Authentication, Compromise and Credential

Cyber Threats Surge in India’s Financial Sector

Fintech News

MAY 8, 2025

These chatbots leverage AI with natural language processing (NLP) capabilities to engage potential victims in seemingly benign conversations, subtly extracting credentials or sensitive data over time. The surge of deepfakes The rise of AI has also led to a surge in deepfake attacks. Losses are projected to reach INR 700 billion (US$8.3

Deepfake

Deepfake Data Breach MFA Phishing

Finastra Confirms Breach Amid Hacker’s 400GB Data Theft Claim

Fintech News

NOVEMBER 24, 2024

The company confirmed the incident to TechCrunch following a hacker’s claim of compromising Finastra ‘s internal file-transfer platform and subsequent attempts to sell the stolen data. Currently, Finastra is unable to disclose the number of affected customers or the precise nature of the compromised data.

Breach

Breach Compromise Data Breach Credential

Understanding the Cyber Risks in Video Communication

VISTA InfoSec

JUNE 19, 2024

However, this convenience comes with significant cyber risks that can compromise sensitive information and privacy. For instance, an attacker might send an email that appears to be from a trusted video communication platform, prompting you to click on a link to verify your account or update credentials.

Risk

Risk Ransomware Phishing Encryption

Webinars

Breaking The Commerce Bottleneck: Your SAP Exit Plan Starts Now

MORE WEBINARS

Understanding POS Security: Protecting Your Business and Customer Data

VISTA InfoSec

MAY 12, 2024

When used, these devices will collect payment details without the merchant’s knowledge, compromising customer data security. Encourage the use of Two-Factor Authentication (2FA) Decades of experience show that passwords only provide a small amount of security.

PCI DSS

PCI DSS Security Compromise Best Practices

How tokenisation has reshaped the future of payments

The Payments Association

MAY 28, 2025

The evolution represents more than enhanced security protocols, it constitutes a complete reimaging of payment credential architecture. Manual card entry, inconsistent authentication requirements and consumer hesitancy about storing payment information often create a labyrinthine checkout process.

Credential

Credential Payments Issuers Visa

Tokenisation 2.0: Are we ready for the next generation of payment security?

The Payments Association

JUNE 3, 2025

Antony Lane, sales account manager at G+D , corroborates this, stating G+D increasingly uses tokenisation to improve in-app provisioning, simplify lifecycle credential management, and personalise user journeys across devices and channels. As a result, tokenisation is becoming essential for maintaining trust and fluidity.

Security

Security Payment APIs and Integration Payment Security Credential

Strengthening Cyber Defenses with Multi-Factor Authentication

VISTA InfoSec

NOVEMBER 7, 2023

Mutli-Factor Authentication (MFA) isn’t a new concept. What Is Multi-Factor Authentication? Let’s start with another simple definition – multi-factor authentication is any authentication method where more than one criterion has to be satisfied before access is granted to digital assets.

Authentication

Authentication MFA Cybersecurity Credential

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Fintech Finance

NOVEMBER 28, 2024

Unlike traditional PINs or passwords, sAxess utilizes fingerprint authentication and other biometrics to ensure that only authorized individuals can access sensitive data. This goes beyond current methods of managing sensitive information for individuals and organizations, ensuring data recovery without compromising privacy. “We

Security

Security Transactions NFTs Blockchain

Advanced Data Security: Safeguarding Your Business In The Digital Age

VISTA InfoSec

JUNE 18, 2024

A crafty hacker could infiltrate accounts secured by flimsy credentials. In addition to access control, fortify your defenses with Multi-Factor Authentication (MFA). Even if passwords are compromised, those extra identity checkpoints block illicit access attempts. A single compromised login could damage your entire network.

Data Security

Data Security Security Encryption Cybersecurity

Visa Launches “Tap-to-Add Card” in Egypt to Enhance Secure and Seamless Digital Payment Experiences

Fintech Finance

MARCH 10, 2025

Bringing enhanced security and convenience, Tap-to-Add Card eliminates the cumbersome process of manual entry, a common source of errors and a vulnerability exploited by fraudsters seeking to compromise sensitive card information.

