Responding to the recent guidance on internet banking security from the FFIEC, First Data Corp. outlined facts about its internet banking security solution package.

First Data offers a set of products and services that are available both as integrated tools within First Data’s internet banking platform and through relationships the company has developed with trusted security vendors. The solution set is designed to give financial institutions a spectrum of choices, helping them to comply with the FFIEC guidelines while enabling them to develop the layered security approach that meets their needs.

On June 28, the FFIEC issued a supplement to its “Authentication in an Internet Banking Environment” guidance, first issued in October 2005. The purpose of the supplement is to reinforce the risk-management framework described in the original guidance and update the FFIEC member agencies' supervisory expectations regarding customer authentication, layered security, and other controls in the increasingly hostile online environment.

“The new guidance has made it clear that financial institutions need to create layered security controls, as single solutions are much easier for fraudsters to work around,” said Julie Conroy-McNelley, senior analyst with Aite Group.

Within the past year, First Data has enhanced its internet banking security through relationships with vendors, among them:

•    IronKey’s Trusted Access provides a secure web browser that is designed to meet FFIEC specifications for protecting online banking sessions and reducing risk of account takeovers. .

•    Laru Corp.’s ACH Clarity and Vision products for financial institutions provide ACH risk management, compliance and anomaly detection to help prevent fraud for all ACH transactions including online transactions.

•    Trusteer's fraud prevention solution Rapport, designed to prevent malware from infecting endpoints; and Pinpoint, a server-side product that is designed to detect high risk transactions to help reduce exposure to malware-driven fraud.

First Data also recently began offering the Symantec (formerly VeriSign) VIP security token service as a multifactor authentication solution. These security vendor relationships build on First Data’s core internet banking security features, providing a variety of tools to assist financial institution clients in meeting the new regulatory guidelines, including detecting and responding to suspicious activity during initial login and authentication of online banking customers and initiation of EFT transactions; providing enhanced controls over business administrative functions; and enabling multi-factor authentication, including out-of-band authentication and security token solutions.

http://www.firstdata.com/en_us/about-first-data/media/press-releases/09_08_11.html