A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Dozens of suspects have reportedly been arrested in connection with an ATM cash-out scheme that targeted Santander Bank branches in New Jersey, New York and Connecticut.
Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash from its machines in several European countries. What makes these attacks unusual?
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
Faster payments are the new reality in more than 40 countries, and this innovation is benefiting consumers and businesses alike. Criminals are also enjoying the speed and non-refutable nature of these transfers, and in many deployments faster payments quickly translates to faster fraud.
This does not have to be the...
A New York man was sentenced to five years in federal prison Tuesday after pleading guilty to helping a criminal gang steal nearly $400,000 from several banks through a physical ATM skimming scheme that continued for two years.
Starting Jan. 1, State Bank of India will no longer accept magnetic stripe debit card transactions and will accept only EMV chip-based cards in compliance with an RBI mandate, which is designed to help prevent card fraud, including skimming and cloning.
The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards, almost all of which appear to have been issued by Indian banks, reports threat intelligence firm Group-IB.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
The EU Payment Services Directive (PSD2),
presents any business that processes online
payments or provides account related services
in the European Economic Area (EEA) with the
challenge of balancing the Strong Customer
Authentication (SCA) requirements with a seamless
buyer's journey.
To gain competitive...
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
Despite India's move to EMV-chip payment cards, ATM fraud continues to take place. Experts say risk of skimming is not eliminated with chip cards if they still have magnetic stripe and ATMs continue to read these stripes.
Although the Reserve Bank of India mandated that banks complete the shift from magnetic stripe debit and credit cards to EMV chip-and-PIN cards by Jan. 1 to help reduce fraud, there's still plenty of work to be done.
So far, police have not found evidence that a major organized hacking group was responsible for the Cosmos Bank heist, which involved the theft of $13.5 million through ATMs and unauthorized SWIFT transactions. What steps should banks take to avoid becoming the next cyber heist victim?
What security strategies do financial organizations need to consider in the new PSD2 landscape? PSD2 outlines security requirements in three key areas.
Download this whitepaper and learn how to:
Secure customer interactions with third-party providers and banks;
Secure API transactions and account...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.
