Identity theft has become a serious problem for all
financial institutions, and the security of online banking is a big concern
for credit union members. Innovative credit unions are increasingly looking
to multi-factor authentication to safeguard their members and promote confidence
in the online banking channel.
According to the Javelin Group, roughly 9.3 million Americans
were victims of identity theft in 2004. The Anti-Phishing Working Group estimates
that the number of phishing sites grew at an average monthly rate of 15 percent
in the past year. Personal financial information can be stolen from a variety
of sources, but the virtual nature of the Internet makes online banking a popular
playground for would be thieves.
ID theft presents a significant challenge to credit unions
as attackers are beginning to concentrate on smaller financial institutions.
In order to decrease account hijacking and identity theft, the FDIC has recommended
all financial institutions adopt at least a two-factor authentication system.
A growing number of credit unions have started to take the advice.
What is multi-factor authentication?
Multi-factor authentication is a security strategy that employs
more than one way to authenticate users. Traditionally there has only been one
level of authentication for online banking: the user name and password. While
important, this level of security is no longer sufficient as passwords can be
compromised by phishing or other online attacks.
There are a variety of options for adding additional authentication
levels. Challenge questions, which ask specific user information such as the
name of a pet or hometown, are one simple addition that can be used to supplement
the traditional username and password. Other more secure solutions include software
that identifies and authenticates users' computers and IP addresses, keystroke
dynamics which identify users' individual typing habits, and secret images unique
to each user, which are displayed only when a user logs in to their financial
institution's official website.
Security concerns are the biggest deterrent to online
banking growth. According to an Ipsos Insight study released in August 2005,
73 percent of respondents cited fear of personal information theft as a deterrent
to online banking. Given the tremendous cost savings associated with online
banking, credit unions must increase online security if they are to remain competitive.