You are on page 1of 16

Online banking

Online banking, also known as internet banking, e-banking or virtual banking, is an electronic payment
system that enables customers of a bank or other financial institution to conduct a range of financial
transactions through the financial institution's website. The online banking system will typically connect to or
be part of the core banking system operated by a bank and is in contrast to branch banking which was the
traditional way customers accessed banking services.
To access a financial institution's online banking facility, a teacher with internet access would need to register
with the institution for the service, and set up a password and other credentials for customer verification. The
credentials for online banking is normally not the same as for telephone or mobile banking. Financial
institutions now routinely allocate customers numbers, whether or not customers have indicated an intention to
access their online banking facility. Customer numbers are normally not the same as account numbers, because
a number of customer accounts can be linked to the one customer number. Technically, the customer number
can be linked to any account with the financial institution that the customer controls, though the financial
institution may limit the range of accounts that may be accessed to, say, cheque, savings, loan, credit card and
similar accounts.
The customer visits the financial institution's secure website, and enters the online banking facility using the
customer number and credentials previously set up. The types of financial transactions which a customer may
transact through online banking are determined by the financial institution, but usually includes obtaining
account balances, a list of the recent transactions, electronic bill payments and funds transfers between a
customer's or another's accounts. Most banks also enable a customer to download copies of bank statements,
which can be printed at the customer's premises (some banks charge a fee for mailing hard copies of bank
statements). Some banks also enable customers to download transactions directly into the customer's
accounting software. The facility may also enable the customer to order a cheque book, statements, report loss
of credit cards, stop payment on a cheque, advise change of address and other routine actions.
Today, many banks are internet-only institutions. These "virtual banks" have lower overhead costs than their
brick-and-mortar counterparts. In the United States, many online banks are insured by the Federal Deposit
Insurance Corporation (FDIC) and can offer the same level of protection for the customers' funds as traditional

The precursor for the modern home online banking services were the distance banking services over electronic
media from the early 1980s. The term 'online' became popular in the late 1980s and referred to the use of a

terminal, keyboard and TV (or monitor) to access the banking system using a phone line. 'Home banking' can
also refer to the use of a numeric keypad to send tones down a phone line with instructions to the bank. Online
services started in New York in 1981 when four of the city's major banks (Citibank, Chase
Manhattan, Chemical and Manufacturers Hanover) offered home banking services.[2][3][4] using
the videotex system. Because of the commercial failure of videotex these banking services never became
popular except in France where the use of videotex (Minitel) was subsidised by the telecom provider and the
UK, where the Prestel system was used.

Internet and customer reluctance[edit]

When the clicks-and-bricks euphoria hit in the late 1990s, many banks began to view web-based banking as a
strategic imperative. The attraction of banks to online banking are fairly obvious: diminished transaction costs,
easier integration of services, interactive marketing capabilities, and other benefits that boost customer lists
and profit margins. Additionally, online banking services allow institutions to bundle more services into single
packages, thereby luring customers and minimizing overhead.
A mergers-and-acquisitions wave swept the financial industries in the mid- and late 1990s, greatly expanding
banks' customer bases. Following this, banks looked to the Web as a way of maintaining their customers and
building loyalty. A number of different factors are causing bankers to shift more of their business to the virtual
While financial institutions took steps to implement e-banking services in the mid-1990s, many consumers
were hesitant to conduct monetary transactions over the internet. It took widespread adoption of electronic
commerce, based on trailblazing companies such as America Online, and eBay, to make the idea
of paying for items online widespread. By 2000, 80% of U.S. banks offered e-banking. Customer use grew
slowly. At Bank of America, for example, it took 10 years to acquire 2 million e-banking customers. However,
a significant cultural change took place after the Y2K scare ended. In 2001, Bank of America became the first
bank to top 3 million online banking customers, more than 20% of its customer base. In comparison, larger
national institutions, such as Citigroup claimed 2.2 million online relationships globally, while J.P. Morgan
Chase estimated it had more than 750,000 online banking customers. Wells Fargo had 2.5 million online
banking customers, including small businesses. Online customers proved more loyal and profitable than
regular customers. In October 2001, Bank of America customers executed a record 3.1 million electronic bill
payments, totaling more than $1 billion. In 2009, a report by Gartner Group estimated that 47% of United
States adults and 30% in the United Kingdom bank online.
The early 2000s saw the rise of the branch-less banks as internet only institutions. These internet-based banks
incur lower overhead costs than their brick-and-mortar counterparts. Many online banks like Bank of Internet
USA, Ally Bank and Bank5 Connect in the United States are FDIC-insured and offer the same level of
protection for the funds of their customers as do traditional banks.

