The Fintech Times

MARCH 10, 2025

By launching the solution, which removes the need for manual entry – a common source of errors and a vulnerability exploited by fraudsters seeking to compromise sensitive card information – Visa aims to promote the use of digital wallets in Egypt while also bolstering security in the region.

Digital Payments 69

Digital Payments Security Credential CHIPS 69

The Fintech Times

NOVEMBER 11, 2024

This integration provides American Express customers with greater control and transparency over how they share their financial data, using secure authentication without needing to share credentials.

Security 59

Security Credential API Privacy 59

VISTA InfoSec

JUNE 3, 2024

Weak or compromised passwords are often the weak link in an organization’s security chain, providing an easy entry point for cybercriminals. According to a Verizon report , over 80% of hacking-related breaches are due to compromised passwords.

MFA 130

MFA Credential PCI DSS Compliance 130

Fintech Finance

NOVEMBER 6, 2024

As payments become more intricate, Mastercard today announced the latest enhancement to its new Mastercard Payment Passkey Service which enables secure, on-device biometric authentication through facial scans or fingerprints, the same way consumers unlock their phones every day.

Visa 98

Visa APACS Transactions Authentication 98

PYMNTS

NOVEMBER 30, 2020

One source, writing for ZDNet, claimed to have confirmed the authenticity of at least two such accounts, although the Engadget report notes that it was unable to verify this for every victim. The accounts could also be used for blackmail, and intruders could be used to undermine email-based two-factor authentication, the Engadget report says.

Business Email Compromise 116

Business Email Compromise Addressing Scams Ransomware 116

PYMNTS

FEBRUARY 14, 2019

One need only scan the headlines of recent breaches to see the damage done, with hundreds of millions of individuals’ data compromised, and untold billions of dollars’ worth of financial havoc wreaked. Online authentication is only as good as its weakest link. Flash texts requesting authentication ask for PINs.

Authentication 60

Authentication Transactions Online and Mobile Banking Credential 60

PYMNTS

NOVEMBER 25, 2020

The SEC warned in October that cyberattacks on corporations had been increasing, and businesses were advised to include multi-factor authentication to prevent credential compromises.

Cybersecurity 121

Cybersecurity Credential Compromise Authentication 121

VISTA InfoSec

JUNE 27, 2024

Upon investigation, it was revealed that personal information such as student names, addresses, dates of birth, and potentially other sensitive details had been compromised.

FBI 130

FBI Breach MFA Cybersecurity 130

Nanonets

NOVEMBER 14, 2023

Business Email Compromise (BEC) is a cyber threat that exploits the vulnerabilities of email communication. Perpetrators impersonate trusted entities, such as executives or vendors, employing social engineering techniques to coerce employees into compromising actions. What is Business Email Compromise (BEC)?

Email Compromise 52

Email Compromise Business Email Compromise Compromise Phishing 52

PYMNTS

NOVEMBER 2, 2020

And the SEC warned about credential compromises, meaning cyberattacks using compromised client login credentials to attack brokers and dealers, take customer assets and expose private information. Companies should have multi-level backups, and individuals should practice two-factor authentication for passwords.

Cybersecurity 84

Cybersecurity Credential Compromise Ransomware 84

Seon

JUNE 15, 2023

Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations. Let’s look at what business email compromise attacks are and explore some of the many ways you can combat them. What Is a Business Email Compromise Attack? Reported losses in 2020 exceeded $4.2

Email Compromise 52

Email Compromise Compromise Business Email Compromise Risk 52

VISTA InfoSec

DECEMBER 19, 2024

Know and Limit Access Prevent compromise of credentials Manage identities and segregate privileges 3.Detect Use multi-factor authentication (MFA) for SWIFT interfaces and applications. SWIFT CSCF v2024 key objectives and principles Below are the 3 key objectives and 7 principles, as defined in the updated SWIFT CSP framework.

SWIFT 173

SWIFT Cybersecurity PCI DSS Compliance 173

Fintech News

MAY 21, 2024

The scammer claimed that her computer had been hacked and that her bank accounts might have been compromised. To prevent such incidents, the public should use the ScamShield app and enable security features like Two-Factor Authentication (2FA). She called the number and spoke with a scammer posing as a Microsoft support agent.

