You are on page 1of 45

INTRODUCTION

“The transformation of the Internet from a huge virtual community into a huge virtual economy may herald the age of electronic money - and with it, headaches for traditional banks and regulators.”
Electronic banking is an activity that is not new to banks or their customers. Banks have been providing their services to customers electronically for years through software programs. These software programs allowed the user's personal computer to dial up the bank directly. In the past however, banks have been very reluctant to provide their customers with banking via the Internet due to security concerns.

Today, banks seem to be jumping on the bandwagon of Internet banking. Why is there a sudden increase of bank interests in the Internet? The first major reason is because of the improved security and encryption methods developed on the Internet. The second reason is that banks did not want to lose a potential market share to banks that were quick to offer their services on the Internet.

1

The number of customers who choose online banking as the preferred method of dealing with their finances is growing rapidly due to the clear improvement in convenience it offers, including such features as electronic bill payment. There are also more and more banks that operate exclusively online. Online banking is the practice of making bank transactions or paying bills via the Internet. Thanks to technology, and the Internet in particular, we no longer have to leave the house. We can shop online, communicate online, and now, we can even do banking online. Online banking allows one to make deposits, withdrawals and pay bills all with the click of a mouse. It doesn’t get much more convenient than that. In this report, I attempt to enlist the various services offered over the net by the different banks in India, the main issues concerning online banking and the scope for online banking in the near future.

RESEARCH
• PRIMARY RESEARCH:

METHODOLOGIES

Bank Survey: Information regarding the online services offered by the banks and the security factors were collected through survey of bank officials. The websites of these banks were reviewed and rated on the basis of content, online services offered, security issues, design and user-friendliness of the website.

• SECONDARY RESEARCH:
Information was collected from various secondary sources including IT and Banking related magazines like CHIP, PC Quest, Professional Banker, etc. Further, information was collected from various online resources.

2

WHAT
INTRODUCTION:

IS

ONLINE

BANKING?

If you're like most people, you've heard a lot about online banking but probably haven't tried it yourself. You still pay your bills by mail and deposit cheques at your bank branch, much the way your parents did. You might shop online for a loan, life insurance or a home mortgage, but when it comes time to commit, you feel more comfortable working with your banker or an agent you know and trust. Online banking isn't out to change money habits. Instead, it uses today's computer technology to give an individual the option of bypassing the time-consuming, paper-based aspects of traditional banking in order to manage finances more quickly and efficiently. “Online banking or Internet banking is a term used for performing transactions, payments etc. over the Internet through a bank's secure website.” Internet banking is changing the banking industry and is having the major effects on banking relationships. Banking is now no longer confined to the branches were one has to approach the branch in person, to withdraw cash or deposit a cheque or request a statement of accounts. In true Internet banking, any inquiry or transaction is processed online without any reference to the branch (anywhere banking) at any time. Providing Internet banking is increasingly becoming a "need to have" than a "nice to have" service. The net banking, thus, now is more of a norm rather than an exception in many developed countries due to the fact that it is the cheapest way of providing banking services.

3

This can be very useful, especially for banking outside bank hours and banking from anywhere where internet access is available. In most cases a web browser such as Internet Explorer or Mozilla Fire fox is utilized and any normal internet connection is suitable. No special software or hardware is usually needed. The number of customers who choose online banking as their preferred method of dealing with their finances is growing rapidly. Many people appreciate the convenience. Online banking usually offers such features as electronic bill payment and the downloading of bank statements for import in a personal finance program. There are a growing number of banks that operate exclusively online. Because these online banks have low costs compared to traditional banks they can offer high interest rates.

ORIGIN OF ONLINE BANKING
The introduction of the Internet and the popularity of personal computers presented both an opportunity and a challenge for the banking industry. For years, financial institutions have used powerful computer networks to automate millions of daily transactions; today, often the only paper record is the customer's receipt at the point of sale. Now that its customers are connected to the Internet via personal computers, banks envision similar economic advantages by adapting those same internal electronic processes to home use. Banks view online banking as a powerful "value added" tool to attract and retain new customers, while helping to eliminate costly paper handling and teller interactions, in an increasingly competitive banking environment.

