The use of more than one factor to establish identity online – multi-factor authentication (MFA) – is a crucial way to protect against breaches that involve stolen credentials or account compromise. MFA is particularly significant in the financial sector, where failure to secure the accounts of clients, investors or employees can lead to massive losses. Online authentication factors must not only be secure, but also convenient for the user and, of course, make economic sense. This first article of our two-part series explores the MFA landscape for the financial sector; strategies for fund managers to ensure both security and user-friendliness; challenges certain factors present; and ways to overcome those challenges. The second article
will discuss MFA innovations, including those from the Fast Identity Online Alliance; the expectations of global regulators; and how fund managers can economically implement an MFA system. For more on cybersecurity issues facing investment managers, see “Survey Finds Compliance Programs and Cybersecurity Preparedness of Alternative Asset Managers to Be Inadequate Relative to Traditional Asset Managers and Broker-Dealers
” (Sep. 28, 2017); and “Cyber Insurance Coverage, Pre-Breach Mitigation Efforts and Post-Breach Response Plans Can Reduce Harm to Fund Managers From Cyber Attacks
” (Jan. 19, 2017).