To boost security and eliminate the need for passwords, MasterCard plans to later this year roll out a facial biometrics app for authentication of online purchases. But some experts warn that biometrics technology is not fool-proof and should only be deployed as part of a layered authentication approach.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
NACHA's announcement of same-day ACH (Automated Clearing
House) payments will benefit both businesses and consumers whose
payments are eligible for same-day transaction processing. But it will also
strain banks that need to operate under the new guidelines and protect
vulnerable ACH transactions from...
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
The PCI DSS was developed to "encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data." Even by following the PCI DSS guidelines, it is...
Every company, regardless of size, has confidential information that needs to be protected. With data breach incidents happening on an almost weekly basis, organizations must take the necessary precautions to ensure their data is secure. But how many organizations are truly making efforts to keep their data...
Why do we continue to be so stupid about how we use passwords? A review of 2015 data breaches finds that it's not just users of infidelity websites who remain reckless with their password choices.
One of the most dangerous myths about malware is that hackers aren't targeting smaller healthcare entities, says security researcher Lysa Myers, who offers mitigation insights for clinics and others.
BankInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way banking institutions and financial services companies approach information security.
Despite the frequency of healthcare data breaches, only half of U.S. hospitals have the infrastructure to support two-factor authentication, according to a new report. Plus, some information security leaders say implementation of the technology at many of those facilities is likely relatively narrow.
Has authentication become too complex for
banking institutions? That's a legitimate concern, says Peter Tapling of Early Warning.
The key, he says, is to leverage new strategies and solutions to unify and simplify
authentication.
Download this eBook to explore new authentication strategies and:
Whether...
Much of the currently used statistical-based fraud detection methodology is creating significant challenges for both organizations and end users. These statistical models generate high false positive rates and provide a risk score that does not effectively distinguish between legitimate and malicious activity.
With...
Today's cybercriminals are aware of the fraud prevention technologies deployed by most financial institutions, and they design attacks to circumvent these controls. Transaction anomaly detection and device ID approaches can be highly inaccurate, generating a large number of false positive alerts that can overwhelm IT...
Dell's announcement that it plans to purchase storage maker EMC for a mind-boggling $67 billion does not make clear the fate of EMC's information security unit, RSA. Analysts believe Dell has not yet determined whether RSA fits into its long-term plans or should be sold or spun off.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.