Login Security Best Practices for Life Insurance Clients

950 views

Published on

This presentation is based on research from our recent Life Insurance Monitor report – Client Login Access: Private Site Login Security Processes. The report focuses on client login security across the life insurance industry.

Inside, we will take a high-level look at the key findings from the report, highlight login security best practices from industry leading firms and offer recommendations for improving your firm’s login security.

Published in: Economy & Finance, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
950
On SlideShare
0
From Embeds
0
Number of Embeds
86
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Login Security Best Practices for Life Insurance Clients

  1. 1. COPYRIGHTCORPORATEINSIGHT,INC.KEEPING LIFE INSURANCE CLIENTS SAFE ONLINEAUTHOR: IAN M LUNDAHLFEBRUARY 2013Corporateinsight.com | Blog | Twitter | LinkedIn | Facebook | SlideShare | Google+LOGIN SECURITY PRACTICES
  2. 2. ABOUT CORPORATE INSIGHT2ABOUTUSConnect With UsCorporate Insight provides competitive intelligence and user experience research to the nation’sleading financial institutions. For over 20 years, the firm has tracked technological developmentsin the financial services industry, identifying best practices in online banking and investing, onlineinsurance, mobile finance, active trading platforms, social media and other emerging areas. Thereare no assumptions in Corporate Insight’s work – we use live accounts at all of the firms weresearch, providing our clients with unparalleled, unbiased intelligence on the competition.For additional information on Corporate Insight, please visit www.corporateinsight.com/about-us.Chase MarshallDirector – Business Development212-832-2002 x-140cmarshall@corporateinsight.comIan LundahlSenior Analyst – Life InsuranceMonitor212-832-2002 x-101ilundahl@corporateinsight.com
  3. 3. TABLE OF CONTENTS3TABLEOFCONTENTS Introduction Key Findings Login Security Best Practices Recommendations About Corporate Insight
  4. 4. 4LIFEINSURANCEMONITOR ABOUT LIFE INSURANCE MONITORLife Insurance Monitor focuses on the online and offline user experience leading life insurers offer prospects, clients andadvisors. Using actual life insurance policies and authentic advisor website access, our subscription research service goesbeyond the public website to give you a unique, first-hand look at the online resources, account documents and sales materialscompetitors provide to their clients and financial advisors.Life Insurance Monitor Subscription DeliverablesLife Insurance Monitor subscriptions are company-wide. A single subscription makes the service available to all employeeswithout seat licenses or restrictions. The service includes a variety of deliverables that collectively provide a comprehensivelook at the online experience being offered by your competitors and other leading insurers:Monthly Research Reports – In-depth reports that focus on key aspects of the online prospect, client and advisor userexperience, account documents, life insurance industry trends and more. Reports include: Detailed reviews of each Life Insurance Monitor firm Key findings and best practice analysis to help improve your company’s offerings Handy matrix summarizing your competitors’ offeringsBi-Weekly Updates – Comprehensive review of changes and additions to competitor public, client and advisor websites.Client & Advisor Website Videos – Go behind-the-login and take a first-hand look at the online resources being offered toclients and advisors by your competitors.Client & Advisor Collateral Materials – All materials and communications that we receive are available for subscribers to viewor download online. This includes account statements, newsletters, marketing pieces, disclosure documents and emailcommunications.Competitor Summary Matrices – Breakdown of the key client and advisor website features offered by all Life InsuranceMonitor firms.Analyst Support – Personalized research support from our experienced Life Insurance Monitor team
  5. 5. INTRODUCTION5INTRODUCTION
  6. 6. 6INTRODUCTION BACKGROUNDThis presentation is based on researchfrom our recent Life Insurance Monitorreport – Client Login Access: Private SiteLogin Security Processes. The reportfocuses on client login security acrossthe life insurance industry.Inside, we will take a high-level look atthe key findings from the report,highlight login security best practicesfrom industry leading firms and offerrecommendations for improving yourfirm’s login security.
