From there, the level of risk is assessed and according to parameters set by the financial institution, access is granted or denied and alerts may be sent to administrators.

UNOMI offers a set of some 60 memorable events to choose from initially, and while the whole thing sounds potentially daunting, it's actually very easy to use, with an average time of five to 20 seconds to log in, says Patrick Audley, chief technology officer at Cogneto (www.cogneto.com).

"The system is designed to be as low impact and high security as possible," Audley says. Meeting the FFIEC requirements for multi-factor authentication is one driver, of course, "but that's a low bar, frankly," the Cogneto CTO says.

He says the UNOMI system is an advancement over the industry's standard offerings for a number of reasons. For one, relying on a series of unique questions is more secure than simply a mother's maiden name. Meanwhile, Audley says, academic research has long shown that "people see what they want to see" and eventually can become so used to a particular image that they are likely not to notice it was modified or even switched.

UNOMI also can be set to raise the bar for riskier transactions, the kind that raise regulators' eyebrows. "The guy who has a $500 savings account for the past five years, if he calls the credit union or bank once or twice, there goes the profit on him …but the first time an account holder tries something risky like an international money transfer, that could be simply denied, or it could be flagged for a human follow up," Audley says.

The ability to assess risk and determine what can and can't happen online in such a fluid manner also allows financial institutions to protect the account holder, Audley says.

"I don't really care if some thief in Russia manages to grab my account info through some phishing scheme, if all he can do is go in, check my balance and pay my bills," Audley says.

The UNOMI system, which can operate as an ASP or more ideally, Audley says, off a Web server behind a financial institution's firewall, also learns more about a user's behavior as time goes on.

"Really good technology allows financial institutions to focus their more expensive security efforts only on things that are likely to be problems," he says. "And that's what we do."

And to add another layer of protection, Cogneto has just partnered with Cognitec, a provider of face-recognition tools that Cogneto officials met at a biometrics trade show, to offer that technology through Web cams, a common feature now on many laptops and PCs.

Such robust technology comes at a price, of course. Audley says Cogneto's UNOMI platform "generally fits as less expensive than most two-factor fingerprint and token solutions but more expensive than some that use just software solutions."

Cogneto was formed in February 2006, launched its UNOMI platform in October and expects to announce soon its first online banking clients, most likely Tier 1 banks, Audley says. He says the company is working with credit unions to secure beta clients in that space, as well.

"We'll probably select one or two larger credit unions that are really good technology users and work with them more as partners, and move from there toward smaller institutions," Audley says. –[email protected]