4

BRICK-TO-CLICK BANKS:

Today, most large national banks, many regional banks and even smaller banks and credit unions offer some form of online banking, variously known as PC banking, home banking, electronic banking or Internet banking. Those that do are sometimes referred to as "brick-toclick" banks, both to distinguish them from brick-and-mortar banks that have yet to offer online banking, as well as from online or "virtual" banks that have no physical branches or tellers whatsoever. The challenge for the banking industry has been to design this new service channel in such a way that its customers will readily learn to use and trust it. After all, banks have spent generations earning our trust; they aren't about to risk that on a Web site that is frustrating, confusing or less than secure. Most of the large banks now offer fully secure, fully functional online banking for free or for a small fee. Some smaller banks offer limited access or functionality; for instance, you may be able to view your account balance and history but not initiate transactions online. As more banks succeed online and more customers use their sites, fully functional online banking likely will become as commonplace as automated teller machines.

VIRTUAL BANKS:

If one doesn't mind foregoing the teller window, lobby cookie and kindly bank president, a "virtual" or e-bank may save you real money. Virtual banks are banks without bricks; from the customer's perspective, they exist entirely on the Internet, where they offer pretty much the same range of services and adhere to the same federal regulations as your corner bank. Virtual banks pass the money they save on overhead like buildings and tellers along to you in the form of higher yields, lower fees and more generous account thresholds. The major disadvantage of virtual banks revolves around ATMs. Because they have no ATM machines, virtual banks typically charge the same surcharge that your brick-and-mortar bank would if you used another bank's automated teller. Likewise, many virtual banks won't accept deposits via ATM; you'll have to either deposit the check by mail or transfer money from another account.
5

Banks India are in the process of Webenabling their services in order to offer Internet banking to its customers. The RBI has drafted certain Internet banking guidelines that have to be followed by banks about to venture into online banking. Internet banking has gained wide acceptance internationally and seems to be fast catching up in India with more and more banks entering the fray. It's the new generation of banking in India. Most private and MNC (Multinational Corporation) banks have already setup an elaborate Internet banking infrastructure. And this exercise has provided them numerous benefits like: • Greater reach to customers. • Quicker time to market. • Ability to introduce new products and services quickly and successfully. • Ability to understand its customers needs. • Customers are given access to information easily across any location. • Greater customer loyalty. Multi-national and private sector banks in India have been very successful in setting up Internet banking services. This is mainly because these banks already had a robust automated banking environment on which they could build the Internet banking infrastructure. Most multi-national banks already have efficient Internet banking infrastructures running in other countries which could be emulated in India. And the private banks, which are relatively young, did not have to carry the burden of legacy systems.
6

SCENARIO IN TYPES OF INDIA and INTERNET financial institutions in

They merely invested in best-of-breed Internet banking solutions from the start.

INDIAN BANKS ON WEB:
The banking industry in India is facing unprecedented competition from non-traditional banking institutions, which now offer banking and financial services over the Internet. The deregulation of the banking industry coupled with the emergence of new technologies, are enabling new competitors to enter the financial services market quickly and efficiently. Indian banks are going for the retail banking in a big way. However, much is still to be achieved. This study which was conducted by students of IIML shows some interesting facts: • Throughout the country, the Internet Banking is in the nascent stage of development (only 50 banks are offering varied kind of Internet banking services). • In general, these Internet sites offer only the most basic services. 55% are so called 'entry level' sites, offering little more than company information and basic marketing materials. Only 8% offer 'advanced transactions' such as online funds transfer, transactions & cash management services.

Foreign & Private banks are much advanced in terms of the number of sites & their level of development.

A PRACTICAL APPROACH:

IDBI Bank has successfully implemented a robust Internet banking architecture for its customers.
7

IDBI Bank Limited uses the following equipment infrastructure to address its Internet banking needs:

8

IDBI Bank’s e-banking Infrastructure
Hardware • • • • Web servers Application servers Database servers Networking equipment

Software

• Systems software • Application software • Application integration with core banking • Scalability tests (desirable but optional) • Web designing • Server sizing • • • • Firewalls Certification Server level (mandatory) Client level (Optional: we did not deploy this) • Intrusion Detection Systems • Subscribing to advisories • Isolation from the main network • In-house vs. IDC (Internet Data Centre)

Services

Security

Networking Hosting Decision

IDBI Bank did not undertake services of any systems integrator. Neeraj Bhai, CTO (Chief Technology Officer), IDBI Bank says, "These services are often offered by multiple divisions of a company, and these divisions do not have a good level of coordination among themselves. It is also advisable to have owners within the organization who drive the effort."

