NEWSWIRETODAY Press Release & Newswire Distribution | HOME
MOST TRUSTED NEWSWIRE PRESS RELEASE DISTRIBUTION
PRTODAY / NewswireToday press release distribution service network
Agency / Source: Sestus, LLC

Check Ads Availability|e-mail Article

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!

96% of U.S Banks Failing to Implement Multi-Factor Authentication - Study reports 96% of U.S. banks are failing to implement FFIEC-recommended multi-factor authentication, opting instead for authentication methods that solicit confidential information from consumers - PhishCops.com / SestusData.com
96% of U.S Banks Failing to Implement Multi-Factor Authentication

 

NewswireTODAY - /newswire/ - Avondale, AZ, United States, 2007/07/20 - Study reports 96% of U.S. banks are failing to implement FFIEC-recommended multi-factor authentication, opting instead for authentication methods that solicit confidential information from consumers - PhishCops.com / SestusData.com.

   
 
Your Banner Ad Here instead - Showing along with ALL Articles covering Financial / Legal / Venture Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


 

A study released last month by Sestus Data Company and BearingPoint Financial Services Information Security Group reports 96% of U.S. banks are failing to implement FFIEC-recommended multi-factor authentication, opting instead for authentication methods that solicit confidential information from consumers.

On August 15, 2006, the Federal Financial Institutions Examination Council (FFIEC) issued a Supplement in which it clarified what it considered to be true multi-factor authentication: "By definition true multi-factor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple solutions from the same category at different points in the process may be part of a layered security or other compensating control approach, but it would not constitute multi-factor authentication."

The study evaluated a statistical sampling of 100 U.S. banks with published website statements asserting their belief in their compliance with FFIEC multi-factor authentication guidelines. The study analyzed the authentication methods employed by each bank to determine whether the sampled banks were, in fact, consistently employing "solutions from two or more of the three categories of factors", i.e. something the user knows, something the user has, or something the user is.

FINDINGS: WIDESPREAD NON-COMPLIANCE WITH REGULATORY GUIDELINES
According to the study, the U.S. banking industry appears to be ignoring or misinterpreting the FFIEC's multi-factor guidelines in favor of single-factor authentication methods that require consumers to divulge (previously undisclosed) confidential personal information in order to access their online accounts.

The study authors found, "1) overwhelming use of single-factor challenge/response, image-based, and other knowledge based authentication methods purporting to be multi-factor authentication, 2) numerous and varied mis-interpretations regarding the definition of "something the user has", and 3) a high probability for increasing online fraud and loss of consumer privacy as a result of widespread adoption of challenge/response and other knowledge-based systems."

According to the study:

64% of U.S. banks offer only single-factor authentication methods. Where they had previously solicited only logins and passwords, they now solicit additional information in the form of challenge questions. Apparently, these banks believe that by simply asking for MORE information, they are somehow meeting the regulatory definition of multi-factor authentication, a mistaken assumption which the FFIEC has already refuted.

26% of U.S. banks are adopting authentication methods which are "inconsistently multi-factor". These banks attempt to retrieve cookie file or other information in order to satisfy the "something the user has" authentication factor, however, when this information cannot be retrieved, these banks fall back on soliciting more of "something the user knows" in the form of challenge questions.

6% of U.S. banks do offer consistently multi-factor authentication methods as an option, but then permit their members to opt-out of using such methods. If the member chooses to opt-out, the bank employs only single-factor methods.

Only 4% of the sampled banks employed consistently multi-factor authentication methods.

STUDY PREDICTS LOSS OF CONSUMER PRIVACY WILL INCREASE
This study represents the first attempt to measure industry compliance with the FFIEC's multi-factor guidelines since their publication in 2005 and it presents a grim picture.

U.S. banks appear to be ignoring or misinterpreting the FFIEC's call for "true multi-factor authentication" in favor of authentication methods which will actually contribute to the loss of consumer privacy. The study warns, "The stage is being set for an online privacy crisis fueled by millions of pieces of previously-undisclosed personal information solicited by thousands of legitimate financial websites as well as by tens of thousands of fraudulent websites."

DOWNLOAD STUDY
The study (PDF) may be downloaded from SestusData.com/.

STUDY CO-AUTHORS
Sestus Data Company's PhishCops™ product is based on government-approved authentication methods and the U.S. government has recognized PhishCops™ for its breakthrough in multi-factor authentication, naming it a semi-finalist for both the 2005 and 2007 Homeland Security Award. PhishCops™ (phishcops.com) is also a recipient of the InfoWorld 100 Award, InfoWorld Magazine's highest honor for technical innovation. PhishCops™ enjoys an enviable reputation in the financial market with organizations and consumers. The company credits its positive reception to its patent-pending approach to authentication which never solicits personal information.

