Authenticating banking customers in a mobile world

Posted on: February 29th, 2012 by art

Is your banking institution prepared for mobile transactions? If not, you’ve got some work to do.

According to the article, “How Safe Is Paying With Your Phone?”, mobile banking is here. More alarming, however, is that Consumer Reports estimates that nearly 30% of Americans that use their phones for banking, accessing medical records and storing other sensitive information do not take precautions to secure their phones. This leaves customers and banks susceptible to various forms of identity, financial and bank fraud schemes.

As financial institutions offer more ways for consumers to bank, they need to take proper security measures to protect their customers and secure all of their banking environments, including the telephone channel. With more mobile transactions on the way, banks need to utilize a multi-factor authentication defense to make sure their growing platforms for communicating with customers are secure.

I think the new FFIEC guidelines are pretty clear on the type of layered approach that’s needed to authenticate banking customers in a mobile world. Deploying at least two factors of authentication for identifying customers over the telephone is essential to stopping more harmful forms of identity fraud that, according to Javelin’s “2012 Identity Fraud Report: Social Media and Mobile Forming the New Fraud Frontier”, climbed 13% in 2011.

By automatically validating the physical location of a landline phone or mobile phone, the TrustID® network-based Physical Caller Authentication tool fulfills the FFIEC’s “Something you have” (e.g., ID or ATM card, security token, telephone) credential for identifying customers over the phone channel.

Combined with other authentication solutions that cover either the “Something you know” (e.g., password, personal identification number, personally identifiable information) or “Something you are” (e.g., fingerprint, retinal pattern, DNA) authentication categories outlined by the FFIEC, TrustID is a complementary tool for helping financial institutions achieve the recommended multi-factor authentication paradigm for identifying customers.

Tags: , , , , , , , , , , , , ,

Comments are closed.

  • REQUEST INDUSTRY BRIEFING PAPERS
  • VIEW DEMO
  • USE CASE
  • ANI SPOOFING TOOL

  • CISO Text

             

    Authentication without caller involvement materially improves the customer experience, especially for ‘premier accounts.’ TrustID will greatly assist with not only customer service, but also with board level compliance issues.

    – CISO, top 10 global bank

  • CISO 2 Text

             

    As less customer PII is made available to our contact  center advocates for identity validation, our enterprise risk of a costly data  breach is dramatically decreased.

              – CSO, global financial company

    Offshore agents are highly vulnerable to fraud schemes  and social engineering. TrustID’s solution enables informed routing decisions,  optimizing agent cost reduction programs.

             - CISO, top 10 global bank           

  • VP Quote text

         

    Since  it is now commonly sold by criminals, personal information for identity  authentication is no longer the single solution to identity resolution. The  value of knowing reliably that a customer is calling from their phone is far better security than knowing the last four digits of someone’s SSN.

    - VP of Card Fraud, large international bank