Personally identifiable information

A deaf woman who had over £8000 stolen from her bank account by fraudsters has become the latest symbol of the insecure practice of using phone numbers as proof of identity.

The time is now for Congress to enact stricter data security standards that better protect credit unions and consumers.

Technology developers have little choice but to see big data deals like Mastercard’s reported collaboration with Google as an opportunity for deep, actionable analysis, setting aside the chilling effect of privacy concerns and a consumer buy in.

Kevin Jenkins, former managing director of Visa U.K. and Ireland, joined the board of London-based fintech Nuggets to oversee business development for the blockchain-based security provider as it enters the massive mobile payments market in Asia.

Forget the stereotype that a cybercriminal has to be tech-savvy to get the job done. Their true gift is in social engineering.

Fallout from the Equifax breach is coming into clearer focus as more companies begin pinpointing its effects over the last several months.

In the past few years of fighting against cyberattacks, security teams have developed "kill chain" models that document what steps the bad guys take to infiltrate a network and how to thwart them. The problem is, a significant number of data breaches occur from insider threats, which these models often overlook.

Called Mezu, the P2P platform has been live for about a week and uses a location-based code to execute payments, avoiding the need to even share usernames or other identifying information to move money.

A direct correlation between the chip migration and rampant merchant data breaches is hard to prove. But experts say retailers' prioritization of EMV compliance contributed to other payment card security gaps, leading to the current high level of merchant data breaches.

It's a race to the finish line that also affects U.S. companies with European customers. In these final moments, every company must at least show good faith in attempting to follow the law and having procedures and technology in place to do so.

Among the findings, credit unions may not be doing enough to protect against malware, which involved in nearly 40 percent of hacking incidents, as well as Trojan botnets and denial of service attacks.

A new strain of malware that targets cryptocurrency users — but not users of mainstream payment options like bank accounts — highlights how much the cybercrime game is changing behind the scenes.

Data breaches have become routine, but the public reaction to these events is changing. Consumers are increasingly wary of sharing their information — just ask Mark Zuckerberg — and this trend raises the stakes for all financial institutions and merchants.

Companies that handle sensitive customer data have even more to worry about when making an acquisition. Not only do they have to be sure the acquired company has good security, but they can't let their guard down even after the acquisition closes.

Before reports of the data breach at Saks Fifth Avenue, Saks OFF 5th, and Lord & Taylor fade from the news cycle, there's one detail that should alarm merchants, card issuers and consumers — and sets a tone for future data breaches.

The concept of privacy is evolving in the digital age in ways that demand new attention from policymakers. As stewards of considerable personal information, banks should prepare to take part in this debate.

Like a crime wave, data leaks and vulnerable static identifiers show no sign of abating, as MyFitnessPal became the latest in a string of sites to have users' data exposed trough usernames and hashed passwords.

The breach at Expedia's Orbitz not only jeopardized nearly 880,000 payment cards — it cast a spotlight on the weaknesses all companies expose themselves to when they partner with another brand.

While there is a collective sense that data breaches are simply a side effect of our digital existence, there are real costs for the companies impacted. The ones that are hit the hardest are the ones that are least able to weather the fines, remediation costs and lost reputation.

By failing to protect their customers’ data, financial institutions and others in the payments ecosystem are risking trust, the most important currency they have, writes David Barnhardt, executive vice president of product at GIACT.