Online Banking ;challenges and opportunities
Content
CHAPTETR-1
INTRODUCTION
1.1 INTRODUCTION TO ONLINE BANKING
Online banking is an electronic payment system that enables customers of a financial
institution to conduct financial transactions on a website operated by the institution,
such as a retail bank, virtual bank, credit union or building society. Online banking is
also referred as Internet banking, e-banking, virtual banking and by other terms.
To access a financial institution's online banking facility, a customer with Internet
access would need to register with the institution for the service, and set up some
password (under various names) for customer verification. The password for online
banking is normally not the same as for telephone banking. Financial institutions
now routinely allocate customers numbers (also under various names), whether or
not customers have indicated an intention to access their online banking facility.
Customers' numbers are normally not the same as account numbers, because a
number of customer accounts can be linked to the one customer number. The
customer can link to the customer number any account which the customer controls,
which may be cheque, savings, loan, credit card and other accounts. Customer
numbers will also not be the same as any debit or credit card issued by the financial
institution to the customer.
To access online banking, a customer would go to the financial institution's secured
website, and enter the online banking facility using the customer number and
password previously setup. Some financial institutions have set up additional
security steps for access to online banking, but there is no consistency to the
approach adopted.
1.2 HISTORY OF ONLINE BANKING
Online banking was first introduced in the early 1980s in New York. Four major
banks--Citibank, Chase Manhattan, Chemical and Manufacturers Hanover-offered home banking services. Chemical introduced its Pronto services for
individuals and small businesses in 1983. It allowed individual and smallbusiness clients to maintain electronic checkbook registers, see account balances,
and transfer funds between checking and savings accounts. Pronto failed to
attract enough customers to break even and was abandoned in 1989. Other banks
had a similar experience.
1.3 ORIGIN OF ONLINE BANKING
The advent of the Internet and the popularity of personal computers presented both
an opportunity and a challenge for the banking industry.
For years, financial institutions have used powerful computer networks to automate
millions of daily transactions; today, often the only paper record is the customer's
receipt at the point of sale. Now that its customers are connected to the Internet via
personal computers, banks envision similar economic advantages by adapting those
same internal electronic processes to home use.
Banks view online banking as a powerful "value added" tool to attract and retain
new customers while helping to eliminate costly paper handling and teller
interactions in an increasingly competitive banking environment.
Brick-to-click banks
Today, most large national banks, many regional banks and even smaller banks and
credit unions offer some form of online banking, variously known as PC banking,
home banking, electronic banking or Internet banking. Those that do are sometimes
referred to as "brick-to-click" banks, both to distinguish them from brick-and-mortar
banks that have yet to offer online banking, as well as from online or "virtual" banks
that have no physical branches or tellers whatsoever.
The challenge for the banking industry has been to design this new service channel
in such a way that its customers will readily learn to use and trust it. After all, banks
have spent generations earning our trust; they aren't about to risk that on a Web site
that is frustrating, confusing or less than secure.
Most of the large banks now offer fully secure, fully functional online banking for
free or for a small fee. Some smaller banks offer limited access or functionality; for
instance, you may be able to view your account balance and history but not initiate
transactions online. As more banks succeed online and more customers use their
sites, fully functional online banking likely will become as commonplace as
automated teller machines.
1.3 DEVELOPMENT OF ONLINE BANKING THROUGH EVOLUTION OF
INFORMATION TECHNOLOGE &ECOMMERCE
INFORMATION TECHNOLOGY
Many of the largest and most successful banks in the world emerged from the
technical changes that they are able to recognize at an early stage. India’s banking
sector has a long way to go before it can compete globally. Situation is especially
maintained in the late introduction of ICT in India banks. Our information
technology is designed to compete with information technology in the world, and
when we are in the area very quickly, it can be difficult for us to benefit from
liberalization.
Bank, with the right technology to provide timely information to increase
productivity and thus see a competitive advantage. Compete in the economy, which
has been opened, it is certainly the Indian banks to comply with the latest technology
and adapt to its surroundings. Except that the banks need much improved use of
technology to customer-friendly, efficient and competitive in the current authorities
and businesses, they also need the technology to newer products and newer forms of
service and the increasingly dynamic global environment to offer. Information
technology allows banks to build new systems, which bite the needs of many
customers that cannot be considered today.
On-line banking, for example, promises customers to conduct banking transactions
in a direct access to the core of the bank customer account works. Customers to
verify all information, all so far, all the checks, all credit card information.
