E Banking

Online Banking
INTRODUCTION
What is Internet banking?
Manage your money online.

Electronic banking is an activity that is not new to banks
or their customers. Banks have been providing their
services to customers electronically for years through
software programs. These software programs allowed the
user's personal computer to dial up the bank directly. In
the past however, banks have been very reluctant to
provide their customers with banking via the Internet due
to security concerns.
V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.
Online Banking
Today, banks seem to be jumping on the bandwagon of

Internet banking. Why is there a sudden increase of bank
interests in the Internet? The first major reason is
because
of
the
improved
security
and
encryption
methods developed on the Internet. The second reason is

that banks did not want to lose a potential market share
to banks that were quick to offer their services on the
Internet.
The number of customers who choose online banking as
the preferred method of dealing with their finances is
growing
rapidly
convenience
it
due
to
offers,
the
clear
including
improvement
such
features
in
as
electronic bill payment. There are also more and more

banks that operate exclusively online.
Online
banking
is
the
practice
of
making
bank
transactions or paying bills via the Internet. Thanks to

technology, and the Internet in particular, we no longer
have
to
leave
the
house.
We
can
shop
online,
communicate online, and now, we can even do banking

online. Online banking allows one to make deposits,
withdrawals and pay bills all with the click of a mouse. It
doesnt get much more convenient than that.
Online Banking
In this report, I attempt to enlist the various services

offered over the net by the different banks in India, the
main issues concerning online banking and the scope for
online banking in the near future.
Online Banking
WHAT IS ONLINE BANKING?

Online banking or Internet banking is a term
used for performing transactions, payments etc.
over the Internet through a bank's secure
website.
OR
A system allowing individuals to perform banking
activities at home or office, via the Internet.
INTRODUCTION:
If you're like most people, you've heard
a lot about online banking but probably
haven't tried it yourself. You still pay
your bills by mail and deposit cheques
at your bank branch, much the way your
parents did. You might shop online for a
loan, life insurance or a home mortgage,
but when it comes time to commit, you
feel more comfortable working with your
banker or an agent you know and trust.
Online Banking
Online banking isn't out to change money habits. Instead,

it uses today's computer technology to give an individual
the option of bypassing the time-consuming, paper-based
aspects of traditional banking in order to manage
finances more quickly and efficiently.
Internet banking is changing the banking industry and is
having
the
major
effects
on
banking
relationships.
Banking is now no longer confined to the branches were

one has to approach the branch in person, to withdraw
cash or deposit a cheque or request a statement of
accounts. In true Internet banking, any inquiry or
transaction is processed online without any reference to
the branch (anywhere banking) at any time. Providing
Internet banking is increasingly becoming a "need to
have" than a "nice to have" service. The net banking,
thus, now is more of a norm rather than an exception in
many developed countries due to the fact that it is the
cheapest way of providing banking services.
This can be very useful, especially for banking outside
bank hours and banking from anywhere where Internet
access is available. In most cases a web browser such as
Internet Explorer or Mozilla Firefox is utilized and any
Online Banking
normal
Internet
connection
is
suitable.
No
special
software or hardware is usually needed.

The number of customers who choose online banking as
their preferred method of dealing with their finances is
growing rapidly. Many people appreciate the convenience.
Online banking usually offers such features as electronic
bill payment and the downloading of bank statements for
import in a personal finance program. There are a
growing number of banks that operate exclusively online.
Because these online banks have low costs compared to
traditional banks they can offer high interest rates.
ORIGIN OF ONLINE BANKING:

The introduction of the Internet and the popularity of
personal computers presented both an opportunity and a
challenge for the banking industry.
For years, financial institutions have used powerful
computer
networks
to
automate
millions
of
daily
transactions; today, often the only paper record is the

customer's receipt at the point of sale. Now that its
customers are connected to the Internet via personal
computers, banks envision similar economic advantages
Online Banking
by adapting those same internal electronic processes to

home use.
Banks view online banking as a powerful "value added"
tool to attract and retain new customers, while helping to
eliminate costly paper handling and teller interactions, in
an increasingly competitive banking environment.
Did you know?

The number of online banking customers increased to
nearly 40 million in the fourth quarter of 2005, according
to comScore Networks, which measures and analyzes
consumer behavior. That was a 27 percent increase over
the previous year; online bill paying increased 36 percent
during that time.
Online Banking
TYPES OF INTERNET
BANKING
Understanding the various types of Internet banking

products will help examiners assess the risks involved.
Currently, the following three basic kinds of Internet
banking are being employed in the marketplace:
1) Informational: This is the basic level of Internet
banking. Typically, the bank has marketing information
about the banks products and services on a standalone server. The risk is relatively low, as informational
systems typically have no path between the server and
the banks internal network. This level of Internet
Online Banking
banking can be provided by the bank or outsourced.

