Not prepared for the FFIEC guideline examination?
How big of a problem is first-party fraud?
First-party fraud, defined as fraud that occurs when consumers apply for credit with no intention of repaying funds, represents as much as 25% of total U.S. consumer credit card charge-offs and continues to outpace third-party frauds such as that associated with data breaches and card skimming
Are you ready for the FFIEC Guidance?
Webinar: FFIEC Guidance & Combating Banking Fraud
Event Title:
FFIEC & Combating Banking Fraud: Ensuring Optimal Efficacy and Balance with Out-of-Wallet Questions and Device Identification
Original Event Date:
Tuesday, July 26, 2011
Duration:
1 Hour
FFIEC Guidance on Authentication in Internet Banking Environment
Are you ready for FFIEC guideline examinations?
Understanding the guidance from the FFIEC
The Federal Financial Institutions Examination Council (FFIEC) recently released the supplement to its "Authentication in an Internet Banking Environment" guidance, which was first issued by the FFIEC in 2005. The deadline for meeting the new requirements is now and examinations with the new guideline began in January 2012.
These updates of the FFIEC regulations specifically address customer authentication, layered security, and other controls in the growing online environment.
The official guidance highlights the need for:
- Better risk assessments
- Effective strategies for mitigating known online risks
- Improved customer and employee fraud awareness
What the FFIEC guidance means for you?
U.S. financial institutions are required to mitigate risk using a variety of processes and technologies, employed in a layered approach. Businesses are required to move beyond simple questions, for example, to a more complex out-of-wallet identity verification procedure that incorporates broad data assets and analytics.
How Experian can help you prepare for the FFIEC guidance
Our goal is to provide specific recommendations to modify existing processes in order to close the gap between current processes and the FFIEC’s expectations - which take effect January 2012. We will help you refine your existing fraud and identity management processes to ensure that your organization meets the FFIEC’s expectations.
Recent Articles on the FFIEC guidelines
FFIEC Authentication Guidance: The Case for Knowledge-Based AuthenticationThe latest guidance issued by the Federal Financial Institutions Examination Council draws a line of clear distinction between the types of knowledge-based authentication available - from static challenge questions, such as those derived from customer enrollment information, to dynamic KBA sessions that serve as part of more complex out-of-wallet identity verification procedures. This article explores the differences of static questions and dynamic KBA sessions. |
Risk-Based Authentication: A Vital Component in Ensuring FFIEC ComplianceThe Federal Financial Institutions Examination Council (FFIEC) recently released a supplement to the "Authentication in an Internet Banking Environment" guidance, originally published in 2005. Within this update are "Specific Supervisory Expectations" related to an overall "General Supervisory Expectation" that institutes a "system of layered security." The specific expectations include, but are not limited to, conducting risk assessments at least every 12 months, customer authentication for high-risk transactions and layered security programs. |
FFIEC Guidelines: Catching Up to Best Practices in Device Identification and Identity VerificationThe latest guidance issued by the Federal Financial Institutions Examination Council (FFIEC) is asking U.S. financial institutions to mitigate risk using a variety of processes and technologies, employed in a layered approach. More specifically, businesses must move beyond simple device identification - such as IP address checks, static cookies and challenge questions derived from customer enrollment information - to more complex device identification and more complex out-of-wallet identity verification procedures. |
What is risk-based authentication?
A risk-based fraud detection system allows institutions to make decisions based on a holistic view of a customer’s identity and predicted likelihood of associated identity theft, application fraud, or other fraud risk. Incorporating comprehensive and broadly categorized data assets with targeted analytics and consistent decisioning policies can achieve a measurably effective balance between fraud detection and positive identity proofing results.
View a Webinar to learn how a risk-based approach to verifying customer information enables consistent and objective decisions, faster approvals and maximizes the usage of staff time, allowing you to balance fraud prevention with building and nurturing your customer relationships.
What is out-of-wallet identity verification?
“Out-of-wallet questions” is a method for customer verification to further verify the legitimacy of an identity. Questions derived from a combination of both credit and non-credit data sources often prove most impactful in the fight against fraud. Furthermore, cross-referencing a customer’s question performance with other risk attributes such as authentication scores will generally provide the most foretelling decisioning criteria
What is complex device identification?
Complex techniques involve assessing larger sets of attributes and applying both pattern recognition algorithms and pattern-learning processes for device identification and recognition. Moreover, any system that’s going to be used effectively in today’s Internet environment needs to be adept at recognizing a wide variety of devices.
Request More Information
Combining the leading-edge analytics and decisioning technology of authentication scores with the sophisticated challenge-response questions, you have a risk-based solution to ensure regulatory compliance for the FFIEC guidance.
Complete this form and a representative will contact you as soon as possible.
Note: This form is for use by businesses only. If you have a question regarding your personal credit report or credit score choose from our contact options for assistance. If you need fraud assistance, visit the fraud center. To dispute your credit report, visit our dispute center.