In an environment of ever-increasing security threats, FIS' number-one priority is protecting our clients' data. We continually look for ways to reduce the risk of account takeover and as such, we have a recommendation to help your organization be more secure.
Your company uses SyndTrak/LendAmend, a production application hosted by FIS. SyndTrak/LendAmend is accessed via the public internet and your organization has configured that access using a single authentication factor. FIS strongly recommends you enhance your customer authentication process through the use of multi-factor authentication (MFA).
MFA is authentication through the verification of at least two of the following types of authentication factors:
• Knowledge factor - something the customer knows (i.e., password or passphrase)
• Possession factor - something the customer has (i.e., a physical or virtual token) that generates single-use passwords for the user/system or a digital certificate
• Inherence factor - something the customer is (i.e., a biometric). This method involves verification of a characteristic inherent to the individual, such as via a retina scan, iris scan, fingerprint scan, finger vein scan, facial recognition, voice recognition, etc.
You are receiving this notice because your organization has not implemented MFA for SyndTrak/LendAmend.
Not implementing MFA exposes you to the risk of potential data breaches. Your agreement with FIS provides that FIS is responsible for providing you with products and services that enable your organization to be in compliance with US federal laws and regulations. FIS has provided the functionality to support MFA for SyndTrak/LendAmend but your organization is responsible for implementing that MFA functionality. Your organization is responsible for all liabilities, losses and penalties resulting from failing to implement MFA, and FIS has no liability or responsibility for any occurrence of malicious activity that could have been prevented by utilizing MFA. Further, should malicious activity occur in connection with SyndTrak/LendAmend, FIS will bill you, at FIS' then current rates, for any research or other assistance provided by FIS in connection with researching or otherwise responding to that malicious activity, with a minimum of five thousand dollars ($5,000) per occurrence.
FIS may also release your name to banking regulatory authorities if we are requested to produce information regarding clients that have not implemented enhanced authentication controls.
FIS appreciates your services and cooperation and will continue to provide a secure, sustainable future for our clients. Our commitment to make necessary investments to protect your institution's security and safety will never waiver. We would like to work with you to complete the implementation of MFA as soon as possible. If you have any questions about MFA or how to implement it at your organization, please contact SyndTrak/LendAmend Customer Support.