While the risk to a bank is relatively low, the server or
Web site may be vulnerable to alteration. Appropriate
controls
therefore
must
be
in
place
to
prevent
unauthorized alterations to the banks server or Web

site.
2) Communicative: This type of Internet banking system
allows some interaction between the banks systems
and the customer. The interaction may be limited to
electronic mail; account inquiry, loan applications, or
static file updates (name and address changes).
Because these servers may have a path to the banks
internal
networks,
configuration
than
the
risk
with
is
higher
informational
with
this
systems.
Appropriate controls need to be in place to prevent,

monitor, and alert management of any unauthorized
attempt to access the banks internal networks and
computer systems. Virus controls also become much
more critical in this environment.
3) Transactional: This level of Internet banking allows
customers to execute transactions. Since a path
typically exists between the server and the bank or
outsourcers internal network, this is the highest risk
Online Banking
architecture and must have the strongest controls.

Customer transactions can include accessing accounts,
paying bills, transferring funds, etc.
SCENARIO IN INDIA
Banks and financial institutions in India are in the process

of Web-enabling their services in order to offer Internet
banking to its customers. The RBI has drafted certain
Internet banking guidelines that have to be followed by
banks about to venture into online banking. Internet
banking has gained wide acceptance internationally and
seems to be fast catching up in India with more and more
banks entering the fray.
It's the new generation of banking in India. Most private
and MNC (Multinational Corporation) banks have already
10
Online Banking
setup an elaborate Internet banking infrastructure. And

this exercise has provided them numerous benefits like:
Greater reach to customers
Quicker time to market
Ability to introduce new products and services
quickly and successfully
Ability to understand its customers needs
Customers are given access to information
easily across any location
Greater customer loyalty
Multi-national and private sector banks in India have been
very successful in setting up Internet banking services.
This is mainly because these banks already had a robust
automated banking environment on which they could
build the Internet banking infrastructure. Most multinational banks already have efficient Internet banking
infrastructures running in other countries, which could be
emulated in India. And the private banks, which are
relatively young, did not have to carry the burden of
legacy systems. They merely invested in best-of-breed
Internet banking solutions from the start.
THE RBI GUIDELINES:
11
Online Banking
The
Reserve
Bank
of
India
(RBI)
has
created
comprehensive document, which lays down number of

security-related guidelines and strategies for banks to
follow in order to offer Internet banking. The guidelines
broadly talk about the types of risks associated with
Internet banking, the technology and security standards,
legal issues involved, and regulatory and supervisory
concerns. Any bank that wants to offer Internet banking
must follow these guidelines and adhere to them as a
legal necessity.
BACKGROUND:
The document broadly categorizes levels of Internet
banking services into three types:
a) The basic level service in which the banks' websites
distribute
information
on
different
products
and
services to customers. It may receive and reply to

customers' queries through e-mail.
b) Simple transactional websites, which allow customers
to submit their instructions, applications for different
services, and queries on their account balances. They
12
Online Banking
do not permit any fund-based transactions on their

accounts.
c) The third level of Internet banking services offered by
fully-transactional websites which allow customers to
operate on their accounts for transfer of funds,
payment of different bills, subscribing to other products
of the bank, and to transact purchase and sale of
securities.
INDIAN BANKS ON WEB:

The banking industry in India is facing unprecedented
competition from non-traditional banking institutions,
which now offer banking and financial services over the
Internet.
The
deregulation
of
the
banking
industry
coupled with the emergence of new technologies, are

enabling new competitors to enter the financial services
market quickly and efficiently.
Indian banks are going for the retail banking in a big way.
However, much is still to be achieved. This study, which
was
conducted
by
students
of
IIML,
shows
some
13
interesting facts:
Online Banking
Throughout the country, the Internet Banking is in the

nascent stage of development (only 50 banks are
offering varied kind of Internet banking services).
In general, these Internet sites offer only the most
basic services. 55% are so called 'entry level' sites,
offering little more than company information and
basic marketing materials. Only 8% offer 'advanced
transactions'
such
as
online
funds
transfer,
transactions & cash management services.
Foreign & Private banks are much advanced in terms of

the number of sites & their level of development.
A PRACTICAL APPROACH:
IDBI Bank has successfully implemented a robust Internet

banking architecture for its customers.
IDBI Bank Limited uses the following equipment
infrastructure to address its Internet banking needs:
IDBI Banks e-banking Infrastructure
14
Online Banking
Web servers
Hardware
Application servers
Database servers
Networking equipment
Software
Systems software
Application software
Application integration with core
banking
Services
Scalability tests (desirable but

optional)
Web designing
Server sizing
Firewalls
Certification
Server level (mandatory)
Security
Client level (Optional: we did

not deploy this)
Intrusion Detection Systems
Subscribing to advisories
Networking
Hosting Decision
Isolation from the main network

In-house vs. IDC (Internet Data
Centre)
15
Online Banking
IDBI Bank did not undertake services of any systems

integrator. Neeraj Bhai, CTO (Chief Technology Officer),
IDBI Bank says, "These services are often offered by
multiple divisions of a company, and these divisions do
not have a good level of coordination among themselves.
It is also advisable to have owners within the organization
who drive the effort."
Though adoption of Internet banking by Indian banks and
their customers would not set the Arabian Sea on fire, no
one can deny the obvious benefits that this service offers.
INTERNET BANKING PROCESS

