Data security

People are still using pedestrian passwords that are easy to break, security company Trustwave has found.

SmartMetric Inc., a maker of biometric smart cards, failed in its appeal of a court decision saying Visa Inc. and MasterCard Inc. don't infringe a patent for credit and debit cards containing chips.

Supervalu Inc. said customers' payment-card details may have been stolen as the U.S. grocery chain with more than 3,300 stores became the latest to fall victim to hackers.

For some time now, I’ve been using the mobile alerting capabilities offered by my bank and card issuers. The reassurance from knowing that I’ll be notified via text message of typical and not-so-typical transactions puts my mind at ease and gives me a sense of playing a part in the fraud prevention game.

Companies like PayPal and Square reward hackers with "bug bounties" for finding and reporting vulnerabilities before they can be exploited by fraudsters, and their welcoming attitude toward the hacking community is paying off.

Even if it pushes the bank past the October 2015 deadline for EMV-chip card adoption, BMO plans to stick with its magnetic-stripe cards until each one reaches its natural expiration date.

Payment technology company ACI Worldwide has completed its $205 million purchase of the security vendor Retail Decisions Plc (ReD).

Total System Services Inc. is offering a tokenization service to secure payment card information for merchants accepting online, mobile or digital wallet payments.

Square is the latest technology company to launch a "bug bounty" program, which rewards volunteer hackers for finding security flaws and bringing them to Square's attention.

Gemalto NV, a developer of software and chips that make transactions more secure, agreed to buy data-protection company SafeNet Inc. for $890 million in cash to bolster its offerings against threats such as hacking.

NXT-ID is working with Joey Fatone, former member of the boy band N*Sync, to kick off a series of celebrity endorsements for its biometric Wocket wallet.

In the age of digital commerce, more business are using third parties to manage operations, increasing the risk to any payments data they handle, says the Payment Card Industry Security Standards Council.

P.F. Chang's has provided an update on the data breach it disclosed in June, revealing that the incident affected 33 restaurants with a specific timeframe for each location.

Authentify is unveiling an extension to its mobile device-based authentication software.

Even though the adoption of the EMV initiative is voluntary, you don’t want to be the one looking for a chair when the music stops. Missing the October 2015 deadline for implementing Chip and PIN could come with a costly price tag for banks and merchants.

As the payments industry attempts to standardize the process of using a token to replace sensitive data, the end result may still involve several different approaches.

Target Corp., struggling to fix a botched expansion in Canada and undo the lingering damage of a holiday hacker attack, hired former PepsiCo Inc. executive Brian Cornell as chief executive officer.

The Secure Remote Payment Council wants a more open process in the development of a standard for tokenization, with the goal of ensuring a single token can be handled by multiple parties to improve security.

With the increased proliferation and reliance on public cloud solutions, combined with the recent high-profile data breaches that have occurred in the past few months, cybersecurity should be a top concern for both issuers and retailers who handle sensitive financial data.

BJ's Wholesale Club is planning to convert its co-branded credit card program to chip-enabled MasterCards.