| Advances in technology have made it easier than ever before for customers of financial institutions to access their accounts remotely and perform online transactions. However, many of the same advances have also made the illicit use of these processes easier for fraudsters. Compounding this problem is the fact that financial institutions continue to rely on outdated technologies such as the one-time password, which is still the most frequently used method of authentication (Brand, 2014). As this problem is becoming more prominent, many large banks have made improvements to their authentication methods, while many smaller ones have failed to evolve at the same pace (Acohido, 2015). The purpose of this project was to identify online authentication challenges faced by financial institutions and explore possible ways of mitigating them. The research intended to answer the following questions: What methods of user authentication can be used by financial institutions? How do mobile devices affect banks' authentication strategies? How do financial institutions balance robust authentication with user privacy and convenience? The findings revealed that there are a number of viable authentication methods that can be utilized by banks for varying purposes, but due to differences in factors such as device types and customer demographics, there is no universally-applicable solution. The research also revealed that stronger authentication methods can have both positive and negative effects on user privacy and convenience, depending on how they are implemented (Bhargav-Spantzel, 2014). The resulting recommendations focus on malware considerations, the elimination of passwords, card not present fraud prevention, and implementing authentication solutions by device type. Because many strong authentication methods are still in their infancy, future research is also necessary. |