In the future, the banks freed from the constraints of a delivery channel. They can
create, package, market and product niches, and because the tumbling price of the
technology, they can do so cost-effectively.
Technology gives banks the opportunity to be closer to customers, to a broader range
of services at lower costs, streamline the March belang systems so that all
information in one place where it can be used for the trends that can quickly lead
into new products. Electronic banking data can be gathered and analyzed.
Interactivity allows the consumer to save the settings, directing the development of
truly new products.
The development of I.T has helped the boom of E – Commerce. So it is also
important to know the concept of E – Commerce.
E-COMMERCE
Electronic
commerce,
commonly
known
as e-commerce, ecommerce or e-
commerce, refers to the buying and selling of products or services over electronic
systems such as the Internet and other computer networks. However, the term may
refer to more than just buying and selling products online. It also includes the entire
online process of developing, marketing, selling, delivering, servicing and paying for
products and services. The amount of trade conducted electronically has grown
extraordinarily with widespread Internet usage. The use of commerce is conducted
in this way, spurring and drawing on innovations in electronic funds transfer, supply
chain management, Internet marketing, online transaction processing, electronic data
interchange (EDI), inventory management systems, and automated data collection
systems. Modern electronic commerce typically uses the World Wide Web at least at
one point in the transaction's life-cycle, although it may encompass a wider range of
technologies such as e-mail, mobile devices and telephones as well.
A large percentage of electronic commerce is conducted entirely in electronic form
for virtual items such as access to premium content on a website, but mostly
electronic commerce involves the transportation of physical items in some way.
Online retailers are sometimes known as e-tailors and online retail is sometimes
known as e-tail. Almost all big retailers are now electronically present on the World
Wide Web.
Electronic commerce that takes place between businesses is referred to as businessto-business or B2B. B2B can be open to all interested parties (e.g. commodity
exchange) or limited to specific, pre-qualified participants (private electronic
market). Electronic commerce that takes place between businesses and consumers,
on the other hand, is referred to as business-to-consumer or B2C. This is the type of
electronic commerce conducted by companies such as Amazon.com. Online
shopping is a form of electronic commerce where the buyer is directly online to the
seller's computer usually via the internet. There is no intermediary service involved.
The sale or purchase transaction is completed electronically and interactively in realtime such as in Amazon.com for new books. However in some cases, an
intermediary may be present in a sale or purchase transaction such as the
transactions on eBay.com.
Electronic commerce is generally considered to be the sales aspect of e-business. It
also consists of the exchange of data to facilitate the financing and payment aspects
of business transactions.
E-COMMERCE APPLICATION IN BANKING INDUSTRY
New information technologies and emerging business forces have triggered a
new wave of financial innovation – electronic banking (e-banking). The banking and
financial industry is transforming itself in unpredictable ways (Crane and Bodie
1996), powered in an important way by advances in information technology
(Holland and Westwood 2001). Since the 1980s, commercial banking has
continuously innovated through technology-enhanced products and services, such as
multi-function ATM, tele-banking, electronic transfers and electronic cash cards.
Over the past decade, the Internet has clearly played a critical role in providing
online services and giving rise to a completely new channel. In the internet age, the
extension of commercial banking to the cyberspace is an inevitable development
(Liao and Cheung 2003).
E-banking creates unprecedented opportunities for the banks in the ways they
organize financial product development, delivery and marketing via the internet.
While it offers new opportunities to banks, it also poses many challenges such as the
innovation of IT applications, the blurring of market boundaries, the breaching of
industrial barriers, the entrance of new competitors and the emergence of new
business models (Saatcioglu et al. 2001, Liao and Cheung 2003). Now the speed and
scale of the challenge are rapidly increasing with the pervasiveness of the internet
and the extension of information economy (Holland and Westwood 2001).
Globally, e-commerce growth has been led by the popularity of online shopping
portals like amazon.com and ebay.com but in India that has not been the case. It is
mainly driven by the online travel industry and banking sector. For instance, 29% of
Indian Internet users book airline tickets online and the figure is expected to touch
46% next year. Online rail ticket booking stands at 39% of the total bookings. As far
as banking is concerned, there are 4.6 million online banking users in India. This
figure is expected to go up to over 16 million by 2007-08 that will include both
internet and mobile banking users. According to the Internet and Mobile Association
of India (IAMAI), the e-commerce industry in India is expected to grow to a size of
Rs. 2,300 crore by 2007 against the Rs.1,200 crore. The total number of internet
users which right now is 38.5 million is expected to reach 100 million by 2008.
