Data security

House lawmakers approved two bills this week to foster greater information sharing between the private sector and government about cyber threats — and all eyes now turn to the Senate to see if legislation can finally be enacted.

Banks that use biometric technology should remember to take client and employee privacy concerns seriously. After all, banks have a duty to protect personal information and prevent its potential misuse.

EMV will require new payment processes that, while seemingly small to those instituting the change, require a shift in behavior that could feel monumental to consumers.

Sales of cyberinsurance are rising among financial services companies, a sign of the times as data breaches, distributed denial of services and other types of attacks continue. But policies can be misleading, and they definitely are no silver bullet.

WASHINGTON — Sens. Thomas Carper, D-Del., and Sen. Roy Blunt, R-Missouri, introduced a bill this week that would establish national data security and notification standards.

Hackers are attacking companies with multiple motives and multiple attack vectors, the widely read annual security report finds. Phishing remains effective and cyber-threat sharing efforts need to speed up.

While issuers and merchants scramble to issue EMV-chip cards in the U.S., Gemalto is taking a longer view into the cards' environmental impact when they are discarded as part of regular reissuance.

The payment companies that serve micro merchant communities face many inventive fraud schemes, and the fraudsters behind them are getting wiser about how to appear legitimate.

Lyle Beckwith of the National Association of Convenience Stores argues that debit card interchange is unfairly high. But this argument ignores several key points.

Bank regulators plan to release their self-assessment tool later this quarter to gauge institutions' cyber readiness, but many see it as sign of more prescriptive measures down the road.

With only six months to go before the EMV chip-card liability shift takes effect, many U.S. merchants are not yet aware of the EMV migration.

Malicious software that blows past antivirus software undetected, combined with sophisticated social engineering (i.e. tricking employees of bank customers into divulging information), have enabled criminals to steal $500,000 to $1 million at a time, security experts say.

Recent cyber-attacks on the protocol that has long secured Web connections and, more recently, payment applications are pushing the Payment Card Industry Security Standards Council to issue an update with strong implications for e-commerce sellers.

Encryption still vastly outpaces tokenization as a means of defending data in the cloud, according to a new report from a cloud data cybersecurity firm, CipherCloud.

Seeking online merchants that are angry about fraud-related chargeback expense, Kount and Ethoca are partnering to tip off businesses about payment cards that have a track record of suspect transactions.

The administration's new step empowers Treasury to freeze assets of those behind attacks that harm the U.S. financial system or other "critical" infrastructures.

Mobile commerce is blurring the lines between card-present and card-not-present transactions, possibly even making the distinction—and the difference in pricing—irrelevant.

OpenEdge, the integrated payments unit of Global Payments, has reached a partnership to provide its EMV product to Carolina Software.

Chicago-based security vendor Trustwave says 90% of Verifone card readers it tested for the first time still carried the default password. These findings reinforce the perception that many merchants don't follow the basics when it comes to their own security.

When it comes to biometric authentication, Samsung is looking way beyond fingerprints.