Abstract
Overview
This comprehensive assessment of online financial institution (FI)
authentication solutions and vendors contains detailed recommendations for
selecting the best solutions and providers or adapting current authentication
systems to be more robust, FFIEC compliant, cost effective and
customer-focused. This report pairs consumer preference research, vendor and
financial institution (FI) analysis and previous Javelin research in risk and
fraud to create the Evolving Authentication Platform surrounding multi-factor
authentication. FIs must constantly evaluate their security position with
respect to evolving threats, new security solutions and consumer attitudes;
however, no FI has implemented solutions that meet the optimal security
requirements recommended by the Evolving Authentication Platform. This failure
to adopt exposes FIs to risks that have ramifications beyond FFIEC compliance.
Key Questions
- How effectively does FFIEC compliance protect consumers?
- How will consumers react to increased security, and what solutions do they
prefer?
- How will improved protection strengthen consumer adoption and loyalty?
- What vendor solutions should FIs select, and what changes must vendors
make?
- What specific risks can FIs address with the Evolving Authentication
Platform?
Primary Findings
- FIs must set their goals higher than FFIEC compliance, creating the
Evolving Authentication
- Platform to incorporate log-in and session risk models and challenge
stages to strengthen their
- existing systems, ensure compliance and meet consumer usability and
security needs. Currently,
- many risk or transaction-based authentication solutions do not meet FFIEC
compliance
- and even those solutions that do meet the guidelines are not sufficiently
secure to limit or deter
- evolving fraud threats. Those FIs that have begun to engage in stages of
the Evolving Platform
- are currently starting at different points and migrating down the Evolving
Platform' s path at varying
- speeds. Consumer desire for visible, active, real-time solutions and their
willingness to be
- actively engaged in account protection can be used to FIs' advantage in
implementing more robust
- and effective security solutions that inspire consumer confidence and
encourage online
- channel adoption.
Table of Contents
- Overview
- Key Questions
- Primary Findings
- Introduction & Background
- Evolving Authentication Platform: Dual Risk and Dual Challenges
- Consumer Preference, Compliance and Cross-Channel Protection
- Optimal Solutions in the Evolving Authentication Platform
- Existing Solutions Plug into the Evolving Platform
- Working with Present Systems: Integrating Tokens and Session-Risk
Assessment
- Vendor Analysis and Best of Breed
- Conclusions
- Methodology
- Related Research
- Appendices
Table of Figures
- Figure 1: Evolving Authentication Platform
- Figure 2: Consumer Views on Responsibility for Online Protection
- Figure 3: Always Visible Vs. Visible Only After Additional Verification
- Figure 4: Consumer Authentication Preferences
- Figure 5: Consumers Prefer Immediate Authentication For Unusual Activities
- Figure 6: Fi' s Current Solution Vendors
- Figure 7: How Fi' s are Structuring Security Based on Visibility by and
Interactivity with the User
- Figure 8: Top Vendors Providing a Complete Solution
- Figure 9: Vendors Providing Best Solution at Each Stage of the Evolving
Platform
- Figure 10: Effective Security Solutions Increase Consumer Online Banking
| 
