Banking Regulatory Response - The Case of Strong Authentication

Paul Witman
2007 Americas Conference on Information Systems  
The United States banking industry was directed by its regulatory agencies to provide authentication stronger than single factor for "high risk" transactions, as a defense against phishing, by year-end 2006. Financial institutions had a wide array of options available to them to meet this requirement, and there was considerable latitude in how to interpret the regulatory guidance. This paper presents the results of a multiple case study, reviewing regulation, regulatory intent, and financial
more » ... titution response, particularly under time pressure. Theories from institutional theory provide a framework for reviewing the response.
dblp:conf/amcis/Witman07 fatcat:42jwdpz3kvduhjj7nkwmqiwpca