Digital Payments

Digital Payments Security Payments Credential

Visa Launches Tap-to-Add Card in Egypt to Bolster Digital Payment Adoption and Card Security

The Fintech Times

MARCH 10, 2025

By launching the solution, which removes the need for manual entry – a common source of errors and a vulnerability exploited by fraudsters seeking to compromise sensitive card information – Visa aims to promote the use of digital wallets in Egypt while also bolstering security in the region.

Digital Payments

Digital Payments Security Credential CHIPS

American Express Partners with MX to Enhance Secure Digital Banking Options

The Fintech Times

NOVEMBER 11, 2024

This integration provides American Express customers with greater control and transparency over how they share their financial data, using secure authentication without needing to share credentials.

Security

Security Credential API Privacy

How to Create a GDPR-Compliant Password Policy?

VISTA InfoSec

JUNE 3, 2024

Weak or compromised passwords are often the weak link in an organization’s security chain, providing an easy entry point for cybercriminals. According to a Verizon report , over 80% of hacking-related breaches are due to compromised passwords.

MFA

MFA Credential PCI DSS Compliance

Mastercard Goes OTP-Free in APAC for Faster, Safer Online Transactions

Fintech Finance

NOVEMBER 6, 2024

As payments become more intricate, Mastercard today announced the latest enhancement to its new Mastercard Payment Passkey Service which enables secure, on-device biometric authentication through facial scans or fingerprints, the same way consumers unlock their phones every day.

Visa

Visa APACS Transactions Authentication

Hack Of C-Suite Email Addresses Portends Surge In BEC Fraud

PYMNTS

NOVEMBER 30, 2020

One source, writing for ZDNet, claimed to have confirmed the authenticity of at least two such accounts, although the Engadget report notes that it was unable to verify this for every victim. The accounts could also be used for blackmail, and intruders could be used to undermine email-based two-factor authentication, the Engadget report says.

Business Email Compromise

Business Email Compromise Addressing Scams Ransomware

Separating Transactions From Authentication — And Authentication From The Internet

PYMNTS

FEBRUARY 14, 2019

One need only scan the headlines of recent breaches to see the damage done, with hundreds of millions of individuals’ data compromised, and untold billions of dollars’ worth of financial havoc wreaked. Online authentication is only as good as its weakest link. Flash texts requesting authentication ask for PINs.

Authentication

Authentication Transactions Online and Mobile Banking Credential

FIs Expect Cybersecurity Spending To Increase In 2021, Study Finds

PYMNTS

NOVEMBER 25, 2020

The SEC warned in October that cyberattacks on corporations had been increasing, and businesses were advised to include multi-factor authentication to prevent credential compromises.

Cybersecurity

Cybersecurity Credential Compromise Authentication

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

VISTA InfoSec

JUNE 27, 2024

Upon investigation, it was revealed that personal information such as student names, addresses, dates of birth, and potentially other sensitive details had been compromised.

FBI

FBI Breach MFA Cybersecurity

What is Business Email Compromise (BEC)?

Nanonets

NOVEMBER 14, 2023

Business Email Compromise (BEC) is a cyber threat that exploits the vulnerabilities of email communication. Perpetrators impersonate trusted entities, such as executives or vendors, employing social engineering techniques to coerce employees into compromising actions. What is Business Email Compromise (BEC)?

Email Compromise

Email Compromise Business Email Compromise Compromise Phishing

SEC Chair Warns Of Increasing Cyberattacks Against Companies

PYMNTS

NOVEMBER 2, 2020

And the SEC warned about credential compromises, meaning cyberattacks using compromised client login credentials to attack brokers and dealers, take customer assets and expose private information. Companies should have multi-level backups, and individuals should practice two-factor authentication for passwords.

