No. PIB is a layered security solution, which is one of the three methods recommended by the NCUA to comply with the “Guidance on Authentication in Internet Banking Environment” (letter 05-CU-18). Remember that you only need to select one of the three available methods. (The other two methods are multi-factor authentication, and “other controls,” the NCUA’s way of allowing for technology that doesn’t even exist yet.)
Although the term “multi-factor authentication” is sometimes misused and often misunderstood, what most people mean is actually two-factor authentication:
Factor One: Something You Know (a username, password, PIN, etc.)
Factor Two: Something You Have (a USB token that generates passwords, a fingerprint, a dongle, a smart card, etc.)
Two factor authentication generally requires customers who want to log into their accounts online to use a username and password (single factor authentication) and a small token that generates a new password every minute or so (two factor authentication).
The PIB solution was developed based on the response of CU*Answers owners and clients, and the plans they put forward through their risk assessments.
NOTE: Should a CU deem it immediately necessary to add tokens to their program, CU*Answers will work directly with that credit union on the investment they need to make.