White Paper

Meeting FFIEC Guidance in Financial Institutions

The 2005 Federal Financial Institutions Examination Council's guidance, "Authentication in an Internet Banking Environment" ushered in a new era of online banking security protections and with it a wave of technology upgrades as banks and their vendors scrambled to meet compliance. 

The new 2011 Supplement to the original FFIEC Guidance recognizes that cybercriminals, Trojans and botnets have radically evolved in recent years. Many online bank accounts are still only protected by little more than a cookie and a simple hash of browser and IP attributes, technologies that are becoming obsolete. The Supplement recommends the use of "complex device identification" to stay secure. In addition the Supplement also recognizes the need to detect and protect against Trojans, Man-in-the-Browser attacks and various other forms of malware, and the need for a "layered security" approach.

This whitepaper describes "complex device identification", and why combining device-ID and malware protection in a single platform are the most effective way to comply with the new FFIEC recommendations.

Read this whitepaper to learn about:

  • Key limitations of simple identification methods
  • What complex identification entails
  • Evolution of financial malware
  • Sophisticated malware protection to prevent financial fraud

Request the Whitepaper: