Multi-factor authentication (MFA) refers to different "layers" of security instead of relying strictly on a passcode or password to log in. Passwords alone are inherently unsafe for a number of reasons.
MFA is typically described in terms of combining two or more of something you know (passwords), something you have (security token), or something you are (fingerprint or other biometric device). Combining two or more of these effectively makes it more difficult for someone to fraudulently log in to your Internet banking account. The problem is, tokens can be lost or stolen and finger tips can be cut or abraded to the point that the authentication process cannot be completed. Each are also additional hardware that has to be purchased by someone and which can malfunction at the most inopportune time.
Danville State Savings Bank, along with our Internet banking partner First Data, has chosen to take the responsibility for MFA instead of depending on possibly unreliable devices. This is done by scoring each log on in real-time using a number of factors. These factors are:
- Persistant cookie, a small file that is saved on your computer which identifies that you have used this machine to log in to Internet banking previously.
- IP address from which you log in, the numerical address which your Internet service provider assigns for your use.
- Last login day and time, the date and time of your last Internet banking session.
- Country to which IP address is assigned
- Whether Billpay is enabled for any of the linked accounts, to help prevent Billpay fraud.
- Browser, the system checks certain browser signatures to help identify whether a different browser than a typical session is used.
- Frequency, or how often you typically log in to the Internet banking service.
- Click count, evaluates whether the number of mouse-clicks is significantly different than your typical session.
- Duration, the amount of time you typically spend logged into Internet banking.