Personally identifiable information

Yes, the credit bureau goofed badly on data security, and it proved to be worse at crisis management. But other companies have been just as sloppy with cyber defenses, and business and government leaders should have tackled these problems long before now.

The identity theft threat created by the Equifax hack and the growth of online lending have given software makers a platform to pitch products that rely on selfies, scans of driver’s licenses and other nontraditional ID methods.

While the payments industry may believe a "breach fatigue" has set in, it may have been the expectation of a cowed and apathetic public that partly led to Equifax’s maligned response after its data breach was finally made public.

Senate Democrats' legislative bid to reform the credit reporting industry is tempered and balanced, according to analysts, which could help it gain traction in the GOP-controlled Congress.

Equifax Inc. said two of its senior executives are leaving as the credit-reporting company faces mounting public anger for losing data on 143 million Americans in one of the biggest cyberattacks in history.

Security professionals have long argued against the use of static identifiers like passwords and Social Security numbers, while consumers have long questioned why a handful of bureaus can claim to be the ultimate judges of their identities.

The reaction to major data breaches has always been to protect card data. But the non-card data that Equifax handled deserved just as much attention, if not more.

It's not just Equifax that needs to worry. The incident can and should be a turning point for the financial services industry, a warning that it needs to end its reliance on static personal identifiers.

When breaches occur it is the standard practice for the notification to come directly from the company affected. The difference with Discover's service is that, because it's an opt-in program, its users may already be bracing themselves for bad news.

Because of the opaque nature of internet retailing and widely publicized data breaches, security concerns remain a pervasive gating factor to digital commerce. Key to countering this is providing consumers with the tools to monitor and control where their payment credentials are stored online.

Vinny Lingham, founder and CEO of Civic, discusses the froth in cryptocurrency markets, the mania for "initial coin offerings," the right way to do token sales, the future of digital identity and the banking system's security failings.

It's time for credit unions, industry stakeholders and the movement's 107 million members to speak up and tell Congress to get serious about protecting members' data from retailer data breaches.

Kmart has been hit with a malware attack that has resulted in the compromise of payment card credentials for the second time in three years.

The German bank announced a project designed to create a single online registration for users across a number of industries.

Sovrin, a new blockchain for the creation and management of digital identities, may help credit unions save money and fight fraud while returning power to individuals.

Malicious hackers tend to swarm around industries they perceive as vulnerable, and terminal makers are the latest to find themselves in the crosshairs.

Screen scraping has plenty of critics, but the alternatives, OAuth and APIs, have their share of detractors, too.

Quickly keeping customers informed about an attack is among the principles banks must adopt to mitigate the fallout.