First online banking services in the United States[edit]

Online banking was first introduced in the early 1980s in New York, United States.[5] Four major banks
Citibank, Chase Manhattan, Chemical Bank and Manufacturers Hanover offered home banking services.
Chemical introduced its Pronto services for individuals and small businesses in 1983, which enabled individual
and small-business clients to maintain electronic checkbook registers, see account balances, and transfer funds
between checking and savings accounts. Pronto failed to attract enough customers to break even and was
abandoned in 1989. Other banks had a similar experience.
First online banking in the United Kingdom [edit]
Almost simultaneously with the United States, online banking arrived in the United Kingdom. The UK's first
home online banking services known as Homelink was set up by Bank of Scotland for customers of
the Nottingham Building Society (NBS) in 1983. The system used was based on the UK's Prestel viewlink
system and used a computer, such as theBBC Micro, or keyboard (Tandata Td1400) connected to the telephone
system and television set. The system allowed on-line viewing of statements, bank transfers and bill payments.
In order to make bank transfers and bill payments, a written instruction giving details of the intended recipient
had to be sent to the NBS who set the details up on the Homelink system. Typical recipients were gas,
electricity and telephone companies and accounts with other banks. Details of payments to be made were input
into the NBS system by the account holder via Prestel. A cheque was then sent by NBS to the payee and an
advice giving details of the payment was sent to the account holder. BACS was later used to transfer the
payment directly.
Stanford Federal Credit Union was the first financial institution to offer online internet banking services to all
of its members in October 1994.[6]

Banks and the World Wide Web[edit]

Around 1994, banks saw the rising popularity of the internet as an opportunity to advertise their services.
Initially, they used the internet as another brochure, without interaction with the customer. Early sites featured
pictures of the bank's officers or buildings, and provided customers with maps of branches and ATM locations,
phone numbers to call for further information and simple listings of products.

Interactive banking on the Web[edit]

In 1995, Wells Fargo was the first U.S. bank to add account services to its website, with other banks quickly
following suit. That same year, Presidential became the first U.S. bank to open bank accounts over the internet.
According to research by Online Banking Report, at the end of 1999 less than 0.4% of households in the U.S.
were using online banking. At the beginning of 2004, some 33 million U.S. households (31%) were using

some form of online banking. Five years later, 47% of Americans used online banking, according to a survey
by Gartner Group. Meanwhile, in the UK online banking grew from 63% to 70% of internet users between
2011 and 2012.[7]

Online banking facilities typically have many features and capabilities in common, but also have some that are
application specific. The common features fall broadly into several categories:

A bank customer can perform non-transactional tasks through online banking, including

Viewing account balances

Viewing recent transactions

Downloading bank statements, for example in PDF format

Viewing images of paid cheques

Ordering cheque books

Download periodic account statements

Downloading applications for M-banking, E-banking etc.

Bank customers can transact banking tasks through online banking, including

Funds transfers between the customer's linked accounts

Paying third parties, including bill payments (see, e.g., BPAY) and third party fund
transfers (see, e.g., FAST)

Investment purchase or sale

Loan applications and transactions, such as repayments of enrollments

Credit card applications

Register utility billers and make bill payments

Financial institution administration

Management of multiple users having varying levels of authority

Transaction approval process

Some financial institutions offer special internet banking services, for example:

Personal financial management support, such as importing data into personal accounting software.
Some online banking platforms support account aggregation to allow the customers to monitor all of their
accounts in one place whether they are with their main bank or with other institutions

SBI Online Banking

About OnlineSBI
State Bank of India is India's largest bank with a network of over 15000 branches and 5 associate banks located even in the
remotest parts of India. State Bank of India (SBI) offers a wide range of banking products and services to corporate and retail
OnlineSBI is the Internet banking portal for State Bank of India. The portal provides anywhere, anytime, online access to
accounts for State Bank's Retail and Corporate customers. The application is developed using the latest cutting edge technology
and tools. The infrastructure supports unified, secure access to banking services for accounts in over 15,000 branches across

Retail Internet Banking

The Retail Internet Banking offers a plethora of products and services, to cater to all your banking demands online:

Transfer funds to own and third party accounts

A suite of completely online deposit products (Fixed, Recurring, Flexi, Tax Saving etc.)

