Monday, November 07, 2005

Online Banking and Identity Theft

There are many different types of identity theft, but one of the most insidious is the unauthorized access to existing financial institution accounts. Almost everyone has received fraudulent emails about "your account" at a given financial institution, which ask you to update your information, or provide your password or the like. In 2004, the FDIC issued a report on the topic, Putting an End to Account-Hijacking Identity Theft. In response, the Federal Financial Institutions Examination Council has issued guidelines for financial institutions to increase the security of online banking, called Authentication in an Internet Banking Environment. This is not a new law, but a new standard that banks will be measured against during federal auditing, beginning in 2006. The guidelines offer several proposed methods to achieve compliance. More information is available at ComputerWorld and the Boston Globe.