ROHAN KACHALIA
Par 100 posts (V.I.P)
Online Security: Online security is one of the key requirements by financial customers today as they increasingly use the Internet to not only manage their financial transactions online but also to buy financial products.
According to a consumer attitude study by Jupiter Research, banks that invest in and promote the security of their online websites stand to differentiate themselves from their competitors and win customers.
This combined with the rapid growth in online phishing and identity scams and increasing regulatory pressure has ensured that online security is a critical concern among banks today.
Banks are increasingly getting introduced to a variety of online security threats. The key ones would be phishing, keyboard logging and man-in-the-middle that have emerged as serious threats over the last 18 months.
The interesting part is that these threats are something that the customer must protect themselves against and requires a lot of customer education. For example, by the time a bank realises that there is a phishing attacks, there is a possibility that some of the customers would have already been affected.
However, the good news is that there are solutions available to prevent each of the above mentioned threats and it is important that the banks implement them as soon as possible.
There are other disruptive threats like spamming, virus infusion and trojans which have been there for a long time but cannot be ignored. The spectrum of impacted areas may range from identity theft of bank’s online customers to loss of transactional integrity for online transactions. The following challenges are the key among a host of new-age challenges:
Business case for preventing certain types of attacks
There a number of attacks which require large investments which may not be justifiable given the customer base of some banks?
In fact, there are many banks that are willing to compensate for the fraud losses of the customers as that is more cost effective to putting up a solution to prevent the same.
Security policy
The security policy needs to be continuously monitored and updated as a result of newer security threats. Which means that the bank has to continuously evaluate the risks, the cost of technology solutions and even upgradations. It gets all the more challenging due to a variety of technological solutions available in the market, each addressing individual problems but none offering a one-stop solution.
Customer education
A number of online banking users are naïve to the types of threats they face online and the precautions that they must take. Therefore, customer education becomes a key element to prevent the manifestation of a number of risks into frauds. The banks have to decide which is the best medium for the communication, message for the communication, frequency of communication and so on and so forth.
Online banking usage also depends a great deal on the customer-targeted communication from the banks to alleviate such fears. It is much easier for the experienced eyes of an internet-savvy user to detect potential phishing attempts when compared with a customer who has recently migrated from old school of banking to more recent modes.
Studies have also shown that first time users or users who have started adopting online banking do not continue to use them if they are struck by a fraud or attempts of fraud as their confidence on such a channel is drastically reduced and fall back on the traditional modes of banking.
A lot has to be communicated to customers. The onus of ‘real online-enablement’ of banking customers is usually left to the printed matter. The existing delivery channels (like ATMs, kiosks, online banking, POS) should be used to push this information to the customers in innovative ways.
Wherever technological controls are not feasible, procedural controls should be implemented to check frauds. As indicated before, solutions like exchange of personalised digital images between customer and bank website ahead of password entry prevents phishing. One time password through SMS, virtual keyboard, software version of two factor solutions are other strategies that banks can adopt to ensure better security in online banking.
It is therefore upon regulatory bodies to enforce online security norms, thereby rewarding initiative and innovation from the banking and IT communities.
According to a consumer attitude study by Jupiter Research, banks that invest in and promote the security of their online websites stand to differentiate themselves from their competitors and win customers.
This combined with the rapid growth in online phishing and identity scams and increasing regulatory pressure has ensured that online security is a critical concern among banks today.
Banks are increasingly getting introduced to a variety of online security threats. The key ones would be phishing, keyboard logging and man-in-the-middle that have emerged as serious threats over the last 18 months.
The interesting part is that these threats are something that the customer must protect themselves against and requires a lot of customer education. For example, by the time a bank realises that there is a phishing attacks, there is a possibility that some of the customers would have already been affected.
However, the good news is that there are solutions available to prevent each of the above mentioned threats and it is important that the banks implement them as soon as possible.
There are other disruptive threats like spamming, virus infusion and trojans which have been there for a long time but cannot be ignored. The spectrum of impacted areas may range from identity theft of bank’s online customers to loss of transactional integrity for online transactions. The following challenges are the key among a host of new-age challenges:
Business case for preventing certain types of attacks
There a number of attacks which require large investments which may not be justifiable given the customer base of some banks?
In fact, there are many banks that are willing to compensate for the fraud losses of the customers as that is more cost effective to putting up a solution to prevent the same.
Security policy
The security policy needs to be continuously monitored and updated as a result of newer security threats. Which means that the bank has to continuously evaluate the risks, the cost of technology solutions and even upgradations. It gets all the more challenging due to a variety of technological solutions available in the market, each addressing individual problems but none offering a one-stop solution.
Customer education
A number of online banking users are naïve to the types of threats they face online and the precautions that they must take. Therefore, customer education becomes a key element to prevent the manifestation of a number of risks into frauds. The banks have to decide which is the best medium for the communication, message for the communication, frequency of communication and so on and so forth.
