Bank Procedure is 'Win-Win'

To prevent online fraud, financial institutions that offer online banking are required by the Federal Financial Insitutions Examination Council (FFIEC) to double-check that the person logging in to the system is a valid customer.

When BankNewport in Rhode Island adopted a Two-Factor authentication plan, its concern was to make the transition as easy as possible on its customers. In addition to requiring online customers to use a password, the bank chose to install digital certificates from Comodo on each customer's computer.

The process looked simple: the first time the customer tried to log in, the bank would send the customer a digital certificate, a small document. The document would install itself on the customer's computer. Every time the customer tried to log in after that, the bank's computer would check for the certificate.

As required by the FFIEC, BankNewport would thus check each customer's identity twice: first with the password, and second with a digital certificate.

Even though the process looked simple, BankNewport wanted to take no chances. If installing the digital certificates proved difficult for its customers, the bank's help desk could be overwhelmed by frustrated customers all trying to log in at once.

BankNewport innovated its transition to the new Two-factor Authentication. It studied its online banking records and discerned that the same customers generally logged in at the same time each day. It implemented the Two-Factor requirement for only an hour the first day, allowing it to issue certificates to a limited number of customers. Once the early-morning customers had been provisioned, it could open the window by another hour, gradually phasing in customers throughout the adoption process.

With digital certificates on their computers, and with their own secure passwords, BankNewport customers could bank online with assurance and ease.

It was "one of the best solutions I've implemented since being here....It has been a win-win solution for both our customers and our staff", said Nelson Teixeira about BankNewport's Two-Factor Authentication process using Comodo digital certificates. Teixeira is Vice President of Direct Banking and eCommerce at BankNewport, a community bank fixture in southeastern New England since 1819. BankNewport now holds over $1 billion in assets.

write your comments about the article :: 2009 Computing News :: home page