  7. 7. FIRMS COVERED IN REPORT7INTRODUCTION Our full Life Insurance Monitor coverage group features 14 firms Twelve of the fourteen firms were covered in this reporto AXA Equitableo Genworth Financialo The Hartfordo John Hancocko Liberty Mutualo Lincoln Financialo MassMutualo MetLifeo Nationwideo New York Lifeo Northwestern Mutualo Pacific Lifeo Prudentialo USAA
  8. 8. KEY REVIEW CRITERIA8INTRODUCTION Accessibilityo Public homepage login fieldo Standalone pages for logging on Username and Password Requirementso Maximum/minimum characterso Special characters, numbers, letters, combinations, etc. Login Security Features and Account Serviceso Additional login criteria (PIN, etc.)o Page/site authenticationo Security updates behind the login
  9. 9. KEY FINDINGS FROM THE REPORT9KEYFINDINGS
  10. 10. INSURERS OFFER BASIC SECURITY OPTIONS10KEYFINDINGS Username and password requirements are stringent Combinations of case-sensitive letters and numbers are effectively utilized Majority of firms provide password and username retrieval
  11. 11. SEAMLESS LOGIN PROCESS11KEYFINDINGS Eight firms display login fields on the public homepage Three firms utilize a standalone login page
  12. 12. LACK OF ADVANCED SECURITY FEATURES12KEYFINDINGS USAA is the only firm utilizing multi-factor authentication Security questions, image recognition and computer verification are absent
  13. 13. LOGIN MANAGEMENT BEHIND THE LOGIN13KEYFINDINGS Password and security question updates are most commonly offered services Username updates require the user to re-register or contact the firm by phone
  14. 14. LOGIN SECURITY BEST PRACTICES14BESTPRACTICES
  15. 15. USAA15BESTPRACTICES Access provided from a universal top menu on the public homepage. PIN required for login verification. Three advanced options available to clients; clearly outlined on a helppage online.
  16. 16. NATIONWIDE16BESTPRACTICES Login field presented on the public homepage with dropdown menufor account selection. Private site allows client to update and change information online.
  17. 17. 17BESTPRACTICES Expandable customer login bottom offers direct access to the publichomepage. First time registrants are offered a link to the three-step eServiceregistration page. Special characters are allowed in passwords.LIBERTY MUTUAL
  18. 18. RECOMMENDATIONS18RECOMMENDATIONS
  19. 19. FOUR RECOMMENDATIONS FOR IMPROVEMENT19RECOMMENDATIONS1. Allow clients and advisors to log in from a universal login field directlyon the homepage.2. Utilize multi-factor authentication to bolster login security.3. Implement stringent character requirements for usernames andpasswords.4. Make it easy to reset and change login information online.
  20. 20. ABOUT CORPORATE INSIGHT20Corporate Insight provides competitive intelligence and user experience research to the nationsleading financial institutions. For over 20 years, Corporate Insight has tracked new developmentsin the financial services industry through our syndicated Monitor research and consultingservices. We are known for our detailed, objective research, unmatched expertise, and emphasison the actual user experience. There are no assumptions in Corporate Insight’s work – we uselive accounts at the firms we track to benchmark their effectiveness across all major channelsand give our clients unparalleled competitive intelligence.Corporate Insight is continuously tracking and identifying best practices in online banking andinvesting, retirement, asset management, insurance, mobile finance, active trading platforms,social media and other emerging areas. In the process, we have helped our clients -- which coverthe entire spectrum of the financial services industry -- to stay on top of industry trends andimprove their competitive position.Our intelligence services are utilized by over 70% of the financial services firms on the Fortune500. Our research and analysts are frequently cited in financial media outlets such as The WallStreet Journal, Barron’s, Bloomberg, CNBC, Forbes and Financial Times and news publicationslike the Associated Press, New York Times, Newsweek, TIME and USA Today.
  21. 21. CONTACT US21CONTACTUSIan LundahlSenior Analyst – Life Insurance Monitor212-832-2002 x-101ilundahl@corporateinsight.comChase MarshallDirector – Business Development212-832-2002 x-140cmarshall@corporateinsight.com

×