Taking Fraud Out of Online Banking
Taking Fraud Out of  Online Banking
Evolution of identity fraud techniques, including man-in-the-middle
The authentication solution landscape for financial institutions - what are some of the choices banks have to fight fraud (e.g., risk-based authentication, strong authentication, PKI, OTP, smart cards)
Life in the trenches - Implementing FFIEC guidelines and banking industry best practices for strong authentication


Over the last few years, the online threats targeting financial institutions and their customers have undergone some significant advancements. The threats have become very sophisticated, and they continue to succeed in spite of customer education and significant investment in security technology. At the same time, banks are under pressure to implement the FFIEC guidelines requiring stronger authentication.

One example of the sophisticated attacks banks face is a new type of phishing attack called Man-in-the-Middle. This threat can succeed in spite of stronger authentication techniques that satisfy FFIEC guidelines, including OTP tokens, grid pads, and site authentication techniques like pictures.

Financial institutions looking to protect their online customers from identity fraud have a wide range of technologies from which to choose. Traditional hardware-based solutions, such as OTP tokens or smart cards, require changes to user behavior and/or are prohibitively expensive to push out to all online customers.

Arcot has created software-only strong authentication solutions that make it easy and affordable to protect millions of online bank customers from identity fraud. Our authentication solutions eliminate the need for hardware tokens and complex login processes. We deliver authentication solutions that provide the strength of hardware yet with the simplicity of a password.

Around the Network