Banking Authentication And The FFIEC: Business Customers Crave Biometrics
Javelin Strategy & Research, October 2012, Pages: 43
Last year's release of the FFIEC's “Supplement to Authentication in an Internet Banking Environment” left many in the financial industry with questions about how to effectively balance the expectations of regulators with those of consumers. In being both specific and broad, this guidance provided a greater degree of latitude in implementing an authentication strategy to protect consumer accounts from compromise.
As a result, an additional degree of direction is needed in order to deploy a truly comprehensive authentication strategy, one that requires an understanding of not just which technologies are best in any given situation, but also how they will affect the consumer experience. Providing FIs with a more complete view of each type of authentication technology, and insight into how to achieve balance between optimizing security and consumer satisfaction, is at the heart of this year's report.
Primary Questions
- What are the regulatory expectations, expressed within the 2011 FFIEC supplemental guidance, as they apply to authentication?
- What are the strengths and vulnerabilities of each authentication type?
- Which authentication types best lend themselves to specific consumer interactions?
- How can an FI implement a secure authentication solution that satisfies both consumers and regulators?
Audience:
Financial institutions: marketing department and security department. Vendors: Online- and mobile-banking platform providers, online and mobile banking vendors, online and mobile marketing companies, third party authentication vendors.
Methodology:
Data in the report is based on information gathered from several Javelin surveys administered between 2008 and 2012. Data was gathered
and weighted to reflect a representative sample of the U.S. population.
- A random-sample panel of 3,000 respondents in an August 2012 online survey. The margin of sampling error is ±1.79 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 2,304 respondents in an August 2011 online survey. The margin of sampling error is ±2.04 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 1,995 respondents in an August 2010 online survey. The margin of sampling error is ±2.19 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 2,019 respondents in an August 2009 online survey. The margin of sampling error is ±2.18 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 5,034 respondents in a March 2012 online survey. The margin of sampling error is ±1.38 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 5,211 respondents in an October 2011 online survey. The margin of sampling error is ±1.73 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 5,102 respondents in a March 2011 online survey. The margin of sampling error is ±1.37 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 5,211 respondents in a March 2010 online survey. The margin of sampling error is ±1.36 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 2,779 respondents in an April 2009 online survey. The margin of sampling error is ±1.86 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
- A random-sample panel of 2,350 respondents in a March 2008 online survey. The margin of sampling error is ±2.02 percentage points at the 95% confidence level. The margin of sampling error is higher for questions answered by subsegments.
The framework for this report was provided by the FFIEC in its Supplement to Authentication in an Internet Banking Environment
Extensive website research was also used to supplement the analysis in this report. Rounding in charts accounts for slight differences in percentages.
OVERVIEW
Primary Questions
METHODOLOGY
EXECUTIVE SUMMARY
2011 FFIEC SUPPLEMENT TO AUTHENTICATION IN AN INTERNET BANKING ENVIRONMENT
CONSUMER PERCEPTIONS OF AUTHENTICATION METHODS
Online Banking, Mobile Banking, and ID Fraud
Robust Authentication Compels Online and Mobile Bankers
Effectiveness and Ease of Use Across Time and Methods
Perceived Convenience/Security Trade-Off
BUSINESS BANK ACCOUNT OWNERS AND FRAUD
Attitudes Among Business Bank Account Owners
Business Bank Account Owners' Reaction to Authentication Measures
INTRODUCTION TO PASSWORDS
Password Breaches
One-Time Passwords
OVERRELIANCE ON SSNS
EVOLVING KBA: THE MOVE FROM STATIC TO DYNAMIC BACK-END AUTHENTICATION
Seeing Is Believing: Transaction and Behavior Monitoring
Device Fingerprinting
The IP Address as an Authenticator
One-Time Cookies: Single-Serving Solution
AUTHENTICATING THE FI
Problem of Perception With EV SSL
Image-Based Authentication
OUT-OF-BAND AUTHENTICATION
Mobile Delivery Rules Out-of-Band Authentication
INTRODUCTION TO BIOMETRICS
Fingerprint Matching
Voice Biometrics
Facial Recognition
Biometrics Backlash
Keyboard Ballistics
RELATED RESEARCH
Table of Figures
Figure 1: Longitudinal Consumer Use of Online Banking Ever vs. Past Seven Days, 2005–2012
Figure 2: Robust Identity Verification Methods as an Enticement to FI Selection
Figure 3: Online Bankers' Ratings of Authentication Methods as Very or Extremely Effective, 2009–2012
Figure 4: Online Bankers' Ease-of-Use Ratings, 2009–2012
Figure 5: Effectiveness vs. Ease-of-Use Ratings by Online Bankers Who Have Used the Technologies
Figure 6: Robust Identity Verification as a Reason for Selecting an FI by BBAOs and NBAOs
Figure 7: BBAO and NBAO Perceptions of Responsibility for Identity Protection
Figure 8: BBAOs' and NBAOs' Propensity to Increase or Decrease Online Activity Due to Authentication Measures
Figure 9: BBAO and NBAO Perceptions of Ease of Use of OTP
Figure 10: Online Bankers' Use of Authentication Measures
Figure 11: Perceptions of Ease of Use of EV SSL Among Users and Nonusers
Figure 12: Effectiveness Perceptions of EV SSL by Familiarity
Figure 13: Positive Perceptions of Image-Based Authentication Are Decreasing Over Time
Figure 14: Geolocation Users', Mobile Bankers' and All Consumers' Perceptions of the Effectiveness and Ease of Use of Geolocation
Figure 15: Online Bankers' Preferred Biometric Methods
Figure 16: Reasons Online Bankers Are Not Interested in Using Biometric Authentication
Product Samples
A sample for this product is available. Please Login/Register to download this sample.
Customers who bought this item also bought
All rights reserved. © Copyright 2013 Research and Markets WWW4
Terms and Conditions Privacy Policy Publishers Employment Opportunities Site Map Link to us Webmaster Affiliate Network
