23 October 2017
Register now

Online security set to be critical imperative for banking industry

15 April 2011  |  10113 views  |  0 biometrics eye

Online bank security is set to emerge as a hot industry topic over the coming months and years, with the White House set to release plans for a national digital identity strategy, Federal agencies sitting on new proposals for strengthening bank-to-customer authentication, and the emergence of new online channels and technologies such as social media and cloud computing.

The Obama administration's National Strategy on Trusted Identities in Cyberspace (NSTIC) is expected to release proposals for a federated 'ID ecosystem' this afternoon, following a year of intense consultation and collaboration with public and private sector stakeholders.

The NSTIC intends to set out a strategy that improves upon the passwords currently used to log-in online by encouraging the creation of a digital ID marketplace where users can shop among multiple identity providers.

At the same time, the US banking industry is awaiting fresh guidance from the Federal Financial Institutions Examination Council (FFIEC) on the application of authentication techniques to protect customers from online criminals. This follows a spate of successful cyber attacks on small companies, businesses and retail customer accounts and a succession of legal tussles between banks and their customers over liability issues.

In mid-December, the FFIEC circulated a 10-page draft update to its initial two-factor authentication mandate that was first issued in 2005. The draft update was inadvertently leaked on the Web and contains proposals for improving risk assessment, the introduction of multi-factor authentication and layered security controls capable of monitoring and capturing suspicious account activity.

Regulatory imperatives notwithstanding, the emergence of new consumer channels and the adoption of cloud computing techniques is also expected to create a fresh wave of security challenges for the global banking industry.

Michael Versace, research director, IDC Financial Insights, comments: "IT must plan for ways to effectively extend and support identity and access management policies and infrastructures beyond the data centre and stay in step with the emerging trends driven by the increase in sophistication and numbers of identities in the cloud."

The importance placed on cloud computing by financial institutions was emphasised yesterday in a newly-published report by US investment bank State Street, which forecast rapid take-up by the industry. According to the report, the adoption of cloud computing will bring immeasurable benefits not only within the bank, but also externally to investors through greater automation and capacity on demand, and accelerated time to market of innovative new products - including custom analytics and data.

"Cloud is a new frontier for identity management, and business managers, regulators, and CIOs alike have a lot to consider as identity continues to move beyond the enterprise," says IDC's Versace. "New approaches, practices, and technologies - which today include long lists of siloed identities, passwords, tokens, and other techniques with little interoperability - need to be considered as business users demand more cost effective solutions and customers look to simplify their lives online. In addition, as identity management is a service in and of itself, organisations will look for ways to broker these services in a risk aware, trusted, and reliable way across financial services and with business partners."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Government spooks called in to investigate Nasdaq OMX hack

Government spooks called in to investigate Nasdaq OMX hack

31 March 2011  |  8046 views  |  0 comments
Cybercrook peddles Zeus source code

Cybercrook peddles Zeus source code

24 March 2011  |  8873 views  |  0 comments
RSA hacked: SecurID two factor authentication data leaked

RSA hacked: SecurID two factor authentication data leaked

18 March 2011  |  17639 views  |  0 comments
Zeus man-in-the-mobile attack targets Polish ING customers

Zeus man-in-the-mobile attack targets Polish ING customers

22 February 2011  |  12804 views  |  2 comments
Russian hacker pleads guilty over $9m RBS WorldPay heist

Russian hacker pleads guilty over $9m RBS WorldPay heist

08 February 2011  |  13990 views  |  0 comments
UK and US exchanges call in security services over suspected cyber-attacks

UK and US exchanges call in security services over suspected cyber-attacks

31 January 2011  |  15972 views  |  0 comments
UK teenager behind cybercrimewave to face prison spell

UK teenager behind cybercrimewave to face prison spell

24 November 2010  |  10085 views  |  0 comments
Zeus Trojan opens backdoor crack to two-factor SMS authentication

Zeus Trojan opens backdoor crack to two-factor SMS authentication

27 September 2010  |  13579 views  |  0 comments
Zeus Trojan steals £675,000 from UK bank

Zeus Trojan steals £675,000 from UK bank

10 August 2010  |  11863 views  |  0 comments
Alleged RBS WorldPay ATM heist ringleader extradited

Alleged RBS WorldPay ATM heist ringleader extradited

09 August 2010  |  10805 views  |  0 comments
Guardian Analytics raises $9 million as cybercrime rates soar

Guardian Analytics raises $9 million as cybercrime rates soar

24 May 2010  |  8083 views  |  3 comments
Banks failing to protect small businesses from cyber crime wave

Banks failing to protect small businesses from cyber crime wave

10 March 2010  |  10832 views  |  0 comments
PayPal, Google and Equifax back launch of Open Identity Exchange

PayPal, Google and Equifax back launch of Open Identity Exchange

03 March 2010  |  19535 views  |  0 comments
US retailers face $100bn in ID fraud losses a year - study

US retailers face $100bn in ID fraud losses a year - study

10 November 2009  |  8036 views  |  0 comments
UK online banking losses continue to climb

UK online banking losses continue to climb

07 October 2009  |  10600 views  |  1 comments
Sophisticated cybercrooks cracking bank security efforts

Sophisticated cybercrooks cracking bank security efforts

30 September 2009  |  13115 views  |  0 comments
Online ID interoperability initiative launched

Online ID interoperability initiative launched

19 June 2009  |  14181 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7409 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.vasco.comRegister nowvisit www.fivedegrees.nl

Top topics

Most viewed Most shared
Mastercard to roll out blockchain APIMastercard to roll out blockchain API
17112 views comments | 21 tweets | 35 linkedin
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
14316 views comments | 22 tweets | 30 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
10516 views comments | 12 tweets | 23 linkedin
satelliteGates Foundation backs Ripple collaboratio...
10128 views comments | 13 tweets | 10 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job