Cybersecurity

Cybersecurity Credential Compromise Ransomware

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Seon

JUNE 15, 2023

Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations. Let’s look at what business email compromise attacks are and explore some of the many ways you can combat them. What Is a Business Email Compromise Attack? Reported losses in 2020 exceeded $4.2

Email Compromise

Email Compromise Compromise Business Email Compromise Risk

SWIFT CSP: A Quick Guide for Financial Institutions

VISTA InfoSec

DECEMBER 19, 2024

Know and Limit Access Prevent compromise of credentials Manage identities and segregate privileges 3.Detect Use multi-factor authentication (MFA) for SWIFT interfaces and applications. SWIFT CSCF v2024 key objectives and principles Below are the 3 key objectives and 7 principles, as defined in the updated SWIFT CSP framework.

SWIFT

SWIFT Cybersecurity PCI DSS Compliance

Snowblind Malware Emerges as Major Threat to Banking App Security

The Fintech Times

JUNE 26, 2024

This allows it to evade anti-tampering mechanisms and remain hidden while compromising app security. Snowblind specifically targets banking apps by exploiting accessibility services, allowing cybercriminals to steal login credentials and hijack banking sessions for unauthorised transactions, leading to financial loss.

Security

Security Cybersecurity Credential Compromise

Anti-Scam Centre and DBS Bank Recover Over S$170,000 in Tech Support Scam

Fintech News

MAY 21, 2024

The scammer claimed that her computer had been hacked and that her bank accounts might have been compromised. To prevent such incidents, the public should use the ScamShield app and enable security features like Two-Factor Authentication (2FA). She called the number and spoke with a scammer posing as a Microsoft support agent.

Scams

Scams Funds Transfer Credential Compromise

Chatbot Company Sued By Delta Over Data Breach

PYMNTS

AUGUST 16, 2019

The airline claims that 24[7] fell short of implementing basic security controls like forbidding workers from using the same login credentials or requiring multifactor authentication for employees accessing source code. According to the news outlet, hackers changed the source code of the chatbot via compromised credentials.

Data Breach

Data Breach Breach Multifactor Authentication Credential

P2P Security Issues Plague Millions Of IoT Devices

PYMNTS

APRIL 26, 2019

A P2P (peer-to-peer) technology ingrained in millions of IoT ( Internet of Things ) devices, including security cameras, smart doorbells, baby monitors and video recorders, has many security flaws that allow them to be compromised easily, exposing users to dangers from eavesdropping, credential theft and takeovers from remote locations.

P2P

P2P Security Compromise Credential

Deep Dive: Confronting APIs’ Authentication, DDoS Security Threats

PYMNTS

MARCH 6, 2020

Oversight And Authentication. Companies that offer APIs must have authentication measures in place — such as those requiring legitimate users’ to present credentials, or “API keys” — before granting access to them. . This month’s Deep Dive examines how APIs can be exploited and how companies can combat attacks. .

API

API Authentication Security Payment APIs and Integration

The Identity/Authentication Confusion

PYMNTS

APRIL 6, 2017

At this year’s PYMNTS Innovation Project , Admiral James Stavridis , NATO’s former Supreme Commander, said that one of the biggest points of compromise that cybercrooks exploit is the login. When people use “multi-factor authentication,” it can often mean different things. But the real question is when — and how.

Authentication

Authentication Verification Credential Identity Theft

Cybercriminals Targeting Apps

PYMNTS

SEPTEMBER 26, 2016

Authentication methods for payments networks, such as SWIFT, or P2P money transfer apps are still not completely secure. A common thread to many of these attacks is compromised or hijacked credentials that allow an attacker to pose as a legitimate entity.”.

Online and Mobile Banking

Online and Mobile Banking SWIFT Credential Central Bank

System Intrusion Rises to Dominance in APAC Threat Landscape

Fintech News

MAY 1, 2025

Social engineering involves the psychological manipulation of individuals to trick them into taking actions that compromise security or reveal confidential information. The use of stolen credentials is also widespread in APAC, present in 55% of breach cases in 2024. These are often paired with ransomware to infiltrate systems.

APACS

APACS Data Breach Breach Ransomware

Singapore Authorities Issue Warning on Akira Ransomware Threat

Fintech News

JUNE 10, 2024

Akira affiliates gain initial access by exploiting vulnerabilities, brute-forcing services like Remote Desktop Protocol (RDP), social engineering, and using compromised credentials. Organisations are advised to enforce strong password policies and implement multi-factor authentication to prevent unauthorised access.

