RISE WITH FIS

Enhancing security with your core solution

Kenny Fulgham | Community Core Strategic Planning Manager Americas Banking Solutions, FIS

January 18, 2021

In these uncertain times, an increase in fraud is on the minds of bankers and their customers. According to FIS findings from the PACE 2020 Survey, “In tough times, fraud soars. Consumers currently prioritize safety and security to prevent their information from being stolen over other key concerns like misuse of personal information.”

Make no mistake about it, most consumers care deeply about security. A 2019 Ping Identity report revealed that 81% of customers would stop engaging with a brand following a security breach (a 3% increase over 2018), and one in four would stop all interaction whatsoever.

Bank tellers and managers with instant access to critical personal information – as well as a customer’s cash – form an area of real concern for bank executive management. Employees who work at bank branches could have too much access to customer information or, conversely, not enough information to do their job properly.

Today, with so many staff working from home, it can make the management of access and entitlements even more challenging.

Internally, your client-facing staff needs fast, easy access to the data that lives within a bank’s core platform. Ensuring the access to this information is secure, legitimate and authorized should be a focus of your core banking technology. The following key elements provide the foundation of a core platform security focus.

Varying degrees of customer confidentiality

Different customer types require varying degrees of confidentiality regarding the appropriate level of employee access to information. Some core platforms support close to 100 levels of customer confidentiality – ranging from bank board member, to small business owner, to high-net worth individual. This flexibility helps bankers profile and categorize their customer base in terms of information access and permissions.

Field-level security

Bankers should be able to leverage field-level security to control access to individual fields within their core system. A user within a bank may need to perform a specific function; for example, update an address, but may not be allowed to change a field such as social security number as readily. Field-level security provides your bank with a critical additional level of information security.

Flexible security within a core platform allows secure access to each field in the system if the bank desires. Certain banks may be more inclined to increase field-level security given their audit and examination histories.

Comprehensive access history

When security questions or issues arise, your core platform should provide an easily available log of histories of all bank users’ interactions. This access manager capability should provide management with ad hoc reports to quickly isolate incidents and responsibilities – not only for suspicious events, but also to identify the need for additional system training.

Bank auditors and examiners will also appreciate this level of information and readily available detail in their review of your financial institution.

Role-based security

A robust core platform will offer role-based security. This works best by assigning bank users into primary groups that have a set of established permissions or entitlements based on their job function. Every feature within the core system should be assigned to various roles, with bank users having the option to belong to multiple primary groups.

Alerts from your core system

While not an entitlement-level of security for bank users, an eAlert capability enlists bank customers to help combat fraud.

When countering fraud, timing matters. The faster alerts reach a bank customer from your core system, the better the odds are of nipping a fraudulent transaction in the bud. Alerts sent directly from a bank’s core system can speed customer reaction time.

Training and professional services

Entitlement and security management can increase in complexity as a bank grows. From time-to-time, core security subject matter experts should be available to help bank staff recalibrate their security settings. In addition, they should provide specific training on security administration and best practices, helping bankers create sustainable security processes going forward.

The future of core security

Smart entitlement management technologies make effective bank access policies a reality. Working with a core partner such as HORIZON helps your bank realize the benefits of FIS’ “Secure by Design” philosophy.