Table of Contents 5
Table of figures 6
Market opportunity 7
Online banking has grown, as has the range of things customers are doing online 7
More account holders are banking online 8
More account holders are transferring funds online 9
The increasing popularity of online banking raises its profile for fraudsters 9
Banks are increasing IT spend on online services and online security this year 10
There are opportunities in client-side and back-end authentication technologies 15
Technology Evolution 16
Adoption of 2FA/MFA has varied markedly by region 16
Europe was first to adopt 2FA 16
Initiatives in Asia Pacific got underway mid-decade 17
In the US, the FFIEC called for the implementation of 2FA, but was not prescriptive about the type of technology 18
The US has a broader definition of 2FA/MFA than Europe 18
The FFIEC's non-prescriptive approach has spawned alternative technologies in the US 19
Mobile phones are gaining traction as a channel for delivering a second factor 19
Customer Impact 20
Online security must be integral to banks' business 20
A tiered approach to online security is advisable 20
As phishing increases banks will need to do more on reverse authentication 21
User education will be required for some types of technology 21
Competitive Landscape 22
Client-side technologies 22
ActivIdentity 22
Authentify 23
Commerce Media 23
CRYPTOCard 23
Fronde Anywhere 24
Gemalto 24
GrIDsure 24
IBM 25
PassFaces 25
SafeNet 26
SecurEnvoy 26
Thales 27
Vasco 27
VeriSign 27
Vett 28
Back-end technologies 28
ACI 28
Entrust 29
Ericsson 29
Guardian Analytics 29
Iovation 30
Quova 31
RSA 31
Tier-3 32
Go to Market 33
Recommend a mixture of technologies 33
Disruption to existing infrastructure is to be discouraged 33
Banks will need help with user education 33
Delivering technology as a service will appeal to smaller US and German institutions 33
Channel partners will be key in such accounts 34
Countries with greater banking concentration prefer to buy products 34
The fight against fraudsters will go on, so a long game may be in order 34
APPENDIX 35
Definitions 35
CAPTCHA 35
IP geolocation 35
Man-in-the-middle (MITM) attacks 35
Man-in the-browser (MITB) attacks 35
One-time password (OTP) 36
Out-of-band authentication (OOBA) 36
Transaction Authentication Number (TAN) lists 36
Two-factor authentication/Multi-factor authentication (2FA/MFA) 37
Methodology 37
Further reading 38
Ask the analyst 38
Datamonitor consulting 38
Disclaimer 38
[Inhaltsverzeichnis ausblenden]
