Data security

The fraud fix, as it is becoming clearer, is to take payment card information (account numbers, card verification values and the like) and devalue this data in an effort to make it less relevant to the hackers who seek to harvest and sell it.

Among the most important payment changes on the horizon in the U.S., is the migration to EMV technology and the looming October 1, 2015 deadline.

Trustwave researchers have discovered a vulnerability in RubyGems, a software distribution programming language that's used for many payment processes.

Bankers are banding together to combat cybercrime and Chris Feeney, new head of the Financial Services Roundtable's technology arm, wants to play a central role in keeping it a team effort.

Multinational banks that delay preparation for the European Union's proposed General Data Protection Regulation could pay a steep price: hundreds of millions of dollars in fines.

Before Target, there was TJX, the major 2007 breach that impacted about 45 million credit cards. The crime and its prevention were basic, and provide a lesson for today's retailers that are battling a new wave of data theft.

In a letter to nine lenders, New York Attorney General Eric Schneiderman said investigators uncovered identity-theft schemes hatched by tellers at some of the biggest institutions.

Several weighty issues remain on the agenda for policymakers over the next few months, including everything from living wills to regulatory relief to a long-lost compensation rule.

Many community banks are trying to determine the right balance of in-house staff and outsourced assistance in the area of risk management. Cost cutting and regulatory oversight loom large over such decisions.

There have been various media reports about some of the security shortcomings within Apple Pay. The shortcomings are not security holes per se, in the sense that a hole is generally unintended. No, the security issues were deliberate, done with the goal of making signups and initial usage as easy as possible for shoppers.

As cards include more embedded technology, issuers and manufacturers face the tough question of how much card power to sacrifice for stronger fraud protection.

Comptroller of the Currency Thomas Curry described cyber-readiness as a "system-wide" exercise, and said a new tool for assessing readiness can help banks of all sizes.

In the second part of a two-part conversation with American Banker, miiCard's James Varga discusses how his company leverages the trust placed in banks to create "digital passports" for consumers to prove their identities without oversharing information.

It comes as a shock to few people that we’re currently in a period of high fraud, in an environment that can be characterized with words like “high risk” and “unstable.”

Heartland Payment Systems has reported it suffered another data breach last month.

Payments security researchers today find themselves in an awkward position and it's retailers who have put them there.

Since enterprises must maintain information about their customers, why is it that breaches happen constantly?

Over the holidays, my wife and I took a short vacation to Napa Valley. We had the opportunity to visit a number of wineries and purchase a few bottles—an experience that also demonstrated the shortcomings of antiquated card security.

A visit to an overnight shipping store in Napa Valley reveals that outdated payment-processing procedures remain de rigueur with some merchants — despite the fraud risk.

San Diego-based Mitek, a firm that specializes in capturing mobile data for customer acquisition, has acquired Dutch identity verification company IDchecker.