Investment

Malicious software that blows past antivirus software undetected, combined with sophisticated social engineering (i.e. tricking employees of bank customers into divulging information), have enabled criminals to steal $500,000 to $1 million at a time, security experts say.

Recent cyber-attacks on the protocol that has long secured Web connections and, more recently, payment applications are pushing the Payment Card Industry Security Standards Council to issue an update with strong implications for e-commerce sellers.

Encryption still vastly outpaces tokenization as a means of defending data in the cloud, according to a new report from a cloud data cybersecurity firm, CipherCloud.

Seeking online merchants that are angry about fraud-related chargeback expense, Kount and Ethoca are partnering to tip off businesses about payment cards that have a track record of suspect transactions.

The administration's new step empowers Treasury to freeze assets of those behind attacks that harm the U.S. financial system or other "critical" infrastructures.

Mobile commerce is blurring the lines between card-present and card-not-present transactions, possibly even making the distinction—and the difference in pricing—irrelevant.

OpenEdge, the integrated payments unit of Global Payments, has reached a partnership to provide its EMV product to Carolina Software.

Chicago-based security vendor Trustwave says 90% of Verifone card readers it tested for the first time still carried the default password. These findings reinforce the perception that many merchants don't follow the basics when it comes to their own security.

When it comes to biometric authentication, Samsung is looking way beyond fingerprints.

Fresh off its success in the Philippines, Seattle-based transfer company Remitly is using mobile security and other digital features to tap other markets, where an endless supply of competitors and fraudsters await it.