Rippleshot Blog

There is just over one week left before the EMV liability shift takes place, and it’s looking like neither consumers nor merchants will be as prepared as expected. Though many experts have been claiming for months that the U.S. will be unlikely to hit the self-imposed October 1st deadline, recent surveys have shown a much more grim outlook.

In 2013, the Target data breach had everyone from consumers, businesses, financial institutions and those who sit somewhere in-between, trying to navigate following a catastrophic data theft. Consumers frustrated by the retailer’s data security standards attempted to bring Target to justice through class action lawsuits. However, a recent court ruling has made it much easier for organizations that suffer a data breach to be sued by affected customers. Up until late July, breached companies were able to use a legal rule to shield them from potential damages related to class action lawsuits.

The latest fraud scheme is targeting an unlikely audience of millennials, and using social media to do it. By hitting an audience of college students or recent graduates who are likely cash-strapped and living paycheck to paycheck, the fraudsters are cashing in - literally - on this group’s often outright desperation for a quick buck.

As we approached the end of 2014, dubbed “the year of the data breach”, the US had experienced a record high of 783 publicly announced data breaches. You could not turn on the TV, open a newspaper or surf the internet without hearing how globally recognized organizations like Home Depot, JPMorgan Chase, UPS, Target and many more fell victim to a breach. Consumers experienced data breach fatigue and started to become unfazed as breach after breach was uncovered. With the 2015 holiday season nearing, analysts are looking to see if 2014’s stretch of breaches will affect consumer shopping habits in 2015.

The race to launch the next big mobile payment application turned into a full out sprint after Apple Pay debuted in the fall of last year. The four front-runners - Samsung Pay, Apple Pay, Android Pay and CurrentC - are all competing for market share in a crowded and quickly changing payments space. Curious what the differences are between them, and which, if any, will be the answer to a growing payment card fraud problem? We break it all down, with the details you need to know:

One of the latest trends in the security industry is experiencing resurgence, involves a device that nearly everyone with a smartphone has used at least once in the last twelve months. They’re in nearly every airport, your favorite restaurant or bar, conferences; it’s nearly impossible to miss the charging stations that keep our lifelines to the world charged. These charging stations are manufactured and distributed across the country by a variety of a vendors, however there is a serious security threat that dates back as a far as 2013.

In the payment security space, the news is almost impossible to ignore. EMV chip-enabled cards are coming, along with an incredibly important fraud liability shift. As of October, whichever party (issuers or merchants) is not EMV compliant will take responsibility for fraud and all related chargebacks.

In a post covering the Fraud Summit here in Chicago in May, we discussed the growing concern over whether or not merchants will be able to meet the rapidly approaching deadline. The concern though, isn’t with the big box merchants, many of whom are already compliant - it’s with the smaller merchants who don’t have the technical support and cash that the larger companies have to implement overhauls of this size and scope.

Unfortunately, a recent survey by Wells Fargo confirms the suspicions that these smaller merchants won’t be ready. In fact, 68% of the small business owners surveyed in early July weren’t even aware that the EMV shift was happening.

This week, industry executives and thought leaders from all across the retail ecosystem gathered in Chicago for Retail Reinvention to discuss the strategic future of retail and payments. R₂, powered by PYMNTS.com, brought the best and brightest together to discuss how emerging payments and technologies from industry heavyweights like Walmart, McDonald's, American Express, Amazon and Target.

Since we last covered the Target lawsuit, we saw a potential $19 million settlement brought to the table by Mastercard, which was defeated by their issuing banks in May. The settlement would have forced an end to the class-action litigation, which is now moving forward, in parallel with MasterCard’s attempt to renegotiate their settlement deal. Late last week, the banks involved in the lawsuit filed a request with the U.S. District Court of Minnesota to unseal some documents that until now, Target has been attempting to keep classified as confidential.

Every day, fraud analysts across the U.S. are stretched razor thin attempting to curtail the ever-growing fight against fraud. The current methods of common point of purchase (CPP) analysis are labor-intensive and time-consuming, that are done in-house via a manual process.

As the deadline for implementation of EMV nears closer, and chip cards are starting to hit customer mailboxes, questions surrounding the conversion are growing louder. The most controversial being why the U.S. has chosen to implement chip and signature over chip and PIN (like most other countries that have made the switch). There has been a ton of speculation over the decision, so we’re taking a step back to explain the differences, their impact, and what it really means to not be implementing PIN verification.

Back in March of this year, we put together ten data breach statistics that should have your attention, followed shortly there after with ten more statistics that needed your attention. After the publishing of the 2015 Trustwave Global Security Report, and the 2015 Ponemon Institute Cost of A Data Breach Study, we’ve pulled 10 new stats that financial institutions, retailers and cardholders need to be aware of moving forward.

In 2013, we saw the start of a series of massive data breaches impacting organizations of all sizes, across a variety of industries. Ranging from retailer heavyweights such as Target, to regional grocery chains like Supervalu. In 2014, we saw organizations like Home Depot, JPMorgan Chase and eBay fall victim to a data breach, compromising a total of roughly 330 million personal records. 

The introduction to Trustwave’s latest Global Security Report said it best - “Compromises are nothing new, of course, but 2014 just felt different.” Many called it the “Year of the Data Breach.” Many more were affected directly, with billions of personal records being compromised. But maybe most importantly, 2014 thrust data security into the public eye, forcing merchants, financial institutions, government and everyone in between to place a higher priority on breach prevention and detection.

Trustwave’s report provides a unique overview of the global security landscape, what trends emerged over the past year, and what the payments industry should keep an eye on moving forward.

The Ponemon Institute and IBM recently released its annual Cost Of Data Breach Study: Global Analysis, receiving contributions from over 350 organizations in 16 different industries in 11 countries that were involved in an event where an individual’s name plus a medical or financial record is potentially at risk.

Last Thursday, IBM and the Ponemon Institute hosted a webinar covering the findings from the 2015 report led by David Puzas, Director of Portfolio Marketing, Security Services at IBM and Dr. Larry Ponemon, Chairman and President of the Ponemon Institute.