New FFIEC guidance falls short on requirements for stronger online ID
Attacks on financial service providers, like the one that claimed more than 210,000 names and account numbers from Citi Corp., are no longer the exception. Hackers are continuing attacks to gain account information to commit fraud.
Businesses and consumers need to be aware of the sites they are accessing, and steadfastly guard user names and passwords. In recent years, financial institutions have taken steps to protect customers but with the recent spate of attacks and new malicious software keeping up is difficult.
These problems aren’t new. In 2005 the Federal Financial Institutions Examination Council (FFIEC) released guidance recommending a risk-based approach to online account security, requesting that institutions provide periodic assessments in response to new threats. This led banks to offer different authentication mechanisms. Pictures and images were used to reinforce that a customer was on a legitimate bank Web site; secure browser cookies were required before enabling a login; one-time pass code generators were deployed.
There are 892 words in the rest of this article …
Library Access Required
Library subscribers have access to the full archives of more than 10,000 original news items and feature articles published by AVISIAN’s suite of ID technology publications (ContactlessNews.com, CR80News.com, DigitalIDNews.com, FIPS201.com, NFCNews.com, RFIDNews.org, SecureIDNews.com, and ThirdFactor.com).
For just $49, you receive unlimited password-protected access to content on all of AVISIAN’s sites for an entire year. Your subscription helps fund the continued creation of independent, insightful content. Find out more.
Sign in as a Subscriber
If you are already a subscriber, you may sign in now. Enter your Email Address and Password and click Sign In.
If you have forgotten your password, enter just your Email Address, and click Send Password.