Though adoption of Internet banking by Indian banks and their customers would not set the Arabian Sea on fire, no one can deny the obvious benefits that this service offers.
9

INTERNET BANKING PROCESS
In a typical Internet banking transaction, customer’s requests for online banking information are passed on from Web Server the bank’s Internet Banking Server through the WWW interface. These requests pass through a firewall before they reach the Internet Banking Server. Due to this SSL (Secure Sockets Layer) technology, only authenticated requests reach the Internet Banking Server.

to

The Customer Information Database is stored on a bank’s server which is protected by the use of various security tools in addition to the firewall technology. The WWW interface is the only media of communication with the Customer Database, thus ensuring the safety of operation and customer data. When the customer’s requests reach the Internet Banking Server, it passes the requests to the Bank Server hoarding Customer Database. The database provides the required information to the Internet Banking Server, which in turn is passed on to the Web Server through the firewall from where the customer is able to access it.

10

a) b)

11

This sort of architecture, known as the ‘three-tiered architecture’ (comprising of a Web Sever, Internet Banking Server and Customer Database protected by firewalls), creates a controlled environment, which allows quick incorporation of Internet security technologies. A security analyzer constantly monitors login attempts and recognizes failures that could indicate a possible unauthorized attempt to log into an account. When such trends are observed, steps are automatically taken to prevent that account from being used. The products and services offered by the banks on the Internet can be divided into 3 types:

Information Kiosks: It includes providing information regarding various products and services offered by the bank to its customers. The bank’s site receives and answers queries of customers through e-mails. Basic Internet Banking: It includes enabling customers to open new accounts, check account balance and pay utility bills. E-Commerce E-Banking: Banks function as electronic market places (e-market place) enabling customers to use their accounts for money transfers, bill payment, purchase and sale of securities and online real-time purchases and payments.

The most significant benefit of Internet Banking is the readily accessibility of bank accounts at all times. The inconvenience of visiting and waiting at the banks is also eliminated. These result in enhanced customer satisfaction, reduced customer attrition and increased customer base. Internet banking considerably reduces transaction costs for the banks.

BENEFITS OF INTERNET BANKING
Though adoption of Internet banking by Indian banks and their customers would not set the Arabian Sea on fire, no one can deny the obvious benefits that this service offers.
12

• •

FOR BANKS:
Price: In the long run a bank can save on money by not paying for tellers or for managing branches. Plus, it's cheaper to make transactions over the Internet. Customer Base: The Internet allows banks to reach a whole new market- and a well off one too, because there are no geographic boundaries with the Internet. The Internet also provides a level playing field for small banks who want to add to their customer base. Efficiency: Banks can become more efficient than they already are by providing Internet access for their customers. The Internet provides the bank with an almost paper less system. Customer Service and Satisfaction: Banking on the Internet not only allows the customer to have a full range of services available to them but it also allows them some services not offered at any of the branches. The person does not have to go to a branch where that service may or may not be offer. A person can print of information, forms, and applications via the Internet and be able to search for information efficiently instead of waiting in line and asking a teller. With more better and faster options a bank will surly be able to create better customer relations and satisfaction. Image: A bank seems more state of the art to a customer if they offer Internet access. A person may not want to use Internet banking but having the service available gives a person the feeling that their bank is on the cutting image.

• FOR CUSTOMERS:

Bill Pay: Bill Pay is a service offered through Internet banking that allows the customer to set up bill payments to just about anyone. Customer can select the person or company whom he wants to make a payment and Bill Pay will withdraw the money
13

from his account and send the payee a paper check or an electronic payment.

Other Important Facilities: Internet banking gives customer the control over nearly every aspect of managing his bank accounts. Besides the Customers can, Buy and Sell Securities, Check Stock Market Information, Check Currency Rates, Check Balances, See which checks are cleared, Transfer Money, View Transaction History and avoid going to an actual bank. The best benefit is that Internet banking is free. At many banks the customer doesn't have to maintain a required minimum balance. The second big benefit is better interest rates for the customer.

WHAT SERVICES ARE AVAILABLE ONLINE? Online banking provides Internet-based solutions to make dealings in
a fast and simple manner. Banking can be done whenever and wherever with great convenience. It allows one to access account information, transfer funds, review account history and much more from the home computer, laptop or workplace. One can also pay bills quickly and conveniently with just a few clicks. No more stamps, writing cheques or rushing to the mailbox to meet payment deadlines!

WHAT SERVICES ARE AVAILABLE ONLINE?
• Manage the Account Details online: • Statement of Account - View all the latest transactions of account for a period, with details of uncleared cheques.
14

Balance Details - Balance Enquiry with Minimum Balance alerts. Download/Print the latest Balance details. • Transaction Details - Confirm the transaction details. • Cheque Status - Check the clear and unclear cheques. • Request Copies - Request copies of checks or statements. • Requisitions: • Cheque Books - Request for a new Cheque book online. • Demand Drafts - Issue of demand drafts. • Open a new Account - Open another account with online. • Change of Address - Inform the bank site about your change of address.
• •

Funds Transfer: • Funds transfer online. • Funds Transfer offline.

Correspondence: • General Correspondence – The bank provides the facility of email correspondence between the customer and the Bank. One can enquire about TDS, Deposits (Maturity date, Maturity amount etc.) and also give instructions for payment on maturity. • Customer Correspondence View - A mailbox facility to view all the correspondence from the customer to the Bank, till date. • Branch Correspondence View - A mailbox facility to view all the correspondence from the Bank to the customer, till date.

• Utility Bill Payments: • Pay your bills online. • Pending payments view. • Receiving bills via the Web.

Standing Instructions: • Give standing instructions to the Bank.
15

Instantaneous inter-city transactions through online connections between all branches. • Internet Payment Gateway handles credit card transactions on the Internet.
• •

Online shopping for: • Loans and Credit Cards. • Mortgages. • Insurance. • Auctions.


• • • •

• •

• • • • • • •


16


ELECTRONIC TRANSACTIONS
To most people, electronic banking means 24-hour access to cash through an automated teller machine (ATM) or paychecks deposited directly into checking or savings accounts. Electronic banking, also known as electronic fund transfer (EFT), uses computer and electronic technology as a substitute for checks and other paper transactions. EFT’s are initiated through devices such as cards or codes that you use to gain access to your account. Many financial institutions use an automated teller machine (ATM) card and a personal identification number (PIN) for this purpose.

Electronic Bill Payment (EBP): Consumers can pre-authorize withdrawals that recurring bills such as insurance premiums, mortgages and utility bills are paid automatically. Getting customers to use the Internet to pay bills will save banks billions of rupees in making and processing paper cheques.

so

Credit Card: Credit Card is a plastic card issued by a bank or building society that allows one to make purchases now and pay for them later. Credit (that is, money) will be made available to buy goods and services. Every month the bank or building society will send a bank statement of the account. One must pay back a minimum amount and interest will be charged on any money still owing.

17

Debit Card: Debit Card is an identity card issued by a bank to a customer, which the customer can use to buy goods. The price of the goods is charged to customer's bank account.

Automated Teller Machines or 24hour Tellers: They are electronic terminals that let a person bank almost any time. To withdraw cash, make deposits, or transfer funds between accounts, you generally insert an ATM card and enter the Personal Identification Number (PIN). It is an Automated Teller Machine. This is usually called a cash machine. As well as dispensing cash, many ATMs provide other information or services to customers, such as informing people how much money they have got in their account, giving them a mini-bank statement, or allowing people to pay money into their account. • Direct Deposit: It lets one authorize specific deposits, such as paychecks and social security checks, to your account on a regular basis. One also may pre-authorize direct withdrawals so that recurring bills, such as insurance premiums, mortgages, and utility bills, are paid automatically.

Pay-by-Phone Systems: It lets one telephone the financial institution with instructions to pay certain bills or transfer funds between accounts. One

to

18

must have an agreement in advance with the institution to make such transfers.

