Data privacy

Other aggregators came to the bank's defense, while one CEO suggested Plaid's very public protest was unfounded.

Technology can help an organization scale internationally and help finance departments shift their focus from managing the details of supplier payment processing to delivering valuable guidance to the business, writes Chen Amit, CEO of Tipalti.

When GDPR went into effect in May, it was expected that the European law would touch a lot of U.S. payment companies because of their international scope. Now it's clear that even purely domestic U.S. firms will have to adhere to some version of the data-privacy law.

A lack of standardization increases costs and complexity at each bank, opens the door to insecure solutions and hinders adoption by software developers that only have bandwidth to write to one or two open APIs, according to Steve Kirsch, CEO and founder of Token.

Echoing the set of restrictive rules known as GDPR enacted earlier this year by the European Union, the state legislation — which does not take effect until 2020 — will almost certainly be the subject of intense lobbying from business giants that vacuum up all the data.

International banks are also having to adapt to a raft of regional payment and data regulations that impact their operations in certain territories significantly but in others only negligibly, according to Russell Bennett, chief technology officer of Fraedom.

The GDPR doesn’t mandate how data requests should be made, but it does say that organizations handling personal data should be prepared to handle the requests. One would be right to wonder whether companies are as prepared as they should be.

Whatever the reason that Plaid, a prominent data aggregator, can no longer access data from Capital One, the situation demonstrates how fragile fintechs are when they lose banking access.

As Nvoicepay expands, the payment automation company is keeping an eye on how it may fall under European data rules that have a knack for requiring compliance even from companies that should be exempt.

Whatever the reason that Plaid, a prominent data aggregator, can no longer access data from Capital One, the situation demonstrates how fragile fintechs are when they lose banking access.

The measure, which has been compared to the EU’s new consumer privacy rules, grants Californians new rights over how companies collect and use their personal data.

Under a consent order with Texas and seven other states, the Atlanta-based credit reporting firm agreed to shore up its information security efforts, but it will not have to pay any financial penalties.

A ballot initiative that taps into the public's anger about online data abuses has qualified for the November ballot. But lawmakers are considering whether to head off the statewide vote by passing a measure that may be more amenable to the financial industry.

The rules are a chance for card issuers to update their data management, which would be helpful in sales and cross-selling, according to Michael Hiskey, head of strategy at Semarchy.

Protecting customer data should have always been a priority for companies. With GDPR, they now have a framework for teams across the organization to adopt and protect their customer data, writes Shanthala Balagopal, a product marketing executive at Helpshift.

The European Union’s General Data Protection Regulation could serve as groundwork for future U.S. rules, so analysts suggest credit unions at least begin working toward compliance.

There are forward-looking regulations that govern the landscape of how personal data gets collected, processed, analyzed, stored, retained, monetized, and accessed by any organization that collects data in the EU. Its goal is the protection of individual privacy and will require a multi-year strategy, according to Bassim Alkhafaji, a partner at Andra Capital.

With the acquisition of Confyrm, the bank is among the few players that are putting themselves in position to sell ID authentication services to other businesses.

We need to rethink how we acquire and manage consumer data, and any business using enterprise software needs to be accountable for how information is being processed, transported or shared, writes Chris Wong, CEO of LifeSite.

New European Union privacy rules could serve as a guide for U.S. banks.