1.4 NEED OF ONLINE BANKING
Online banking is a great convenience for many people. Whether people use it to
manage traditional accounts or switch all of their banking to an online-only firm, it
is a wonderful improvement over the days when everything had to be done face-toface.
No matter what kind of banking is done online, it starts with a secure web site.
Usually, the bank will have certain requirements to ensure password strength as well.
This and other security measures ensure that online accounts are safe from
tampering. From there, all of the necessary services can be accessed.
Online banking is quite simple once the basics are understood. Depositing money is
simple, and can be done in a number of ways. The most popular method is likely
direct deposit. Many employers offer direct deposit of paychecks, and by providing
them with your online bank account number, your checks will go right into that
account. Other ways of depositing money include bank and wire transfers. Some
accounts even allow customers to mail their checks in.
Paper checks are typically provided with online checking accounts. This, however, is
not likely to be the most common way a customer will access funds. Online bill
payment allows users to pay their bills without mailing checks, and those who use
web-based accounts typically prefer this and other electronic payment methods.
Most types of bills can be paid via a debit card or electronic checks, as well. This
makes it easy to eliminate the need for paper checks entirely. Still, many find it
useful to have a few checks on hand for those few companies that haven’t quite
reached the modern age.
The management of traditional accounts is another common use for online banking.
Most banks offer online access to accounts, and all customers need to do to make
use of the service is sign up through their bank’s site. Once this is done, checking
your balance, seeing which payments have cleared, and other common banking
operations can be done from the computer. This eliminates the need to call or visit
the bank for simple account maintenance needs.
Every online banking interface is slightly different, but all banks try to make things
easy and intuitive for users. It won’t take long for a new user to figure out exactly
how everything works. Sign up for an online bank account or online access to your
current one, and soon you’ll wonder how you could have lived without it.
CHAPTER-2
2.1ONLINE BANING FEATURES
We need to be able to manage our finances from anywhere in the world. Rich online
banking services are much more important than a physical location. Since I have
been doing all of my banking online with quite a few different online banks as I
looked for the best solution, I’ve had a chance to really experiment with what works
and what doesn’t work for us.
Here is a checklist of things to look for in an online bank. Some items you may be
familiar with. Others might be new to you if it isn’t something your current bank
offers.
1. Bill Pay Service - One of the biggest reasons for going with an online bank is to
get really good bill payment services. Different banks handle bill payment different
ways. Here are some things to think about:
A. How many bills are you allowed to pay per month?
B. What are the fees for going over the limit?
C. Can the bill payment send physical checks to merchants who aren’t set up to take
electronic payments?
D. Do checks come from your account or from a third party service? For privacy
reasons, it might be better to be able to pay someone without giving them your bank
account number on the check. On the other hand, if the checks actually come from
your account, the money doesn’t get taken out until the check is cashed.
E. Can you set up reoccurring payments?
2. Electronic Bill Notification – With electronic bills, your merchant (credit card
company, gas company, electric company, etc.) sends an electronic bill to your bank.
You can set it up to pay automatically or notify you for approval. This can be
particularly good for people who are on the road because it reduces the amount of
physical mail you have to somehow get read or forwarded to you.
3. Online Check Images – Most banks will show you an image of the check, which
makes it really easy to balance your account if you can’t remember what a particular
payment was for. (Ideally, you should minimize the number of physical checks you
write to reduce fraud.)
4. Online Deposit Slip Images – Most banks just record the total with no image. It
will let you see an image of each deposit slip. Having the images available can be
very helpful if you ever have to prove something for tax purposes or need to
remember where that $2581 deposit came from.
5. Reporting Tools – Most banks offer basic reporting tools that will let you see how
much you have spent in each category you’ve created. This may not be an issue if
you use desktop money management software, but it still can be handy if you are
traveling and want to see how much you’ve paid on your mortgage over the past 12
months.
6. Linked Accounts – Can you link your bank account with a brokerage account?
Can you add your minor children as custodial accounts and manage them all
centrally? If you and your spouse both set them up IRAs, is it easy to view them both
alongside the rest of your finances, or do you have to have a separate login for each
IRA to keep them on separate SSNs? These are small things that many banks don’t
support, but it starts getting really complicated when you have to manage a bunch of
accounts instead of having a single place to manage all of your money.
