5 Tips to Help Banks Implement E-Payments Security
4. Effectiveness of Authentication Techniques
The FFIEC recommends using complex device authentication methods that leverage one-time cookies and examine PC configurations, IP addresses, geolocation and other factors. According to the regulatory body, challenge questions also should be employed as a secondary authentication method.
NACHA reiterates the need for complex device authentication methods, but also points out that methods should be updated as authentication technologies evolve and progress. NACHA further recommends using different challenge questions for different sessions.