BankInfoSecurity.com Announces New Strong Authentication Online WorkshopBankInfoSecurity.com Announces New Strong Authentication Online Workshop The deadline looms for banks, credit unions, and financial organizations offering online services to comply with the FFIEC guidance on strong authentication…BankInfoSecurity.com is offering an online workshop to offer guidance on how to deal with the regulatory recommendations.
In October 2005 the Federal Financial Institution Examination Council (FFIEC) issued guidance stating that Single-factor authentication methodologies may not provide sufficient protection for Internet-based financial services. The FFIEC agencies consider single-factor authentication, when used as the only control mechanism, to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties. The guidance describes enhanced authentication methods that regulators expect banks to use when authenticating the identity of customers using the on-line products and services.
In this workshop BankInfoSecurity.com will present the steps an organization needs to take in order to comply with this guidance. This workshop will start with a concise explanation of the Strong Authentication guidance, its applicability to specific systems and processes, the roles and responsibilities of internal staff versus external service providers, and the impact of this guidance on the organization’s online customers. The workshop will build upon this initial background information and present how an organization needs to conduct a risk assessment over the Internet-facing banking systems. This will include systems hosted internally by an organization as well as provided by 3rd party service providers.
This workshop will present an overview of the authentication technologies referenced in this guidance and the process an organization can follow to implement solutions that address specific risks facing an Internet-facing system. Other topics addressed will include account origination and customer verification, as well as the role of customer awareness and education.