Scams 105

Scams Funds Transfer Credential Compromise 105

The Fintech Times

JUNE 26, 2024

This allows it to evade anti-tampering mechanisms and remain hidden while compromising app security. Snowblind specifically targets banking apps by exploiting accessibility services, allowing cybercriminals to steal login credentials and hijack banking sessions for unauthorised transactions, leading to financial loss.

Security 111

Security Cybersecurity Credential Compromise 111

PYMNTS

AUGUST 16, 2019

The airline claims that 24[7] fell short of implementing basic security controls like forbidding workers from using the same login credentials or requiring multifactor authentication for employees accessing source code. According to the news outlet, hackers changed the source code of the chatbot via compromised credentials.

Data Breach 84

Data Breach Breach Multifactor Authentication Credential 84

PYMNTS

APRIL 26, 2019

A P2P (peer-to-peer) technology ingrained in millions of IoT ( Internet of Things ) devices, including security cameras, smart doorbells, baby monitors and video recorders, has many security flaws that allow them to be compromised easily, exposing users to dangers from eavesdropping, credential theft and takeovers from remote locations.

P2P 75

P2P Security Compromise Credential 75

PYMNTS

MARCH 6, 2020

Oversight And Authentication. Companies that offer APIs must have authentication measures in place — such as those requiring legitimate users’ to present credentials, or “API keys” — before granting access to them. . This month’s Deep Dive examines how APIs can be exploited and how companies can combat attacks. .

API 52

API Authentication Security Payment APIs and Integration 52

PYMNTS

SEPTEMBER 26, 2016

Authentication methods for payments networks, such as SWIFT, or P2P money transfer apps are still not completely secure. A common thread to many of these attacks is compromised or hijacked credentials that allow an attacker to pose as a legitimate entity.”.

Online and Mobile Banking 78

Online and Mobile Banking SWIFT Credential Central Bank 78

PYMNTS

APRIL 6, 2017

At this year’s PYMNTS Innovation Project , Admiral James Stavridis , NATO’s former Supreme Commander, said that one of the biggest points of compromise that cybercrooks exploit is the login. When people use “multi-factor authentication,” it can often mean different things. But the real question is when — and how.

Authentication 48

Authentication Verification Credential Identity Theft 48

PYMNTS

JUNE 29, 2020

The most popular technique, credential abuse, involves fraudsters using compromised passwords and other login information to gain access to sensitive systems. Any data breach that exposes one of their accounts potentially compromises every account that shares the same password. There were 85.42

MFA 96

MFA Risk Security API 96

PYMNTS

JUNE 6, 2019

Security experts are warning about a phishing scam that can help hackers bypass two-factor authentication (2FA). It showed how the scam uses two new tools, Muraena and NecroBrowser, to potentially trick users into sharing their private credentials.

Scams 58

Scams Credential Security Phishing 58

Fintech News

JUNE 10, 2024

Akira affiliates gain initial access by exploiting vulnerabilities, brute-forcing services like Remote Desktop Protocol (RDP), social engineering, and using compromised credentials. Organisations are advised to enforce strong password policies and implement multi-factor authentication to prevent unauthorised access.

Ransomware 105

Ransomware Authorization Phishing Cybersecurity 105

PYMNTS

JUNE 8, 2020

FIs may need to provide data to FinTech startups without dedicated cybersecurity teams, for example, which could then be more easily compromised by hackers who will steal sensitive bank customer data. Tightening Authentication. MFA requires customers to prove their identities by providing at least two types of credentials.

Authentication 60

Authentication MFA Phishing Scams 60

PYMNTS

NOVEMBER 16, 2020

The risk of fraud continues to climb for organizations of all sizes as the latest data reveals third-quarter spikes in business email compromise and ransomware scams. Business email compromise scams spiked 15 percent during the period, too, with researchers finding that BEC attacks increased across 75 percent of the industries surveyed.

Business Email Compromise 96

Business Email Compromise Scams Ransomware Email Compromise 96

PYMNTS

JULY 10, 2020

Customers cannot afford to let fraudsters compromise their bank accounts under any circumstances, but the current economic climate makes attacks all the more painful. FIs can adopt more robust login approaches to make it less likely that bad actors can obtain the necessary information to pass authentication checks.

