Best Practices in Out-of-Wallet Questions and Device ID

As I’m sure you are aware, the Federal Financial Institutions Examination Council (FFIEC) recently released its, “Supplement to Authentication in an Internet Banking Environment” guiding financial institutions to mitigate risk using a variety of processes and technologies as part of a multi-layered approach.

In light of this updated mandate, businesses need to move beyond simple challenge and response questions to more complex out-of-wallet authentication.  Additionally, those incorporating device identification should look to more sophisticated technologies well beyond traditional IP address verification alone.

Recently, I contribute to an article on how these new guidelines might affect your institution.  Check it out here, in full:  http://ffiec.bankinfosecurity.com/articles.php?art_id=3932

For more on what the FFIEC guidelines mean to you, check out these resources – which also gives you access to a recent Webinar.