Data and information management

The Payment Card Industry Security Standards Council released its 3.1 update to the industry's data security standards April 15 to address the payment data vulnerabilities of the Secure Sockets Layer encryption protocol.

MasterCard Inc. and Target Corp. are in talks about a settlement in which the retailer would pay banks about $20 million for costs they incurred in its 2013 data breach, a person familiar with the matter said.

Hackers are attacking companies with multiple motives and multiple attack vectors, the widely read annual security report finds. Phishing remains effective and cyber-threat sharing efforts need to speed up.

While issuers and merchants scramble to issue EMV-chip cards in the U.S., Gemalto is taking a longer view into the cards' environmental impact when they are discarded as part of regular reissuance.

The payment companies that serve micro merchant communities face many inventive fraud schemes, and the fraudsters behind them are getting wiser about how to appear legitimate.

Lyle Beckwith of the National Association of Convenience Stores argues that debit card interchange is unfairly high. But this argument ignores several key points.

Bank regulators plan to release their self-assessment tool later this quarter to gauge institutions' cyber readiness, but many see it as sign of more prescriptive measures down the road.

Prosper Marketplace, one of the leading U.S. consumer marketplace lenders, announced $165 million in equity funding from large banks and other investors Wednesday.

With only six months to go before the EMV chip-card liability shift takes effect, many U.S. merchants are not yet aware of the EMV migration.

Novantas, a New York-based bank advisory firm, has hired the former head of analytics for Bank of America.

Jacob Dienelt, a former financial adviser at Morgan Stanley, has joined Factom, a cryptocurrency tech startup, as its head treasurer.

Malicious software that blows past antivirus software undetected, combined with sophisticated social engineering (i.e. tricking employees of bank customers into divulging information), have enabled criminals to steal $500,000 to $1 million at a time, security experts say.

Recent cyber-attacks on the protocol that has long secured Web connections and, more recently, payment applications are pushing the Payment Card Industry Security Standards Council to issue an update with strong implications for e-commerce sellers.

The payments environment is undergoing unprecedented change, yet many banks and payment companies are saddled with aging infrastructure which makes it costly to support new products and features. Additionally, fragmented governance and siloed business units running disparate payments operations can stifle innovation.

Encryption still vastly outpaces tokenization as a means of defending data in the cloud, according to a new report from a cloud data cybersecurity firm, CipherCloud.

FICO and two data partners are testing a credit score based on alternative data that could help banks take smarter risks on borrowers with limited credit histories, but bankers' cost concerns and adherence to traditional methods present big hurdles.

Seeking online merchants that are angry about fraud-related chargeback expense, Kount and Ethoca are partnering to tip off businesses about payment cards that have a track record of suspect transactions.

The administration's new step empowers Treasury to freeze assets of those behind attacks that harm the U.S. financial system or other "critical" infrastructures.

Mobile commerce is blurring the lines between card-present and card-not-present transactions, possibly even making the distinction—and the difference in pricing—irrelevant.

Event-stream processing software can now do things like predict a customer will leave.