Agencies

Anti-Money Laundering

Business Continuity & Disaster Recovery

Compliance

Emerging Technology

Governance and Standards

Identity Theft

Leadership Management

Physical Security

Risk Management

Training & Education

Webinar Calendar

Vendor Directory

Content Library

Products

Events

About Us

Resources

As Deadline Passes, Some Financial Institutions Going Beyond Compliance Guidelines

Information Security Technology
Risk Management
STRONG Authentication

With the deadline passed for compliance with the Federal Financial Institutions Examination Council (FFIEC) guidelines, financial institutions are seeking cost-effective strategies that meet or exceed meeting regulatory and customer expectations.

According to the FFIEC, any system that permits the movement of funds to other parties or access to customer information is deemed high-risk, necessitating stronger authentication or additional controls. At a minimum, this means two-factor or layered single-factor authentication. In two-factor authentication, the user presents both something he knows, such as a password or PIN, and something he owns, such as a PC, phone, or one-time password. In layered single-factor authentication, the user presents two of the same factors (e.g., two separate passwords). This is as far as most financial institutions go in authenticating customers.

> Read entire article (log in required - registration is free)