Security risk

Banks and smaller businesses are simply not ready, says SmartTrade App's Kent Vorland.

The credit union regulator has spent 20 years asking lawmakers for greater oversight of third-party vendors. Here's why it might finally happen.

While doing the bare minimum means that companies avoid receiving hefty non-compliance fines, it doesn’t achieve a great deal more, says FIME's Arnaud Crouzet.

Retailers are decelerating data security spending, even as attacks become more sophisticated and merchants emphasize the types of multi-channel shopping that draws attackers.

Selling to international markets is the name of the game for online merchants, which face a threat to their relevance if they can't match the distinct transaction preferences of individual markets.

Arguing more work is needed in the wake of new security protocols, Nets will team with KPMG to jointly develop machine learning-powered fraud monitoring and prevention.

Retailers have raised the bar in how they attract customers through rewards and loyalty programs, but not all are well-versed in how their technology also lures fraudsters.

Static fraud prevention has no place in the current digital world, says Accertify's Stuart Mann.

Many futurists and pundits predicted email would be obsolete by 2020, replaced by a new, superior communication channel.

The equation is no mystery to those in payments or financial services: Expand your digital footprint, and you expand the opportunities for hackers to damage your network.

Many companies have tools in place alerting them to possible security issues, but if companies get a large volume of issues, this quickly overwhelms the ability for security and risk professionals to analyze, prioritize, and remediate, writes DivvyCloud's Chris DeRamus.

There are several ways attackers take advantage of payment systems. Understanding that is part of the battle, according to Bill Horne of Intertrust Secure Systems.

Machine learning can build a layered defense, and analysts don't have to spend as much time combing through data to spot threats, says Exabeam's Anu Yamunan.

The time is ripe to move decision-making up the ladder and for organizations to bite the bullet by creating a more inclusive comprehensive strategy for the overall business that considers all the disparate security needs, writes Madeline Aufseeser, an analyst and fintech executive.

Fraud targeting accounts payable departments had been on the rise to begin with, but a new sense of urgency has taken hold in the wake of a recent incident that cost Facebook and Google $100 million.

Security companies report a recent spike in spearphishing campaigns originating in Iran and targeting banks.

In the U.K., next-level fraud types — involving technologies such as push payments and P2P — are gaining traction now that EMV has been in place for more than a decade.

After criticizing the prevalence of social sign-in buttons on the internet, Craig Federighi, Apple's senior vice president of software engineering, unveiled one of his company's own. It's essentially Apple Pay without the payments.

Data protection strategies need to consider how data travels and how that impacts vulnerabilities and breach risk, according to comforte AG's Jonathan Deveaux.

At first blush, Netflix may seem to have a fairly simple payment process: Collect a card number once, and keep charging it every month until the customer cancels. But even this process can be demanding.