Identity authentication is a critical security strategy that banks use to protect their customers, and stop various forms of banking fraud. No bank or financial institution can operate without it.

But as today’s savvy criminals get better at bypassing different authentication solutions, it is recommended that banks should deploy at least two factors of authentication that cover any of the two following categories:

1. “Something you know” (e.g., password, personal identification number [PIN], personally identifiable information [PII])
2. “Something you are” (e.g., fingerprint, retinal pattern, DNA)
3. “Something you have” (e.g., ID or ATM card, security token, telephone)

According to the Federal Financial Institutions Examination Council’s Authentication in an Internet Banking Environment, August 15, 2006, two-factor authentication (aka as multifactor authentication) is described as:

“By definition true multifactor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple solutions from the same category would not constitute multifactor authentication.”

Most banks use both passwords and knowledge-based authentication techniques such as security questions, which both fall within the same (Something you know) category. As a result, the Federal Financial Institutions Examination Council recognizes the use of these two solutions as only a single factor of authentication.

When it comes to the telephone channel, which remains one of the most widely used channels banking customers use for financial transactions, TrustID re-establishes calling party number as a trusted credential for identifying customers over the phone while fulfilling the need for a true second factor of authentication.

The TrustID Telephone Firewall solution makes the phone number a valid “Something you have” credential by instantly validating the claim of Caller ID and ANI as either a trusted credential or spoofed call without relying on something the user knows or is to identify customers. Because validating the calling party number falls in a separate category (Something you have) than knowledge-based authentication techniques (Something you know), TrustID provides banks with a customer-friendly identity authentication solution for true multifactor authentication.

Tags: ANI, ANI Spoofing, ANI validation, Authentication, Banking Fraud, Call Center, call center fraud, call security, call spoofing, caller authentication, Caller ID, Caller ID fraud, Caller ID Spoofing, Caller ID validation, calling party number, calling party number spoofing, contact center, cyber security, identity authentication, identity theft, KBA, knowledge-based authentication, multifactor authentication, personally identifiable information, social engineering, social engineering threats, telecom security, telecommunications security, telephone authentication, telephone commerce, Telephone firewall, Telephone Firewall solution, telephone firewall validation, telephone fraud, traditional PBX, TrustID, TrustID Telephone Firewall, validate ANI, validate Caller ID