Monday, August 6, 2007

Banks fail to meet FFIEC multi-factor authentication requirements

According to a recent study, only 4% of financial institutions are actually meeting the FFIEC requirements for multi-factor authentication. Many of the others are relying on challenge questions or other risk-based authentication approaches that ultimately only provide single-factor security.

I’ve shared more on my analysis of this problem and its implications in this Security PS blog entry.

No comments: