17 August 2017
visit www.avoka.com

Online security set to be critical imperative for banking industry

15 April 2011  |  10064 views  |  0 biometrics eye

Online bank security is set to emerge as a hot industry topic over the coming months and years, with the White House set to release plans for a national digital identity strategy, Federal agencies sitting on new proposals for strengthening bank-to-customer authentication, and the emergence of new online channels and technologies such as social media and cloud computing.

The Obama administration's National Strategy on Trusted Identities in Cyberspace (NSTIC) is expected to release proposals for a federated 'ID ecosystem' this afternoon, following a year of intense consultation and collaboration with public and private sector stakeholders.

The NSTIC intends to set out a strategy that improves upon the passwords currently used to log-in online by encouraging the creation of a digital ID marketplace where users can shop among multiple identity providers.

At the same time, the US banking industry is awaiting fresh guidance from the Federal Financial Institutions Examination Council (FFIEC) on the application of authentication techniques to protect customers from online criminals. This follows a spate of successful cyber attacks on small companies, businesses and retail customer accounts and a succession of legal tussles between banks and their customers over liability issues.

In mid-December, the FFIEC circulated a 10-page draft update to its initial two-factor authentication mandate that was first issued in 2005. The draft update was inadvertently leaked on the Web and contains proposals for improving risk assessment, the introduction of multi-factor authentication and layered security controls capable of monitoring and capturing suspicious account activity.

Regulatory imperatives notwithstanding, the emergence of new consumer channels and the adoption of cloud computing techniques is also expected to create a fresh wave of security challenges for the global banking industry.

Michael Versace, research director, IDC Financial Insights, comments: "IT must plan for ways to effectively extend and support identity and access management policies and infrastructures beyond the data centre and stay in step with the emerging trends driven by the increase in sophistication and numbers of identities in the cloud."

The importance placed on cloud computing by financial institutions was emphasised yesterday in a newly-published report by US investment bank State Street, which forecast rapid take-up by the industry. According to the report, the adoption of cloud computing will bring immeasurable benefits not only within the bank, but also externally to investors through greater automation and capacity on demand, and accelerated time to market of innovative new products - including custom analytics and data.

"Cloud is a new frontier for identity management, and business managers, regulators, and CIOs alike have a lot to consider as identity continues to move beyond the enterprise," says IDC's Versace. "New approaches, practices, and technologies - which today include long lists of siloed identities, passwords, tokens, and other techniques with little interoperability - need to be considered as business users demand more cost effective solutions and customers look to simplify their lives online. In addition, as identity management is a service in and of itself, organisations will look for ways to broker these services in a risk aware, trusted, and reliable way across financial services and with business partners."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Government spooks called in to investigate Nasdaq OMX hack

Government spooks called in to investigate Nasdaq OMX hack

31 March 2011  |  7990 views  |  0 comments
Cybercrook peddles Zeus source code

Cybercrook peddles Zeus source code

24 March 2011  |  8822 views  |  0 comments
RSA hacked: SecurID two factor authentication data leaked

RSA hacked: SecurID two factor authentication data leaked

18 March 2011  |  17568 views  |  0 comments
Zeus man-in-the-mobile attack targets Polish ING customers

Zeus man-in-the-mobile attack targets Polish ING customers

22 February 2011  |  12742 views  |  2 comments
Russian hacker pleads guilty over $9m RBS WorldPay heist

Russian hacker pleads guilty over $9m RBS WorldPay heist

08 February 2011  |  13914 views  |  0 comments
UK and US exchanges call in security services over suspected cyber-attacks

UK and US exchanges call in security services over suspected cyber-attacks

31 January 2011  |  15919 views  |  0 comments
UK teenager behind cybercrimewave to face prison spell

UK teenager behind cybercrimewave to face prison spell

24 November 2010  |  10023 views  |  0 comments
Zeus Trojan opens backdoor crack to two-factor SMS authentication

Zeus Trojan opens backdoor crack to two-factor SMS authentication

27 September 2010  |  13513 views  |  0 comments
Zeus Trojan steals £675,000 from UK bank

Zeus Trojan steals £675,000 from UK bank

10 August 2010  |  11783 views  |  0 comments
Alleged RBS WorldPay ATM heist ringleader extradited

Alleged RBS WorldPay ATM heist ringleader extradited

09 August 2010  |  10755 views  |  0 comments
Guardian Analytics raises $9 million as cybercrime rates soar

Guardian Analytics raises $9 million as cybercrime rates soar

24 May 2010  |  8021 views  |  3 comments
Banks failing to protect small businesses from cyber crime wave

Banks failing to protect small businesses from cyber crime wave

10 March 2010  |  10772 views  |  0 comments
PayPal, Google and Equifax back launch of Open Identity Exchange

PayPal, Google and Equifax back launch of Open Identity Exchange

03 March 2010  |  18879 views  |  0 comments
US retailers face $100bn in ID fraud losses a year - study

US retailers face $100bn in ID fraud losses a year - study

10 November 2009  |  7986 views  |  0 comments
UK online banking losses continue to climb

UK online banking losses continue to climb

07 October 2009  |  10538 views  |  1 comments
Sophisticated cybercrooks cracking bank security efforts

Sophisticated cybercrooks cracking bank security efforts

30 September 2009  |  12979 views  |  0 comments
Online ID interoperability initiative launched

Online ID interoperability initiative launched

19 June 2009  |  14113 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7350 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.dorsum.euvisit www.worldpaymentsreport.comvisit www.niceactimize.com

Top topics

Most viewed Most shared
Coinbase raises $100mCoinbase raises $100m
10310 views comments | 14 tweets | 14 linkedin
DBS Bank launches online car selling marketplaceDBS Bank launches online car selling marke...
9683 views comments | 13 tweets | 11 linkedin
China preps central clearing house for mobile payments providersChina preps central clearing house for mob...
9556 views comments | 8 tweets | 15 linkedin
HSBC automates documentary trade processing with IBMHSBC automates documentary trade processin...
8512 views comments | 6 tweets | 21 linkedin
Monzo appoints Curve co-founder Foster-Carter COOMonzo appoints Curve co-founder Foster-Car...
7988 views comments | 1 tweets | 2 linkedin

Featured job

Find your next job