BURBANK, Calif. – Lockheed Federal Credit Union already had chosen to combine RSA Cyota's online security products with the CU's new Internet banking service but its new vendor went and made the process even easier. Online Resources Corp. (www.orcc.com) says it will be integrating the security specialist's risk-based authentication, anti-phishing and risk management reporting tools into ORCC's Internet banking and bill pay solutions. Lockheed FCU (www.lockheedfcu.org) is going live on ORCC's Quotien Retail Internet Banking platform at the end of March, followed quickly by its deployment of Cyota's eSphinx two-factor security solution. The $2.1 billion CU will be the first of Online Resources' 800 or so clients to use the integrated service, which is OK with David Thatcher, Burbank-based Lockheed FCU's assistant vice president of e-commerce. "We planned to integrate our chosen two-factor solution on our own," Thatcher says. "Fortunately, Online Resources selected the same vendor that we had picked. "After some discussion it became clear that we could work together to arrive at a well-integrated system. And, we have the benefit of Online Resources' continued support as the systems evolve." Online Resources calls the combination of its platforms and Cyota's security tools the "industry's only integrated solution that bridges and protects both Internet banking and bill payment applications." Stephanie Chaufournier, Online Resources' senior vice president of product management, says the deal with RSA Cyota is "part of a broader set of initiatives we have regarding security, from ongoing marketing all the way to back-end monitoring for possible phishing events" that could be directed at any of the Virginia-based firm's more than 800 financial institution clients. RSA Cyota's anti-phishing and other security solutions already are in use at more than 10,000 financial institutions, including thousands of credit unions, directly and indirectly through transaction processors. ORCC will be using three of its well-known solutions: eSphinx for two-factor, risk-based authentication; FraudAction deep monitoring for possibly fraudulent URL activity that could indicate phishing attacks being formulated, and the eStamp personalized graphical watermark tool. That's all being combined with risk management reporting about potentially risky transactions, Chaufournier says. "For example, we have a high-dollar payment report that can also indicate whether an e-mail address has changed recently or whether there's been a new payee recently, or a new banking service added," she says. "These alone are not problem indicators but taken together they can indicate a potentially risky situation. "Then add that reporting ability to both bill payment and Internet banking together and you have what's unique in our ability to integrate these protections as the provider of both." Other additions are a new response plan and SWAT team, which combines the RSA Cyota security solutions with Online Resources' corporate communications, security and compliance officers and marketing and relationship experts. "We've already had a couple cases recently where we had to shut down a site for a 24- to 48-hour period and we were able to provide a broad range of help that went beyond the technical solutions," Chaufournier says. Online Resources designed the integration of the security solutions with its online banking and bill pay solutions to help its clients meet the new Federal Financial Institutions Examination Council guidelines without using multiple security technologies. Client interest in doing just that has run high, Chaufournier says. Company-sponsored Webinars on anti-fraud initiatives, including meeting FFIEC guidelines, have been such that they've had to double the number of sessions, she says. "Because this is such new territory, many organizations don't know yet how to respond to all this," Chaufournier says. "We're working to help them understand all this and to be able to meet any new threats, as well." For Thatcher at Lockheed FCU, as with other credit unions, that also means making this all painless and easy to use for members. "The enrollment and challenge processes must be well-integrated and seamless for our members," he says. "We want to add a heightened degree of security while minimizing the impact to our users. "Partnering with Online Resources to integrate the eSphinx product gives us the opportunity to create that seamless experience." -

[email protected]