Localized skimming attacks, whether waged against ATMs or self-service gas pumps, continue to wreak havoc on banks and credit unions. And we're likely to see an uptick in 2017 as fraudsters ramp up their efforts to cash in.
Visa and MasterCard have pushed back their EMV fraud liability shift date for U.S. pay-at-the-pump gas terminals from October 2017 to October 2020. They made the right decision, given the relatively low rates of card fraud at gas pumps.
After complaints from merchants and an update from the Fed, Visa has modified debit routing rules, noting that merchants can route U.S. EMV debit transactions through any of more than a dozen available networks, and not just Visa's. The move could have implications for chip-and-PIN use.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
The success of Operation SAMBRE, a global cybercrime investigation into the theft of billions of dollars from banks throughout the world, proves why information sharing between law enforcement and the private sector is key to battling cybercrime.
I'm looking forward to this week in London, where Jason Tunn of the Metropolitan Police Service will walk us through a high-profile cybercrime investigation that resulted in the 2015 arrest of two British hackers with links to Russia after they attacked leading U.K. banks with the Dridex banking Trojan.
Will the advent of faster payments in the U.S. open new doors for fraud? Business continuity and security are priorities for the Federal Reserve, says Marianne Crowe of the Boston Fed. But independent consultant Richard Party begs the question: Is the U.S. really ready?
A Michigan credit union's bold move to block members from using their payment cards at all Wendy's locations following a malware attack won't do much to stop fraud. But it does send a strong message that the financial institution doesn't think Wendy's has done enough in its efforts to protect customers.
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
The apparent breach of a system support portal used by Oracle MICROS to remotely access and service MICROS point-of-sale systems has raised more questions than answers. What actually happened? Which data was compromised? And who waged the attack?
CEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
Reacting to strong complaints from retailers, three major card brands have finally taken steps toward reducing the amount of counterfeit fraud chargebacks to U.S. merchants, which began as a result of the EMV fraud liability shift last October. But was the action by the brands bold enough?