Personal Computer Banking: It allows one to conduct many banking transactions electronically via the personal computer. For instance, one may use the computer to view the account balance, request transfers between accounts, and pay bills electronically.

ADVAN TAGE S OF O NLI NE BAN KIN G ELECTRONIC TRANSACTIONS

• •

What makes online banking more appealing than the old-fashioned way?

If you have a PC at home and are already relatively computer savvy, online banking will add just one more convenience to your life. Imagine being able to clean up the kitchen, put the kids to bed, and then go to your computer and apply for a home equity loan when it's convenient for you. The various advantages are:

Convenience: Unlike the corner bank, online banking sites never close; they're available 24 hours a day, seven days a week and they're only a mouse click away. The number of customers who choose online banking as their preferred method of dealing with their finances is growing rapidly. Many people appreciate the convenience.
19

Ubiquity: If a person is out of state or even out of the country when a money problem arises, they can log on instantly to the online bank and take care of business, 24/7. • Transaction speed: Online bank sites generally execute and confirm transactions at or quicker than ATM processing speeds.
• •

Efficiency: One can access and manage all the bank accounts, including IRAs, CDs, even securities, from one secure site. Effectiveness: Many online banking sites now offer sophisticated tools, including account aggregation, stock quotes, rate alerts and portfolio managing programs to help one manage all of the assets more effectively. Most are also compatible with money managing programs such as Quicken and Microsoft Money.

• •

ADVAN TAGE S OF O NLI NE
• Other G BAN KIN Advantages:

There are other

• • • • •

advantages like: Expedient Inexpensive Convenient bill paying medium Bank any time of day or night Bank weekdays, weekends, and even holidays
20

• Bank from anywhere in the world (as long as you have access to a computer and the Internet)

• • • • •

DISADVANTAGES OF ONLINE BANKING
Internet banking may be the wave of the future, but be informed that the wave is still building. If your idea of a mouse is something that should never be caught dead--or alive for that matter--inside your house, online banking may not be for you. It's convenient if you know how to work on a computer. If not, a drive through ATM takes a whole lot less time than trying to teach yourself Windows 2000. Hence the various disadvantages are:

Start-up may take time: In order to register for bank's online program, one will probably have to provide ID and sign a form at a bank branch. If you and your spouse wish to view and manage your assets together online, one of you may have to sign a durable power of attorney before the bank will display all of your holdings together. Learning curve: Banking sites can be difficult to navigate at first. Plan to invest some time and read the tutorials in order to become comfortable in the virtual lobby.
21

Bank site changes: Even the largest banks periodically upgrade their online programs, adding new features in unfamiliar places. In some cases, one may have to re-enter account information.


The trust thing: For many people, the biggest hurdle to online banking is learning to trust it. Did my transaction go through? Did I push the transfer button once or twice? Best bet: always print the transaction receipt and keep it with the bank records until it shows up on the personal site or bank statement. System Crashes: When dealing with computers, there is always the concern of the system crashing, viruses entering the system or a power cut. These are larger problems and are not easily solved. In all 3 cases, many people would be affected, information may be lost and a backup plan would have to be initiated.

• • • •

Other Disadvantages: Need an account with an Internet Service Provider (ISP) Security concerns, like "hackers" accessing bank accounts Original setup for bill paying time is time-consuming but will ultimately be a time-saver • Switching banks can be more cumbersome online than in person • Must have basic computer skills and Internet knowledge • Must be comfortable using a computer

IS O NLIN E ONLINE BANKING DISADVANTAGES OFB ANKING SAFE?
• 22

“Be Careful… Someone is watching you surf…”
Faced with the concept of online banking, many people wonder about security. After all, you don't face a bank officer or teller when you are opening an account. How does the bank know who you are? And how do you know they won't give access to your money to a crook?
• • •

If you are just setting up online access to an existing brick-and-mortar bank, the transaction usually is done over the phone. You are given a temporary password to use the first time you access your account online. At that point, you should change the password. Usually, you are asked for your account number, or your Social Security number, along with the password. As with any personal identification number (PIN), memorize your online bank password and don't write it anywhere that could easily be connected with the bank account. When setting up a new account with an Internet bank, you may be asked to submit an online application or to download an application, print it, fill it out and mail it to the bank. Most banks will check the information you provide with one of the major credit reporting agencies, in order to verify that it agrees with information in your credit file.
23