In a typical Internet banking transaction, customers
requests for online banking information are passed on
from Web Server to the banks Internet Banking Server
through the WWW interface. These requests pass through
a firewall before they reach the Internet Banking Server.
Due to this SSL (Secure Sockets Layer) technology, only
authenticated requests reach the Internet Banking Server.
The Customer Information Database is stored on a banks
server, which is protected by the use of various security
16
Online Banking
tools in addition to the firewall technology. The WWW

interface is the only media of communication with the
Customer Database, thus ensuring the safety of operation
and customer data. When the customers requests reach
the Internet Banking Server, it passes the requests to the
Bank Server hoarding Customer Database. The database
provides the required information to the Internet Banking
Server, which in turn is passed on to the Web Server
through the firewall from where the customer is able to
access it.
17
Online Banking
This sort of architecture, known as the three-tiered

architecture
(comprising
of
Web
Sever,
Internet
Banking Server and Customer Database protected by

firewalls), creates a controlled environment, which allows
quick incorporation of Internet security technologies. A
security analyzer constantly monitors login attempts and
recognizes
failures
that
could
indicate
possible
unauthorized attempt to log into an account. When such

trends are observed, steps are automatically taken to
prevent that account from being used.
The products and services offered by the banks on the
Internet can be divided into 3 types:
1) Information Kiosks: It includes providing information
regarding various products and services offered by the
bank to its customers. The banks site receives and
answers queries of customers through e-mails.
2) Basic Internet Banking: It includes enabling customers
to open new accounts, check account balance and pay
utility bills.
3) E-Commerce E-Banking: Banks function as electronic
market places (e-market place) enabling customers to
use their accounts for money transfers, bill payment,
18
Online Banking
purchase and sale of securities and online real-time

purchases and payments.
The most significant benefit of Internet Banking is the
readily accessibility of bank accounts at all times. The
inconvenience of visiting and waiting at the banks is also
eliminated.
These
result
in
enhanced
customer
satisfaction, reduced customer attrition and increased

customer base. Internet banking considerably reduces
transaction costs for the banks.
WHAT SERVICES ARE AVAILABLE

ONLINE?
Online banking provides Internet-based
solutions to make dealings in a fast
and simple manner. Banking can be
done whenever and wherever with
great convenience. It allows one to
access account information, transfer
19
Online Banking
funds, review account history and much more from the

home computer, laptop or workplace. One can also pay
bills quickly and conveniently with just a few clicks. No
more stamps, writing cheques or rushing to the mailbox
to meet payment deadlines!
1. Manage the Account Details online:
Statement of Account - View all the latest
transactions of account for a period, with details of
uncleared cheques
Balance Details - Balance Enquiry with Minimum
Balance alerts. Download/Print the latest Balance
details
Transaction Details - Confirm the transaction
details
Cheque Status - Check the clear and unclear
cheques
Request Copies - Request copies of checks or
statements
2. Requisitions:
Cheque Books - Request for a new Cheque book
online
Demand Drafts - Issue of demand drafts
20
Online Banking
Open a new Account - Open another account with

online
Change of Address - Inform the bank site about your
change of address
3. Funds Transfer:
Funds transfer online
Funds Transfer offline
4. Correspondence:
General Correspondence The bank provides the
facility
of
email
correspondence
between
the
customer and the Bank. One can enquire about TDS,

Deposits (Maturity date, Maturity amount etc.) and
also give instructions for payment on maturity.
Customer Correspondence View - A mailbox
facility to view all the correspondence from the
customer to the Bank, till date.
Branch Correspondence View - A mailbox facility
to view all the correspondence from the Bank to the
customer, till date.
5. Utility Bill Payments:
Pay your bills online
Pending payments view
21
Online Banking
Receiving bills via the Web

6. Standing Instructions:
Give standing instructions to the Bank
Instantaneous inter-city transactions through online
connections between all branches
Internet Payment Gateway handles credit card
transactions on the Internet
7. Online shopping for:
Loans and Credit Cards
Mortgages
Insurance
Auctions
ELECTRONIC TRANSACTIONS
To most people, electronic banking means 24-hour access
to cash through an automated teller machine (ATM) or
paychecks deposited directly into checking or savings
accounts.
22
Online Banking
Electronic banking, also known as electronic fund transfer

