Online Banking, eNotarization Guidelines Updated To Enhance e-Transaction Security
In an effort to reinforce transaction security measures in a “an increasingly hostile online environment,” and to protect both consumers and institutions against threats of fraud and cyber-attacks, two government bodies have updated regulatory guidelines revolving around both data security and electronic notarization.
The Federal Financial Institutions Examination Council (FFIEC) recently released an updated version of its 2005 regulatory guidelines, “Authentication in an Internet Banking Environment.” While the initial guidelines provided a broad risk-management framework, the supplemental document more specifically defines how financial institutions can strengthen their electronic transaction security efforts, recommending that they should:
- Use a multi-factor authentication process that goes beyond an initial “log in” feature
- Perform regularly scheduled policy reviews and security risk assessments to ensure that systems are working properly and effectively
- Implement a multi-layered security approach for online systems that is more likely to detect and correct any inconsistencies or points of weakness within the system
A similar set of standards, the “National Electronic Notarizations Standards,” was recently re-affirmed by the National Association of Secretaries of State to help regulate and ensure the authenticity of transactions that are electronically notarized. Among the standards:
- A Notary Public shall not perform an electronic notarization if the document signer does not appear in person before the notary public at the time of notarization.
- When performing an electronic notarization, a Notary Public shall apply an electronic signature and certificate which shall be attached to the document … such that removal or alteration of such electronic signature or certificate is detectable and will render evidence of alteration of the document.
- The Notary Public’s electronic signature in combination with the electronic Notary seal shall be used only for the purpose of performing electronic notarial acts.
Both of these documents illustrate the need to review emerging technology as it continues to evolve, and to create standards to ensure proper oversight and security — a familiar challenge for many industries moving rapidly into electronic platforms.