Before you begin banking online, you may receive a message from the bank that your browser needs to be updated in order to conform to the highest security standards. Online banks have information available on their web sites about security, including firewalls and encryption systems meant to deter hackers. Look for: • "128-bit encryption," the standard in the industry. • A written guarantee to protect account holders from losses due to online fraud. • Automatic lock out if you enter your password wrong more than three or four times. • Automatic log out if you are not active at the site for a certain amount of time. When accessing the bank, it is safer to "bookmark" the bank's address in the browser than to type in the address each time one wants to visit. Slight mistakes in entering the address may take you to a "spoofer" site designed by criminals to trick you into entering your account number and password so that they can be used to access your online account.

Spoofers set up copycat web sites at addresses that are very close to that of the real bank. The crooks set up a home page that looks exactly like your banks. Internet banks have taken precautions to buy up similar domain names so that this does not happen. But it pays to be vigilant. Many online banks use a verification system called Verisign Site Secure. When you click on the Verisign icon it should give you information about the web site you are visiting. If you are taken to the Verisign home page instead, you will be given a warning that something might be wrong and that the icon you clicked on is not official. Information Technology has no doubt reinvented the way that many firms do business. Yet like every area, IT has risks that need to be recognized and protected against. There are a number of specific risk
24

areas that most businesses with IT including banking, will face. These risks include… Viruses: These are small, malicious programs designed to cause problems with your computer such as the loss of information or internal systems failure. The effects may range from simply displaying a message to wiping your entire hard drive. They may be transmitted in anyway that data is moved between computers, be it by floppy, internet download or via email. There are 3 methods of protection that businesses can put in place to help guard against viruses: • Install anti-virus software • Virus check all floppies and CDs before installing or opening files, preferably on a standalone machine to avoid the spread of viruses to your LAN • Install a Firewall. Regular backups of critical information are vital to survive such virus attacks.

IS O NLIN E B ANKING SAFE?


25

• •

Accidental Loss of Data: Data loss can occur accidentally for many reasons. The wrong file may be deleted or moved to where it cannot be found. Alternatively, a system error may corrupt data or cause physical damage to a PC and prevent it from being accessed. Frequent backups are a simple way to guard against any data loss.

Theft of Information: Information can be a powerful asset. This means that like any other asset, it may be subject to theft from external or internal sources. Unauthorized Access: Unauthorized Access, as the name suggests, is access to computer systems or information by anyone without permission. This may originate either internally or externally and can lead to loss of information and damage to internal systems. External unauthorized access has the higher profile and is usually described as hacking. However, internal unauthorized access is far more common and can cause just as many problems. There is a raft of measures that can help prevent such access. These include associating access rights to user IDs, physical smart cards to restrict access and good staff management practices. Hacking: It is the unauthorized use or attempt to avoid the security mechanisms of an information system or network. A hacker is a person who enjoys exploring the details of computers and how to stretch their capabilities. He is a malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their
26

capabilities, as opposed to most users who prefer to learn on the minimum necessary.

Phishing Scams: Phishing scams take the form of spoof letters, emails or websites. They look as though they are from or represent respectable institutions. They look so authentic that victims are fooled into revealing their account or personal information to unauthorized third parties. Phishing is derived from “fishing”- a social engineering attack attempting to trick users into revealing personal information like passwords and credit card numbers. It is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message). Pharming: Pharming (from farming) exploits the DNS (Domain Name System), the Internet system that translates a computer name into an Internet Protocol (IP) address. A computer with a compromised host file will go to the wrong website even if the user types the correct URL. More alarming is DNS poisoning where the Domain Name System directory is 'poisoned' and can cause large groups of users to be herded to fraudulent look-alike sites. Password cracking: It is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system, typically, by repeatedly verifying guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk), to gain
27

unauthorized access to a system, or as a preventive measure by the system administrator to check for easily crack able passwords.

