THE ROLE OF ADVANCED AUTHENTICATION IN CYBERSECURITY FOR CREDIT UNIONS AND BANKS

Similar documents
Fighting Fraud with Behavioral Biometrics and Cognitive Fraud Detection. IBM Security s Brooke Satti Charles on the Power of These New Capabilities

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Cybersecurity for the SMB. CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale

Solution. Imagine... a New World of Authentication.

DigitalPersona for Healthcare Organizations

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

INTERVIEW TRANSCRIPT Barriers to Adopting Multifactor Authentication

Overview. DigitalPersona Logon for Windows Data Sheet. DigitalPersona s Composite Authentication transforms

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT

Authentication and Fraud Detection Buyer s Guide

Biometrics in Banking. How to Integrate Touch ID into your Mobile Banking Application the Right Way

Choosing the right two-factor authentication solution for healthcare

Behavioral Biometrics. Improve Security and the Customer Experience

The security challenge in a mobile world

EMERGING TRENDS AROUND AUTHENTICATION

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE

How Next Generation Trusted Identities Can Help Transform Your Business

This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Tim Heagarty, CISA CISSP - (859) Lexington, KY

SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE

USE CASES. See how Polygon s Biometrid can be used in different usage settings

Mobile: Purely a Powerful Platform; Or Panacea?

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

4 Ways to Protect Your Organization from a Data Breach

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

Keep the Door Open for Users and Closed to Hackers

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS

EDITORIAL CALENDARS. Key topics that will shape our discussions

The Problem with Privileged Users

MDM is Calling: Does Your Business Have an Answer? arrival. Here To Go. Lunch Dinner. continue. Riiinnggg. Dec. 12

DATA SHEET. VANGUARD ez/tokentm KEY FEATURES:

THALES DATA THREAT REPORT

Cybersecurity. Securely enabling transformation and change

BRING SPEAR PHISHING PROTECTION TO THE MASSES

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

A Guide to Ensuring Security and Resiliency

Cyber Insurance: What is your bank doing to manage risk? presented by

Phishing is Yesterday s News Get Ready for Pharming

Sales Presentation Case 2018 Dell EMC

The Case for Office 365 Backup. Uncovering critical reasons why organizations need to backup Office 365 data

BRING EXPERT TRAINING TO YOUR WORKPLACE.

How. Biometrics. Expand the Reach of Mobile Banking ENTER

SecureDoc: Making BitLocker simple, smart and secure for you. Your guide to encryption success

Remote Key Loading Spread security. Unlock efficiency

Kickstart. Overview. Oct 2017

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection

The CISO s Guide to Deploying True Password-less Security. by Bojan Simic and Ed Amoroso

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

Sage Data Security Services Directory

Fujitsu World Tour 2016

6 Critical Reasons for Office 365 Backup. The case for why organizations need to protect Office 365 data

PCI compliance the what and the why Executing through excellence

About MagTek. PIN Entry & Management

Cyber Attack: Is Your Business at Risk?

2017 RIMS CYBER SURVEY

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

IT Modernization In Brief

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Secure Government Computing Initiatives & SecureZIP

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

COSTS, THREATS AND ACCESS

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

Executive Insights. Protecting data, securing systems

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

white paper SMS Authentication: 10 Things to Know Before You Buy

MD-HQ Utilizes Atlantic.Net s Private Cloud Solutions to Realize Tremendous Growth

Security-as-a-Service: The Future of Security Management

FIDO Alliance Response to the European Banking Authority (EBA)

Security Program Guide Security is designed from the outside in.

How Secure is Blockchain? June 6 th, 2017

ELECTRONIC BANKING & ONLINE AUTHENTICATION

Q&A TAKING ENTERPRISE SECURITY TO THE NEXT LEVEL. An interview with John Summers, Enterprise VP and GM, Akamai

A Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services

Welcome! Copyright 2017 MAC. All Rights Reserved.

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

The NIST Cybersecurity Framework

Webinars INSPIRING A SAFE AND SECURE CYBER WORLD Media Kit - North America

Easy IT Audit Engagements

NYDFS Cybersecurity Regulations

Internet of Things Toolkit for Small and Medium Businesses

All the resources you need to get buy-in from your team and advocate for the tools you need.

