The Accredited Standards Committee X9 announced that it has published two standards in the area of secure online authentication. These standards address improved security for the increasing number of online transactions, such as those being made during coronavirus stay-at-home orders.
Read More: ClassWallet Provides Free Access to its Platform
ASC X9 has released two new secure authentication standards — more at our website, https://x9.org/
X9.117-2020, “Mutual Authentication for Secure Remote Access,” is a risk-based standard addressing authentication factors within any environment. X9.122-2020, “Secure Consumer Authentication for Internet Payments,” is a new standard that addresses internet-based authentication using established techniques with existing standards and provides requirements for new techniques. Both standards are now available for download.
X9.117-2020 — Mutual Authentication for Secure Remote Access
The financial services industry employs a number of methods of electronically authorizing and authenticating entities and protecting financial transactions, such as Personal Identification Numbers (PINs) and Message Authentication Codes (MACs) for retail and wholesale financial transactions, user IDs and passwords for network and computer access, and key management for network connectivity.
X9.117 creates an authentication framework for using these methods that can be adopted by both financial institutions and their customers, allowing them to achieve a higher level of confidence that they are communicating and transacting with the appropriate party. The resulting reduction of risk benefits all parties to a transaction — financial institutions, vendors and consumers alike.
Read More: Amidst COVID-19 Pandemic, QUID To Provide Cash To Illiquid & Laid Off Employees
Changes from the 2012 version of X9.117 include updated terms, definitions and descriptions for clarity, re-alignment with authentication methods in other X9 standards, an expanded scope to directly address mutual authentication, and modernized requirements and recommendations.
X9.122-2020 — Secure Consumer Authentication for Internet Payments
Security issues with internet-based payments are a concern for consumers, in the face of threats such as eavesdropping, phishing, counterfeit websites, malware, spyware, screen scraping, keystroke loggers and so on, especially now, as criminals attempt to take advantage of coronavirus lockdowns. Although there are methods in use for authenticating internet transactions, including dynamic floating PINs, one-time passwords and authenticating the cardholder via financial institutions’ online banking sites, there had previously been no standards for internet-based consumer authentication of the increasing number of these transactions.
Read More: Amidst COVID-19 Pandemic, QUID To Provide Cash To Illiquid & Laid Off Employees
