Overview

This comprehensive assessment of online financial institution (FI) authentication solutions and vendors contains detailed recommendations for selecting the best solutions and providers or adapting current authentication systems to be more robust, FFIEC compliant, cost effective and customer-focused. This report pairs consumer preference research, vendor and financial institution (FI) analysis and previous Javelin research in risk and fraud to create the Evolving Authentication Platform surrounding multi-factor authentication. FIs must constantly evaluate their security position with respect to evolving threats, new security solutions and consumer attitudes; however, no FI has implemented solutions that meet the optimal security requirements recommended by the Evolving Authentication Platform. This failure to adopt exposes FIs to risks that have ramifications beyond FFIEC compliance.

Key Questions

• How effectively does FFIEC compliance protect consumers?
• How will consumers react to increased security, and what solutions do they prefer?
• How will improved protection strengthen consumer adoption and loyalty?
• What vendor solutions should FIs select, and what changes must vendors make?
• What specific risks can FIs address with the Evolving Authentication Platform?

Primary Findings

• FIs must set their goals higher than FFIEC compliance, creating the Evolving Authentication
• Platform to incorporate log-in and session risk models and challenge stages to strengthen their
• existing systems, ensure compliance and meet consumer usability and security needs. Currently,
• many risk or transaction-based authentication solutions do not meet FFIEC compliance
• and even those solutions that do meet the guidelines are not sufficiently secure to limit or deter
• evolving fraud threats. Those FIs that have begun to engage in stages of the Evolving Platform
• are currently starting at different points and migrating down the Evolving Platform' s path at varying
• speeds. Consumer desire for visible, active, real-time solutions and their willingness to be
• actively engaged in account protection can be used to FIs' advantage in implementing more robust
• and effective security solutions that inspire consumer confidence and encourage online
• channel adoption.

• Overview
• Key Questions
• Primary Findings
• Introduction & Background
• Evolving Authentication Platform: Dual Risk and Dual Challenges
• Consumer Preference, Compliance and Cross-Channel Protection
• Optimal Solutions in the Evolving Authentication Platform
• Existing Solutions Plug into the Evolving Platform
• Working with Present Systems: Integrating Tokens and Session-Risk Assessment
• Vendor Analysis and Best of Breed
• Conclusions
• Methodology
• Related Research
• Appendices

Table of Figures

• Figure 1: Evolving Authentication Platform
• Figure 2: Consumer Views on Responsibility for Online Protection
• Figure 3: Always Visible Vs. Visible Only After Additional Verification
• Figure 4: Consumer Authentication Preferences
• Figure 5: Consumers Prefer Immediate Authentication For Unusual Activities
• Figure 6: Fi' s Current Solution Vendors
• Figure 7: How Fi' s are Structuring Security Based on Visibility by and Interactivity with the User
• Figure 8: Top Vendors Providing a Complete Solution
• Figure 9: Vendors Providing Best Solution at Each Stage of the Evolving Platform
• Figure 10: Effective Security Solutions Increase Consumer Online Banking