(EFT), uses computer and electronic technology as a
substitute for checks and other paper transactions. EFTs
are initiated through devices such as cards or codes that
you use to gain access to your account. Many financial
institutions use an automated teller machine (ATM) card
and a personal identification number (PIN) for this
purpose.
1) Electronic
Bill
Consumers
Payment
can
(EBP):
pre-authorize
withdrawals so that recurring bills such

as insurance premiums, mortgages and
utility
bills
are
paid
automatically.
Getting customers to use the Internet to pay bills will

save banks billions of rupees in making and processing
paper cheques.
2) Credit Card: Credit Card is a plastic card

issued by a bank or building society that
allows one to make purchases now and
pay for them later. Credit (that is, money)
will be made available to buy goods and
23
Online Banking
services. Every month the bank or building society will

send a bank statement of the account. One must pay
back a minimum amount and interest will be charged
on any money still owing.
3) Debit Card: Debit Card is an identity card
issued by a bank to a customer, which the
customer can use to buy goods. The price
of the goods is charged to customer's bank account.
4) Automated Teller Machines or 24-hour Tellers:
They are electronic terminals that let a
person
bank
withdraw
almost
cash,
make
any
time.
To
deposits,
or
transfer funds between accounts, you

generally insert an ATM card and enter
the Personal Identification Number (PIN).
It is an Automated Teller Machine. This is
usually called a cash machine. As well as dispensing
cash, many ATMs provide other information or services
to customers, such as informing people how much
money they have got in their account, giving them a
mini-bank statement, or allowing people to pay money
into their account.
24
Online Banking
5) Direct Deposit: It lets one authorize specific

deposits, such as paychecks and social
security checks, to your account on a regular
basis. One also may pre-authorize direct
withdrawals so that recurring bills, such as
insurance premiums, mortgages, and utility
bills, are paid automatically.
6) Pay-by-Phone
Systems:
It
lets
one
telephone the financial institution with

instructions to pay certain bills or to
transfer funds between accounts. One
must have an agreement in advance with
the institution to make such transfers.
7) Personal Computer Banking: It allows one to
conduct
many
banking
transactions
electronically via the personal computer.

For instance, one may use the computer
to view the account balance, request
transfers between accounts, and pay bills
electronically.
EXAMPLE OF ONLINE PAYMENT

SYSTEM
25
Online Banking
26
Online Banking
27
Online Banking
BENEFITS OF INTERNET
BANKING
Easy to use
Looks like your paper checkbook, so u will feel
comfortable right away.
Balance your account more easily.
Convenient
Download up to date information on balances and
transaction on balances and transaction for checking
savings, money market, line of credit, investment,
and credit card accounts.
Carry your own banking tasks during the day or
night, from home or office.
Transfer funds between accounts within the same
bank.
Schedule bill payments up to a year in advance.
Pay bills from within Quicken or Quicken books,
where expenses are transacted.
28
Online Banking
Automatically match downloaded transaction with

those already in your register.
Saves time
No more writing checks, addressing envelopes,
licking stamps.
No more trips to the bank.
No data entry paying bills and recording checks
happen simultaneously.
Other
Save money avoid overdrafts; maximize checks
and recording checks happen simultaneously.
29
Online Banking
ADVANTAGES OF ONLINE
BANKING
The various advantages are:
Convenience:
Unlike
the
corner
bank,
online
banking sites never close; they're available 24 hours

a day, seven days a week and they're only a mouse
click away. The number of customers who choose
online banking as their preferred method of dealing
with their finances is growing rapidly. Many people
appreciate the convenience.
Ubiquity: If a person is out of state or even out of
the country when a money problem arises, they can
log on instantly to the online bank and take care of
business, 24/7.
Transaction speed: Online bank sites generally
execute and confirm transactions at or quicker than
ATM processing speeds.
30
Online Banking
Efficiency: One can access and manage all the

bank accounts, including IRAs, CDs, even securities,
from one secure site.
Effectiveness: Many online banking sites now offer
sophisticated tools, including account aggregation,
stock quotes, rate alerts and portfolio managing
programs to help one manage all of the assets more
effectively. Most are also compatible with money
managing programs such as Quicken and Microsoft
Money.
Other Advantages:
There are other advantages like:
Expedient
Inexpensive
Convenient bill paying medium
Bank any time of day or night
Bank weekdays, weekends, and even holidays
Bank from anywhere in the world (as long as you
have access to a computer and the Internet)
31
Online Banking
DISADVANTAGES OF ONLINE
BANKING
Hence the various disadvantages are:
Start-up may take time: In order to register for
bank's online program, one will probably have to
provide ID and sign a form at a bank branch. If you
and your spouse wish to view and manage your
assets together online, one of you may have to sign
a durable power of attorney before the bank will
display all of your holdings together.
Learning curve: Banking sites can be difficult to
navigate at first. Plan to invest some time and read
the tutorials in order to become comfortable in the
virtual lobby.
Bank
site
changes:
Even
the
largest
banks
periodically upgrade their online programs, adding
32
Online Banking
new features in unfamiliar places. In some cases,

one may have to re-enter account information.
The trust thing: For many people, the biggest
hurdle to online banking is learning to trust it. Did
my transaction go through? Did I push the transfer
button once or twice? Best bet: always print the
transaction receipt and keep it with the bank records
until it shows up on the personal site or bank
statement.
System Crashes: When dealing with computers,
there is always the concern of the system crashing,
viruses entering the system or a power cut. These
are larger problems and are not easily solved. In all 3
cases, many people would be affected, information
may be lost and a backup plan would have to be
initiated.
Other Disadvantages:
Need an account with an Internet Service Provider
(ISP)
Security concerns, like "hackers" accessing bank
accounts
Original setup for bill paying time is time-consuming
but will ultimately be a time-saver
33
Online Banking
Switching banks can be more cumbersome online

