(WEB HOST INDUSTRY REVIEW) -- After its launch more than five years ago, the e-banking security guideline "Authentication in an Internet Banking Environment" has been updated to address the vulnerable security landscape, according to a report by KrebsonSecurity.
The update is especially relevant now since a recent hack directed at Citigroup revealed personal details of about 360,000 banking customers.
Released by the Federal Financial Institutions Examination Council, the guidelines acknowledge that threats have become more sophisticated since the report was implemented in 2005, but fails to make any specific suggestions of how institutions can harness technology or approaches to avoid these kinds of online attacks.
Both versions of the guideline endorse periodic risk assessments on the part of the banking institution and suggest banks consider "evolving threats to online accounts and adjust their customer authentication, layered security, and other controls as appropriate in response to identified risks."
The report suggests that institutions changes in the threat environment, the customer base and actual security incidents when conducting risk assessments at least once every 12 months.
Since more customers are conducting online transactions since the guideline was originally released, the report says financial institutions should implement controls accordingly as the risk level of the transaction increases. The guidelines emphasize layered security as a way to protect business and retail banking transactions.
"Layered security can substantially strengthen the overall security of Internet‐based services and be effective in protecting sensitive customer information, preventing identity theft, and reducing account takeovers and the resulting financial losses," the report says.
"Layered security should be able to detect strange or unusual behavior when the customer is logging into the system and when intiating electronic transfers to third parties," Krebs writes in a blog post about the report.
The report suggests that customer awareness and education about fraud prevention should be increased and sets minimum requirements for what that should include.
The changes also give more leverage to bank examiners in deciding whether banks are protecting their customers enough, according to Krebs.
This kind of general guideline could give security service providers an opportunity to translate these vague suggestions into new financial service customers by pitching security solutions to financial firms in line with the report.
Article Source http://www.thewhir.com/web-hosting-news/062911_Online_Banking_Guidelines_Updated_to_Address_Sophisticated_Financial_Fraud permits to republish here.
<<<<<<<<<<<<<
Click Most Updated Discount Coupon Codes & My Personal Web Hosting Recommendations
Click http://nightwishmarketing.web.officelive.com/WebHosting.aspx
Stay Tuned!
Click http://nightwishmarketing.web.officelive.com/WebHosting.aspx
Stay Tuned!
<<<<<<<<<<<<