Passwords
They're not going away, but passwords by themselves were insufficient even under the FFIEC's older rules. (Image: ThinkStock)
Challenge Questions
Asking questions for certain tasks, such as registering a new computer for account access, increases security somewhat, but this method is no longer enough by itself. (Image: ThinkStock)
Geolocation
The location of a user's machine can be a potential indicator of an unauthorized access. (Image: ThinkStock)
One-Time Passwords
Tokens that generate one-time passwords can improve security over the use of just a static password. (Image: ThinkStock)
Activity Monitoring
Banks that diligently monitor for unusual activity may be able to freeze unauthorized transfers. (Image: ThinkStock)
Device Identification
The hardware and software installed on a user's computer can be used to identify it on later visits. (Image: ThinkStock)
Secure Browser
Software that locks out all other computer activity — including viruses — can protect online banking sessions. (Image: ThinkStock)