Published at Finextra on October 24, 2018 by Raz Rafaeli
If today’s fintech sphere relies on one thing, it would be smooth and unfettered digital access.
The fast pace of financial transactions and commercial activity means financial institutions need to give their clients and employees ways of moving funds and authorizing actions in a seamless and reliable way.
When it comes to handling digital access, referred to in the industry as Identity Access Management, or IAM, a schism has always existed between two competing considerations: ease of use and security.
Nowhere is this conflict more pronounced than in the financial sector.
The Security End
With so much at stake, banks and similar institutions need to ensure identities are properly safeguarded. The slew of cyber attacks regularly targeting these organizations (of which many if not most are attempts at circumventing authentication measures) demonstrates this all too painfully.
The understanding within the sector of the need for better authentication practices is growing. We can see this reflected in the latest regulations pertaining to fintech and IAM. The Payment Card Industry Data Security Standard (PCI DSS) now requires MFA around applications and infrastructure supporting and processing payment card data. Similarly, new mandates from the New York Department of Financial Services (NYDFS) require certain covered enterprises to move beyond legacy authentication solutions and implement robust authentication protocols that support MFA and a federated architecture.