© 2026 Arizent. All rights reserved.
Market Intelligence:
AI
Payments
All Research
Industry Data
p19qu7gccm145o1hfhoec10t1jate.jpg
Protecting payment card data is a never-ending struggle, and the fraudsters are only getting more creative. So far this year several incidents and studies have demonstrated the evolving nature of cybercrime.
p19qu7gccj13jo8id1si71l2vvbo8.jpg
Abstract image of hard drive with green and red colors
Nikola Bilic

Data Doesn't Disappear

Ashley Madison, a dating site for cheaters, made a promise it couldn't keep: It said that it could delete users' data without a trace (for a fee) if they choose to leave the site. But its breach proved the data was still out there, and this is a problem other companies face with containing payment data as well.
p19qu7gcck1a743hl1hpsjgt1utja.jpg

Crime Never Stops

After a massive data breach in 2008 prompted Heartland Payment Systems to scour its systems for any previously overlooked vulnerabilities, the payment processor still wasn't able to shore up its defenses completely. This year, it dealt with a different kind of breach — a physical burglary, in which four computers were stolen from a payroll office. The machines might have contained personal data of 2,200 people.
p19qu7vh849jo15s0qg3127o1htps.jpg
A customer tries out the new Touch ID fingerprint scanner on an Apple Inc. iPhone 5c during the launch at a Verizon Wireless store in West Valley City, Utah, U.S., on Friday, Sept. 20, 2013. Apple Inc. attracted long lines of shoppers at its retail stores today for the global debut of its latest iPhones, in the company's biggest move this year to stoke new growth. Photographer: George Frey/Bloomberg
George Frey/Bloomberg

Fingerprints Don't Do Enough

Apple popularized the use of fingerprint authentication for mobile devices and payments, but even its Touch ID system isn't foolproof. Phones protected with Touch ID can still be unlocked with a PIN, so Apple plans to raise the minimum PIN length to six characters when it updates iOS this year.
p19qu7gcclemnk84fimopu1ae9c.jpg
Close-up of hand looking at lock key through magnifying glass
Photographer: Andrey Popov

A Small Breach Is a Big Deal

There's no such thing anymore as a breach that is too small to report, which is why Vermont's Attorney General stepped in when the 17 victims of a breach at Embassy Suites did not receive notification of the incident within the timeframe mandated by the state.
p19qu7gcckt6k1dm411mam8j1otcb.jpg
Penetration into a computer of a virus from Internet
Lukiyanova Natalia

Glitches Make Headlines

The so-called glitchfest, a series of tech outages affecting an airline, a newspaper and the New York Stock Exchange, raised red flags throughout the financial services industry. Though the problems were chalked up to coincidence, regulators still took notice and reached out to banks to check in. Those banks had to make sure they had a plan in place in case something nefarious was going on.
p19qu7gcclj0p1drj18671cfqd7d.jpg
Simple instructions, the concept of locked and unlocked simply
Predrag Paunovic

PCI Compliance Is Hard to Hold

Staying compliant with the Payment Card Industry data security standard is tough work; Verizon's 2015 report on PCI trends found that less than a third of companies overall are found to be fully PCI-compliant less than a year after a successful validation. Richard Moulds, vice president of product strategy at Thales e-Security, put it bluntly: "Companies fall out of compliance almost instantly upon achieving it."
p19qu7gccg8031crf1gne1t110me6.jpg
Bad idea - simple PIN code written on the palm

Mind the Basics

Even as the payments industry pushes the addition of EMV and tokenization technology, many companies are still failing to cover the basics, Visa's risk chief Ellen Richey says. For example, many professionals are not changing the default passwords on sensitive systems, she warns.
p19qu7gccjejbvjv9541ea410tp9.jpg
Bailey Digital Images

Physical Security for Digital Systems

Just because a system is digital doesn't mean that firewalls and encryption are the best tools to defend it. "You could have the most secure bank in the world with locked doors, three-foot thick fences and gates that come down at night, but they still have an alarm inside of it," said Javelin analyst Al Pascual. There are software-based alarm systems that can alert a company when a cyber-intruder inevitably gets through its defenses.
p19qu7gccm1ss4ed59f51ti11pm8f.jpg
Businessman using smartphone in variety character, stunned with low battery, charging, confused with error, and talking on smart phone. Simple design.
Jesadaphorn Chaiinkaew

Consumers Can Help...

With mobile banking apps, consumers can manage any aspect of their accounts on the go. They can limit their card's spending to certain merchant categories or temporarily shut the card off entirely if it gets misplaced. If a bank wanted to, it could even use these tools to place the liability for fraud on the consumer — thus giving the consumer an incentive to use these anti-fraud tools proactively.
p19qu7gccn7df1mlf7ua87mtjig.jpg
Businessman using smartphone in variety character, stunned with low battery, charging, confused with error, and talking on smart phone. Simple design.
Jesadaphorn Chaiinkaew

...But Don't Count on Them

Even with consumers holding new anti-fraud capabilities in their hands, they won't have the expertise of a security professional. Consumers make bad assumptions about their security, which is why phishing scams still work.

Mobile payments Technology Compliance Data security
MORE FROM AMERICAN BANKER
Load More