Financial institutions offering online banking are facing a looming end-of-year deadline to comply with the Federal Financial Institutions Examination Council's (FFIEC) mandate to implement two-factor authentication. If your financial customers haven't complied yet, there's an opportunity for you to keep busy through the holidays. Before you give your customers a call, peruse the two-factor authentication resources we collected here with the FFIEC mandate in mind. It's important that you -- and your customers -- understand that two-factor authentication isn't the only means to achieve compliance and it's far from foolproof.
- Definition: Two-factor authentication
Start with the basics with this definition powered by our sister site, WhatIs.com.
- Tip: Understanding two-factor authentication as mandated by the FFIEC
While the FFIEC agrees with the traditional definition of two-factor authentication, not all of its recommendations for complying with its mandate qualify as such. This tip explains what qualifies as two-factor authentication and what the FFIEC is expecting from Web-based financial institutions.
- Q&A: What is the best authentication method for protecting an online banking site?
SearchSecurity.com expert Joel Dubin offers advice for securing a banking Web site to comply with the FFIEC's mandate.
- Webcast: FFIEC: How to comply with the authentication regulation
This 60-minute webcast helps set the record straight about what organizations need to do to comply with the FFIEC's mandate, with a focus on the technologies that the FFIEC deems acceptable.
- Tip: The drawbacks of two-factor authentication
Despite the hype surrounding two-factor authentication, it's not the end-all, be-all of access management solutions. This tip will help you put the technology in perspective for your customers.
- Article: Two-factor authentication options
Every authentication mechanism has its unique pros and cons, as outlined in this article, to help you choose the best mechanism for your customer's two-factor authentication system.
- Tip: Does two-factor authentication protect you from hackers?
No security measure is foolproof -- including two-factor authentication. Learn about the technology's weaknesses.
- Tip: Top 10 don'ts for smart card deployment
Avoid these common mistakes when deploying your customer's smart card solution.
- Tip: One-time password tokens and FFIEC compliance
If you take extra care when implementing OTP tokens, you can ensure your customer a reasonable level of security and compliance with the FFIEC's two-factor authentication mandate.
- Tip: The insecurity of two-factor authentication
This tip serves as an introduction to smart card and USB token technologies, and their weaknesses.
- Tip: Two-factor authentication for SMB customers
Learn how to offer your SMB customers a variety of low-cost, manageable two-factor authentication options in this tip.