Customer Authentication & Validation:
The New Normal in Risk Mitigation
Wednesday, November 2, 2016
12:00 pm – 1:30 pm PT
1:00 pm – 2:30 pm MT
2:00 pm – 3:30 pm CT
3:00 pm – 4:30 pm ET
Gone are the days when authenticating your accountholders included affirmation of mother’s maiden name, Social Security number, and date of birth. As the industry shifts to increased mobile and other remote electronic technologies, accountholder authentication and validation is no longer a table-stakes exercise. Rather, it is a strategically important enterprise-risk mitigation process. Unfortunately, fraudsters evolve along with technology. This webinar will identify a proactive and evolving accountholder authentication and validation framework through enhanced and proven procedures that thwart account takeover, identity theft, and monetary and reputational loss.
Continuing Education: Attendance verification for CE credits upon request
- Case study: how we fell victim to social engineering and the resulting changes to accountholder authentication and validation
- BSA CIP onboarding requirements and authentication best practices
- FFIEC guidance for multi-factor authentication
- Something you know (password or passphrase)
- Something you have (tokenization)
- Something you are (biometric)
- Pitfalls of self-authenticated commercial accountholder requests
- High-level overview of NIST electronic authentication guideline
- TAKE-AWAY TOOLKIT
- Publication: FFIEC’s Authentication in an Internet Banking Environment
- Publication: NIST Special Publication 800-63-2: Electronic Authentication Guideline
- Wire transfer callback procedures
- Employee training log
- Quiz you can administer to measure staff learning and a separate answer key
WHO SHOULD ATTEND?
This informative session is intended for electronic processing, information technology, and information security personnel, as well as auditors, compliance staff, risk staff, board members, and audit committee members.
PLEASE NOTE: Webinar content is subject to copyright and intended for your individual financial institution’s use only.