Airline, Rail, Bus and hotel ticket booking

Online Shopping and instant recharge features.

IMPS Funds Transfer

Western Union Service

Credit beneficiary accounts using RTGS/NEFT feature

Generate account statements

Setup Standing Instructions and Scheduling payments

Configure profile settings

E- Tax for online tax payment

E - Pay for automatic bill payments

Avail DEMAT and IPO services

Pay bill of Visa Credit Card issued by any Bank.

Other Value added Services

Corporate Internet Banking

State Bank of India offers world class Internet Banking services to its Corporate Customers through the
portal The Corporate Internet Banking (CINB) facility of SBI enables the corporate customer to carry out
banking activities anywhere and anytime aided with the power and convenience of the internet.

Convenience banking Operate your account from the comfort of home or office.

Maker Checker model to ensure security and integrity in the transactions.

Anytime Banking- Enquire/transact on your account on a 24 x 7 basis.

Save time and costs- No need to go to the bank branch for routine transactions.

Promote Green Banking No hassle of paper work

Pay your Bills, taxes and statutory dues online- Beat the queues.

File upload facility: Facilitates bulk payment of salary, tax, pre-paid card top up, utility bills, remittances etc.

Transfer money to other bank and SBI accounts.

Supplier Payment - Make online, instantaneous payments to registered suppliers.

Merchant Payments by using Merchant pre-approved limit to different merchants like telecom, electricity, municipal
corporations etc.,

ASBA: Apply to IPOs online.

MIS / Reverse file: - Convenience of easy reconciliation.

State Bank collect For collecting and remitting various fees, collections, etc.

Key Features of Corporate Internet Banking:

Who can avail Corporate Internet Banking?

For the purpose of Internet Banking, all non-individual customers, viz., small business enterprises, firms, trusts, institutions,
Government organizations or large conglomerates are treated as Corporates.
So irrespective of whether you are sole proprietor or partner of a small firm or managing the accounts of a large corporate or
Government department with complex financial requirements, SBI has the right solution for you under Corporate Internet

Tips to protect against Online Fraud and Phishing Variations

Be suspicious of any e-mail or text message containing urgent requests for personal or
financial information (SBI and most other financial institutions and credit card companies
normally will not use e-mail to confirm an existing client's information).
Contact the organization by using a telephone number from a credible source such as a
phone book or a bill.
Always look out for the padlock

and the URL address

as when you log onto onlineSBI

and, when you log onto Mobile OnlineSBI
To be absolutely sure, type or in the browser
address bar.
If you receive an email claiming to be from STATE BANK OF INDIA that appears to be
suspicious, do not click on any links it provides or reply to it simply delete it.
Avoid embedded links in an e-mail claiming to bring you to a secure site.

Never disclose via text message any personal information, including account numbers,
passwords, or any combination of sensitive information that could be used fraudulently. Use
caution if you receive a text message expressing an urgent need for you to update your
information, activate an account, or verify your identity by calling a phone number or
submitting information on a web site. These messages may be part of a phishing scam
conducted by fraudsters to capture your confidential account information and commit fraud.

Get in the habit of looking at a websites address line and verify if it displays something
different from the address mentioned in the email.

Regularly update your computer protection with anti-virus software, spyware filters, email filters and firewall programs.

As a general rule, be suspicious when receiving any unsolicited incoming

communication/phone call asking your personal or financial information or asking to update
them on a site. Contact your Bank directly through official channels available to verify
authenticity of those calls.
Do not share any confidential information through suspicious emails, websites, social media
networks, text messages or phone calls.

Use a current web browser. View a current list of SBIs supported browsers.
Your online banking username or password should not be the same as other online
Regularly check you bank, credit and debit card statements to ensure that all transactions
are legitimate.

Report It
If you receive one of these suspicious e-mails:
Report it to

or the institution that it appears to be from.

If you received one of these suspicious e-mails and you unwittingly provided personal
information or financial information, follow these steps:

Step 1 - Contact your bank/financial institution or credit card company.

Step 2 - Contact your local police.
Step 3 - Always report phishing. If you have responded to one of these suspicious emails, report it to

Protecting You Online

At STATE BANK OF INDIA we use the highest industry standard for security. And we
constantly review it to counter any new security threats.
Here are some of the steps we take to protect you while youre banking online.
When you login:

Access to your accounts is controlled by your unique username and password.

Your access is suspended after three invalid login attempts.