7. Convenient Deposit Methods - Since you may not be anywhere near the physical
location of your bank, make sure you understand how to deposit money. Payroll can
be set up on direct deposit, but there will be times when you need to deposit checks.
Does the bank provide postage paid envelopes and deposit slips? Some banks work
with FedEx or UPS stores to allow you to send in a deposit overnight for free.
8. Low ATM Fees and Convenient Locations – If you need to get cash, will the
bank refund the ATM fees? Are there only certain ATMs that are free, and if so, are
they located near places you normally go? Are the ATMs available nationwide so you
can use them on vacation? What are the fees for using the ATM internationally and
how is the exchange rate handled?
9. Integration with Desktop Software – If you use Microsoft Money, Quicken or
something similar, you’ll want to make sure your bank supports it. Make sure you
understand if downloading transactions require you to login and manually download
a file, or if your money management software can directly connect and download
new transactions. If you are using Quicken on a Mac, make sure the bank is paying
Quickens extortion fee so the files will work with Mac users.
10. Many Account Types – Some banks only offer basic checking and savings
accounts. Ideally you want a bank that makes it easy to open money market accounts,
IRAs, health savings accounts, etc. If you have to go to another institution to open a
different type of account, it is more difficult to manage–especially if you are on the
road. You want to be able to easily open a CD to take advantage of a higher interest
rate, easily open an IRA to help reduce your tax liability, etc.
11. Free Money Transfers – Be sure to consider how easy it is to move money in
and out of the account. You should be able to set up links with your accounts from
other institutions to transfer money back and forth as necessary. Make sure you
understand what type of fees are associated with these transfers. Good banks should
allow a certain number of transfers per month with no fee.
12. Security Balanced with Convenience - Some banks spend so much effort trying
to keep things secure that you’ll find yourself automatically logged out of their
website while you try to balance your account. You want security but you don’t want
it to get in the way of you doing your banking. Also check into what type of
additional security features are available. For example, some banks will offer you an
RSA keychain with a number that changes every 60 seconds. In addition to your
password, you will need the number from that key in order to get access to your
account.
13. Ease of Use – This is something that most banks seem to struggle with. Right
now I have my personal account with one online bank and my business accounts with
another. I dread using the business accounts and I absolutely love using my personal
account. At first I thought I was just more familiar with the bank where my personal
accounts are, but I finally realize that it comes down to the ease of use. One is ok and
the other is superb, but it makes a big difference.
2.2ADVANTAGES OF ONLINE BANKING TO BANKS AS WELL
AS CUSTOMERS
ADVANTAGES TO BANKS
OVERVIEW
Online banking has enjoyed increased popularity, and some banks actually require it.
From standard, brick-and-mortar institutions to cloud managed institutions, online
banking offers flexibility and convenience for all involved
Each visit to a bank costs the institution money, whether in bank teller wages and
benefits to security costs to maintenance costs. Online banking reduces those costs
and increases the bank’s profit margin.
Online banking reduces the need for the number of physical locations and services
offered within each. Because Customer Service Departments are united into fewer
locations, asset sharing within those locations further reduce bank costs.
More Customers
Through online banking, better service levels and strategic marketing
initiatives, banks are able to reach out to more customers than possible through
traditional banking through physical location branches.
Online Only Products and Services
Leveragability--and amenability of new technologies, tools and widespread
broadband Internet acceptance--has made it possible for banks to offer a whole host
of online only products and services to customers, such as CDs, e-bank statements,
financial calculators, and personal finance news feeds.
Broader Customer Base
Banking online has afforded customers user-friendly features of Websites,
robust security technologies, privacy protection measures, and mainstream Internet
acceptance. Banks can reach out to a broader customer base beyond the geographical
confines of their locations or base operations.
Attractive Rates and Incentives
Better management practices, consolidated operations and streamlined savings
from managing and delivering online banking services allow banks to offer attractive
rates and other incentives to customers.
Cost Savings
Banks save a significant amount of operational capital from not having to
open brick and mortar branches in new locations and far-flung areas. These savings
are passed onto the consumer in the form of reduced or no fees for inter-bank and
even intra-bank money transfers, no fees for online payment of utilities' bills, and
cash-back options on frequent use of online-applied bank credit cards.
ADVANTAGES TO CUSTOMER
At a time where it seems like you can do just about anything on the internet, it seems only right to be
to get your banking needs done online. Let’s look at the advantages of online
banking versus going to a physical bank branch.
1. Convenience
able
Sometimes there just isn’t enough time in the day to get everything you need-to-do
done, that’s why convenience is one of the biggest advantages of online banking.
With business hours ranging from approximately 9am to 6pm, shorter hours on
Saturday, and often closed on Sundays, making a trip to the bank can easily become
a difficult task for customers with a regular 9 – 5 work schedule. Instead of running
around town, trying to make it to the bank before they close, just login online and
get your banking done whenever it’s convenient for you.
2. No Lines
One of the things most people dislike about banks is waiting in line. It is not
uncommon to find yourself waiting in line at a bank, waiting to be helped. By
banking online, you don’t have to wait in line to get your baking done, leaving you
with more time to get other things done.
3. Availability
With online banking, you can keep track of your money much easier because your
account information is available anytime online. To get your balance, simply login to
your account. Avoid getting stuck waiting for the bank to open again, having to visit
an ATM, or calling a time consuming customer service number to get the same
information. You can even save money, since some ATMs and customer service calls
charge a small fee to get your account balance.
4 .Ubiquity
If you're out of state or even out of the country when a money problem arises, you
can log on instantly to your online bank and take care of business, 24/7.
5.Transaction speed
Online bank sites generally execute and confirm transactions at or quicker than ATM
processing speeds.
6.Efficiency:
You can access and manage all of your bank accounts, including IRAs, CDs, even
securities, from one secure site.
7.Effectiveness:
Many online banking sites now offer sophisticated tools, including account
aggregation, stock quotes, rate alerts and portfolio managing programs to help you
manage all of your assets more effectively. Most are also compatible with money
managing programs such as Quicken and Microsoft Money.
2.3DISADVANTAGES OF ONLINE BANIKING
1.Start-up may take time:
In order to register for your bank's online program, you will probably have to
provide ID and sign a form at a bank branch. If you and your spouse wish to view
and manage your assets together online, one of you may have to sign a durable
power of attorney before the bank will display all of your holdings together.
2.Learning curve:
Banking sites can be difficult to navigate at first. Plan to invest some time and/or
read the tutorials in order to become comfortable in your virtual lobby.
3.Bank site changes:
Even the largest banks periodically upgrade their online programs, adding new
features in unfamiliar places. In some cases, you may have to re-enter account
information.
4.The trust thing:
For many people, the biggest hurdle to online banking is learning to trust it. Did my
transaction go through? Did I push the transfer button once or twice? Best bet:
always print the transaction receipt and keep it with your bank records until it shows
up on your personal site and/or your bank statement.
2.4 HOW DOES ONLINE BANKINK WORK?
Online banking provides many identical services that a traditional bank does with
the biggest difference is in teller availability: Human tellers leave; electronic tellers
—the websites—are available virtually all day, everyday—weekends and holidays,
included.
Online Banking Structure:
Online banking mirrors traditional banking procedures in many instances, and in
some, actually improves security and reduces both banks’ and customer’s costs.
In electronic form, online banking still allows:
1. Deposits to the account, whether via payroll deposits or funds transfers.
2. Bill payments via automatic payment schedules or individually ordered payments.
Most bill pay users opt for the bank-generated checks, but payments can be ordered
in a one off situation or scheduled regularly.
3. Statement formats can be electronic or paper; most who prefer online banking
choose the electronic statements for convenience and reduced paper use.
4. Wire transfers to accounts within and without the bank’s structure, though some
banks charge additional transaction fees for wire transfers.
5. Differing services depending on the individual financial institute.
Online Actions
All online banking transactions are initiated by creating an online account
identity. Account login name and password creation is followed by choosing and
answering security questions. It’s not recommended that security questions and
answers be common or known by others; they should have unique answers, whether
historically true or not.
For example, if a user chooses a security question, “What is the name your first
elementary school,” choose an answer that is not the actual name or the actual
elementary school. Use instead the name of another school or anything else that is
easily remembered.
Provide an email address that is not tied to an Internet Service Provider. If the user
changes ISPs, that email address will be lost. Instead, use a free email address that
can last for as long as the user chooses.
Once the security aspects are in place and verified, look around the bank’s website
and note important areas, such as:
1. Account activity
2. Statement delivery change areas
3. Customer Service options
4. Bill pay procedures, if any
5. And any other area provided on the website.
Online banking often reduces funds availability delays and hastens resolution to
disputes and inquiries. While some complaints and problems do require human
intervention, Customer Service Agents are available for longer during a calendar day
than local branch personnel are.
