Data security

The central bank originally established a 10-year time horizon for completing upgrades to the nation's aging electronic payment system. But a task force convened by the Fed thinks that's not ambitious enough.

Though the EMV transition is a significant step in the effort towards making payments more secure, this EMV liability shift won’t solve mass data breaches on merchants.

Hackers did not steal banking or payments data from Experian, but they might as well have. Breaches like the one sustained at the company call into question the entire system of identification that banks rely on to open accounts and conduct other everyday business.

Compared with other recent breaches, the theft of 6,400 user email addresses and passwords on the American Bankers Association's website might seem like small potatoes. But experts said the attack — the first in the association's history — was still significant and could have implications for banks.

A server containing sensitive consumer information at Experian has been breached, with the records of as many as 15 million T-Mobile customers stolen, the companies said Oct. 1.

A server containing sensitive consumer information at Experian has been breached, with the records of as many as 15 million T-Mobile customers stolen, the companies said Thursday.

The Trump Hotel Collection has disclosed a data breach that may have compromised customers’ debit and credit card data for more than a year. The breach was caused by malware lurking in the hotel’s payment system.

Like campaign managers at the end of a long election trail, top payments executives spent the final hours leading up to and shortly after the official EMV liability shift launch supporting the efforts of the past four years and providing the latest details on chip-card migration.

In updating cards with EMV technology, Visa and MasterCard have neglected an important element of what makes the security standard so successful elsewhere. The need for PIN verification is clear.

Many card issuers are well on their way to the migration to chip cards or have a plan to do so. But many merchants are still completely unaware of the shift in fraud liability taking effect Thursday.

Rules set by Visa and MasterCard suggest that by the start of this month, ideally, banks would all be issuing EMV-compliant cards and retailers would have the technology to accept them. If one party is supporting EMV and the other is not, the delinquent entity will have to cover the cost of any fraud that ensues.

A new survey reveals a wish-list for anti-money laundering specialists to help ease their process of assessing customer risk, a major concern as mobile technology and virtual currency play a larger role in the payments market.

When major card networks revealed the EMV chip card liability shift timeline four years ago, the Merchant Advisory Group was quick to make its stance clear: A conversion to chip cards won't mean a thing without a PIN authorization to go with it.

Some critics argue that it's a bad idea to introduce chip cards without PIN requirements. But this debate is a distraction from the payments industry's robust and multifaceted efforts to fight cybercrime.

Knowing that fraudsters will target those unprepared to handle EMV chip cards when the liability shift takes place Oct. 1, payment processor Elavon has developed a data security package to protect small businesses.

The merchant EMV liability shift is coming this week, and many merchants argue they don’t need to invest in new payment terminals because they’ve had only one or two fraudulent incidences in the entire history of their business.

The deadline for EMV migration in this country is this Thursday. Here's what will and won't happen on that day, and what challenges lie ahead for banks and their customers.

The EMV chip card-enabled PayPal Here will be available in the U.S. on Sept. 30.

The collaboration between financial institutions and technology firms runs deep, but banks' recent criticism of lax regulatory oversight for nonbanks reveals fissures.

Many different data security technologies exist, but the payments industry “does not have what it needs for a global standard,” said Marianne Crowe, vice president of the Federal Reserve Bank of Boston.