SOURCE: PassMark Security

November 02, 2005 17:09 ET

PassMark's Online Authentication System Exceeds New FFIEC Guidance

MENLO PARK, CA -- (MARKET WIRE) -- November 2, 2005 -- PassMark's online authentication system meets the guidance released in October by the Federal Financial Institutions Examination Council, the company announced today.

"We have been talking with the architects of the FFIEC guidance and the examiners who will enforce it. They have made their intent clear. They consider access to non public customer data as a high risk element of online banking, and they expect broad deployment of significant authentication to protect both the viewing of customer data and transactions," said Bill Harris, co-founder and chairman of PassMark Security. "Our approach delivers the capabilities examiners will now look for, a second factor for authentication and layered security. We also meet another critical requirement of the guidance -- user acceptance -- because users don't need any new hardware or software, and the PassMark itself gives them confidence when they do online banking. That is why we are the leading provider today, and will have over 20 million consumers using PassMark by Q1 2006."

This new guidance specifically states that financial institutions regulated by FFIEC agencies should move beyond single factor password authentication. Institutions must develop layered security measures to reliably authenticate customers remotely accessing their Internet-based financial services. The FFIEC regulatory agencies are: Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency and Office of Thrift Supervision.

"Online Authentication solutions that incorporate strong, yet convenient, two-factor technologies will allow banks to significantly improve online security and at the same time help customers feel more secure with online banking. The new FFIEC guidance compels banks to seriously consider implementing such solutions," said George Tubin, senior analyst at TowerGroup, a leading research firm focused on the global financial services industry.

The PassMark system provides two-factor, two-way authentication as part of its layered online security system.

· Two-Factor Authentication. The PassMark system delivers strong
  authentication by remotely identifying customers' computers, and
  turning them into a reliable "second-factor" for authentication as
  required by the new FFIEC guidelines. There is no need for the customer
  to install new software or carry new identifying hardware, such as
  smart cards or one-time password tokens.

· Two-Way Authentication. Each online customer receives a "PassMark" -- a
  secret image and text known only to the financial institution and that
  customer. When a customer sees their secret PassMark, they instantly
  know they are dealing with the real financial institution, not an
The PassMark system provides Two-Factor Two-Way Authentication™: Two-Way because it authenticates the user to the site and the site to the user, and Two-Factor because it identifies the user's computer hardware as a second factor of authentication.

The PassMark system includes real-time analysis of transactions and decision-making tools can spot and stop threats before it is too late. The system can even identify new emerging attacks, not just known ones, using a state-of-the-art analysis technology called "neural networks."

About PassMark Security

PassMark Security develops anti-fraud and authentication solutions for consumer ecommerce. Web sites can deploy PassMark's patent-pending Two-Factor Two-Way Authentication™ to provide strong and comprehensive security, without requiring their users to carry any new hardware or install any new software. Bill Harris, former CEO of Intuit and PayPal, is the co-founder and chairman of PassMark Security. More information is available at

Contact Information

  • Contact:
    Deb Montner
    Montner & Associates
    Email Contact