The best way to protect online users of banking services against an ever-growing variety of threats is with an effective, efficient multi-layered security environment that utilizes a mutual authentication model. This Best Practices approach enables the 'User' to authenticate the bank site and the bank to authenticate the user.

Until now, a true, reciprocal, mutual authentication model simply was not possible. Why? Because there was no technology in place that enabled the User to authenticate the bank site with Internet-based trust indicators (e.g. SSL padlock) without falling prey to Internet spoofing or Man-in-the-Middle attacks. Thus, while numerous solutions exists for the bank to authenticate the User (e.g. 2 factor solutions such as tokens or biometrics) none can achieve a best practices mutual authentication model without addressing the lack of User authentication of the bank.

The link for this article located at Info Sec Writers is no longer available.