we highlight just a few of the many organizations innovating in this space.

The U.S. shift to EMV — once considered as viable as the U.S. shift to the metric system — is well underway. Here are some of the latest signs of progress, as well as some of the biggest pain points.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Asking for static information like a mother's maiden name seems increasingly passé, since shared "secrets" can be stolen or gleaned from the Internet. But without a brilliant alternative, and done with care, knowledge-based authentication still has value.

Hackers linked to the Iranian government launched cyber-attacks on some four dozen U.S. financial institutions and a flood-control dam above New York City in forays meant to undermine U.S.markets and national security, according to federal prosecutors.

Hackers linked to the Iranian government launched a series of cyber-attacks on U.S. financial institutions including Bank of America Corp. and the New York Stock Exchange, federal prosecutors say.

We may have more in common than we let on, there are some things that I think Canadians are doing better than their counterparts, including the U.S. and that includes fraud management.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

The tension between the desire of government agencies to gain more access with greater ease, and the public’s evolving perception of data privacy rights, is ongoing and writ large in the case of FBI vs. Apple, which brings the complexities regarding security technology such as encryption to light.

Many moons after the U.S. payment industry adopted a largely chip-and-signature approach to EMV instead of chip-and-PIN security that’s standard elsewhere, rising merchant chargebacks are leading some to question the wisdom of PIN-free payments.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

Eduardo Saverin, a cofounder of Facebook, is set to buy the assets of Jumio in bankruptcy proceedings of the startup focused on online identity verification.

Technology at many banks has been assembled haphazardly over years. That makes for complex systems with lots of connections. Those points are prime targets for cybercriminals to find a way in.

A cybersecurity panel at the Women in Finance and Technology Symposium Thursday explored ways to enhance communication and collaboration between different branches of government working to strengthen the nation's cyberdefenses.

Like any well-run business, the Dridex cybercrime gang is growing and diversifying. It's stepping up its efforts to break into banks, through increased phishing attacks and ransomware.

As government and private sectors build up their defenses against mounting cyberattacks, a sharper focus on the "risk in the seams" of payments and data networks is needed, experts say.