Payment fraud

While advanced push payment fraud has dominated the headlines in recent years, another type of scam has been costing U.K. businesses millions — even though many companies are completely unaware of it.

Data protection strategies need to consider how data travels and how that impacts vulnerabilities and breach risk, according to comforte AG's Jonathan Deveaux.

Insecure software development and insufficient use of security best practices creates significant risk for both consumers and commercial organizations alike, writes Carl Wright, CCO of AttackIQ.

Some technology upgrade can leave databases open to the public internet, creating more risk for payment credential exposure and other risks, contends Ameya Talwalkar, co-founder and chief product officer of Cequence Security.

In the era of big data, a more thorough, data-centric approach is needed for security than the traditional encryption of the past, argues comforte AG's Jonathan Deveaux.

A Wells Fargo customer was interrogated, fingerprinted and mistakenly arrested for check forgery after a series of mistakes on the bank's part. He was cleared, and Wells says it made an error, but they are now fighting in civil court.

Ticketmaster has battled fraud in paper ticketing for years — but mobile technology introduced new ways for fraudsters to steal, resell and counterfeit high-priced digital tickets.

Uber will use Adyen's technology to incorporate the latest version of EMVCo’s 3-D Secure authentication, which has been updated to comply with PSD2 mandates for stronger identity vetting.

Restaurants, electronics sellers and digital-goods merchants are seeing sharp spikes in fraud as criminals find creative new ways to interfere in online and mobile commerce.

There are almost no vulnerabilities that aren't covered by some sort of intelligence or data, says Steven Rogers, president and CEO of Centripetal.

The short-term disruption is worth the benefits of improved security and user experience, writes IIya Dubinsky, head of the CTO office at Credorax.

Traditional authentication practices are incapable of meeting the real-time demands, writes Frank Teruel, senior vice president and general manager of ThreatMetrix.

Amazon.com Inc. said it was hit by an "extensive" fraud, revealing that unidentified hackers were able to siphon funds from merchant accounts over six months last year.

Not unlike consumers finding it convenient to make a one-click payment online, fraudsters want less friction as they steal payment or personal credentials.

Every organization has some kind of plan for the future, but advances in technology, cyber threats, changes in regulation and political uncertainty make it extremely difficult to plan for what lies ahead, writes Ian Stone, CEO of Veualta.

Using AI to verify receipts alleviates the need for auditors to aimlessly review every single receipt submitted within an expense report, says Travis Andrade, a senior product manager at AppZen.

It is human nature to do as little as possible when it comes to secure passwords. The new NIST standard helps solve that problem.

Given the risks of improperly securing a multicloud environment, it's crucial to engage with partners who understand networking, says Mounir Hahad, head of threat research for for Juniper Networks.

Worldpay is rolling out FraudSight, a new fraud prevention tool that uses machine learning to spot suspicious transactions across all in-store and e-commerce checkout points, according to a Tuesday press release.

By allowing instant issuance to be executed from the most secure infrastructure available, PCI-CP introduces greater flexibility and protection than older standards, according to Ranjeet Khanna, vice president of financial issuance at Entrust Datacard.