iovation, the first online fraud detection solution that tracks the reputation of devices, today announced the release of AccountLock, a family of authentication products that guard against unauthorized account access while offering multiple levels of user control, visibility and implementation stages depending on institution's needs.
AccountLock is an enterprise application targeted to financial institutions requiring strong, online authentication methods to meet FFIEC guidelines. Built on the company's widely adopted ieSnare and Device Reputation Authority (DRA) online risk management system, iovation's AccountLock product line offers immediate and long-term defense against unauthorized account access.
"Consumers are ready for financial institutions to take action against fraudsters who attempt to access account information. We created AccountLock to meet this demand," said Greg Pierson, president and CEO of iovation. "iovation has affordable, visible and effective solutions that consumers actually want to use."
In a recent guidance announced by the FFIEC, banks and other financial institutions, "should implement multifactor authentication, layered security, or other controls to mitigate risks." iovation recommends a phased approach to fighting online fraud. First, AccountLock defends online bank accounts by providing a strong two-factor authentication feature - transforming the user's login device or PC into a powerful second security factor to guard against unauthorized account access. This first line of defense also helps financial institutions meet FFIEC guidelines.
iovation's solutions can further strengthen defenses against unauthorized online access by allowing end-users to exercise control over which computers can access their accounts. Users simply lock a device(s) to their online financial accounts for two-factor two-way authentication. Even if a user is phished, the stolen login ID/Password information is rendered useless unless the fraudster has access to the victim's physical computer. Two-way authentication allows the user to confidently recognize the Web site by pre-defining names for their computer. By deploying AccountLock, banks give consumers the flexibility to control their own access.
Bruce Cundiff, Research Analyst at Javelin Strategy & Research, indicates that limiting online account access to certain devices, PCs and otherwise - with additional authentication measures necessary for login via unrecognized devices - is a superior security and authentication solution. "The Javelin "A.C.E." assessment model for strong authentication solutions, based on affordability, consumer usability, and the effectiveness of the solution, places device recognition solutions among the most highly ranked," Cundiff said.
AccountLock provides strong multifactor authentication without costly and burdensome hardware by allowing access only from authorized devices. AccountLock provides a layered approach to combating online security and fraud problems. By empowering consumers with the tools to protect their online accounts, AccountLock reduces the risk posed by phishing attacks and other criminal behavior.