Deciphering Multifactor Authentication: Strategies for Business Online Banking

by Jacob Jegher, December 22, 2006
North America

Abstract

Boston, MA, USA January 10, 2007

The majority of banks are not prepared to deliver multifactor authentication solutions to business clients. A strategy is required.

Multifactor authentication (MFA) is the talk of the town. The focus has been primarily on retail banking due to the sheer volume of customers impacted. However, the FFIEC guidance affects not only retail, but all customer segments including small through large businesses.

As we begin 2007, banks have to expedite their decision-making; 75% of them are not ready to provide MFA to their small business clients, and 42% will not be ready to provide it to their large corporate clients. They will eventually come through with solution deployment, although this will be some time later in 2007.

In a new report, , Celent analyzes the hesitation that banks have toward multifactor authentication as well as the decision-making methodology they should be following. Banks must pay careful attention to the customer segments they are defining and focus on future banking and customer requirements when selecting a MFA solution.

A focus on expendability and flexibility is paramount. Banks will most likely and should choose more than one of the MFA options available to them and will want to employ a layered MFA approach. This will allow banks to devise a comprehensive MFA program that can meet a wide variety of needs. MFA choices will vary depending on transactional risk, mix of banking platforms, disturbance threshold, and a bank’s use of a particular technology. The report also presents a case study on Zions Bank, which chose to roll out a solution to serve both its consumer and business segments. Zions was one of the first in the United States to offer a solution to its client base and was well under way with its MFA strategy well before the FFIEC guidance was released. 

"The fact is that most banks are presently stuck in the planning and/or decision-making process," says Jacob Jegher, senior analyst in Celent's Banking group and author of the report. "Whether they like it or not, banks have to see past their reluctance and take a strong look at the bigger picture. A single username and ten-year-old password simply don’t cut it anymore. Banks have to accept that the time is now to implement MFA, particularly for wholesale banking clients."

This 29-page report contains eight figures and four tables. A table of contents is available online.

Members of Celent's Wholesale Banking research service can download the report electronically by clicking on the icon to the left.  Non-members should contact info@celent.com for more information.

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally based analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is a wholly-owned subsidiary of Marsh & McLennan Companies [NYSE: MMC].

Media Contacts

North America
Michele Pace
mpace@celent.com
Tel: +1 212 345 1366

Europe (London)
Chris Williams
cwilliams@celent.com
Tel: +44 (0)782 448 3336

Asia (Tokyo)
Yumi Nagaoka
ynagaoka@celent.com
Tel.: +81 3 3500 3023

Table of Contents

Boston, MA, USA January 10, 2007

 

Executive Summary 3
Introduction 5
The State of Multifactor Authentication in Wholesale Banking 6
The Hesitancy Toward Multifactor Authentication 9
  Numerous Factors Hold Banks Back 9
  Banks Have to see the Bigger Picture 10
Starting From the Ground Up 12
  Banks Have to Take a Step Back 12
  Understanding Customer Needs and Defining Customer Segments 12
The Multifactor Authentication Menu 14
  Keep it Simple: Focus on Transaction Risk and Disturbance Threshold 14
  A Menu of Choices 15
  Determining Business Needs by Segment Size 16
Selling the MFA Concept 20
Zions Bank: Leading the Pack 21
Conclusion 27
Objectivity and Methodology 28
 

Sign in to download reports and access personalized information