FFIEC compliance (Federal Financial Institutions Examination Council)

FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC)... (Continued)

FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC). The standards require multifactor authentication (MFA) because single-factor authentication (SFA) has proven inadequate against the tactics of increasingly sophisticated hackers, particularly on the Internet. In MFA, more than one form of authentication is implemented to verify the legitimacy of a transaction. In contrast, SFA involves only a user ID and password.

Authentication methods that can be used in MFA include biometric verification such as fingerscanning,iris recognition, facial recognition and voice ID. In addition to these methods, smart cards and other electronic devices can be used along with the traditional user ID and password. The outstanding feature of the FFIEC guidelines is the requirement that encryption be used in all online transaction processing (OLTP) done by financial institutions. The level of encryption must be sufficient to prevent unauthorized disclosure within a bank's internal networks and among shared external networks.

In order to determine whether or not an institution is in compliance with FFIEC guidelines, comprehensive assessments of the internal environment must be conducted to identify potential security weaknesses and threats. Then goals must be set, solutions implemented and periodic risk assessments performed in order to maintain an adequate level of security.

This was first published in March 2008

Continue Reading About FFIEC compliance (Federal Financial Institutions Examination Council)

Glossary

'FFIEC compliance (Federal Financial Institutions Examination Council)' is part of the:

View All Definitions

Dig deeper on FFIEC compliance guidelines

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close