The IT Law Wiki

Supplement to Authentication in an Internet Banking Environment

32,068pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

Federal Financial Institutions Examination Council (FFIEC), Supplement to Authentication in an Internet Banking Environment (June 28, 2011) (full-text).

Overview Edit

The purpose of this Supplement to the FFIEC's 2005 guidance entitled Authentication in an Internet Banking Environment ("2005 Guidance") is to reinforce the 2005 Guidance's risk management framework and update the FFIEC agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment.

The Supplement reiterates and reinforces the expectations described in the 2005 Guidance that financial institutions should perform periodic risk assessments considering new and evolving threats to online accounts and adjust their customer authentication, layered security, and other controls as appropriate in response to identified risks.

It establishes minimum control expectations for certain online banking activities and identifies controls that are less effective in the current environment. It also identifies certain specific minimum elements that should be part of an institution's customer awareness and education program.

Also on Fandom

Random Wiki