Ransomware

Ransomware Authorization Phishing Cybersecurity

Deep Dive: Reducing The Security Risks Of Open Banking

PYMNTS

JUNE 29, 2020

The most popular technique, credential abuse, involves fraudsters using compromised passwords and other login information to gain access to sensitive systems. Any data breach that exposes one of their accounts potentially compromises every account that shares the same password. There were 85.42

MFA

MFA Risk Security API

Security Experts Warn About New Scam That Bypasses 2FA

PYMNTS

JUNE 6, 2019

Security experts are warning about a phishing scam that can help hackers bypass two-factor authentication (2FA). It showed how the scam uses two new tools, Muraena and NecroBrowser, to potentially trick users into sharing their private credentials.

Scams

Scams Credential Security Phishing

Deep Dive: How FIs Can Upgrade Authentication Measures To Foil Fraudsters? Open Banking Attacks

PYMNTS

JUNE 8, 2020

FIs may need to provide data to FinTech startups without dedicated cybersecurity teams, for example, which could then be more easily compromised by hackers who will steal sensitive bank customer data. Tightening Authentication. MFA requires customers to prove their identities by providing at least two types of credentials.

Authentication

Authentication MFA Phishing Scams

Combating ATOs With Multifactor Authentication, Behaviors Analysis And Customer Education

PYMNTS

JULY 10, 2020

Customers cannot afford to let fraudsters compromise their bank accounts under any circumstances, but the current economic climate makes attacks all the more painful. FIs can adopt more robust login approaches to make it less likely that bad actors can obtain the necessary information to pass authentication checks.

Multifactor Authentication

Multifactor Authentication Authentication Credit Union Fraud Prevention

SEC Issues Corporate Fraud Warning As BEC Scams Climb

PYMNTS

NOVEMBER 16, 2020

The risk of fraud continues to climb for organizations of all sizes as the latest data reveals third-quarter spikes in business email compromise and ransomware scams. Business email compromise scams spiked 15 percent during the period, too, with researchers finding that BEC attacks increased across 75 percent of the industries surveyed.

Business Email Compromise

Business Email Compromise Scams Ransomware Email Compromise

SWIFT Security Controls:Best Practices for Financial Institutions

VISTA InfoSec

MAY 15, 2025

Prevent Compromise of Credentials 4.1 Multi-Factor Authentication 5. Implement robust authentication mechanisms such as MFA. Reduce Attack Surface and Vulnerabilities 2.1 Internal Data Flow Security 2.2 Security Updates 2.3 System Hardening 2.4A Back Office Data Flow Security 2.5A External Transmission Data Protection 2.6

SWIFT

SWIFT Security Best Practices PCI DSS

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Fintech Review

NOVEMBER 28, 2024

Unlike traditional PINs or passwords, sAxess utilizes fingerprint authentication and other biometrics to ensure that only authorized individuals can access sensitive data. This goes beyond current methods of managing sensitive information for individuals and organizations, ensuring data recovery without compromising privacy. “We

Security

Security Transactions Privacy Data Security

Data Breach Leaks 773M Emails, 21M Passwords

PYMNTS

JANUARY 18, 2019

Users of HIBP can enter their email into a query and see if it’s been compromised. For the regular person, this means that email and password combos are especially vulnerable through what’s called credential stuffing. This is when specific combos are used to hack into other accounts using the same login credentials.

Data Breach

Data Breach Breach Credential Compromise

Apple Devices Can Now Use Google Two-Factor Authentication

PYMNTS

JUNE 12, 2019

Compromised credentials are one of the most common causes of security breaches. The technology is FIDO2 compliant, which means that it’s a secure and accommodating standard that lets different devices using different operating systems talk to each other for authentication. “On

Authentication

Authentication Bots Phishing Credential

The Shifting Landscape of Fraud and Identity in 2024

Fintech News

JANUARY 17, 2024

These measures encompass additional customer authentication, cross-border transfer limit reviews, session management controls, and establishing a bank-to-bank information-sharing platform to safeguard the financial sector from evolving threats. Digital mule networks exploit this, testing stolen credentials across various banks.

