Case Study: 2 Factor Authentication Like Money in the Bank

Community banks and credit unions are taking a best practices approach to mutual authentication by opting for two factor solutions that offer the highest levels of security and authentication without sacrificing usability. To meet regulatory guidelines, many financial institutions felt compelled to quickly deploy a two-factor solution even though it was expected to be difficult for both users and the bank. By contrast, Comodo’s Two Factor Authentication model for the mid-market is based on a usability study that identified four key drivers; 1) ease of customer adoption, 2) no bank-side integration 3) ease of configuration and 4) low cost.

The recent, rapid adoption by banks and credit unions of PKI- based client certificates confirms this “needs based model” since it recognizes that authentication – no matter how secure – can not sacrifice usability. “Previously, most small to mid sized financial organizations were simply focused on being compliant within the timeframe without trying deploy a best practices approach largely because virtually all solutions either required major IT deployments or were difficult for consumers to adopt or both.” said Andrew Pynes, Executive VP at Comodo. “But now, client certificates combine the best of both worlds – security and ease of use – so banks and credit unions can provide a better customer experience within a highly secured environment.”

Comodo Two Factor (TF) was developed using customer insights garnered from research among bank and credit union customers to understand the optimum hierarchy of needs that balance customer usability and security. The result of this research led to the development of Comodo TF that utilizes PKI-based digital certificates within a highly flexible, low cost and configurable architecture. Comodo, as a leading Certification Authority manages the entire lifecycle of the digital certificates via an authentication/proxy server.

Therefore, instead of just complying with the guidelines, financial institutions of all sizes can adopt a best practices approach to mutual authentication without needing a dedicated IT staff to manage it. With Comodo TF, authentication requirements are aligned to a customer engagement process that is the easiest for the customer to adopt – largely because the customer does not have to change their current behavior. The customer simply needs to go through a one-time automated authentication/ installation of a digital certificate onto their PC, which effectively converts the PC into a “smart card” or authentication token. Once installed, a customer does not change their behavior and can simply continue to use their existing username/ password as normal yet be authenticated to the bank in a more secure manner.

The ease of customer adoption in combination with a highly secure infrastructure has resulted in Comodo TF being selected, on average, every 8 days by another bank or credit union. In some cases, institutions reevaluated previously selected technologies in favor of Comodo TF since this solution was seen as being superior in terms of customer usability and ease of bank deployment. Benchmark Federal Credit Union, Boiling Springs Savings Bank, Community Bank of Tri-County, Harleysville Savings Bank and Roma Bank are some examples of financial institutions that have adopted Comodo TF.

“We’ve witnessed an important transition in how financial institutions value authentication technology,” said Melih Abdulhayoglu, President and CEO of Comodo. “Whereas in the past, organizations tended to make investments to meet the basic requirements, now these institutions are able to move up to a best practices approach that can enhance customer satisfaction but be highly secure and cost effective. This authentication model is best delivered by a Certification Authority because our core competency is to enable authenticated, sensitive transactions which can be trusted by all parties.”

More details are available at http://enterprise.comodo.com/