First Midwest Bank Deploys PhoneFactor to Secure Online Funds Transfers

Attacks Already Thwarted by PhoneFactor’s Out-of-Band Transaction Verification Service

November 1, 2011 – PhoneFactor, the leading global provider of out-of-band multi-factor authentication, today announced that First Midwest Bank, headquartered in Itasca, Illinois, has deployed PhoneFactor’s out-of-band transaction verification service to protect its business banking customers. Just two weeks after the service was enabled for customers, PhoneFactor proved its value by thwarting an attacker who attempted to transfer thousands of dollars out of a customer’s account – saving First Midwest Bank and its customer time, money, and trust.

PhoneFactor empowers First Midwest Bank’s customers to stop online banking fraud in real-time. When a funds transfer is submitted online, PhoneFactor places an automated call to the customer. The customer simply answers the call, listens to the transaction details, and enters a secret PIN into the phone keypad to approve the transaction. If the transaction is not approved by the customer, it is never submitted to the bank for processing. And in the case of a fraudulent funds transfer, the customer can submit a fraud alert during the call, which instantly notifies the bank that an attack is in progress.

While First Midwest Bank had already made its decision, the recently updated FFIEC Authentication Guidance validated its selection of out-of-band transaction verification. The 2011 FFIEC Guidance, which recommends out-of-band transaction verification as part of a layered security approach, echoes what First Midwest Bank saw as the new best practice for mitigating online banking threats.

“With threats evolving to become more sophisticated and more virulent, we believe out-of-band transaction verification is critical to protecting our customers,” said Jorge Solis, Senior Vice President of Security at First Midwest Bank. “PhoneFactor has proven its effectiveness within a matter of weeks – stopping a fraud attempt that we know for certain would not have been caught by security tokens alone. FFIEC compliance is important to First Midwest Bank, but perhaps even more important is extending this level of security to our customers who view us as a trusted business partner.”

First Midwest Bank customers have embraced the new system with more than half enrolling in the first few weeks. Customers were able to sign up by simply clicking on a splash page on the bank’s website. The entire process, including the issuance of PINs, was automated, enabling rapid deployment to customers.

“PhoneFactor’s out-of-band transaction verification service stops fraudulent transactions that would go undetected by other methods,” remarks Steve Dispensa, Chief Technology Officer at PhoneFactor. “This has been demonstrated at First Midwest Bank and in countless other cases. Financial institutions, their customers, and financial regulators recognize the need for additional security to protect online transactions, and are no longer willing to accept less.”

About First Midwest Bank
First Midwest is the premier relationship-based banking franchise in the growing Chicagoland banking market. As one of the Chicago metropolitan area’s largest independent bank holding companies, First Midwest provides the full range of business, retail banking and trust and investment management services through some 100 offices located in communities in metropolitan Chicago, northwest Indiana, central and western Illinois and eastern Iowa. First Midwest was recently recognized as having the “Highest Customer Satisfaction with Retail Banking in the Midwest” according to the J.D. Power and Associates 2011 Retail Banking Satisfaction StudySM. The Bank is also recognized by the Chicago Tribune as one of the top 20 best places to work in Chicago among large employers.