Credit card fraud: It is one of many forms of frauds that involve credit cards, charge cards, debit cards, or prepaid cards. Typically, the fraudster causes a credit card of another person to be charged for a purchase. Today, half of all credit card fraud is conducted online, meaning that the fraudsters make online purchases with the credit card details of other people. Identity theft: Identity theft (or identity fraud) is the deliberate assumption of another person's identity, usually to gain access to their finances or frame them for a crime. Less commonly, it is to enable illegal immigration, terrorism, espionage, or changing identity permanently. It may also be a means of blackmail, especially if medical privacy or political privacy has been breached, and if revealing the activities undertaken by the thief under the name of the victim would have serious consequences like loss of job or marriage. Assuming a false identity with the knowledge and approval of the person being impersonated, such as for cheating on an exam, is not considered to be identity theft. Carding: It means stealing credit card numbers from the Internet. It is a criminal offense. A carder is a special kind of criminal that specializes in stealing information from credit cards. The primary method that carders use to make money is to use information skimmed off from credit cards to encode the magnetic stripes of their replica credit cards with and make purchases with them. Random Dialing: This technique is used to dial every number on a known bank telephone exchange. The objective is to find a modem connected to the network. This could then be used as a point of attack.

28

Social Engineering: An attacker calls the bank’s help desk impersonating an authorized user to gain information about the system including changing passwords. Trojan Horse: A programmer can embed code into a system that will allow the programmer or another person unauthorized entrance into the system or network.

• • • •

• •

29

HOW TO AVOID B EC OMIN G A TY PES O F ATTACK S VI CTIM?

HOW TO AVOID B EC OMIN G A

To prevent such attacks, proper measures must be taken. These include the installation of firewalls, anti-virus programs, etc. Here are some important parameters to ensure safe online banking VI CTIM? transactions…

Secure Servers: It is a server that uses Secure Sockets Layer (SSL) encryption technology to protect users' credit card information. It transmits data in an encoded form that is intended to prevent unauthorized access to the data. All Web servers that handle credit cards should use SSL (secure socket layer) encrypted communications. While a secure server discusses sensitive credit card information with the customer, anyone eavesdropping on this electronic conversation (through any Internet computer) between browser and server will only see illegible data.

SSL (Secure Sockets Layer): It is a protocol developed by Netscape for transmitting documents securely over the Internet. It is a security protocol that provides communication privacy. SSL enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery. It passes sensitive information, such as credit card details, over the Internet. It is used by most commerce servers on the World Wide Web; this highlevel security protocol protects the confidentiality and security of data while it is being transmitted through the internet. URL's that begin
30

with “https” (and not “http”) indicate that an SSL connection will be used. SSL provides 3 important things: Privacy, Authentication, and Message Integrity.

Encryption: It is the conversion of data into a secret code. In other words, it is modifying data, i.e., turning readable text into cipher text, to prevent unauthorized access to the information. It refers to algorithmic schemes that encode plain text into non-readable form or cipher text, providing privacy. The receiver of the encrypted text uses a “key” to decrypt the message, returning it to its original plain text form. Only the person or persons that have the right type of decoding software can unscramble the message. Digital Certificates: A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. They are issued by trusted third parties known as Certificate Authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting and decrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. It is a form of personal identification that can be verified electronically. Firewalls: It is a security system intended to protect an organization's network against external threats, such as hackers, coming from another network. It is a system designed to prevent unauthorized access to or from a private network.
31

Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All messages entering or leaving the Intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. Firewalls are used to filter and stop information sent and received via the Internet. They are used as a means of keeping networks secure.

1) •

Protection of PINs: Passwords or personal identification numbers (PINs) should be used when accessing an account online. Your password should be unique to you and you should change it regularly. Do not use birthdates or other numbers or words that may be easy for others to guess. Always carefully control to whom you give your password. For example, if you use a financial company that requires your passwords in order to gather your financial data from various sources, make sure you learn about the company’s privacy and security practices.

