Data security

Retail executives suffer from a false sense of security regarding how their employees follow procedures to keep payment data safe — especially at this time of year when companies hire seasonal help, yet provide those temporary employees with access to account information.

Reports that last week’s mass shooting in San Bernardino, Calif., may have been financed by a $28,500 loan from Prosper Marketplace have sparked a wave of scrutiny of online marketplace lending, where fraud rates are much higher than credit cards.

Exciting growth opportunities exist for small and medium businesses taking advantage of the ever-increasing holiday shopping season. However, amidst this positive backdrop, lurks the negative threat posed by hackers and cyber criminals that prey on holiday shoppers and businesses.

A lot happened in 2015 to advance digital security, but a lot also happened to challenge the status quo and force merchants and banks to rethink their strategies. Here are some of the key changes that took place in the past year.

Like the long shutter times required for old photographs, a payment transaction at a hotel can remain exposed for a while, creating a distinct fraud risk that's not often found at other merchants.

The House Financial Services Committee approved a data security bill Tuesday that would require all financial companies to have similar security protections and notification requirements as banks.

If a fraudster doesn't know a credit card verification value code, it creates a major hurdle in attempting a card-not-present transaction with stolen cards or credentials.

SunTrust Banks Inc. introduced enhanced rewards and bonuses with three new credit cards for customers about seven weeks after the October EMV liability shift, gaining some headwind with the added security of chip cards and an offer of free FICO score reporting.

A recent column by Penny Crosman on whether cards with newer chip technology should be paired with a signature or PIN, for added security, came down squarely on the side of using PINs. But the article overlooked a key fact in the debate: neither is the most important defense against fraud. It’s the chip that matters.

As wearable computing transitions from fantasy to fashion, developers are starting to consider the distinct risks that arise when payments migrate away from smartphones.

The debate over whether signatures or PINs are a stronger security feature overlooks the fact that neither is the most important defense against fraud.

The mobile wallet is still a niche product, but many companies worldwide made big strides in bringing secure payments to handheld devices. Some of the most groundbreaking changes happened just in the past year.

So-called containers can lessen the IT workload and help companies bring applications into the cloud. New security and management tools, like automatic patching, are bringing containers into the mainstream.

It used to be that chargebacks were just another cost of doing business. But with the e-commerce world growing by leaps and bounds, online merchants are experiencing a corresponding spike in chargeback rates that's eroding their bottom lines and jeopardizing their merchant accounts.

Merchants today face the daunting task of investing in several payment technology upgrades at once, and the confusion surrounding this process could bolster many pre-existing security vulnerabilities, argues point of sale security expert Chris Strand.

Target has agreed to pay $39 million to settle loss claims from a two-year-old data breach that were brought by MasterCard and a group of financial institutions, according to court documents filed Wednesday.

Unlike the high-profile hacking incidents at big banks, smaller institutions have their own breed of threats such as cyberextortion that they must focus on in strengthening their security.

The introduction of EMV cards didn't significantly slow transaction times at U.S. retailers during the Black Friday shopping event, but there are still many wrinkles to iron out at the point of sale.

The U.S. is a long way from widespread adoption of EMV, but security analysts say the boom in online shopping—plus a surge in consumers' use of mobile devices for holiday purchases—will make it easier for fraudsters to hide their moves as they redirect their efforts from retail to online channels.