Data and information management

Like the long shutter times required for old photographs, a payment transaction at a hotel can remain exposed for a while, creating a distinct fraud risk that's not often found at other merchants.

The House Financial Services Committee approved a data security bill Tuesday that would require all financial companies to have similar security protections and notification requirements as banks.

If a fraudster doesn't know a credit card verification value code, it creates a major hurdle in attempting a card-not-present transaction with stolen cards or credentials.

SunTrust Banks Inc. introduced enhanced rewards and bonuses with three new credit cards for customers about seven weeks after the October EMV liability shift, gaining some headwind with the added security of chip cards and an offer of free FICO score reporting.

A recent column by Penny Crosman on whether cards with newer chip technology should be paired with a signature or PIN, for added security, came down squarely on the side of using PINs. But the article overlooked a key fact in the debate: neither is the most important defense against fraud. It’s the chip that matters.

As wearable computing transitions from fantasy to fashion, developers are starting to consider the distinct risks that arise when payments migrate away from smartphones.

The debate over whether signatures or PINs are a stronger security feature overlooks the fact that neither is the most important defense against fraud.

Banks have a lot of work to do to modernize branches and keep their technology on par with other businesses' digital tools. Here are some ideas worth borrowing from retailers, restaurants and consumer electronics makers if banks haven't adopted them already, says appointment-software firm Financial Management Solutions.

The mobile wallet is still a niche product, but many companies worldwide made big strides in bringing secure payments to handheld devices. Some of the most groundbreaking changes happened just in the past year.

So-called containers can lessen the IT workload and help companies bring applications into the cloud. New security and management tools, like automatic patching, are bringing containers into the mainstream.

It used to be that chargebacks were just another cost of doing business. But with the e-commerce world growing by leaps and bounds, online merchants are experiencing a corresponding spike in chargeback rates that's eroding their bottom lines and jeopardizing their merchant accounts.

Merchants today face the daunting task of investing in several payment technology upgrades at once, and the confusion surrounding this process could bolster many pre-existing security vulnerabilities, argues point of sale security expert Chris Strand.

Target has agreed to pay $39 million to settle loss claims from a two-year-old data breach that were brought by MasterCard and a group of financial institutions, according to court documents filed Wednesday.

Lloyds Banking Group in the U.K. has made Deborah McWhinney its third nonexecutive director. She joined the board at Lloyds Monday and also serves on its audit and risk committees.

The long-running tension between anti-money-laundering rules and data privacy concerns is especially pronounced in the awkward relationship between regulated financial institutions and digital currency businesses.

Unlike the high-profile hacking incidents at big banks, smaller institutions have their own breed of threats such as cyberextortion that they must focus on in strengthening their security.

The introduction of EMV cards didn't significantly slow transaction times at U.S. retailers during the Black Friday shopping event, but there are still many wrinkles to iron out at the point of sale.

While consumers hunt for deals during the holiday online shopping frenzy, fraudsters are doing the same — using the credentials they've hoarded from any number of data breaches the past year.

The U.S. is a long way from widespread adoption of EMV, but security analysts say the boom in online shopping—plus a surge in consumers' use of mobile devices for holiday purchases—will make it easier for fraudsters to hide their moves as they redirect their efforts from retail to online channels.

To counter the rising rate of e-commerce fraud, U.K.-based myPINpad plans to provide a virtual PIN pad for mobile-generated online transactions through the VocaLink network for the next five years.