In the wake of the most recent FFIEC guidance published in 2011, many financial institutions and service providers have undertaken very expensive and time-consuming projects to replace the traditional challenge questions and answers that they previously used as a security measure. One of the more popular solutions suggested as an alternative was to provide out-of-band authentication via a second independent device. Mobile phones were the natural fit as that independent device, since the typical consumer’s high usage of SMS texting would make it easy to incorporate into their banking routine.
Mobile banking presents an attractive way for banks to improve their relationships with their customer, serving them wherever they go. But with major security breaches and fraud incidents making headlines, financial institutions are taking steps to address the growing problems of advanced persistent threats and fraud in online and mobile banking channel. Read more