Page 11 - Implementation of Secure Authentication Technologies for Digital Financial Services
P. 11

4  INTRODUCTION

            The Digital Financial Services (DFS) ecosystem       Technologies and approaches that use continuous
            requires standardized, interoperable, strong authen-  and adaptive authentication to minimize the time
            tication technologies as enablers to reduce risk and   required to detect impostors are emerging. Technol-
            protect assets.                                    ogies that securely shift the storage location for per-
               Regulators are increasing the requirement for   sonal data out of centralized storage that might be
            robust identification  of  clients  to  combat  money   limited by network infrastructure, to user-controlled
            laundering and other misuses of financial systems.   mobile devices are advancing. These new approach-
               Along with the increase of mobile-only and      es will become widely available within the next sev-
            remote-only clients, financial institutions are fac-  eral years, and will help to address new threats that
            ing new kinds of fraud, impersonation and security   emerge over time.
            threats that  older  password-based  authentication
            systems were never designed to address.            4�1  Implementations examples section
               The systems, technologies and approaches        Section 8 of this report contains descriptions of
            described in this report have been designed for    implemented systems covering two DFS use cases:
            use in mobile computing environments, blending     Enrolment/Account Opening and Authentication for
            well-established techniques such as public key cryp-  accessing a DFS. Both use cases deal with identifi-
            tography with new techniques such as generation    cation of an individual: the former handles the situ-
            and storage of cryptographic keys on-device instead   ation where the DFS system sees the individual for
            of  centrally.  The  move  towards  mobile  devices  has   the first time; the latter authenticates the individu-
            made the already weak password-based security less   al using previously-issued credentials. To effectively
            usable while the increasing availability of widespread   manage mis-identification risks, DFS providers must
            fingerprint and other biometric sensors makes the   ensure that both enrolment and credential authenti-
            shift to password-less and multi-factor authentica-  cation are robust and use standardized methods and
            tion technologies feasible.                        technologies.












































                                             Implementation of Secure Authentication Technologies for Digital Financial Services  9
   6   7   8   9   10   11   12   13   14   15   16