Multifactor Authentication: Forging Ahead in 2007

Create a vendor selection project
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
We are waiting for the vendor to publish their solution profile. Contact us or request the RFX.
Projects allow you to export Registered Vendor details and survey responses for analysis outside of Marsh CND. Please refer to the Marsh CND User Guide for detailed instructions.
Download Registered Vendor Survey responses as PDF
Contact vendor directly with specific questions (ie. pricing, capacity, etc)
23 July 2007


Boston, MA, USA July 23, 2007

Contrary to popular belief, MFA solutions are not running at full speed at many US banks and several are still tackling a number of outstanding issues in 2007.

The deadline imposed by the Federal Financial Institutions Examination Council (FFIEC) has come and gone. Banks scrambled to conduct their risk assessments and to select their multifactor authentication (MFA) solution. At this point one would think that US banks have fulfilled all requirements and would be sitting comfortably with their individual responses. But while the majority of banks certainly got as far as conducting a risk assessment, only about 50% managed to have a solution in place by year end 2006 for retail banking.

Midway through 2007, a fair percentage of banks are still pondering what to do. One would imagine that this would be a fairly simple and straightforward endeavor. However, MFA is still wreaking havoc among banks of all sizes. Contrary to popular belief, MFA solutions are not running at full speed at many US banks.

In a new report, , Celent examines and analyzes the outstanding MFA issues that banks are tackling in 2007. Having a solution in place for retail online banking isn't enough. Banks are busy tackling solutions for small business and corporate online banking. Furthermore, while many banks have selected a solution for online banking, few have tackled other electronic banking channels such as the telephone or mobile banking. Additionally, many banks are under the impression that certain educational programs such as those related to MFA are one shot deals. This is simply not true. While the overwhelming majority of retail customers will grasp the concept and successfully go about their banking, they will not see the bigger picture. This can represent a significant danger to the customer and can render security efforts useless. Banks have to make sure they are constantly on top of educating their customers regarding secure banking best practices.

The report also analyzes the use of MFA by Canadian banks. Even though the FFIEC guidance does not apply to them, Canadian banks have been following the play by play in order to determine what course of action, if any, they should be taking. MFA is a reality in the Canadian banking marketplace. 44% of Canadian banks were up and running with a MFA solution in 2006. By year end 2007, 67% of Canadian banks will have launched a MFA solution.

"Multiple MFA dilemmas are still plaguing the banking industry," says Jacob Jegher, senior analyst in Celent's Banking group and author of the report. "Although some are still taking care of the online channel, banks are being challenged to launch solutions for other channels including telephone and mobile. 2007 will be a repeat of what occurred in 2006--banks will be scrambling to deploy MFA although this time most will be focusing on channels other than online."

This 27-page report contains six figures and two tables. A table of contents is available online.

Members of Celent's Retail Banking and Wholesale Banking research services can download the report electronically by clicking on the icon to the left. Non-members should contact for more information.