Multifactor Authentication 53

Multifactor Authentication Authentication Credit Union Fraud Prevention 53

Fintech Review

NOVEMBER 28, 2024

Unlike traditional PINs or passwords, sAxess utilizes fingerprint authentication and other biometrics to ensure that only authorized individuals can access sensitive data. This goes beyond current methods of managing sensitive information for individuals and organizations, ensuring data recovery without compromising privacy. “We

Security 52

Security Transactions Privacy Data Security 52

PYMNTS

JANUARY 18, 2019

Users of HIBP can enter their email into a query and see if it’s been compromised. For the regular person, this means that email and password combos are especially vulnerable through what’s called credential stuffing. This is when specific combos are used to hack into other accounts using the same login credentials.

Data Breach 63

Data Breach Breach Credential Compromise 63

PYMNTS

JUNE 12, 2019

Compromised credentials are one of the most common causes of security breaches. The technology is FIDO2 compliant, which means that it’s a secure and accommodating standard that lets different devices using different operating systems talk to each other for authentication. “On

Authentication 49

Authentication Bots Phishing Credential 49

PYMNTS

OCTOBER 26, 2016

From Wi-Fi hotspots to printers, unsecured routers to digital video recorders — connected devices can be vulnerable to hacks and, when compromised, are being used by hackers to launch significant distributed denial-of-service (DDoS) attacks. Going Beyond PCI. to provide additional layers of security. Covering All The (Data) Bases.

Payment Security 81

Payment Security Security Identity Theft Compromise 81

PYMNTS

JULY 22, 2019

Reports say that the hacks, which are known as Media File Jacking, allow media that spans photos to documents to be compromised in “real time” and that means intercepting data between when it is written to disk and when they are loaded onto user interfaces. The apps have, cumulatively over 1.5 billion users.

Phishing 72

Phishing Credential Scams Payments 72

PYMNTS

JULY 13, 2020

Bad actors attempting ATOs seek to gain control of victims’ bank accounts without alerting FIs, and they therefore aim to obtain the login credentials necessary to smoothly move through FIs’ authentication measures. This is a serious problem, as ATOs reportedly led to $4 billion worth of losses in 2018.

Credential 58

Credential Bots Authentication Online and Mobile Banking 58

Fintech News

JANUARY 17, 2024

These measures encompass additional customer authentication, cross-border transfer limit reviews, session management controls, and establishing a bank-to-bank information-sharing platform to safeguard the financial sector from evolving threats. Digital mule networks exploit this, testing stolen credentials across various banks.

Deepfake 122

Deepfake APACS Scams Authentication 122

Fintech News

MARCH 25, 2024

It typically operates by infecting a user’s device through various means, such as phishing emails, fake apps, or compromised websites. However, behind the scenes, the malware captures the user’s login credentials, account information, and other sensitive data entered into the fake UI.

Mobile Banking 117

Mobile Banking Online and Mobile Banking Identity Theft Credential 117

VISTA InfoSec

DECEMBER 19, 2024

Know and Limit Access Prevent compromise of credentials Manage identities and segregate privileges 3.Detect Use multi-factor authentication (MFA) for SWIFT interfaces and applications. SWIFT CSCF v2024 key objectives and principles Below are the 3 key objectives and 7 principles, as defined in the updated SWIFT CSP framework.

SWIFT 130

SWIFT Cybersecurity PCI DSS Compliance 130

PYMNTS

JANUARY 25, 2021

They often hack into these consumers’ accounts using passwords stolen from other sites that use the same login credentials, for example. But internal threats, such as those that occur when employees’ credentials are compromised in phishing attacks, are just as imperiling and can bypass banks’ external defenses.

Credential 94

Credential Data Breach Phishing Cybersecurity 94

PYMNTS

MAY 24, 2017

This all comes as no surprise to Brett McDowell, who is working with a team of corporations in verticals from financial services to software to take human error out of the authentication equation, as part of the FIDO Alliance. Because once hackers get their hands on the information, it’s already too late to stop them. No Password, No Cry? .

Authentication 40

Authentication Credential Ransomware Phishing 40

PYMNTS

FEBRUARY 8, 2019

Plus, professionals will often use paper or spreadsheets to keep track of those login credentials. The reliance on passwords means those credentials become more of a security liability than protector, as cyberattackers attempt to infiltrate enterprise systems. most common) passwords and check them against millions of accounts.

Phishing 66

Phishing Payment APIs and Integration Credential MFA 66