We show you the date and time of your last login so you know that no one else has
accessed your accounts.
While you're banking online:

We have 128-bit SSL encryption to keep your information secure. This basically means
your information travels over the internet as a sophisticated code that only we can unscramble.
"High Security" provides you with an extra layer of protection when making payments
online, adding third parties etc. This One Time based SMS password validates your identity and
processes a transaction through.

Each of our secure websites has a SSL Extended Validation certificate issued by VeriSign
to let you know that the website is genuine and secure.

ONLINESBI and MOBILE ONLINESBI also has an Extended Validation (EV) SSL
Certificate. This means that if you're using
Internet Explorer 7, your address bar will turn green when you visit our sites. It makes it easy
for you to be sure you are on the genuine OnlineSBI website.
For information on SSL certificates visit the Verisign website or to find out more about
EV Certificates visit Microsoft's website.

When you're finished:

You are automatically signed off from your account if it's inactive for a set period of time.
All pages you visit in our online banking websites are automatically removed from your
browsers cache after you have logged off. This removes the opportunity for later users of that
computer to view your personal or account details by, for example, selecting the browser back
button or searching the contents of the computer's hard-drive.
Security experts at SBI behind the scenes

Our dedicated security team investigates new technologies, monitors activity and
responds promptly to any emerging security issues.

We regularly use reputable independent consultants to audit the security of all our

Regular intense security drilling carried out as part of our efforts to look into any possible
security concern and immediately address them.

Safe Online Banking

Select a suitable password.

Unique Characters: An acceptable password must have at least eight (8) different
characters. Repeated characters can make for palindromes and make it easier to crack.
Character Types: An acceptable password must have characters from at least
three (3) different character types -- upper case, lower case, digits, punctuation, etc. A password
that includes a sample from a rich character set is difficult to crack.
Long Alpha Sequences: An acceptable password must not have an alphabetic sequence
any longer than three (3) characters.
Long Digit Sequences: An acceptable password must not have a digit sequence any
longer than two (2) characters.
Forbidden Characters: There are a few characters that will cause problems if used in a
password - the "delete" character is one of the obvious ones.

Passwords should not be any of the following:


Dictionary words (including foreign and technical dictionaries)

Name of a person or a thing, a place, a proper noun, a phone number or a vehicle


Simple pattern of letters on keyboards

Any of the above reversed or concatenated

One possible method for picking a good password is to make up your own acronym.

Always protect your password

Sharing passwords is a security risk.

Do not divulge your password to anyone.

Enter your user-id and password only in the space provided for- that you are normally
used to.

Any changes from normal make sure there is no attempt to steal your personal
information before providing it.

Do not provide user-id and passwords on any page that appears as a popup when you
click on a hyperlink received through email. Better practice would be to log on to the service by
typing in the URL in the address bar after making sure the page opening up is from the genuine
service provider.

Do not store passwords in a file on ANY computer system (including Palm Pilots or
similar devices) without encryption.

Change passwords at least once every 90 (ninety) days.

Do not let your computer remember your password. Do not accept auto complete option
provided by your computer/ browser.

As far as possible do not use un-trusted system to access a sensitive service. If you must,
change the password on the first occasion immediately thereafter from a trusted system

Enable our SMS based One Time Password

Enable high security in the "Profile" section. This is a second factor authentication for
doing various transactions like adding third party, third party transfer etc. securely.
Remember to logout

Ensure to log out when you are done with our online banking services by clicking on
"logout". Then close the browser window.
Check that the website is secure

Keep your eyes on the URL address bar and type the address
as or to visit OnlineSBI /Mobile OnlineSBI from your
On the login page, you will see a pad lock somewhere on the browser window (mostly in
the end of the address bar or on the right hand down corner in a locked in position indicating
that the website you are visiting is genuine and your communication with us (OnlineSBI) is
high grade encrypted. Click on the padlock to view the security certificate.
Look out for URL address on the address bar of your internet browser begins with
"https"; the letter 's' at the end of "https" means 'secured'.

Be careful with emails

Never download attachments or click on embedded links on emails from unknown

sources. Be Suspicious of emails that seek your personal or financial information.

Check the validity of the emails claiming to be purported from a financial institution by
contacting the organization in person or by phone or through secured mail box.

SBI never sends email /SMS or makes phone calls for getting customer information. Please
report immediately
if you receive any e-mail purported to be originated by SBI to
gather your Username or Password or any other personal information.
Secure your computer

Use a personal firewall.

