Delivery in day(s): 4
Online Banking Challenges Assignment
This online banking challenges assignment is dealing with the concerns of online banking.It givesthe answerof"what are the security and operational risks to customers and banks of online banking? How can they be countered?"
Security issue is one of the biggest threats that banking as an overall industry faces. e- banking has been able to increase this security risk by multiple times. The process involving online banking is such that it potentially keeps the isolated systems vulnerable to an environment which open as well as risky. The regulatory authorities need to be very careful about these risks and keep a check on them to provide customers a modern banking environment free from any kind of threat. We can discuss some well-known banks for illustrating the situation.
Barclays is a very famous financial institution of United Kingdom which has more than 3.5 million registered users. Due to the abundance in the number of registered users, security is very important for the bank in the field of online banking. For keeping the security risks at check, Barclays has installed software from the world's leader in digital security, Gemalto. This particular software was designed to strengthen online user authentication for the online banking as well as the whole process related to it.
On the other hand some banks like Lloyds TSB try to hedge the security risks owned by the users by providing them with a security assurance. The bank offers the users 100% reimbursement on the amount which a person has lost due to fraudulent e-banking activities.
HSBC, another leading bank and financial institution, also has implemented several security measures which were recently updated to help in keeping the potential threat of online fraud at its lowest level. There are many types of cyber crime found now times. These measures comprise of encryption standards whose complexity exceeds the capability of current computers to crack. HSBC online banking also has very strong firewalls for securing online banking sessions from hackers. Customers need a unique user ID and password for logging in the accounts and then doing his or her online banking transactions.
NatWest is first of the UK’s high street banks which has been able to implement best online information security solution available for protecting their online banking users. The innovative ‘Rapport’ security software from Trusteer is available for online banking customers to download, for free, from the NatWest website.
The security threats for online banking can be broadly classifieds into three categories;
- Security threats which come from serious intention of criminal activity. The examples of this kind of security breaches are fraudulent activities, stealing of financial information which can be sensitive for the customer etc.
- Security threats those come from the casual hackers. This kind of security breach involves defacement of websites or ‘denial of service’ – which crashes a site etc.
- Security threats which stem from internal flaws that exist in the design of the systems and / or set up of the security measures. Examples of this kind of breach of security can be instances where genuine users who do not have any criminal intention can see and transact from other customers’ accounts.
These types of security breaches can act upon a bank’s financial, legal and reputational position severely and can diminish the customer base of the bank substantially.
Though several banks understand that their security system for internet banking is tested by different criminal and hackers hundreds of times a day but damages occurred till now have not been very serious in nature and spread of cyber crime grows exponentially. However various banks should try to build more cautious "burglar alarms", so that their understanding of these types of attacks on their security systems increases which will help them in dealing with the problems in longer run.
Computer systems which are used for internet banking and are most sensitive, especially the computers which are used for transaction of high amount or computers having highly confidential information stored in it are most strongly secured. Hence it can be safely concluded that when the potential loss for a particular bank is most probable, the chance of it actually happening is kept minimized.
Different security threats and other problems which are caused by online banking can be overestimated often. But it also has to be kept in mind that the Internet can be instrumental in doing away with some manual errors by encouraging processes which occur straight from the customers’ systems through banks’ systems. This process helps in decreasing risks associated with the accuracy of data related to the transactions though the chance of a retail user inserting erroneous data still remain with the process. With advancement of online banking, with a focussed concentration on different security threats, huge gains pertaining to security can be obtained.
Operational risk pertaining to online banking originates from the probability of loss of business since the significant problems of integrity or reliability in the system. Security standards adopted by the banks are of utmost importance since miscreants quite frequently try to infiltrate the internal systems of a bank by attacking on their products or systems. These types of attacks happen both internally and externally. If customers do not properly use the online banking system provided by a bank, it may also give rise to operational risks.
Amongst the other operational issues of online banking, a customer can incur losses due to unauthorised access. If the customer claims for the amount of money he or she has lost it will take the form of the direct liability which the bank has to take care of. A number of different types of problems related to access and authentication is also probable while an online banking process is in place.
Authenticating Credentials : Using digital signatures which are based on various encryption algorithms is a method which has been accepted by most of the authorities of authentication. Apart from authenticating the user, the signatures also give the time stamp of the message and help ensuring data integrity as well.
Access level monitoring and control : Access control can be created with the help of the process of supervising the access levels and providing the privilege of access to only sensitive resources and information and services to trusted persons. The users of the online banking are provided with particular level of authorization depending on the credentials of them and in tune with that they can access use resources and services provided by the banks. This helps in stopping unauthorised use of resources and also makes sure that there is better security system present.
Read more about E-Commerce Delivery Resolution Assignment
Since this process can control the tasks a certain person can do, the benefits of this particular way of securing plays a better role. Hence if a certain person does not have the authority to use resources to which they can do some criminal or harmful measures, despite the user identification being wrongly used, the system will not be harmed in any way. The system though is strong is not fool proof yet. The process discussed then has to depend on various choices of the granted accesses.
State Appraisal Functions : The State Appraisal Functions process can be handy in securing the integrity of the data when it is transferred from one system to another. In contrast to the other security processes, this technique works with data which is not encrypted. These functions can be clubbed with a sender’s binary image and state appraisal functions then makes sure that all the parameters which are relevant are utilised when this e system user is executed. This process also helps in validating these parameters which makes sure that only authorised parameter is used. But a problem with this process is if the execution state of a user is somehow compromised, the agents who are not harmful will also be dangerous if such malicious activities are carried out.
Firewalls : Firewalls and filtering routers are used for making sure that only the internet users who have authority to access can access the system. The PIN/TAN system where the PIN represents a password, used for the login and TANs representing one-time passwords to authenticate transactions is also used. These transactions are carried out via web using SSL secured connections.
Conclusion and recommendations
As it can be clearly understood, that online banking can be problematic for banks as well as the regulators. The banks should take the following steps for dealing with these risks:
Banks should adopt a strategy which is practised from the top and is simple and can be widely disseminated. This strategy should also take into account the effects of online banking as well as a process in place for measuring performance against it. Banks should also be aware of the risks they are exposed to and manage them smartly. Doing market research, adoption of systems which are enough capable and scalable. They should also make sure that that their debt crisis management techniques are well prepared to deal with online banking related hassles.
- Bank Administration Institute and the Boston Consulting Group (1995), The Information Superhighway and Retail Banking, Bank Administration Institute, Chicago, IL.
- Barwise, P. (1997), ``Editorial'', The Journal of Brand Management, Vol. 4, No. 4, pp. 220-3.
- Booz, Allen and Hamilton (1996), Internet Banking in Europe: A Survey of Current Use and Future Prospects, London.
- Cooper, R.G., Easingwood, C.J., Edgett, S., Kleinschmidt, E.J. and Storey, C. (1994), "What distinguishes the top performing new products in financial services?'', Journal of Product Innovation Management, Vol. 11 No. 4, pp. 281-99.
- Daniel, E. (1998), ``Online banking: winning the majority'', Journal of Financial Services Marketing, Vol. 2 No. 3, pp. 259-70.
- Storey, C. (1997), ``Online banking: strategic and management challenges'', Long Range Planning, Vol. 30 No. 6, pp. 890-8.
- Negroponte, N. (1995), Being Digital, Knopf Publishing, US.