BankImplements ComodoTwo-FactorAuthentication inStagesDarby Bank and Trust Co. used an innovative methodto roll out Two-Factor Authentication for its onlinebanking customers.The Georgia financial institution wanted to enhance thesecurity of its online banking process. Before using aTwo-Factor Authentication solution, customers couldlog into the bank’s computers remotely using only apassword. The security of customer bank accountsdepended on keeping passwords protected, but bankmanagers knew that customers don’t always protect theirpasswords. Adding another layer of identification wouldsafeguard the bank’s deposits and its depositors.Chris Dismuke, the bank’s electronic banking manager,worked with the COO and the vice president of operationsto decide what other layer of identification to add and howto introduce customers to the new requirement.Implementing a new solution for all customers at oncewould be too complicated, they predicted. They wantedto stagger the demands on their customers and on theirhelp desk by carefully staging how many customersmoved to the new procedure on any given day.“Convenience – the number one factor”The search committee had three criteria for theirsecurity solution• Low cost• Fulfillment of FFIEC guidelines• Convenience to customers“Convenience to our customers was the number onefactor,” said Dismuke. But they knew that no matter howconvenient the solution was, not all customers wouldpick it up intuitively. The committee needed a plan tobe able to help customers with the least drain on theirsupport desk.The solution had to satisfy the guidelines of the FederalFinancial Institutions Examination Council (FFIEC) fortwofactor authentication which is mandatory for all USfinancial institutions. The guidelines required that onlinebanking operations utilize two means of verifying thecustomer logging into the banking systems.Authentication criteria could include• Something the customer knew, such as a password• Something the customer had, such as a teller card,or a physical token to insert in the computer• Something the customer was, such as a fingerprintor retinal scanOther two-factor solutions the committee looked atwere “unacceptable.”“Our customers would revolt if we asked them to carryaround a bingo card,” Dismuke said, describing a walletcard solution that would require banking customers toread codes when logging in.After the bank rejected the cards as being tooinconvenient for customers, the vendor’s next proposalwas “a lot more expensive.” Darby Bank was ready for abetter alternative. Then they found Comodo.Comodo Two-Factor SolutionAt last, the search committee found a solution thatthey thought would cause the least disruption to theircustomers. Comodo Group, Inc., an industry leader inInternet trust and authentication solutions, offered themdigital certificates for each customer’s computer.
Two-Factor AuthenticationDigital certificates are electronic documents. Computerusers install them on their computers to verify theiridentity. They are nearly impossible to forge because ofthe length of the key used to generate them.With digital certificates on their computers, and withtheir own secure passwords, Darby Bank and Trust’scustomers could bank online with as little shift aspossible from their already-familiar procedures.The new two-factor authentication process did require alearning curve, as customers needed to figure out howto download the certificates onto their machines. If theyhad problems, customers were encouraged to call thebank’s help desk. The search committee had no way ofknowing how many customers would have problems.Darby Bank and Trust’s Ingenious RolloutRather than switching all customers to two-factoronline banking at once, the bank decided to break thecustomers up into smaller segments and convert themover the course of six weeks.“The same people generally log in at the same timeeach day,” Dismuke said. With that knowledge, DarbyBank implemented two-factor authentication accordingto the hour of the day.Customers who logged in from 8:00 to 9:00 in themorning were the first to begin learning the newprocedure. “They were not seeing what they wereused to seeing,” said Dismuke. When those customerscontacted the help desk, support personnel had time towork with all of them and answer their questions.“When you look at all the solutions out there,”Dismuke said, “I can’t think of one that would havebeen easier.”When the early morning customers had adopted the two-factor procedures, then the bank extended the hours ofthe new authentication to 10 a.m., and so on. Over thecourse of six weeks the bank gradually brought all thecustomers into the fold.“Now that it has been fully-adopted, the best thingabout the Comodo Two-factor solution,” said Dismuke,“was convenience. That was number 1 for us.”“We’ve been very pleased” with Comodo Two-Factorauthentication, he added.About Darby Bank and TrustWith over $750 million in assets, Darby Bank and TrustCo. has been a respected financial institution in Georgiasince 1927.About ComodoThe Comodo companies provide the infrastructure that is essential in enabling e-merchants, other Internet-connectedcompanies, software companies, and individual consumers to interact and conduct business via the Internet safelyand securely. The Comodo companies offer PKI SSL, Code Signing, Content Verification and Email Certificates; awardwinning PC security software; vulnerability scanning services for PCI Compliance; secure email and fax services.Continual innovation, a core competence in PKI, and a commitment to reversing the growth of Internet-crimedistinguish the Comodo companies as vital players in the Internet’s ongoing development. Comodo secures andauthenticates online transactions and communications for over 200,000 business customers and 10,000,000 usersof our desktop security products.To learn more please visit www.instantssl.comComodo Group Inc.1255 Broad StreetClifton, NJ 07013United StatesComodo CA Limited3rd Floor, 26 Office Village,Exchange Quay, Trafford Road,Salford, ManchesterM5 3EQ,United KingdomTel: +44 (0) 161 874 7070Fax: +44 (0) 161 877 7025Tel : +1.888.266.6361Tel : +1.703.581.6361www.instantssl.comEmail : firstname.lastname@example.org