Your Bank’s Digital Side Door
A widely-used but little known technology has created a vulnerable “Side Door” to thousands of financial institutions in North America. This discovery started with a simple question: why does my bank require multi-factor authentication (MFA), but Quicken does not? This led to an exploration of the 20-year old Open Financial Exchange (OFX) protocol and the 3000+ North American banks that support it. The conclusion: 80% of banks supporting OFX have no MFA support, putting consumers at risk by exposing login credentials.