Protect The Online Channel: Four Top Considerations

By Dennis Maicon

In today's online banking landscape, securing members' online transactions isn't only a good practice for building member loyalty and trust, it's a critical part of operating in the digital world.

From fear of members abandoning the online channel to Federal Financial Institutions Examination Council (FFIEC) compliance, credit unions are anxiously searching for solutions to help them meet a diverse array of issues stemming from conducting business online. Faced with a multitude of technology and solution choices, credit union executives must arm themselves with information to be able to understand the risks associated with the online channel and to select solutions best meeting those risks.

When assessing risk, credit unions should look at a number of factors, some of which address the traditional concepts of risk (member segmentation and online activities) and some of which address different kinds of risk (those associated with new technology and its effects on online members).

Credit unions should weigh four considerations when investigating how to best provide strong member protection online, keeping in mind the balance between security and preserving the normal member experience:

1. Member experience. Credit unions need to move member experience to the top of their online fraud prevention checklist. While not a point in the FFIEC guidance, it's a point of common sense: Disrupting the ease of use of the online channel with lengthy or cumbersome processes isn't a good way to build loyalty with online users. Nor is it a good way for credit unions to keep costs down.
   
   By deploying a transparent authentication solution, credit unions remove the member from the authentication process and keep security tactics off of fraudsters’ radars.
2. Front door protection—keeping would-be fraudsters from gaining access to member accounts. Credit unions need to be wary of solutions that don't authenticate users until after logon, and then look only for suspicious or risky transactions. While it's important to track activity once online, it's imperative to employ real-time risk evaluations at logon—before a fraudster has the opportunity to view sensitive member data.
   
   Think of it this way: Would you rather lock your front door to keep thieves out, or would you rather let them in your house and take action only if they do something suspicious?
3. Member segmentation. Not all credit union members are the same. Does the solution you're looking at provide options for further authentication of riskier member segments? Credit unions should look for solutions offering multiple choices for user authentication so they can select the method best meeting the security needs of diverse member segments.
4. Analysis and forensics. This is one of the most critical parts of any fraud prevention solution because it's the one thing that will continue to help credit unions define, detect, and defend against emerging fraud. Without a strong analytical component designed to make sense of the newfound information about a credit union's online channel, there's no way to understand how well your solution is helping to lower fraud losses from the online channel.
   
   When looking at risk for the online channel, look beyond traditional risk assessment factors. Incorporate factors into the decision process that will affect your credit union and your members long after risk assessments are completed.

Dennis Maicon is executive vice president, financial services solutions, for Atlanta-based Digital Resolve. It provides transparent, risk-based authentication solutions for financial institutions. Contact him at 877-201-3593.