Data security

That’s the question executives of publicly traded banks are asking themselves as they try to make sense of new — and somewhat vague — guidance from the SEC on procedures for disclosing data breaches.

Retailer associations and debit network providers have formed the Secure Payments Partnership, designed to address the ongoing problem of payment fraud.

Agency says it wants “smaller memberships to ensure streamlined discussions;” the bank hired a U.K. firm to help it better defend against cyberattacks.

Visa's management faces an unwelcome choice: It can share more information about internal shortcomings or mistakes that caused payments to shut off temporarily, or get summoned to Parliament for a politically-infused public questioning.

The European Union’s General Data Protection Regulation could serve as groundwork for future U.S. rules, so analysts suggest credit unions at least begin working toward compliance.

Rather than hooking into the browser process, BackSwap takes the place of the user and enters the same commands into the browser that a user would if they wanted to hack themselves.

Merchants, banks, fintechs and card networks may crave digital payments' treasure trove of data over cash's simple anonymity, but any weakness in a centralized ecosystem threatens the entire network, as Visa learned late last week.

Many of these attacks have been server side ransomware and other sophisticated hacks, leading companies to examine the immature security processes, the technology of application security, and the insufficient expertise of development, writes Jeannie Warner, the security manager at WhiteHat Security.

Belgian security researcher Xavier Mertens has discovered a piece of a banking malware campaign that appears to target customers of various U.K. banks.

Two major Canadian banks, Bank of Montreal and Simplii Financial, have become victims of hacks that affected some 50,000 and 40,000 customers respectively. Neither bank decided to pay the ransom by the hackers' May 28 deadline.