Be a partner
Contact Us
Support:- +91 9069126353

Banking and Finance

Banking and Finance

A major concern for banks and other financial institutions like Investment Funds, Credit Card Companies, Trading Houses is to protect the data and customer’s money. One of the biggest objectives of hackers is to steal money and data from financial institutions. It is quite an easy task for an individual to capture usernames and passwords of other individuals by using multiple techniques like Sniffing, installing Keylogger etc. AuthShield offers two-factor authentication system which is based on:

  • Something only the user knows (i.e. the knowledge factor)
  • Something only the user has (i.e. the possession factor)

By implementing two-factor authentication will reduce the losses suffered by financial institutions in terms of money and brand depreciation.

AuthShield IDAS two-factor authentication can be integrated with servers, VPNs and web applications to provide the security needed to comply with FFIEC, PCI-DSS, NCUA, FACTA, RBI and SEBI guidelines among others. It also

  • Protects administrative and employee access to internal systems as well as can be integrated with user-facing systems to provide two-factor authentication for banking customers.
  • Provides security against various kinds of hacking attacks like phishing, sniffing and keystroke logging. All this is provided at a lower cost that can suit any financial institutions of all sizes.

AuthShield IDAS Two Factor Authentication helps organizations to meet FFIEC, PCI DSS, NCUA, FACTA, RBI and SEBI Compliance Guidelines:

RBI Guidelines-

In India, RBI (Reserve Bank of India) has issued some guidelines mandating all banks in India to have a two-factor authentication system for all online transactions which is carried out by the bank users. Later, RBI issued detailed instructions to banks to help and prevent various hacking attacks. In Feb, 2009, it became mandatory to put in place ‘a system of providing for additional authentication/validation based on information which is not visible on the cards for all online card-not-present transactions except IVR transactions”. And by the next year in 2010, RBI also made compulsory two-Factor authentication for transactions that happen through IVR Channel also.

SEBI Guidelines-

In India, SEBI has issued a guideline for all the broking community members to implement two-factor authentication for login session for all orders that transmitted online through internet based trading (IBT) and security trading using wireless technology (STWT) platforms.

FFIEC Guidance-

In 2005, The Federal Financial Institutions Examination Council (FFIEC) issued guidance i.e. ‘Authentication in an Internet Banking Environment’ for effective methods to authenticate the identity of customers. It also stated that “The agencies who consider username and password authentication as the only control mechanism are inadequate for high-risk transactions involving access to customer information or the transfer of funds to other parties.”

PCI DSS Standards-

The decree of The Payment Card Industry Data Security Standards (PCI DSS) is that organizations who ‘hold, process or pass’ cardholder information should meet a minimum level of security. Part of this security is to protect remote logins with strong authentication. According to section 8.3 organizations must implement two-factor authentication for remote access to the network by employees, administrators and third party associates.

NCUA Guidance-

The Internet has changed the way money flows. E-banking services ranges from simple enquiry to complex e-Commerce activities. In 2005, the NCUA issued a letter stating that a single-factor authentication such as username and password as a security control mechanism may not be adequate for high-risk transactions which includes access to member information or fund transfers.

FACTA Guidelines-

The Fair and Accurate Credit Transactions Act of 2003 (FACTA) included provision to help reduce identity theft. According to ‘New Red Flag rules’ (section 114 and 315 of FACTA) it is necessary to develop and implement an Identity Theft Prevention Program in all the financial institutions for both new and existing accounts. The Program must include few policies and procedures to detect, prevent and resolve identity theft.

Copyright - All Rights Reserved © INNEFU | Powered by ITPL