US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports:
A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient.
Anyone reading that who still thinks it will never happen to them is invited to read on to find out about the tech company who just fell victim.
The Consumer Financial Protection Bureau says that not protecting the data can be found to be an unfair practice under 12 U.S.C. 5536 for financial institutions. Officials cite preventative practices that can minimize risk.
Read more at Biometric Update.