Financial services is regulatorily demanding and high risk – make sure your customers and workforce are secure.
Challenges in Financial Services
Cybercriminals are taking advantage as financial organizations work to reconfigure their supply chains and offer more digital experiences to customers. Working from home has created new attack vectors and workforce challenges. And in an industry that is considered a leader in security innovation and standards, many organizations today are having to play catch-up due to the rapid rate of change.
Reduce the Reliance on Out-of-Band Authentication Methods
Many financial organizations seem to be doubling down on weak out-of-band (OOB) authentication methods. However, some regulators are urging the industry to find a way to reduce the reliance on text-based one-time passcodes (SMS OTP). Biometric authentication is being recommended as a flexible, secure, low-cost option that should be considered as part of any IAM strategy.
Delivering a Modern, Secure Mobile & Online Banking Experience
According to research from the American Bankers Association, 72% of Americans most often access their bank accounts online. Millennials, in particular, are exploring banks that offer mobile account enrollment and access, as they prefer to avoid visiting bricks-and-mortar branches. It is important that while you increase security, it is adaptive and flexible to flow with your customers, not create friction.
Adaptive Authentication and Advanced Approaches
While you increase security to defend against attack and meet regulatory requirements, you need to be creative on how you balance that with the access experience you provide to users. Authentication approaches that were considered advanced, including adaptive, step-up, and passwordless authentication, are now considered the standard to making it possible to reach your desired level of security without making it impossible for users.
Meeting Compliance Requirements
In the financial services sector, you not only need to worry about protecting extremely sensitive customer data, but you must also ensure compliance with a range of stringent regulations, including the Payment Card Industry-Data Security Standard (PCI-DSS), Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOX).
Many regulations require you to ensure access is secure and enforce strict identity management practices, which could negatively impact the user experience. Stronger authentication with the flexibility to adapt to each user is essential to meeting all expectations and requirements.
Customer Success Story
First National Bank of Long Island auditors recommended that the IT team increase the number of characters required for user passwords. Although the migration to a more complex password raises the bar on security, it also increases the day to day friction.
As the bank reviewed the many options for multifactor authentication, the use of biometrics emerged as a preferred option.