M4S in Financial Services

Cleaning Up The Password Mess

The Problem:
Financial services companies face significant security challenges.

Their business success depends on trust – of customers, partners, governments. To earn that trust, they must do all they can to maximize their security. At the same time, their IT demands grow more intense by the day, thanks to regulations such as the recent Federal Financial Institutions Examination Council mandate that, for financial services activities such as account access or money transfers, firms must install an extra layer of security to their authentication processes. For many, this has meant adding a second password layer on top of their existing layer.

But passwords can cause problems of their own. For one, they are typically not very secure. Many workers know each other’s passwords, and many will also volunteer their passwords to a caller from the company’s IT group. For another, passwords can become expensive. Password resets in financial services organizations can cost $150 per user, per password, per year, according to analysts.

These issues are compounded by the trend toward greater worker mobility, which places added stress on remote-access security systems, and the increasing need for multiple validations in highly confidential transactions. One solution might be to add Single Sign-On (SSO) capabilities as a way to reduce the passwords, but SSO implementations vary, and some may not be as reliable as they should for financial usage.

The Solution:
The M4S Identity Assurance and Access Management (IAAM) solution eliminates the requirement for financial services users to manage credentials (username, password, PIN, etc.), freeing them to concentrate on their business and their transactions. M4S employs a hardware-based biometric authentication process to maximize security, and supports Single Sign On (SSO) – an important function for banks and other financial institutions with numerous separate applications.

M4S’ SSO function avoids the risks of key emulation, supports multi-validations for wire transfers or other highly confidential transactions, supports virtual desktops for mobile workers, and features high reliability in complex financial-IT scenarios