Management of Financial Institutions Case Study: Caselet 5

If we compare the infrastructure costs of setting up Internet banking vis--vis the benefits that it offers, will it still be a profitable alternative for the Indian banks? The cost of setting up Internet banking and maintaining it & cost of setting up physical banks and maintaining them has a huge difference. Cost of setting up Internet banking is lot lesser than a physical bank. And a lower cost implies higher profitability. This framework gives a bank the opportunity to exist without paper, without geographical limitations, and without ever closing the doors to customers. Though India lacks far behind here are some Internet banking facts: The world's first Internet only bank is Security First Network Bank, now owned by Royal Bank of Canada, which currently has over 150,000 customers. The first profitable e-bank is NetBank that currently boasts $1.5 billion in assets with more than 110,000 accounts (Rombel, 2000). Telebank, which was started over 10 years ago as a virtual Savings and Loan institution and was acquired by E-Trade in 1999, began offering Internet transactions in 1998 and now has over 51,000 customers with over $1 billion in deposits. Though the Internet Penetration is close to 10 % but it gives us an existing market of .12 billion people as target market & already close 15% of this is using e-banking. There is slow movement but slowly it will gain momentum and be a good investment by the banks. Even ATMs encountered raised eyebrows but today its a success. And just not Internet banking but now the world is witnessing Mobile banking. Even though, India being a slow adopter has to keep pace with the world. And setting up Internet banking involves cost from 4 lakh 40 lakhs depending upon the sophistication it offers. And setting up a physical bank and maintaining it has a higher cost. In a scenario where the internet penetration in India is considerably low and also considering that the familiarity is also low. How should banks manage the transition? The population of USA is 030 billion. Population of India is 1.2 billion. Considering a 60% (which is on the higher side) Internet Penetration in the USA which is about 0.18 billion. And Internet penetration in India is 10% which gives us 0.12 billion. Now for a fact we know that Indian population is a young population and the Internet is spreading its web slowly and steadily. And we look at the relative figure of 10% then we may say the market is not yet ready but if the absolute figures are taken into account then it gives us a huge potential market to be captured and catered. Now, another question which arises is the vast rural population of India lacking knowledge, education & technical ability. But as far as this section of the population is considered, they have been the cause of losses and debts for banks & financial institutions rather than being a profit generating body. Initially this should not concern the banks and with time the training can be imparted in rural areas as well. Villages are slowly being bestowed with electricity, internet & not to forget the recently launched tablet Aakash, aimed at poor students. Though the government infrastructure is not in place to take the dive but certainly Internet & Mobile banking are the future. Google has already come up with Google Wallet application for mobile in the USA which will compete with the future of credit cards. India already lagging behind cannot for a readymade market. It has to create it which shall be fast, digitalized, modern and cost effective. The banks need to target the existing market & serve them, with slow penetration in villages and towns by giving training to the ignorant customers. The advantages of the new system have to be communicated to the user and special measures have to be taken for Internet Banking Security.

Which are the areas where security lapses play a crucial role in Internet Banking? Most of the attacks on online banking used today are based on deceiving the user to steal login data and valid TANs. Two well-known examples for those attacks are: Phishing - Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Pharming Pharming is a hacker's attack aiming to redirect a website's traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victims computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses they are the "signposts" of the Internet. Compromised DNS servers are sometimes referred to as "poisoned". Cross-site scripting and keylogger/Trojan horses can also be used to steal login information. The most recent kind of attack is the so-called Man in the Browser attack, where a Trojan horse permits a remote attacker to modify the destination account number and also the amount. In simpler terms most of the Internet Banking Security lapses because of the user itself. The Indian user is too casual about the virtual & digital world. Phishing scams are a result of Social Engineering by the hackers. The information passed and shared on the internet & awareness about it is relatively low in the country. A person must be aware, careful & alert while he/she is disseminating the information on the internet. The virtual world should not be considered as harmless because it has its own ways which are unpredictable. And therefore we should act behind our desktops as we would act in physicality or may be a little more cautious. Banks are doing their bit to updating security but unless the user develops understanding it is very difficult on part of the banks to minimise the risk. The Indian user at the moment is very vulnerable to Internet security lapses.