Question

1. Name and briefly describe the types of data security banks and credit unions use to protect their customers/members
2. Section 501 of the GLBA mandates a bank to have in writing what 3 safeguards?
3. You are working at a Bank or Credit Union as a Branch Manager. One of the Relationship Managers introduces you to a customer that is seeking a home mortgage. You determine that this is a new relationship. According to the USA Patriot Act, what is the first step you must take?
4. The new customer is cleared and you open a checking and savings account. Your institution is a state-of-the-art organization, so you use biometric authentication. Name two biometric authentication "your institution" uses and describe them briefly to your new customer to explain how to use them and how it is for their security

Answer 1

The types of data security banks and credit unions use to protect their customers/members section 501 of the GLBA mandates a bank to have in writing 3 Safegaurds :-
1 ) Data security goes well beyond your storage device alone and, in fact, encompasses a company's policies and procedures as well as the hardware that maintains the storage infrastructure.
2 ) When it comes to policies and procedures, you need to define who can access which data, and under what circumstances.
3 ) Further, you should log access to sensitive customer information to help provide accountability and provide a deterrent to insiders that threaten customer privacy.

A Customer Identification Program (CIP) is a United States requirement, where financial institutions need to verify the identity of individuals wishing to conduct financial transactions with them and is a provision of the USA Patriot Act. More commonly known as know your customer, the CIP requirement was implemented by regulations in 2003 which require US financial institutions to develop a CIP proportionate to the size and type of its business. The CIP must be incorporated into the bank's Bank Secrecy Act/Anti-money laundering compliance program, which is subject to approval by the financial institution's board of directors.
Financial institutions should conduct a risk assessment of their customer base and product offerings, and in determining the risks, consider:

• The types of accounts offered
• The methods of opening accounts.
• The types of identifying information available
• The institution's size, location, and customer base

Banks are using biometrics to develop next-generation identification controls that combat fraud, make transactions more secure, and enhance the customer experience. Here are two examples of how financial institutions are using biometrics now.

1)The Royal Bank of Scotland and NatWest: Biometric Payments Card
In 2019, The Royal Bank of Scotland (RBS) announced a pilot of payment cards featuring biometric fingerprint technology. The trial is being carried out with approximately 200 of the bank’s NatWest customers and will take place in the U.K. The fingerprint acts as a replacement for PIN entry and is used to verify transactions in excess of £30, making it quicker and easier for customers to complete their payments. This latest development follows a long line of biometrics innovation, as RBS and NatWest were the first U.K. banks to enable Touch ID fingerprint recognition on their mobile banking apps.

2)Wells Fargo: Eyeprint Authentication
Wells Fargo’s CEO Mobile solution allows commercial clients to view bank account balances, make deposits, and approve payments all from the convenience of their mobile devices. Advanced security features including encryption, secondary authentication, and token generation are also built into the solution. An additional security feature is the use of a biometrics eyeprint feature. This feature allows users to sign in by scanning their eyes with the camera on their mobile devices. Eyeprint authentication eliminates the need for a password or a token, making the sign in process easier and more secure.