Rethinking Multifactor Authentication

January 17, 2013
By

By: Sean Martin

How does your financial institution approach authentication?

A recent article by American Banker, 10 Big Ideas for Banking in 2013, shares thoughts on revising your authentication strategy as a way to improve your systems’ defenses. To be certain, while you are updating your security policies, hackers are revamping their attack methods, making authentication an essential factor to consider when developing your security strategies for 2013. 

Many banks currently are using knowledge-based authentication only. This is a tried-and-true method, but there are a few possibilities for hackers to compromise this form of authentication. For example, the Zeus Trojan could infect a customer’s system to capture keystrokes and forward those to a hacker. Or it can redirect users to a phishing site where they provide the correct answers to their security questions for hackers to then use. 

To be effective, several types of authentication should be considered for today’s security purposes, but the approach that your institution takes should reflect your customers. What information are your customers comfortable sharing? Do the majority of them use text messaging on their mobile phones? You can have various layers of authentication in place, but if your customers aren’t comfortable using them—the authentication won’t protect their information.

An additional factor to consider when addressing the methods of authentication to use is the guidance provided by regulatory agencies. For instance, the FFIEC advises the use of multifactor authentication where challenge/response approaches to authentication are not considered compliant unless coupled with something the user has(a PIN sent to a user’s cell phone) or something the user is (a fingerprint).

And even if you’re not a “big box” bank, don’t think your bank is at less risk from hackers, because they assume that the IT budget for smaller institutions is lower. Authentication strategies are important for financial institutions of all sizes. The best authentication methods and strategies depend on your financial institution’s user base. So as you rethink authentication in 2013, ask these two critical questions:

  1. How comfortable are your customers with specific technologies? 
  2. What strategy is the easiest to implement based on your customer base, with cost effectiveness in mind? 

Security changes constantly, as do your users and the applications that they use to access their accounts. That’s why it’s more important than ever to stay updated on the level of authentication that’s best for your organization.

Sean Martin is an operations center manager and risk expert with Computer Services Inc. (CSI)’s Managed Services Division, a leading provider of cloud-based managed performance, security and IT-related services. Sean may be reached at sean.martin@csiweb.com

Share It:

Original Post: http://www.csiweb.com/Resources/Overview/Blog/TabId/312/PostId/23/rethinking-multifactor-authentication.aspx

Tags:

2 Responses to Rethinking Multifactor Authentication

  1. norton36021 on October 18, 2013 at 9:59 pm

    That would work perfectly as a title. This thing doesn’t come out until August, so there’s still time, marketing people!\nWith the built-in Google Maps navigation equipment, you can go anywhere you want. In 1992 Rolex made Birkin Bag Hermes Price luxury watch history by releasing the Yacht Master. Everyone knows that replica is a copy that is relatively the same as Hermes Birkin Black the original. The Rolex is known all over the world due to the high standards and excellent quality control. These top quality watches provide excellent performance, perfect innovation and reliable stability and that is the reason why Rolex replica watches are world widely respected by Hermes Birkin Orange their customers. You truly will know you’ve bought the right gift when you see it. These three places are Delhi, Agra and Jaipur. In the city of Jaipur tourists can visit Hawa Mahal, City Palace, Govind Templen Jal Mahaln Hermes Birkin Replica Price List Mubarak Palace Nahargarh fort, Jaigarh fort Amber Fort, Kanak Valley etc. Rajasthan Tour Package. This tour package offers the tourists a great opportunity to experience the land of the Kings which is Royal in it.

  2. canada goose cheap promotion on October 19, 2013 at 10:49 am

    Sincerly like your good idea,you will amount to something in the future,future belong to you!Our web provide absolutely cheap price goods for you,welcome you always.
    canada goose cheap promotion http://www.snowjacketsoutlet.com/

Leave a Reply

Your email address will not be published. Required fields are marked *




Archives