than in person
Must
have
basic
computer
skills
and
Internet
knowledge
Must be comfortable using a computer
IS ONLINE BANKING SAFE?
Be Careful Someone is watching you

surf
Faced with the concept of online banking, many people
wonder about security. After all, you don't face a bank
34
Online Banking
officer or teller when you are opening an account. How

does the bank know who you are? And how do you know
they won't give access to your money to a crook?
If you are just setting up online access to an existing
brick-and-mortar bank, the transaction usually is done
over the phone. You are given a temporary password to
use the first time you access your account online. At that
point, you should change the password. Usually, you are
asked for your account number, or your Social Security
number, along with the password.
As
with
any
personal
identification
number
(PIN),
memorize your online bank password and don't write it

anywhere that could easily be connected with the bank
account.
When setting up a new account with an Internet bank,
you may be asked to submit an online application or to
download an application, print it, fill it out and mail it to
the bank. Most banks will check the information you
provide with one of the major credit reporting agencies, in
order to verify that it agrees with information in your
credit file.
35
Online Banking
Before you begin banking online, you may receive a

message from the bank that your browser needs to be
updated in order to conform to the highest security
standards. Online banks have information available on
their web sites about security, including firewalls and
encryption systems meant to deter hackers. Look for:
"128-bit encryption," the standard in the industry.
A written guarantee to protect account holders from
losses due to online fraud.
Automatic lock out if you enter your password wrong
more than three or four times.
Automatic log out if you are not active at the site for a
certain amount of time.
When accessing the bank, it is safer to "bookmark" the
bank's address in the browser than to type in the address
each time one wants to visit. Slight mistakes in entering
the address may take you to a "spoofer" site designed by
criminals to trick you into entering your account number
and password so that they can be used to access your
online account.
Spoofers set up copycat web sites at addresses that are
very close to that of the real bank. The crooks set up a
home page that looks exactly like your banks. Internet
36
Online Banking
banks have taken precautions to buy up similar domain

names so that this does not happen. But it pays to be
vigilant.
Many online banks use a verification system called
Verisign Site Secure. When you click on the Verisign icon
it should give you information about the web site you are
visiting. If you are taken to the Verisign home page
instead, you will be given a warning that something might
be wrong and that the icon you clicked on is not official.
Information Technology has no doubt reinvented the way
that many firms do business. Yet like every area, IT has
risks that need to be recognized and protected against.
There are a number of specific risk areas that most
businesses with IT including banking, will face. These
risks include
1) Viruses:
These
are
small,
malicious
programs
designed to cause problems with your computer such

as the loss of information or internal systems failure.
The effects may range from simply displaying a
message to wiping your entire hard drive. They may be
transmitted in anyway that data is moved between
computers, be it by floppy, Internet download or via e-
37
Online Banking
mail.
There
are
methods
of
protection
that
businesses can put in place to help guard against

viruses:
a.
Install anti-virus software
b.
Virus
check
all
floppies
and
CDs
before
installing or opening files, preferably on a standalone

machine to avoid the spread of viruses to your LAN
c.
Install a Firewall. Regular backups of critical

information are vital to survive such virus attacks.
2) Accidental Loss of Data: Data loss can occur

accidentally for many reasons. The wrong file may be
deleted or moved to where it cannot be found.
Alternatively, a system error may corrupt data or cause
physical damage to a PC and prevent it from being
accessed. Frequent backups are a simple way to guard
against any data loss.
3) Theft of Information: Information can be a powerful
asset. This means that like any other asset, it may be
subject to theft from external or internal sources.
4) Unauthorized Access: Unauthorized Access, as the
name suggests, is access to computer systems or
information by anyone without permission. This may
originate either internally or externally and can lead to
38
Online Banking
loss of information and damage to internal systems.

External unauthorized access has the higher profile and
is usually described as hacking. However, internal
unauthorized access is far more common and can
cause just as many problems. There is a raft of
measures that can help prevent such access. These
include associating access rights to user IDs, physical
smart
cards
to
restrict
access
and
good
staff
management practices.
5) Hacking: It is the unauthorized use or attempt to
avoid the security mechanisms of an information
system or network. A hacker is a person who enjoys
exploring the details of computers and how to stretch
their capabilities. He is a malicious or inquisitive
meddler who tries to discover information by poking
around. A person who enjoys learning the details of
programming
systems
and
how
to
stretch
their
capabilities, as opposed to most users who prefer to

learn on the minimum necessary.
6) Phishing Scams: Phishing scams take the form of
spoof letters, emails or websites. They look as though
they are from or represent respectable institutions.
They look so authentic that victims are fooled into
revealing their account or personal information to
39
Online Banking
unauthorized third parties. Phishing is derived from