Install antivirus software and keep it updated with the latest signatures.

Get antispyware software.

Regularly update your OS

Beware of public or shared computers.

Features for Safe Online Banking

OnlineSBI provides several inbuilt features for safe and secure banking. You can use the security
options in the profile tab to:
Customize your Personal Profile
You can set your display name, mobile number and email ID in your personal profile. The
display name is used in the Welcome message.
Manage Third Party
You can define your own trusted third parties to whom you wish to transfer funds. You can also
add, delete or modify your list of trusted third parties.
Define Limits
You can set limits for demand draft and third party transfers, in the profile section. It is advisable
to set a lower limit. You can enhance the limit as and when required.
Enable High Security
SMS based high security is an additional layer of security provided for your transactions. It is
recommended that you enable this feature, in the profile section. Whenever you transfer funds to
own or third party accounts, issue a demand draft or credit funds to a PPF account you will
receive a high security password by SMS. You need to use this password to complete the

Types of Online Fraud and Phishing Variations

Phishing Email and Fraudulent websites
Phishing is a general term for e-mails, text messages and websites fabricated and sent by
criminals and designed to look like they come from well-known and trusted businesses, financial
institutions and government agencies in an attempt to collect personal, financial and sensitive
information. Its also known as brand spoofing. If you should ever receive an email that appears
to be suspicious, do not reply to it or click on the link it provides. Simply delete it. To report a
suspicious email that uses SBIs name, you can report to us immediately at
. You can

read more about Phishing here.

Popup windows/advertisements
Pop-ups are the advertisements that "pop up" in a separate browser window. When you click on
some of these pop-ups, it's possible that you're also downloading "spyware" or "adware."
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain
access to private, personal and financial information from the public for the purpose of financial
reward. The term is a combination of "voice" and phishing.
Scammers randomly dial phone numbers using an automated system or a real human being
pretending they are calling on behalf of Bank/financial company asking you to update
information regarding your, bank accounts, Card details etc. because there is a problem on your
account or they may also say that they have made some upgrades into their system.
Smishing is a form of criminal activity using social engineering techniques similar to phishing.
Smishing victims receive SMS messages. Known as "smishing," these text messages might ask a
recipient to register for an online service -- then try to sneak a virus onto the users' device. Some
messages warn that the consumer will be charged unless he/she updates his/her personal or
financial credentials in a Web site that then extracts such information and other private data.
Key logging
Unwanted Key-Logging software can record everything that is typed on a computer and send the
information to an outside party. Key-Logging "Spyware" or "Adware" often infects a computer
via a virus attached to an e-mail or other type of download.

Important Security Tips For Safe Online Banking

Access your bank website only by typing the URL in the address bar of
your browser.

Be aware of downloading any malicious application from mobile

application stores (Google Playstore, Apple App Store, Blackberry App
World, Ovi Store, Windows Marketplace etc) that are offering Online
Banking. Kindly check their authenticity before downloading, by contacting
your Bank.

Do not click on any links in any e-mail message to access the site.

SBI or any of its representative never sends you email/SMS or calls you
over phone to get your personal information, password or one time SMS
(high security) password. Any such e-mail/SMS or phone call is an attempt
to fraudulently withdraw money from your account through Internet
Banking. Never respond to such email/SMS or phone call. Please report
immediately on
if you receive any such e-mail/SMS or Phone call.
Please lock your user access immediately, if you have accidentally revealed
your credentials. Click here to lock.
Do not be lured if you receive an e-mail/SMS/phone call promising
reward for providing your personal information or for updating your account
details in the bank site.

Having the following will improve your internet security:


Newer version of Operating System with latest security patches.

Latest version of Browsers (IE 7.0 and above , Mozilla Firefox 3.1
and above, Opera 9.5 and above, Safari 3.5 and above, Google

Firewall is enabled.

Antivirus signatures applied

Scan your computer regularly with Antivirus to ensure that the system
is Virus/Trojan free.

Change your Internet Banking password at periodical intervals.

Always check the last log-in date and time in the post login page.

Avoid accessing Internet banking accounts from cyber cafes or shared


After you have logged in, you will not be asked to provide your
username and login password again. Also, you will not be asked to provide
your CREDIT or DEBIT CARD details while using internet banking. If you get
a message (such as through a pop-up) asking for such information, please
do not provide this information no matter how 'genuine' the page appears
to be. Such pop-ups are most likely the result of malwares infecting your
computer. Please take immediate steps to disinfect your device.