FFIEC supplementary recommendations not strong enough
12 July, 2011
category: Digital ID, Financial
Software security provider VASCO Data Security International says that the Federal Financial Institutions Examinations Council’s (FFIEC) 2011 supplement to the 2005 Internet Banking Environment Guidance doesn’t go far enough in Internet banking security requirements.
VASCO has felt this way since the original guidance, which it believes led banks to opt for cheap but unsafe security measures. “For VASCO, the FFIEC’s guidelines are a step in the right direction, but we believe that more is needed,” says Ken Hunt, Chairman & CEO of VASCO Data Security.
While the new recommendations do place more importance on periodic risk assessments, layered security and customer authentication measures in order to thwart hacks and fraud, VASCO believes that two-factor authentication including electronic signatures is really the best protection against attacks.