Whether it’s mobile payment fiascos, PCI security changes, E-Commerce hiccups at your largest rivals or new CRM legal hurdles you now need to clear, FierceRetailIT lets you know first. Sign up for our free weekly email newsletter today!
Target has reached an agreement with Visa that will reimburse card issuers up to $67 million for costs incurred by the retailer's data breach during the 2013 holiday season. The deal covers credit cards and debit cards issued by financial institutions under the Visa brand. It took months of negotiations, and the specific dollar amount of the deal has not yet been disclosed, The Wall Street Journal reported.
Many retailers are going to miss the EMV fraud liability shift deadline in October. While this is not the end of the world, retailers need to continue to work at transitioning to EMV while making sure other security bases are covered.
In an indication of how quickly new security technologies can be breached, Mexican fraud experts have discovered an ATM skimming device that can compromise chip-enabled cards like EMV, security blogger Brian Krebs reported in Krebs on Security. The device is called a "shimmer" because it is like a shim sitting between the card chip and the ATM chip reader. ATM security firm 3VR told Krebs the device is inserted from outside the ATM with no access needed to internal components.
After failing to pass the Cybersecurity Information Sharing Act prior to its August recess, the U.S. Senate has postponed action on the bill—which some saw as urgent and others thought was being rushed—until September.
While companies and their security vendors are making significant improvements against global cyber threats, the bad guys are also becoming more sophisticated, according to the Cisco Midyear Security Report. The white paper's key message was that while enterprises take one jump forward, the hackers remain two jumps ahead—and they are getting nastier in their fraudulent behavior. One recommendation is to integrate threat defenses because users have many security products that don't interact well, leaving vulnerabilities for hackers to exploit.