Online banking usage also depends a great deal on the customer-targeted communication from the banks to alleviate such fears. It is much easier for the experienced eyes of an internet-savvy user to detect potential phishing attempts when compared with a customer who has recently migrated from old school of banking to more recent modes.
Studies have also shown that first time users or users who have started adopting online banking do not continue to use them if they are struck by a fraud or attempts of fraud as their confidence on such a channel is drastically reduced and fall back on the traditional modes of banking.
A lot has to be communicated to customers. The onus of ‘real online-enablement’ of banking customers is usually left to the printed matter. The existing delivery channels (like ATMs, kiosks, online banking, POS) should be used to push this information to the customers in innovative ways.
Wherever technological controls are not feasible, procedural controls should be implemented to check frauds. As indicated before, solutions like exchange of personalised digital images between customer and bank website ahead of password entry prevents phishing. One time password through SMS, virtual keyboard, software version of two factor solutions are other strategies that banks can adopt to ensure better security in online banking.
It is therefore upon regulatory bodies to enforce online security norms, thereby rewarding initiative and innovation from the banking and IT communities.
ROHAN KACHALIA
Par 100 posts (V.I.P)
Is Online Banking Safe? Some of the most frequent questions regarding online banking involve the issue of online security. "Will my money be safe?" "Can someone steal my information and get access to my funds?" "Could a thief find a way to clean out my bank account?"
All are valid questions, since when you commit to an online account you leave the "security" of doing your banking person-to-person in a branch and move it to the electronic age. While we've all heard stories and rumors of e-thieves stealing credit card numbers, the reality is that online banking and transactions are much more secure than the media often makes it out to be.
Online banks take security especially seriously. All online banks and lending organizations have their security procedures and policies posted prominently on their web sites. Go and compare--you'll likely find that every one uses the most advanced Internet security systems available to protect you and your money. You can feel confident that these companies will protect you--and themselves--from electronic thieves as much as possible. Their business depends on it.
We don't blame you if you're still a little leary. Still, even the banking you do now has its own security considerations. Consider this:
"Traditional Banking" Security Concerns
Your mail (bank statements, bills, etc.) can be intercepted
The use of an ATM can expose you to either physical theft or thefts of your information (your PIN)
Use of a physical bank branch can expose you to personal theft of theft of information by a bank employee
If you pay your bills by paper check, you expose yourself to theft of your account number, as well as your social security number and phone number which are often printed on the check.
The point here is that nothing that involves money is ever 100% secure from crooks who want to get it. If anything, online banking may be more secure due to a few factors:
The nature of the process means that is done from the security of your home or office
Since they are aware of the concern, online banks have made a real concentration on security
The bank's computers are protected by a firewall
All data transfers use SSL transfer
You can also help with the security of your information:
Maintaining Your Own Security
Maintain control over access to your computer, whether it be at your home or office
When you have completed a bank transaction, make certain to log off to break the connection with the bank's computer
Never conduct banking transactions while multiple browsers are open on your computer
All are valid questions, since when you commit to an online account you leave the "security" of doing your banking person-to-person in a branch and move it to the electronic age. While we've all heard stories and rumors of e-thieves stealing credit card numbers, the reality is that online banking and transactions are much more secure than the media often makes it out to be.
Online banks take security especially seriously. All online banks and lending organizations have their security procedures and policies posted prominently on their web sites. Go and compare--you'll likely find that every one uses the most advanced Internet security systems available to protect you and your money. You can feel confident that these companies will protect you--and themselves--from electronic thieves as much as possible. Their business depends on it.
We don't blame you if you're still a little leary. Still, even the banking you do now has its own security considerations. Consider this:
"Traditional Banking" Security Concerns
Your mail (bank statements, bills, etc.) can be intercepted
The use of an ATM can expose you to either physical theft or thefts of your information (your PIN)
Use of a physical bank branch can expose you to personal theft of theft of information by a bank employee
If you pay your bills by paper check, you expose yourself to theft of your account number, as well as your social security number and phone number which are often printed on the check.
The point here is that nothing that involves money is ever 100% secure from crooks who want to get it. If anything, online banking may be more secure due to a few factors:
The nature of the process means that is done from the security of your home or office
Since they are aware of the concern, online banks have made a real concentration on security
The bank's computers are protected by a firewall
All data transfers use SSL transfer
You can also help with the security of your information:
Maintaining Your Own Security
Maintain control over access to your computer, whether it be at your home or office
When you have completed a bank transaction, make certain to log off to break the connection with the bank's computer
Never conduct banking transactions while multiple browsers are open on your computer
maverick_ronnie
Swapnil Made
well i got Chief Executive’s Report of Indian Banking Association
well im uploading it might help u out
well im uploading it might help u out
prasadz_mba
Z Z
ok no problem, andldjsflajsdpfasudfowieurowuerwejl;rkjndslfajs;dflowiurwejrlkwernsdsdfsafasfasfasdfsadfasff
jitendra05
Banned
Hey friend, you have selected a very nice topic on the security of banking. Well, it is very essential to safe guard our banking system from the external malware activities. I am uploading a document where you would get the detailed information on banking security.