fishing- a social engineering attack attempting to
trick users into revealing personal information like
passwords and credit card numbers. It is the act of
attempting
to
fraudulently
acquire
sensitive
information, such as passwords and credit card details,

by masquerading as a trustworthy person or business
with a real need for such information in a seemingly
official electronic notification or message (most often
an email, or an instant message).
7) Pharming: Pharming (from farming) exploits the DNS
(Domain Name System), the Internet system that
translates a computer name into an Internet Protocol
(IP) address. A computer with a compromised host file
will go to the wrong website even if the user types the
correct URL. More alarming is DNS poisoning where the
Domain Name System directory is 'poisoned' and can
cause large groups of users to be herded to fraudulent
look-alike sites.
8) Password cracking: It is the process of recovering
secret passwords from data that has been stored in or
transmitted by a computer system, typically, by
repeatedly verifying guesses for the password. The
40
Online Banking
purpose of password cracking might be to help a user

recover a forgotten password (though installing an
entirely new password is less of a security risk), to gain
unauthorized access to a system, or as a preventive
measure by the system administrator to check for
easily crack able passwords.
9) Credit card fraud: It is one of many forms of frauds
that involve credit cards, charge cards, debit cards, or
prepaid cards. Typically, the fraudster causes a credit
card of another person to be charged for a purchase.
Today, half of all credit card fraud is conducted online,
meaning that the fraudsters make online purchases
with the credit card details of other people.
10) Identity theft: Identity theft (or identity fraud) is the
deliberate assumption of another person's identity,
usually to gain access to their finances or frame them
for a crime. Less commonly, it is to enable illegal
immigration, terrorism, espionage, or changing identity
permanently. It may also be a means of blackmail,
especially if medical privacy or political privacy has
been
breached,
and
if
revealing
the
activities
undertaken by the thief under the name of the victim

would have serious consequences like loss of job or
41
Online Banking
marriage. Assuming a false identity with the knowledge

and approval of the person being impersonated, such
as for cheating on an exam, is not considered to be
identity theft.
11) Carding: It means stealing credit card numbers from
the Internet. It is a criminal offense. A carder is a
special kind of criminal that specializes in stealing
information from credit cards. The primary method that
carders use to make money is to use information
skimmed off from credit cards to encode the magnetic
stripes of their replica credit cards with and make
purchases with them.
12) Random Dialing: This technique is used to dial
every number on a known bank telephone exchange.
The objective is to find a modem connected to the
network. This could then be used as a point of attack.
13) Social Engineering: An attacker calls the banks
help desk impersonating an authorized user to gain
information about the system including changing
passwords.
42
Online Banking
14) Trojan Horse: A programmer can embed code into a

system that will allow the programmer or another
person unauthorized entrance into the system or
network.
TYPES OF ATTACKS
43
Online Banking
We can classify attacks as:

Passive Attacks: Passive Attacks are those wherein
the attacker indulges in eavesdropping or monitoring
the data transmission. In other words, the attacker
aims to obtain information that is in transit. The term
passive indicates that the attacker does not
attempt to perform any modifications to the data. In
fact, this is also why passive attacks are harder to
detect. Thus, the general approach to deal with
passive attacks is to think about prevention, rather
than detection or corrective measures.
Passive Attacks are further divided into:
Release of Message Content
Traffic Analysis
Release of Message Content is quite easy to
understand. When we send a confidential e-mail
message to our friend, we desire that only she be
able to access it. Otherwise, the contents of the
message
are
released
against
our
wishes
to
someone else. Using certain security mechanisms,

we can prevent release of message contents. For
example, we can encode messages using code
44
Online Banking
language,
so
that
only
the
desired
parties
understand the contents of a message because only

they know the code language. However if many such
messages are passing through, a passive attacker
could try to figure out the similarities between them
to come up with some sort of patterns that provides
him some clues regarding the communication that is
taking place. Such attempts of analyzing message to
come up with likely patterns are the work of the
Traffic Analysis attack.
Active Attacks: Unlike passive attacks, the active
attacks are based in modification of the original
message in some manner or in creation of a false
message. These attacks cannot be prevented easily.
However they can be detected with some efforts and
attempts can be made to recover from them. These
attacks can be in the form of
Interruption,
Modification and Fabrication.

Fabrication attacks: are called as masquerade
attacks.
Masquerade
is
caused
when
an
unauthorized user pretends to be another entity. For

example, User C can pretend to be User A and send
a message to User B. User B will be under the
45
Online Banking
impression that the message indeed came from User

A.
Modification attacks can be further divided as
replay attacks and alteration of messages. In a
replay attack, a user captures a sequence of events
or some data units and resends them. For instance,
suppose User A wants to transfer some amount to
User Cs Account, both User A and User C have
accounts with Bank B. User A might send an
electronic message to Ban k B requesting for the
funds transfer. User C could capture this message
and send a second copy of the same to Bank B. Bank
B would have no idea that this is an unauthorized
message and would treat this as a second and
different funds transfer altogether.
46
Online Banking
HOW TO AVOID BECOMING A

VICTIM?
To prevent such attacks, proper measures must be taken.

