In the ever-changing era of cyber threats against payment and personal data, it is dangerous for companies or financial institutions to spend a lot of time or money establishing defenses only against external threats.

E-commerce merchants battling fraud that comes from multiple directions often need to use several different solutions that don’t always mesh well, bogging down the checkout process and inadvertently blocking good transactions.

The proliferation of wearable devices, their increasing sophistication, the uptick in wearable-optimized applications and the willingness of consumers to trade PII for convenience is converging to create a perfect storm of risk that has the potential to threaten commercial enterprises, writes Michael Lynch, chief strategy officer at InAuth.

Breaches help crooks diversify, but stolen cards thrive in the black market, writes Angel Grant, director at RSA's fraud and risk intelligence unit.

The anxiety that a crook is using a lost or stolen card can be a powerful lure to mobile technology, Citigroup has learned.

The P-to-P payments service promises to clear transactions in near-real time, but many consumers have complained that they have been unable access their money or even open accounts. Zelle has acknowledged the delays and says they are a result of its rigorous enrollment process.

In a move rare for the industry, the bank bought a team of data scientists to bolster its artificial intelligence efforts in areas including product recommendations and fraud prevention.

If Congress doesn’t take the lead on protecting consumers from data breaches, states are more than ready to offer their own fixes. Bankers will also be keeping close tabs on bills related to marijuana, PACE loans and elder financial abuse.

Companies like Visa and Mastercard make decisions about security in secrecy, without enough input from banks and merchants.

Account takeover's harder to quantify than payment fraud because it has so many elements and downstream impacts, writes Kevin Lee, trust and safety architect at Sift Science.

With their millions of customers, large retailers like Forever 21 have typically been the hardest hit, writes Mark Cline, a vice president at Netsurion.

With most of the major card brands deciding to no longer require signature authorization on card transactions, merchants want to see more network rules go the way of the dinosaur.

Payment fraudsters are agile and adaptive, and they change the items they target depending on what will be easiest to steal and resell, writes Michael Reitblat, CEO and founder of Forter.

San Francisco-based Arxan Technologies, which got its start in 2001 providing security tools to protect gaming and medical-device applications, says financial services companies are one of the fastest-growing sectors seeking help in barricading their mobile apps from hackers.

North Korean counterfeits haven't been documented since 2008, but recent sanctions may have pressured the country to return to making undetectable U.S. cash.

Seeking a way to facilitate higher-value contactless transactions, the Bank of Cyprus plans to issue an EMV card deploying biometric authentication to replace a PIN code.

The debit card is growing in popularity in the U.S. for retail transactions, and consequently FIs are making debit a top priority. However, the strength of debit is a double-edged sword.

Cybersecurity systems, as sophisticated as they are, are clearly not doing the job. And maybe they never will, given that in the end the effectiveness of those systems can be overridden by workers inside the organization, writes Tal Vegvizer, director of research and development for Bufferzone.

With the increased demand for heightened security and the increased costs, there will also be a growth in attacks from nation-state actors, writes Antwayne Ford, president and CEO of Enlightened.

Getting the most detailed picture calls for a multilayered approach that leverages the most effective elements of in-house and outsourced solutions, writes Monica Eaton-Cardone, COO of Chargebacks911 and CIO of its parent company Global Risk Technologies.