Headlines:
Fed Banks Ready ACH Risk-Check Service
The Federal Reserve banks plan to start a risk-monitoring service for automated clearing house transactions this spring.
FedACH Risk Origination Monitoring Service will allow originating banks to keep track of the companies that initiate ACH payments, the Fed said Monday. It will be part of the central bank's widely used FedLine payment service. ACH volume has grown dramatically in recent years; it rose 15% in the fourth quarter compared with the year-earlier period, according to Nacha, the electronic payments association.
Richard Oliver, an executive vice president with the Federal Reserve Bank of Atlanta and the manager of the Fed's Retail Payments Office, said in a press release: "Risk mitigation in the ACH network is important to all participants and is consistent with our role as the nation's largest ACH operator and our broader mission to foster a sound payments system. Even with the best of intentions, manual methods may be subject to inconsistency and human error, exposing these institutions to operational risks and making them more susceptible to credit and fraud risk."
BioPassword Tailors Software for Banks
BioPassword Inc. on Monday announced BioPassword Internet Edition, authentication software that banks can offer their customers.
BioPassword, of Issaquah, Wash., already offers the software to other businesses, which provide it to employees. The version for banks costs $30,000 for the first 10,000 users and $1 per person after that.
BioPassword's software evaluates users' typing patterns when they enter their passwords. Mark Upson, the company's chief executive, said these patterns are distinctive enough to be used as a biometric identifier; someone using a stolen password would not be able to type it in the same manner or at the same speed at the legitimate user. He said his software is about as accurate as a fingerprint scan.
"Banks and credit unions will be able to secure their sites and provide second-factor authentication by their users' typing patterns," Mr. Upson said in an interview Friday.
BioPassword said the new offering's first customer is Charter Financial Corp. of Bellevue, Wash.
Tom Robertson, Charter Financial's senior vice president of information technology, said Monday in the BioPassword press release that "even if credentials were to be stolen, our customers will still be protected."
The software must observe users' typing patterns nine times before it begins to recognize them. It could happen behind the scenes by observing nine normal logins or by asking the user to type the password nine times. BioPassword Internet Edition was designed to be invisible as possible to consumers both when installed and when run, Mr. Upson said.
The process should work even if the user changes keyboards, but Mr. Upson said a change in hardware has the potential to slightly alter the typing pattern. In such cases the system could be configured to grant limited access to the user. For example, if someone knows the correct password but the typing pattern does not match, the bank could choose to block high-risk transactions unless the person can answer a challenge question.
