The FFIEC recommends using complex device authentication methods that leverage one-time cookies and examine PC configurations, IP addresses, geolocation and other factors. According to the regulatory body, challenge questions also should be employed as a secondary authentication method.
NACHA reiterates the need for complex device authentication methods, but also points out that methods should be updated as authentication technologies evolve and progress. NACHA further recommends using different challenge questions for different sessions.
Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio