A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
When the U.S. transitions to chip-secured payment cards, banking institutions will see a significant uptick in card-not-present fraud. What can they be doing now to prepare? Fiserv's Patrick Davie shares tips.
Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.
A bank's $350,000 settlement with a California oil company should serve as a reminder that reasonable security measures offered by banks are increasingly critical to the outcome of account takeover disputes.
A new study shows the accuracy of facial recognition algorithms has markedly improved over the past three years, though one of the report's authors suggests they're not at the level to be a highly reliable form of authentication.
Financial Institutions already apply out-of-band security in many instances. The challenge is: How do we help protect payment cards when they are used at any number of online and brick-and-mortar retailers?
The Federal Reserve will make recommendations this summer for how the United States could launch a "fast-payments" system with enhanced authentication, says Kirstin Wells of the Federal Reserve Bank of Chicago.
Individuals resort to lying about themselves to protect their identities when accessing systems in today's imperfect cyber world, says Peter Tapling, president of Authentify, an out-of-band authentication service.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.