Entrust Gives Banks Easier Way to Meet FFIEC Compliance

By | December 27, 2006

By the end of the year, financial institutions in the United States have to offer stronger security measures for online customers according to the Federal Financial Institutions Examination Council’s (FFIEC) guidance. After last week’s acquisition of Business Signatures, Entrust, Inc. [NASDAQ: ENTU] offers a special promotional package that combines its newly acquired Zero Touch Fraud Detection™ solution with multi-factor authentication with Entrust IdentityGuard™. The promotion offers financial institutions single-priced packages, eliminating per user fees, along with a choice between subscription and perpetual licensing. This promotion will run through December 31, 2006.

This promotional package includes:

Combination of Two Viable Options for FFIEC Compliance. The package includes both Entrust Zero Touch Fraud Detection and the Entrust IdentityGuard multi-factor authentication platform. The Zero Touch Fraud Detection platform will include eFraudMart, Real Time e-Fraud Detector and a certain number of signatures depending on the package chosen. Entrust IdentityGuard will come pre-equipped with several authentication methods including machine authentication, challenge/response, emailed one-time passcodes and mutual authentication.

Flexible licensing options. Financial institutions can choose to purchase the package on a subscription or a perpetual license basis.

No per user fees. Four package sizes will be offered, so financial institutions have access to an unlimited number of user licenses within their chosen package and not have to worry about purchasing additional licenses as long as they stay within the package range.

“For us, we think the ‘E’ in FFIEC should stand for ‘easier,’ and we are providing a clear alternative to RSA Security,” said Peter Relan, Entrust chief strategist. “With over 80 percent of financial institutions still without an FFIEC compliance solution, we wanted to offer something to get them up and running as quickly as possible with the two most effective weapons to mitigate online theft – zero touch fraud detection and a multi-factor authentication platform.”

The Entrust Zero Touch Fraud Detection platform requires no integration with banking applications, nor does it impact the user experience. Because this method operates in real time to stop or reverse potentially fraudulent transactions, the FFIEC has approved this mechanism for meeting its end of year guidance. In addition to the zero touch nature of Entrust fraud detection platform, changes can be made easily once new fraudulent patterns emerge. This approach requires no changes to the financial institution’s website and can be made by the fraud detection team rather than having to make changes to back end applications – unlike other competitor solutions.

Entrust IdentityGuard is a comprehensive strong authentication platform for Internet and enterprise applications. This suite of strong authentication capabilities can help enable organizations to take a risk-based approach to tailoring a security deployment. The flexible deployment options can enable organizations to match strong authentication methods to the level of risk they have determined to be associated with the different types of users, transactions and applications in their environments.

“We know banks eventually will want to implement stronger user authentication, which is why we see this promotion as a longer term road map to zero touch consumer authentication,” adds Relan. “But interrupting the user experience and retraining them on a new authentication mechanism takes time, and time is a luxury financial institutions in the United States just don’t have right now.”

Leave a Reply