Beruflich Dokumente
Kultur Dokumente
Using the Internet to perform banking functions. Also called electronic banking, virtual banking, and online banking. Cyber banking allows customers to conduct financial transactions from home, business or from the road, on a secure website operated by their retail or virtual bank.
Consumers can use e-banking to check their accounts, pay bills online, secure a loan electronically and much more. E-banking saves users time and money. For banks it offers an inexpensive alternative to branch banking Many physical banks offer home banking services like SBI, Citibank, ICICI, HDFC etc
History
The term online became popular in the late '80s and referred to the use of a terminal, keyboard and TV (or monitor) to access the banking system using a phone line. Online services started in New York in 1981 when four of the citys major banks (Citibank, Chase Manhattan, Chemical and Manufactures Hanover) offered home banking services using the videotex system.
The UKs first home online banking services was set up by the Nottingham Building Society (NBS) in 1983. The system allowed on-line viewing of statements, bank transfers and bill payments.
Virtual Banks
Virtual banks have no physical location, but only conduct online transactions. The world's first fully-functional virtual bank was the Security First Network Bank (SFNB) These banks were designed without a traditional banking infrastructure.
Virtual Banks around the world are: ING Direct U Bank HSBC Direct First Direct
Pricing Online Versus Off-Line Services Pricing issues must be taken into account for providing the different types of services. Mostly computer based banking services are offered free by banks whereas offline services prove to be costlier than online services
No physical presence is required All banks today are encouraging customers to bank online rather than going to the bank and making transactions. 24*7 facility is available Online banking sites never close. They are available 24 hrs a day, seven days a week.
Eliminating paper work Paying bills online does more than save trees. It also helps reduce fuel consumption by the trucks and planes that transport paper checks. Ubiquity If you are out of station or even out of country on a tour or on an official trip, If you are facing money problem, all you have to do is log on to the internet.
Payment system
Automatic transfer of funds to pay monthly utility bills. Like your gas and water bills, the bank automatically allows customer to pay these bills from there bank accounts. Paying bills from online banking accounts. Many people pay there monthly rent and other bills directly into the payees bank account.
Person to Person direct payment. An example of this is Pay Pal, it enable a person to send funds to another individual over the internet.
Disadvantages Contd.
Safety Concerns: In the article titled, "Is Online Banking Safe", cyber scams that may target unsuspecting customers were explored in great detail. Phishing, the presence of malicious software, keylogger issues and security concerns due to weak wireless security networks deter people from opting for Internet banking
Because physical presence of a person is not required, that may pose a problem. Internet required sophisticated technology.
Meant for Tech Savvy People: People belonging to the older generation may not be tech savvy and may find it difficult to adapt to online banking. Continuous up gradation is required otherwise the site will become obsolete.
Banking Risks
Same inherent risk and issues as Internet Banking, primary risks affected
Strategic Transaction Reputation Compliance
Strategic Risk
Determining wireless banking role in delivering products and services Defining risk versus reward goals and objectives Implementing emerging e-banking strategies
Rapidly changing technology standards
Transaction Risk
There are various kinds of transaction risks in cyber space like On line fund transfer done by some one else on your behalf. You yourself do fund transfer but to some phishing site. Stop payment of a cheque is made by someone else. Site not working properly.
1. 2. 3. 4.
Unproven standards can have security weaknesses Encourage customers to use good PIN/Password management practices
Reputation Risk
Reliability of delivery network
Customer acceptance of no-service due to telecommunications issues when they are in areas they expect service - Consumer Expectations Processing and handling of interrupted transactions
Reputation Contd.
This kind of risk is mostly considered in case of HNI (High Net Worth Individual/ High Net Worth Income) client. Because they give bank huge interest as well as business. Bank do not want to let them down.
Compliance Issues
Disclosures The various risk removal methods used by the bank should be compliable to the government.
They should not violate the rules of the country. Privacy concerns for customers.
Fraudulent practices
Many people are involved only in doing fraud. Like they make virus, spyware, trojan horse etc.
Cyber squatting
It means a person can subscribe to a domain name which may be the name of a brand. After that the person can demand more money to the brand, if he will sell that domain name. Eg. Nike, Coke
Email Spamming
Fraud email can be sent to a persons email address. Whether a person wants them or not.
Money Laundering
Money can be sent via the internet from one part of the world to the other part of the world. This is a good way of making white money from black money.
Cyber Intelligence
It is defined as the various methodologies used by a company to eliminate risk in cyber space. It includes many things
Firewall
A firewall is a set of programs, located at a network server that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.
Authentication
Authentication is the process of determining whether someone is, what it is pretended to be. Authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially has an assigned or self-declared password. On each subsequent use, the user has to state that password. The weakness in this system for transactions is that passwords can often be stolen, accidentally revealed, or forgotten. That may pose a problem.
Encryption
Encryption is a process of translating a message, called the Plaintext, into an encoded message, called the Ciphertext. This is usually accomplished using a secret Encryption Key and a cryptographic Cipher. Two basic types of Encryption are commonly used: Symmetric Encryption, where a single secret key is used for both encryption and decryption. Asymmetric Encryption, where a pair of keys is used -- one for Encryption and the other for Decryption.
Active Content Filter (ACF) removes potentially malicious active content (JavaScript, Java) from application content that is displayed in a browser that interprets DHTML. The ACF runs over any application content over which users have control, such as e-mail bodies and subjects or calendar entries. Filtering of mail messages, for example, occurs every time a user opens a message for viewing, replying, or forwarding. The original content of the message is stored in the database and the content is filtered on the fly.
OCTAVE
Operationally Critical Threat, Asset, and Vulnerability Evaluation. It is a suite of tools, techniques, and methods for risk-based information security strategic assessment and planning. The OCTAVE methods are self-directedSmall teams of organizational personnel across business units and IT work together to address the security needs of the organization. flexibleEach method can be tailored to the organization's unique risk environment, security and resiliency objectives, and skill level.