IronKey, Inc., a provider of secure managed portable storage, authentication and virtual computing, has voiced its support for rumored new online bank account security guidelines from the Federal Financial Institutions Examination Council (FFIEC).
In supporting stricter guidelines on web banking, says Kapil Raina, IronKey product manager, progress could be made to curb a multi-billion dollar industry: fraud.
"If you think about it, if it’s a six billion dollar market that could grow," Raina says. "It’s become very sophisticated."
In working with banks, Raina says he's heard drastic ideas on how to stop fraud, such as disabling ACH and wire services manually, or ceasing to provide certain functions through online banking altogether.
Fraud has " become its own industry," Raina says. "And any time there’s multiple billions of dollars to be had, it’s going to become fairly sophisticated. Now we’re seeing multichannel or cross platform attacks - not just desktop, but through telephone, mobile, etc. We’re seeing a lot of different correlated types of attacks across different platforms."
But ceasing to provide online banking services wouldn't be easy, Raina adds.
"It’s embedded in our culture and our daily activities and our life," he says. "But everyone, from an individual to a commercial entity is at risk."
Attacks, such as phishing, keylogging, ZeuS Trojan, man-in-the-browser and man-in-the-middle are still prominent. New guidelines could help.
"The last major guidance from the FFIEC focused on two-factor authentication, but simply beefing up those requirements won’t cut it today," said David Jevans, IronKey founder and chairman. "An indication of how they might shape new guidelines can be gleaned from what was already issued by the FBI and NACHA for commercial bank accounts."
But, ultimately, it takes a combined effort, not just from regulators, but also banks, customers and vendors, Raina points out.
"We're all in this together," he adds.