These include the installation of firewalls, anti-virus
programs, etc. Here are some important parameters to
ensure safe online banking transactions
1) Secure Servers: It is a server that uses Secure
Sockets Layer (SSL) encryption technology to protect
users' credit card information. It transmits data in an
encoded form that is intended to prevent unauthorized
access to the data. All Web servers that handle credit
cards should use SSL (secure socket layer) encrypted
communications. While a secure server discusses
47
Online Banking
sensitive credit card information with the customer,

anyone eavesdropping on this electronic conversation
(through any Internet computer) between browser and
server will only see illegible data.
2) SSL
(Secure
Sockets
Layer):
It
is a
protocol
developed by Netscape for transmitting documents

securely over the Internet. It is a security protocol that
provides communication privacy. SSL enables client
and server applications to communicate in a way that
is designed to prevent eavesdropping, tampering, and
message forgery. It passes sensitive information, such
as
credit
card
details,
over
the
Internet.
Most
commerce servers on the World Wide Web use it; this

high-level security protocol protects the confidentiality
and security of data while it is being transmitted
through the internet. URL's that begin with https (and
not http) indicate that an SSL connection will be
used.
SSL
provides
important
things:
Privacy,
Authentication, and Message Integrity.

3) Encryption: It is the conversion of data into a secret
code. In other words, it is modifying data, i.e., turning
readable text into cipher text, to prevent unauthorized
access to the information. It refers to algorithmic
48
Online Banking
schemes that encode plain text into non-readable form

or cipher text, providing privacy. The receiver of the
encrypted text uses a key to decrypt the message,
returning it to its original plain text form. Only the
person or persons that have the right type of decoding
software can unscramble the message.
4) Digital
Certificates:
electronic
"credit
card"
digital
certificate
that
establishes
is
an
your
credentials when doing business or other transactions

on the Web. Trusted third parties known as Certificate
Authority (CA) issue them. It contains your name, a
serial
number,
expiration
dates,
copy
of
the
certificate holder's public key (used for encrypting and

decrypting messages and digital signatures), and the
digital signature of the certificate-issuing authority so
that a recipient can verify that the certificate is real. It
is a form of personal identification that can be verified
electronically.
5) Firewalls: It is a security system intended to protect
an organization's network against external threats,
such as hackers, coming from another network. It is a
system designed to prevent unauthorized access to or
from a private network. Firewalls can be implemented
49
Online Banking
in both hardware and software, or a combination of

both.
Firewalls
are
frequently
used
to
prevent
unauthorized Internet users from accessing private

networks connected to the Internet. All messages
entering or leaving the Intranet pass through the
firewall, which examines each message and blocks
those that do not meet the specified security criteria.
Firewalls are used to filter and stop information sent
and received via the Internet. They are used as a
means of keeping networks secure.
6) Protection
of
PINs:
Passwords
or
personal
identification numbers (PINs) should be used when

accessing an account online. Your password should be
unique to you and you should change it regularly. Do
not use birthdates or other numbers or words that may
be easy for others to guess. Always carefully control to
whom you give your password. For example, if you use
a financial company that requires your passwords in
order to gather your financial data from various
sources, make sure you learn about the companys
privacy and security practices.
7) General
Security:
General
security
over
personal computer such as virus protection
your
and
50
Online Banking
physical access controls should be used and updated

regularly.
Contact
your
hardware
and
software
suppliers or Internet service provider to ensure you

have the latest in security updates.
Tips for Safe Banking over the

Internet
Do not open email attachments unless you are
expecting them.
Check for the closed padlock or key symbol in the
browser window when entering your credit card details
and other personal information on a website.
Only download software from sites you trust.
Assume all your emails are read by other people.
Use anti-virus software and keep the virus recognition
data file up-to-date.
Use the latest version of your operating system and
Web browsers.
Use good passwords not names or words you would
find in a dictionary.
Do not store important passwords on your machine or
in a password saver.
51
Online Banking
Install a firewall. They are not as complicated as you

might think.
Q: So here comes the big question
IS ONLINE BANKING FOR YOU?
A: YES, if you crave for convenience and speed.
And NO, if you trust the Internet as much as
you do your car
Mechanic!
TYPICAL EXAMPLE OF INTERNET

BANKING SERVICE OFFERED BY
INDIAN BANKS
PUNJAB NATIONAL BANK
PAGE 1
52
Online Banking
PAGE 2
53
Online Banking
PAGE 3
54
Online Banking
PAGE 4
55
Online Banking
PAGE 5
56
Online Banking
INTERNET BANKING THE ROAD