Tips while using e-commerce websites:

• Many e-commerce websites utilize state-of-the-art encryption and other security procedures to give you a convenient and secure shopping and banking experience. • If you suspect a website is not what it claims to be, leave the site. Do not follow any of the instructions it may present you. • Ask yourself if the information you are asked to provide makes sense for the activity you are engaged in. For example, an online auction site should not ask for your driver's license number or
32

the PIN for your credit card. If a site or e-mail asks for information that doesn't feel right, do not respond. • Keep a Paper Trial. Print out the "address" of the company site you are on its Uniform Resource Locator (URL). The URL ensures that you are dealing with the right company. It's also a good idea to print out a copy of your order and confirmation number for your records.

 General Precautions:
• Look for the padlock symbol at the bottom right of a web page to ensure the site is running in secure mode before you input sensitive information. • Make sure your home computer has the most current anti-virus software. Anti-virus software needs frequent updates to guard against new viruses. • Install a personal firewall to help prevent unauthorized access to your home computer, especially if you connect through a cable or DSL modem. • Log off. Do not just close your browser. Follow the secure area exit instructions to ensure your protection. • Do not keep computers online when not in use. Either shut them off or physically disconnect them from Internet connection. • Monitor your transactions. Review your order confirmations, credit card, and bank statements as soon as you receive them to make sure that you are being charged only for transactions you made. Immediately report any irregularities. • Regularly download security patches from your software vendors.

33

TYPICAL EXAMPLE OF INTERNET BANKING SERVICE OFFERED BY INDIAN

34

PUNJAB NATIONAL BANK

Tips for Safe Banking over the Internet

• •


 •



• 35

36

37

INTERNET BANKING…

Internet banking is "still in a strong growth phase". To meet the increased demand, banks are expected to ratchet up their spending on Internet banking technology. Internet banking is taking an increasing importance in banks policy.
38

Systems are being developed throughout the USA and Europe. However much is still desired, hence we think that it would be useful to create an exchange forum in charge of the dissemination of information on Internet banking development. Nevertheless, there's still room for improvement. Although all large and mid-sized banks and a growing number of small banks offer online banking, their offerings are far from equal. User-friendliness is uneven, support varies and features menus differ notably. As a result, banks may achieve the greatest impact by pursuing basic improvements instead of cutting-edge technologies. It is recommended to bring improvements in the services by offering services such as online account opening, universal registration for multiple services and pre-populated application forms. To enhance the customer experience, banks should conduct usability tests and monitor user feedback; provide smooth navigation aids; incorporate easy-to-access contextual help; and minimize data entry problems with appropriate user interface elements, such as calendar widgets.

Finally it must be accepted that although e-commerce is widely and quickly spreading its wings across the globe, at the moment it appears as if the emerging markets and the third world countries might take some time to adapt to latest technological innovations and the modern ways of banking. However sooner than later the juggernaut of e-commerce would certainly sweep these nations into the world of innovative and smart banking. Internet Banking still has a long way to go in India, though the future is promising. As for now, bank online only if you think you can handle all the downsides but along with the anytime, anywhere convenience. One thing is very clear. Internet Banking is here to stay!!!

39

INDIA’S NET BANKING ENCYCLOPEDIA

40

Bank Name
ABN AMRO Bank

Technology Vendor
Infosys Away) (Bank (Bank

Service offering
Net Banking ADCB Net Link BOIonline MyCBOL (now Citibank Online CorpNet db direct FedNet Net Banking Online@hsbc ICICI Infinity I-net banking Indus Net

Abu Dhabi Infosys Commercial Bank Away) Bank of India Centurion Bank Citibank Corporation Bank Deutsche Bank Federal Bank HDFC Bank HSBC ICICI Bank IDBI Bank I-flex Logica Orbitech Polaris) I-flex Sanchez I-flex/ Satyam Infosys, Infotech

Infosys Away) IndusInd Bank CR2 Punjab National Infosys Bank Away) Standard Chartered In-House Bank State Bank of India UTI Bank

(Bank

(Bank Me Standard Chartered Online

Satyam/Broad onlinesbi.com vision Infosys (Bank I Connect Away) 41

BIBLIOGRAPHY
• Websites: www.pcquest.com • www.indiainfoline.com • www.google.com • www.pnbindia.com • www.onlinebanking.com • www.netbanker.com • www.banknetindia.com

• Magazines: • ‘Can You Bank Online?’ – PC Quest • ‘Personal Finance’ – Business Today

42

43

1)

44

45