Data and information management

The European Union’s General Data Protection Regulation could serve as groundwork for future U.S. rules, so analysts suggest credit unions at least begin working toward compliance.

Rather than hooking into the browser process, BackSwap takes the place of the user and enters the same commands into the browser that a user would if they wanted to hack themselves.

Merchants, banks, fintechs and card networks may crave digital payments' treasure trove of data over cash's simple anonymity, but any weakness in a centralized ecosystem threatens the entire network, as Visa learned late last week.

There are forward-looking regulations that govern the landscape of how personal data gets collected, processed, analyzed, stored, retained, monetized, and accessed by any organization that collects data in the EU. Its goal is the protection of individual privacy and will require a multi-year strategy, according to Bassim Alkhafaji, a partner at Andra Capital.

Many of these attacks have been server side ransomware and other sophisticated hacks, leading companies to examine the immature security processes, the technology of application security, and the insufficient expertise of development, writes Jeannie Warner, the security manager at WhiteHat Security.

Belgian security researcher Xavier Mertens has discovered a piece of a banking malware campaign that appears to target customers of various U.K. banks.

Two major Canadian banks, Bank of Montreal and Simplii Financial, have become victims of hacks that affected some 50,000 and 40,000 customers respectively. Neither bank decided to pay the ransom by the hackers' May 28 deadline.

Unless near zero-friction identity security is embraced, connected devices cannot be used for payments in a substantial way, according to Xavier Larduinat, manager for innovation at Gemalto.

The credit card issuer has built a distributed ledger through which merchants create their own membership rewards and get access to detailed information on purchases and the success of promotions.

With the acquisition of Confyrm, the bank is among the few players that are putting themselves in position to sell ID authentication services to other businesses.

In an advancing digital age, banks and merchants rarely question the data that advanced analytics and artificial intelligence can provide about their customers' financial and payments habits. But are they using data analytics to its fullest potential?

We need to rethink how we acquire and manage consumer data, and any business using enterprise software needs to be accountable for how information is being processed, transported or shared, writes Chris Wong, CEO of LifeSite.

The authentication software and hardware provider is shifting its focus to identity verification and account onboarding, another sign that the newest generation of bank customers is not interested in coming into a branch to set up an account.

The recent outcry over government use of Amazon's facial recognition software will force TD Bank, USAA and others to confront flaws in the technology that make it harder for women and minorities than white men to use mobile banking.

New European Union privacy rules could serve as a guide for U.S. banks.

A direct correlation between the chip migration and rampant merchant data breaches is hard to prove. But experts say retailers' prioritization of EMV compliance contributed to other payment card security gaps, leading to the current high level of merchant data breaches.

Canadian Imperial Bank of Commerce and Bank of Montreal are alerting clients that "fraudsters" claimed to have accessed personal and financial information of some customers.

A new round of consolidation may be about to begin, starting in Europe; looser corporate underwriting standards and lower rates draw OCC attention.

Caroline Redmann was once flummoxed to hear herself called an "IT nerd," but today she wears it as a badge of honor.

New phishing attacks on payment systems and banks are more sophisticated, with disguises that can trick staff into turning over sensitive information, writes Adrien Gendre, chief solutions architect at Vade Secure.