Deepfake

Deepfake APACS Scams Authentication

Are Connected Devices Threatening Payment Security?

PYMNTS

OCTOBER 26, 2016

From Wi-Fi hotspots to printers, unsecured routers to digital video recorders — connected devices can be vulnerable to hacks and, when compromised, are being used by hackers to launch significant distributed denial-of-service (DDoS) attacks. Going Beyond PCI. to provide additional layers of security. Covering All The (Data) Bases.

Payment Security

Payment Security Security Identity Theft Compromise

Payments Fraud, Via Apps?

PYMNTS

JULY 22, 2019

Reports say that the hacks, which are known as Media File Jacking, allow media that spans photos to documents to be compromised in “real time” and that means intercepting data between when it is written to disk and when they are loaded onto user interfaces. The apps have, cumulatively over 1.5 billion users.

Phishing

Phishing Credential Scams Payments

Mobile Banking Malware on the Rise Amid Rapid Adoption

Fintech News

MARCH 25, 2024

It typically operates by infecting a user’s device through various means, such as phishing emails, fake apps, or compromised websites. However, behind the scenes, the malware captures the user’s login credentials, account information, and other sensitive data entered into the fake UI.

Mobile Banking

Mobile Banking Online and Mobile Banking Identity Theft Credential

Cyber Threats Surge in India’s Financial Sector

Finastra Confirms Breach Amid Hacker’s 400GB Data Theft Claim

Understanding the Cyber Risks in Video Communication

Webinars

Understanding POS Security: Protecting Your Business and Customer Data

How tokenisation has reshaped the future of payments

Tokenisation 2.0: Are we ready for the next generation of payment security?

Strengthening Cyber Defenses with Multi-Factor Authentication

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Advanced Data Security: Safeguarding Your Business In The Digital Age

Visa Launches “Tap-to-Add Card” in Egypt to Enhance Secure and Seamless Digital Payment Experiences

Visa Launches Tap-to-Add Card in Egypt to Bolster Digital Payment Adoption and Card Security

American Express Partners with MX to Enhance Secure Digital Banking Options

How to Create a GDPR-Compliant Password Policy?

Mastercard Goes OTP-Free in APAC for Faster, Safer Online Transactions

Hack Of C-Suite Email Addresses Portends Surge In BEC Fraud

Separating Transactions From Authentication — And Authentication From The Internet

FIs Expect Cybersecurity Spending To Increase In 2021, Study Finds

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

What is Business Email Compromise (BEC)?

SEC Chair Warns Of Increasing Cyberattacks Against Companies

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

SWIFT CSP: A Quick Guide for Financial Institutions

Snowblind Malware Emerges as Major Threat to Banking App Security

Anti-Scam Centre and DBS Bank Recover Over S$170,000 in Tech Support Scam

Chatbot Company Sued By Delta Over Data Breach

P2P Security Issues Plague Millions Of IoT Devices

Deep Dive: Confronting APIs’ Authentication, DDoS Security Threats

The Identity/Authentication Confusion

Cybercriminals Targeting Apps

System Intrusion Rises to Dominance in APAC Threat Landscape

Singapore Authorities Issue Warning on Akira Ransomware Threat

Deep Dive: Reducing The Security Risks Of Open Banking

Security Experts Warn About New Scam That Bypasses 2FA

Deep Dive: How FIs Can Upgrade Authentication Measures To Foil Fraudsters? Open Banking Attacks

Combating ATOs With Multifactor Authentication, Behaviors Analysis And Customer Education

SEC Issues Corporate Fraud Warning As BEC Scams Climb

SWIFT Security Controls:Best Practices for Financial Institutions

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Data Breach Leaks 773M Emails, 21M Passwords

Apple Devices Can Now Use Google Two-Factor Authentication

The Shifting Landscape of Fraud and Identity in 2024

Are Connected Devices Threatening Payment Security?

Payments Fraud, Via Apps?

Mobile Banking Malware on the Rise Amid Rapid Adoption

Stay Connected