As a result of a recent examination, CU*Answers is advising credit unions to evaluate controls put in place for member online banking access. The CUSO, headquartered in West Michigan, provides data processing services, as well as the integrated online banking solution, It’s Me 247.
According to the CUSO, past audits focused on what the software allows, and how it could stress best practices to its credit union clients, and what changes would be considered in the future to mandate compliance with regulated best practice. However, the most recent visit was a departure from this approach in that the examiners were concerned with what credit unions are doing and selected as tactics. CU*Answers has identified and contacted certain credit unions, advising to evaluate controls such as minimum password length requirements, and activating a Personal Internet Branch (PIB) setting that requires a member to enter their password and answers one of the previously established security questions.
PIB is CU*Answers’ security tool which supplies multi-layered security and member personalization for It’s Me 247. This independent application provides multiple, configurable controls that govern how It’s Me 247 behaves and what members can do in online banking.
CU*Answers plans to announce new security access strategies later this year that will mandate a new minimum password length and require that security questions are always active, with or without a credit union PIB strategy, as well as roll out other new security features throughout the 2010 business year.