Data privacy

To personalize products and services, banks are now tracking all sorts of alternative data sources, even the manner in which customers type in mobile banking apps.

The law gives residents more — and welcome — control over their data. But it will take work for credit unions to meet the new requirements, such as possibly having to amend third-party vendor agreements.

Fintech developers are trying to monetize data without scaring away privacy-conscious consumers — and, increasingly, to make sure bigger financial companies don't overstep the same boundaries.

This European regulation means fraud detection will inevitably need to evolve as the fraudsters find new ways to exploit new loopholes, according to Catherine Tong, vice president and general manager for Accertify.

The Danish bank found more than $200 billion of suspicious deals at its Estonian branch; merchants can opt out of the deal as another case on network rules continues.

Organizations that lack security controls and have experienced a breach can expect auditors, regulators and standards bodies to knock on their doors demanding information, writes Fouad Khalil, head of compliance and SecurityScorecard.

The transparency and responsibility you demonstrate will help you build more trusting relationships with your customers and the public, according to Carl Mazzanti, founder and CEO of eMazzanti Technologies.

Consumers generally approve of GDPR’s goals of tightening data-protection and consumer privacy, and more than half would consider fleeing to another provider if they suspected corporations were unclear in their communications or intentions about gathering data.

The CFPB made changes to a rule that allows financial firms to be exempt from sending annual privacy notices to customers if they meet certain conditions.

Europe's new data privacy rules have forced banks to get creative to protect sensitive data from in appropriate access or breaches.

Other aggregators came to the bank's defense, while one CEO suggested Plaid's very public protest was unfounded.

Technology can help an organization scale internationally and help finance departments shift their focus from managing the details of supplier payment processing to delivering valuable guidance to the business, writes Chen Amit, CEO of Tipalti.

When GDPR went into effect in May, it was expected that the European law would touch a lot of U.S. payment companies because of their international scope. Now it's clear that even purely domestic U.S. firms will have to adhere to some version of the data-privacy law.

A lack of standardization increases costs and complexity at each bank, opens the door to insecure solutions and hinders adoption by software developers that only have bandwidth to write to one or two open APIs, according to Steve Kirsch, CEO and founder of Token.

Echoing the set of restrictive rules known as GDPR enacted earlier this year by the European Union, the state legislation — which does not take effect until 2020 — will almost certainly be the subject of intense lobbying from business giants that vacuum up all the data.

International banks are also having to adapt to a raft of regional payment and data regulations that impact their operations in certain territories significantly but in others only negligibly, according to Russell Bennett, chief technology officer of Fraedom.

The GDPR doesn’t mandate how data requests should be made, but it does say that organizations handling personal data should be prepared to handle the requests. One would be right to wonder whether companies are as prepared as they should be.

Whatever the reason that Plaid, a prominent data aggregator, can no longer access data from Capital One, the situation demonstrates how fragile fintechs are when they lose banking access.

As Nvoicepay expands, the payment automation company is keeping an eye on how it may fall under European data rules that have a knack for requiring compliance even from companies that should be exempt.

Whatever the reason that Plaid, a prominent data aggregator, can no longer access data from Capital One, the situation demonstrates how fragile fintechs are when they lose banking access.