Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
The PCI Security Standards Council envisions a single, globally-unified data security standard. Now that the European Card Payment Association is a strategic regional member, that goal is significantly closer, says Jeremy King, the council's international director.
In a lawsuit, two small merchants say they, and many other retailers, are unfairly being forced to pay fraud-related expenses as a result of the EMV liability shift even though they converted to EMV technology by the card brands' deadline. Fraud prevention experts analyze the implications of the case.
A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
A thriving market now exists to help cybercriminals recruit new talent, says Rick Holland of the threat intelligence firm Digital Shadows, which has been studying how cybercriminals advertise for new recruits - and the types of technology skills that are most in demand.
As public cloud offerings and technologies to secure them continue to mature, public cloud will increasingly feature in India's cloud story. How ready are security practitioners, and how much traction do technologies such as CASB have?
To boost security and eliminate the need for passwords, MasterCard plans to later this year roll out a facial biometrics app for authentication of online purchases. But some experts warn that biometrics technology is not fool-proof and should only be deployed as part of a layered authentication approach.
Qatar's CERT has rolled out a new information security risk management framework to help enterprises prioritize and manage InfoSec risks. Security leaders say it is critical now to provide a governance structure to support the strategy.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
NPCI's UPI service, providing instant mobile fund transfer, will go live April 8. In the pilot, 29 banks will start UPI-based services using a single identifier with the norm of single-factor authentication. What challenges await CISOs?
By spring, banks and credit unions across the U.S. are expected to start rolling out "card-free" ATMs, offering transactions that experts say will eliminate fraud losses linked to skimming, and at the same time open new doors for mobile payments.
With the U.S. accelerating its adoption of the EMV chip, encryption and tokenization, life is going to get tougher for fraudsters, and card-not-present fraud will rise, says PCI Council Director Jeremy King. Regions with poor data security must beware.
New electronic payment methods lead to huge security challenges. Experts suggest initiatives including deploying standard security controls at all levels, mandatory breach disclosure, and sharing best practices to secure gateways.
The Indian financial sector is at the dawn of a new age of electronic payments. What are the new form factors, and how must they be secured? An expert panel discusses the evolution and its unique security challenges.