We are finalizing our MFA solution (relay picture/challenge question for consumers and tokens for higher risk business transactions), and my question is do we need to update our Online Banking Agreement to describe these security methods? Currently we discuss the user name and password security and make reference to these through the document, especially in the business agreement having them agree that it is a commercially reasonable security procedure. What is everyone else doing? Thanks!!!!

CAComply, Did you ever get an answer to this question? I have the same question.

And do you have a token agreement created? We are trying to create a token agreement for our business customers who will be receiving a token. Do you have a copy you would be willing to share? PM me if so. Thanks!