Spiros Angelopoulos Principal Solutions Architect ForgeRock. Debi Mohanty Senior Manager Deloitte & Touche LLP

Change & Configuration Management Market

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Why This Major Automaker Decided BlackBerry Cybersecurity Consulting was the Right Road to Protecting its Connected Cars

Microsoft DirectAccess

WEBINARS INSPIRING A SAFE AND SECURE CYBER WORLD Media Kit - North America

Citizen Biometric Authentication based on e-document verification. e-government perspective. Mindshare Ruslans Arzaniks Head of Development

Safelayer's Adaptive Authentication: Increased security through context information

Transcription:

THE ROLE OF ADVANCED AUTHENTICATION IN CYBERSECURITY FOR CREDIT UNIONS AND BANKS Crossmatch s Michel Nerrant on Improving Security Without Adding Friction

Michel Nerrant Nerrant is responsible for business development with Crossmatch in the financial services market. He brings over 25 years of experience in driving identity management solutions within the government and enterprise sectors. Prior to Crossmatch, he held business development and sales leadership roles at identity management and IT security companies including Schlumberger, ActivIdentity, IdentiPHI and WinMagic. He has managed numerous international deployments in physical access and security. Nerrant was responsible for the deployment of the largest North American automated parking point of sale (POS) system and managed the development of the first unattended Light Rail POS incorporating online credit card payment in the United States. Credit unions offer unique services to a unique member base and they face unique challenges when rolling out multifactor authentication across all of their banking channels. Michel Nerrant of Crossmatch a longstanding industry leader in authentication and identity management solutions discusses how new biometric solutions can meet credit union needs. Nerrant, a financial services cybersecurity expert, says credit unions walk an especially fine line when improving cybersecurity, between staying in compliance with regulatory requirements, without adding friction and complexity to the member experience. This is the industry where security is very important, but a frictionless experience for users is probably even more important, Nerrant says. It s all about providing the right level of security for every channel, every user, at the right moment. In an interview about deploying multifactor authentication at credit unions, Nerrant discusses: What s unique about the credit union employee and member base; How new biometric authentication solutions can improve security; How Crossmatch is helping its customers overcome challenges and deploy multifactor authentication. Crossmatch is a world leader in risk-based composite authentication and biometric identity management solutions. Crossmatch DigitalPersona solutions address a range of concerns in today s rapidly changing security climate from preventing data breaches by eliminating passwords, to ensuring the safety of citizens. Crossmatch helps enterprises and government around the world strengthen security through composite authentication. The Role of Biometrics in Multifactor Authentication 2

Credit unions have a very complex ecosystem of internal and external customers. TOM FIELD: To start with, let s talk about credit unions. What do you find to be unique about these institutions and how they approach cybersecurity for their members and employees? MICHEL NERRANT: Well, Tom, credit unions, much like any financial institutions, are prone to cyberattacks and fraud. But what makes credit unions unique are a couple of things. Usually small institutions tend to focus more on customer service. Therefore, enhancing security in a frictionless manner is very important to them. Credit unions customer base tends to also be an older population than average retail banks. That makes for a unique challenge. We are talking about a population that may not always be technology-savvy and may be prone to phishing or account takeover attacks. So, being able to protect those customers, internal and external, is quite a unique challenge for them. Multifactor Authentication FIELD: Well, that s great context. Given what you ve told us, what are the unique factors that need to be considered when institutions roll out a multifactor authentication solution to these unique constituents? NEERANT: Multifactor authentication, also known in the industry as MFA, is a great technology and it has been known for many, many years but has yet to become a common practice due to its complexity and friction. Credit unions have a very complex ecosystem of internal and external customers. In addition, they have numerous channels branches, ATMs, internet banking, mobile banking, and on and on. Therefore, they have to look into a solution that has not only provided multifactor authentication, but it also integrates across all those channels and platforms at every moment. Stepping Up Security FIELD: Michel, how do you find that credit unions are approaching the quandary of stepping up security, but at the same time, not adding any friction to that customer experience? The Role of Biometrics in Multifactor Authentication 3

