Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
As smartphone usage grows, so do emerging threats of mobile malware. When it comes to mobile banking security, financial institutions can only do so much. Security solutions will have to come from mobile vendors, says ENISA's Giles Hogben.