AHEAD
Internet banking is "still in a strong growth phase". To
meet the increased demand, banks are expected to
ratchet up their spending on Internet banking technology.
Internet banking is taking an increasing importance in
banks policy. Systems are being developed throughout
the USA and Europe. However much is still desired, hence
we think that it would be useful to create an exchange
forum in charge of the dissemination of information on
Internet banking development.
Nevertheless, there's stillroom for improvement. Although
all large and mid-sized banks and a growing number of
small banks offer online banking, their offerings are far
from equal. User-friendliness is uneven, support varies
and features menus differ notably.
57
Online Banking
As a result, banks may achieve the greatest impact by

pursuing basic improvements instead of cutting-edge
technologies. It is recommended to bring improvements
in the services by offering services such as online account
opening, universal registration for multiple services and
pre-populated
application
forms.
To
enhance
the
customer experience, banks should conduct usability

tests
and
monitor
user
feedback;
provide
smooth
navigation aids; incorporate easy-to-access contextual

help; and minimize data entry problems with appropriate
user interface elements, such as calendar widgets. For
several of these enhancements, the back office has to get
involved. Specifically, banks are seeking to maintain a
consistent look and feel across applications used by
multiple
lines
of
business;
incorporate
third-party
offerings into the Internet banking channel; and create

links between online applications, according to the report.
Finally it must be accepted that although e-commerce is
widely and quickly spreading its wings across the globe,
at the moment it appears as if the emerging markets and
the third world countries might take some time to adapt
to latest technological innovations and the modern ways
of banking. However sooner than later the juggernaut of
58
Online Banking
e-commerce would certainly sweep these nations into the

world of innovative and smart banking.
Internet Banking still has a long way to go in India, though
the future is promising. As for now, bank online only if you
think you can handle all the downsides but along with the
anytime, anywhere convenience. One thing is very clear.
Internet Banking is here to stay!!!
INDIAS NET BANKING

ENCYCLOPEDIA
Bank Name
ABN AMRO Bank
Technology
Vendor
Infosys
(BankAway)
Abu Dhabi
Commercial Bank
Infosys
(BankAway)
Bank of India
Centurion Bank
I-flex
Logica
Orbitech (now
Polaris)
I-flex
Citibank
Corporation Bank
Deutsche Bank
Federal Bank
HDFC Bank
HSBC
ICICI Bank
Sanchez
i-flex/ Satyam
Infosys, ICICI
Infotech
Service
offering
NetBanking
ADCB NetLink
BOIonline
MyCBOL
Citibank Online
CorpNet
db direct
FedNet
NetBanking
Online@hsbc
Infinity
59
Online Banking
Infosys
IDBI Bank
IndusInd Bank
Punjab National
(BankAway)
CR2
Infosys
Bank
(BankAway)
i-net banking
IndusNet
BIBLIOGRAPHY
Websites:
www.pcquest.com
www.indiainfoline.com
www.google.com
www.pnbindia.com
www.onlinebanking.com
www.netbanker.com
www.banknetindia.com
Magazines:
Can You Bank Online? PC Quest
Personal Finance Business Today
Professional Banker
60

E Banking

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

E Banking

Caricato da

Copyright:

Formati disponibili

Online Banking

What is Internet banking?

Manage your money online.

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

Today, banks seem to be jumping on the bandwagon of

methods developed on the Internet. The second reason is

electronic bill payment. There are also more and more

transactions or paying bills via the Internet. Thanks to

communicate online, and now, we can even do banking

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

In this report, I attempt to enlist the various services

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

WHAT IS ONLINE BANKING?

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

Online banking isn't out to change money habits. Instead,

Banking is now no longer confined to the branches were

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

software or hardware is usually needed.

ORIGIN OF ONLINE BANKING:

transactions; today, often the only paper record is the

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

by adapting those same internal electronic processes to

Did you know?

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

Understanding the various types of Internet banking

banking can be provided by the bank or outsourced.

unauthorized alterations to the banks server or Web

Appropriate controls need to be in place to prevent,

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

architecture and must have the strongest controls.

Banks and financial institutions in India are in the process

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

setup an elaborate Internet banking infrastructure. And

THE RBI GUIDELINES:

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

comprehensive document, which lays down number of

services to customers. It may receive and reply to

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

do not permit any fund-based transactions on their

INDIAN BANKS ON WEB:

coupled with the emergence of new technologies, are

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

Throughout the country, the Internet Banking is in the

transactions & cash management services.

Foreign & Private banks are much advanced in terms of

IDBI Bank has successfully implemented a robust Internet

IDBI Banks e-banking Infrastructure

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

Scalability tests (desirable but

Client level (Optional: we did

Isolation from the main network

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

IDBI Bank did not undertake services of any systems

INTERNET BANKING PROCESS

tools in addition to the firewall technology. The WWW

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

This sort of architecture, known as the three-tiered

Banking Server and Customer Database protected by

unauthorized attempt to log into an account. When such

V.E.S COLLEGE OF ARTS, SCIENCE & COMMERCE.

purchase and sale of securities and online real-time

satisfaction, reduced customer attrition and increased

WHAT SERVICES ARE AVAILABLE