It s all about using the right technology at the right time and at the right moment. NEERANT: This is an industry where security is very important, but frictionless is probably more important. So, it s all about providing the right level of security for every channel, every user, at the right moment. Let s take the example of a teller, sitting at the branch using twofactor authentication methods as they work in the morning for the first time. And as the day goes on, going to use biometrics to authenticate. It s a good example of how multifactor authentication can be used in a context where you control the environment and still bring the convenience of biometrics. Now if you take the same experience for a customer who might not be that versed in technology, or [might not be able] to use a technology such as biometrics or a physical token to authenticate, [you must] keep in mind that frictionless is all about using machine learning technology to look into the behavior of that customer and apply the right level of security at the right moment. For example, we look into the way a customer transacts, or even how they type their information, their account numbers and password and so on. If something is amiss, then and only then we can step up the authentications and ask for a second factor. In other words, using friction only when necessary. It is not to be said the behavior is only to be used for external customers; it can also usually be used for internal customers as well. But the conjunction of those two technologies allows for a very unique experience that is very suited for credit unions. Biometric-Based Solutions FIELD: Well I m glad you brought up biometrics solutions. Talk to me a bit about some of the new biometric-based solutions. I m thinking fingerprint, palm print, keyboard behavioral authentication. How do these factor into credit union plans going forward? NEERANT: Biometrics is very important for many reasons and should be part of the credit union s security features moving forward. Biometrics may not be used in the same context every channel, as was just discussed. Imagine using a physical device, on a mobile phone, for example. It s not practical; it s not usable even though it would be great from a security standpoint. Again, it may not be usable and feasible. So it s all about using the right technology at the right time and at the right moment. From an employee standpoint, using biometrics is going to speed up the log-in process by removing the headache of forgetting passwords right after a long weekend, or holidays, or even when those have to be reset. It is fast, it is easy to use and it adds security. It s a great technology. Behavioral biometrics brings a second dimension to security by providing a frictionless, risk-based analysis and subsequently, asking the users, internal or external, for additional authentications only when needed. So, biometrics can be used by a customer to unlock their phone or unlock their applications, but then something s wrong in the way they re typing their account numbers or typing their pin numbers. So in that case, the account can be locked; the account or the customer can be asked a second question something only they know. So there are many ways to handle that step of authentication depending on the banks own policies. In my opinion, machine learning biometrics in conjunction with traditional biometrics, such as fingerprints or palm prints definitely should be part of the future of the security implementations for credit unions. Crossmatch s Role FIELD: Well, talk to me a bit about Crossmatch now. How are you helping credit unions to deploy some of the multifactor authentication solutions we have talked about here today? NERRANT: With over 20 years in the security and biometric industry, and with hundreds of credit unions as customers, it s all about listening to our customers and building together a solution that meets their needs. DPCA, or digital persona composite authentication platform, is easy to deploy and is designed to sit on Microsoft infrastructure, making it easy for the bank s IT staff to learn and to use. It s a platform; that s what you have to keep in mind. And therefore, it s built by design to be scalable and adaptable to bring the best technologies or modalities under one authentication engine. All multipoint integration technologies truly allow the authentication of users, internal or external, right from PC log-in to legacy applications, all the way to green screen or using API to connect with third-party solutions. For example, we provide an authentication platform to banking software using APIs and other technology for those banks using cloud-based applications, such as Microsoft Office 365, for example. So once again, the goal of a platform is truly to cover all the digital channels those banks have with one platform. Listen to the full interview: https://www.bankinfosecurity.com/ interviews/role-biometrics-in-multifactor-authentication-i-3786 The Role of Biometrics in Multifactor Authentication 4

About ISMG Information Security Media Group (ISMG) is the world s largest media organization devoted solely to information security and risk management. Each of our 28 media properties provides education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Our annual global Summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges. Contact (800) 944-0401 sales@ismg.io 902 Carnegie Center Princeton, NJ 08540 www.ismg.io

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback