This white paper provides an overview on how banks seek to stop fraud in its tracks with simpler, stronger authentication. In today’s competitive marketplace, banks must use every means available to attract and retain customers. Online banking services can be a differentiator, with customers choosing banks that offer the most convenience and flexibility. However, increasingly sophisticated cyberattacks can make customers wary—they want assurance that their online transactions are protected. Banks that deploy advanced cyber protection can gain a definitive competitive edge.
The Fast IDentity Online* (FIDO*) Alliance addresses banks’ need for stronger authentication methods that don’t rely on multiple usernames and passwords. Instead, FIDO uses a locally stored private key. The private key is used to sign a “challenge,” which is then verified on the bank’s backend server using a corresponding public key. With Intel® Online Connect the local private key, including any biometric templates and data processing, is not available to the
OS—it is stored on the client device in a trusted execution environment—protecting against both man-in-the middle (MitM) and man-in-the-browser (MitB) attacks.
Banks can combine FIDO with Intel Online Connect to create simple yet strong security for online transactions. Intel Online Connect is a PC-based FIDO client and authenticator implementation. Third-party solution providers can use Intel Online Connect either as a silent authenticator (without any user interaction) to provide platform-bound second authentication factor capabilities, or coupled with a biometric factor.
The hardware-based security provided by FIDO protocols and Intel Online Connect provide protection that banks—and their customers—can rely on to help protect the user’s ID while providing an easier authentication process.