Data and information management

From regulations such as GDPR and PSD2 to conversations at major conferences, financial services and payment companies are coming to grips with how vital it is to step up ID protection, according to Lina Andolf-Orup, global product marketing manager at Fingerprints.

Visa, which was criticized for its vague explanation of a June 1 outage in Europe, was in the process of installing better technology, but the project was not complete at the time of the incident and won't be finished until the end of this year.

The Dixons Carphone hack shows again that merchants and payment companies need to do more to make data unattractive to thieves, according to Robert Capps, vice president of NuData Security, a Mastercard Company.

The White House announcement of Dino Falaschetti as the choice to run the Office of Financial Research comes amid signs that the administration has attempted to reduce the agency's independence.

The rules are a chance for card issuers to update their data management, which would be helpful in sales and cross-selling, according to Michael Hiskey, head of strategy at Semarchy.

Of all the types of malicious software targeting businesses, ransomware continues to be one of the most pervasive, according to recent studies. Here's an overview of the things banks, especially small ones, are doing to stop it.

Readers respond to a bill designed to modernize the anti-money-laundering rules, applaud the acting head of the CFPB’s decision to fire the members of the bureau’s advisory councils, opine on when a bank ought to communicate it has been hacked and more.

PCI compliance can take time and is expensive, but it's a vital part of security and there are ways to mitigate the resource challenges, according to Justin Shipe, vice president of information security for CardConnect.

Protecting customer data should have always been a priority for companies. With GDPR, they now have a framework for teams across the organization to adopt and protect their customer data, writes Shanthala Balagopal, a product marketing executive at Helpshift.

That’s the question executives of publicly traded banks are asking themselves as they try to make sense of new — and somewhat vague — guidance from the SEC on procedures for disclosing data breaches.

Retailer associations and debit network providers have formed the Secure Payments Partnership, designed to address the ongoing problem of payment fraud.

Agency says it wants “smaller memberships to ensure streamlined discussions;” the bank hired a U.K. firm to help it better defend against cyberattacks.

There is a growing fraud problem encompassing much more than the direct value of lost merchandise. There is also manual order review, opportunity costs from false positives and the massive overhead of implementing fraud-fighting best practices, writes Ryan Breslow, CEO of Bolt.

Visa's management faces an unwelcome choice: It can share more information about internal shortcomings or mistakes that caused payments to shut off temporarily, or get summoned to Parliament for a politically-infused public questioning.

The European Union’s General Data Protection Regulation could serve as groundwork for future U.S. rules, so analysts suggest credit unions at least begin working toward compliance.

Rather than hooking into the browser process, BackSwap takes the place of the user and enters the same commands into the browser that a user would if they wanted to hack themselves.

Merchants, banks, fintechs and card networks may crave digital payments' treasure trove of data over cash's simple anonymity, but any weakness in a centralized ecosystem threatens the entire network, as Visa learned late last week.

There are forward-looking regulations that govern the landscape of how personal data gets collected, processed, analyzed, stored, retained, monetized, and accessed by any organization that collects data in the EU. Its goal is the protection of individual privacy and will require a multi-year strategy, according to Bassim Alkhafaji, a partner at Andra Capital.

Many of these attacks have been server side ransomware and other sophisticated hacks, leading companies to examine the immature security processes, the technology of application security, and the insufficient expertise of development, writes Jeannie Warner, the security manager at WhiteHat Security.