Financial services is regulatorily demanding and high risk – make sure your customers and workforce are secure.
Challenges in Financial Services
Cybercriminals are taking advantage as financial organizations work to reconfigure their supply chains and offer more digital experiences to customers. Working from home has created new attack vectors and workforce challenges. And in an industry that is considered a leader in security innovation and standards, many organizations today are having to play catch-up due to the rapid rate of change in biometric banking.
Reduce the Reliance on Out-of-Band Authentication Methods
Many financial organizations seem to be doubling down on weak out-of-band (OOB) authentication methods. However, some regulators are urging the industry to find a way to reduce the reliance on text-based one-time passcodes (SMS OTP). Biometric banking authentication is being recommended as a flexible, secure, low-cost option that should be considered as part of any IAM strategy.
Delivering a Modern, Secure Mobile & Online Banking Experience
According to research from the American Bankers Association, 72% of Americans most often access their bank accounts online. Millennials, in particular, are exploring banks that offer mobile account enrollment and access, as they prefer to avoid visiting bricks-and-mortar branches. It is important that while you increase security, it is adaptive and flexible to flow with your customers, not create friction.
Adaptive Authentication and Advanced Approaches
While you increase security to defend against attack and meet regulatory requirements, you need to be creative on how you balance that with the access experience you provide to users. Bank authentication approaches that were considered advanced, including adaptive, step-up, and passwordless bank authentication, are now considered the standard to making it possible to reach your desired level of security without making it impossible for users.
Meeting Compliance Requirements
In the financial services sector, you not only need to worry about protecting extremely sensitive customer data, but you must also ensure compliance with a range of stringent regulations, including the Payment Card Industry-Data Security Standard (PCI-DSS), Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOX).
Many regulations require you to ensure access is secure and enforce strict identity management practices, which could negatively impact the user experience. Stronger bank authentication with the flexibility to adapt to each user is essential to meeting all expectations and requirements.
Customer Success Story
First National Bank of Long Island auditors recommended that the IT team increase the number of characters required for user passwords. Although the migration to a more complex password raises the bar on security, it also increases the day to day friction.
As the bank reviewed the many options for multifactor authentication, the use of biometrics emerged as a preferred option.
Financial services organizations consistently outspend most of their vertical sector peers in cybersecurity staff, tools, and associated investments, but the cyber hits just keep coming. According to our recent report, the financial services industry received the highest number of business email compromise (BEC) attacks in 2019 and the second-most cyber incidents across all types, following the healthcare sector.