A major banking institution has been the victim of recurring, widespread fraud. The fraud has all occurred on the bank’s web portal. Recently, the bank implemented
a requirement for all users to obtain credentials in person at a physical office. However, this has not reduced the amount of fraud against legitimate customers.
Based on a review of the logs, most fraudulent transactions appear to be conducted with authentic credentials. Which of the following controls should be
strengthened to reduce the fraud through the website?
A.
Authentication
B.
DAC
C.
Identification
D.
Authorization