NAFCU Services Blog

If you feel like there is always another security measure you need to consider, you’re right and this reality is actually a very good thing. The security landscape is indeed continuously changing and evolving.

You must constantly evaluate and revaluate your security processes because one single solution to satisfy all of your security concerns and needs does not exist.  Consequently, it’s wise to employ a multi-factor security (MFA) strategy.

Chris Amador, Product Owner with Q2, talked about the balancing act that your credit union faces when implementing biometrics solutions, in our recent webinar, “Biometrics: Enhancing Member Experience & Security.” He spoke about the challenges your credit union faces with providing secured online and mobile channels that guarantee compliance with regulations and deliver a satisfying experience for your members.

Watch Biometrics: Enhancing Member Experience & Security

We’re sharing some key highlights from the webinar and encourage you to watch the complete presentation where Chris shares timely insights on:

• The different types of biometric solutions currently used within the financial services industry
• What true multi-factor authentication (MFA) means and why the “third factor” is difficult to solve
• The preferred biometric solution for online use among consumers
• Barriers you need to consider when implementing biometrics features
• How to evaluate whether or not your membership is ready to accept this technology

What is a True Multi-Factor Security Strategy?

A true multi-factor authentication (MFA) security strategy should include three key factors:

• Something I “have” (e.g., your member’s laptop or mobile device like a tablet or a smartphone)
• Something I “know” (e.g., your member’s user ID and password, pin, account number, or knowledge based questions)
• Something I “am” (e.g., your member’s biometric data, a physical or behavioral attribute unique to your individual member)

You and your members are familiar with the “something I have” and “something I know” categories,  but those two factors alone have limitations in today’s complex security environment.

The physical devices your members use, whether it’s a laptop, a tablet, or a smartphone were considered as an integral layer of security, but this is no longer thought to be true because these devices can be stolen. And, due to the rise of social media, your members may post all sorts of information that can be used by fraudsters to determine the correct answers to security questions. As an example, online quizzes on social media (e.g., Buzz Feed) can be used as tools for fraudsters to phish for information.

The “something I have” category is only available through the implementation of biometrics. Biometrics are an effective third-factor in a MFA security offering for your members because they utilize something fraudsters can’t duplicate, the unique personal and physical identifiers of your members.

It’s important to consider and assess to what degree your members will be comfortable and willing to adopt biometric security measures. Continue advancing your knowledge about these options and the biometrics landscape, by watching “Biometrics: Enhancing Member Experience & Security.”

Q2 is the NAFCU Services Preferred Partner for a single platform virtual banking solution, including online and mobile. Learn more about Q2 by visiting www.nafcu.org/Q2.