The BearingPoint Financial Services Information Security group provides information security services to large and mid-sized financial services companies. The group works with clients to protect their data, comply with federal and international laws and regulations, reduce operational and reputation risks, and imbed security into their next generation financial services products and services. BearingPoint is a leading management and technology consulting company serving the Forbes Global 2000 and many of the world's largest public services organizations. The company's 6,000 risk, compliance and security professionals are skilled in both strategy and execution. Operating in more than 40 countries, they are dedicated to providing tailored, effective strategy, process and technology solutions.

 
 
Your Banner Ad Here instead - Showing along with ALL Articles covering Financial / Legal / Venture Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


 

Agency / Source: Sestus, LLC

 
 

Availability: All Regions (Including Int'l)

 

Traffic Booster: [/] Quick NewswireToday Visibility Checker

 

Distribution / Indexing: [+]

 
 
# # #
 
 
  Your Banner Ad showing on ALL
Financial / Legal / Venture articles,
CATCH Visitors via Your Competitors Announcements!


96% of U.S Banks Failing to Implement Multi-Factor Authentication

Company website links NOT available to basic submissions
It is OK to republish and/or LINK any newswire for any legitimate media purpose as long as you name NewswireToday and LINK as the source.
 
  For more information, please visit:
Is this your article? Activate ALL web links by Upgrading to Press Release PREMIUM Plan Now!
|
Contact: SestusData.com 
1-800-788-1927 info[.]sestusdata.com
 
PRZOOM / PRTODAY - Newswire Today disclaims any content contained in this article. If you need/wish to contact the company who published the current release, you will need to contact them - NOT us. Issuers of articles are solely responsible for the accuracy of their content. Our complete disclaimer appears here.
IMPORTANT INFORMATION: Issuance, publication or distribution of this press release in certain jurisdictions could be subject to restrictions. The recipient of this press release is responsible for using this press release and the information herein in accordance with the applicable rules and regulations in the particular jurisdiction. This press release does not constitute an offer or an offering to acquire or subscribe for any Sestus, LLC securities in any jurisdiction including any other companies listed or named in this release.

Financial / Legal / Venture via RSSAdd NewswireToday - PRZOOM Headline News to FeedBurner
Find who RetweetFollow @NewswireTODAY

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!


Read Latest Articles From Sestus, LLC / Company Profile


Read Financial / Legal / Venture Most Recent Related Newswires:

Nexstar Media Group to Participate in Upcoming Investor Conferences
Cyndx Hosts Webinar on AI Innovations 'Learn How AI Accelerates the Deal-Sourcing Process'
Axway Completes Acquisition of Sopra Banking Software
Itaú Unibanco Innovates with A Credit Card Specifically Designed to Meet the Needs of Visually Impaired People
Aptean Secures Strategic Investment from Clearlake Capital Group
ALM Enhances Law.com Radar with SALI Claim Tags for Unmatched Precision in Litigation Alerts
TRA Welcomes Seasoned Retirement Plan Consultant to Northwestern Sales Team
TRA Bolsters Distribution Team Across Rocky Mountain Region
The IRS Announced A Surprising Increase of 2.1% in Tax Refunds Over the Previous Year
3D Chess Media Reveals How Digital Banking Boosts Savings
Online Bank Collaborations - 3D Chess Media and Third-Party Apps by Digital Banking Giants
Fast Background Check Evolution - A Comprehensive Analysis by 3D Chess Media
3D Chess Media Reveals the Future of Identity Security with Biometrics
3D Chess Media Rolls Out Groundbreaking Credit Improvement Tools in Latest Release
3D Chess Media Publishes New Report on Extended Car Warranties

Boost Your Social Network
& Crowdfunding Campaigns


LIFETIME SOCIAL MEDIA WALL
NewswireToday Celebrates 10 Years in Business


PREMIUM Members


Visit  JobsWare.com

Visit  RightITnow, Inc.





 
  ©2005-2025 NewswireToday — Limelon Advertising, Co.
Home | About | Advertise/Pricing | Contact | Investors | Privacy/TOS | Sitemap | FRANCAIS
newswire, PR press releases distribution service magazines engine news alert newsroom press room breaking news public relations articles company news alerts newswiredistribution ezine bizentrepreneur biznewstoday digital business report market search pr firms agencies reports distri-bution today investor relation successful internet entrepreneurs newswire distribution prtoday.com newswiredistribution asianewstoday bizwiretoday USA pr UK today - NOT affiliated with PRNewswire as we declined their partnership offer in 2013
 
PRTODAY & NewswireTODAY are proudly NOT affiliated with USA TODAY (usatoday.com)