Online banking differs from traditional banking when physical checks or cash is
deposited; human interaction via a drive thru lane or at the counter is required.
Cashier checks, traveler checks, and money orders cannot be purchased from the
institution via online banking, but because all transactions allowed are electronic,
tracking and accountability are easily provided.
2.4CHALLENGES OF ONLINE BANKING
Information technology analyst firm, the Meta Group, recently reported that
"financial institutions who don't offer home banking by the year 2000 will become
marginalized." By the year of 2002, a large sophisticated and highly competitive
Internet Banking Market will develop which will be driven by
Demand side pressure due to increasing access to low cost electronic
services.
Emergence of open standards for banking functionality.
Growing customer awareness and need of transparency.
Global players in the fray
Close integration of bank services with web based E-commerce or even
disintermediation of services through direct electronic payments (E- Cash).
More convenient international transactions due to the fact that the Internet
along with general deregulation trends, eliminate geographic boundaries.
Move from one stop shopping to 'Banking Portfolio' i.e. unbundled product
purchases.
Online security of financial data has evolved tremendously since the early
days of online banking, and often transactions can be even more secure than
those conducted in a drive thru lane.
Online banking transactions require not only a secure login but also require
secured password entry. In-person transactions are based on account
information and a photo ID, both of which can be obtained “under the
radar.”Online banking transactions also track the Internet Protocol (IP)
address of the computer used in the transaction. The IP can be traced to the
method or mode of Internet access, often through an Internet Service
Provider who always notes activity, computer, and actions performed under
that IP address assigned to the ISP account holder. Whether a dynamic or
changing IP address or a static or unchanging IP address is used, the ISP
always records what IP address is assigned to what ISP account at any time.
Comprehensive Help sections on banks’ websites often reduce on-location
inquiries, further reducing overhead costs for banking institutions.
Additional service enrollment or dis-enrollment, address updates, and
account status and verification are all time saving activities for both the bank
and the banking customer.
Online Bill Pay processes reduce stolen or counterfeit checks which cost
banks billions of dollars every month. Each online bill pay transaction
allows for a grace period from the payment order date to the actual check
delivery date, which also allows the account holder additional time to
preview activity and account status.
Certainly some existing brick and mortar banks will go out of business. But
that's because they fail to respond to the challenge of the Internet. The
Internet and it's underlying technologies will change and transform not just
banking, but all aspects of finance and commerce. It represents much more
than a new distribution opportunity. It will enable nimble players to leverage
their brick and mortar presence to improve customer satisfaction and gain
share. It will force lethargic players who are struck with legacy cost basis,
out of business-since they are unable to bring to play in the new context.
DEVELOPMENT:
Increasingly, more and more people are switching to electronic platforms for
executing financial transactions. The wider usage of cell phone and internet certainly
seems to be playing a role in blurring physical boundaries, and unlocking a whole
new world of opportunities for banks in tapping newer customer segments and in
recording greater volume of transactions.
If latest RBI data on retail electronic payment systems is anything to go by,
electronic banking is set to become the catalyst for change in the way money moves.
Provisional data show that in FY09 to January, a total of 5,587.85 lakh transactions
were executed through the electronic channel, a rise of 234.76 lakh transactions over
the previous fiscal.
This growth was facilitated by the introduction of real-time gross transfer (RTGS)
and national electronic funds transfer (NEFT), which enabled fund transfers among
account
holders
of
the
same
bank
as
well
as
inter-bank
transfers.
The growth has also been aided by banks' efforts to offer innovative services and
tighten security measures, and the increase in awareness of services available. RBI
outlining guidelines on mobile banking, setting up of the National Payments
Corporation of India and passage of the Payments and Settlement Act too have given
a positive thrust to the growth in electronic payments. The impact of all these
measures is likely to be felt in the current fiscal, which may well mean FY10 could
become a watershed year for e-banking. While opinions of industry players differ on
whether FY10 will indeed prove to be a tipping point, there seems to be consensus
that the year would mark a critical phase in the evolution of the payments and
settlement systems in India. "FY10 will certainly herald an important phase for
electronic banking in India and an upsurge in internet and ATM transactions," says
Ashvin Parekh, partner and national industry leader, financial services, Ernst &
Young. "At the same time, traditional fund transfer will continue to hold its own. We
are going to witness a co-existence of these two systems. In the regulatory space,
there will be huge changes. As and when India Pay, which will eventually settle
credit card and ATM transactions, comes into the picture, we could witness a gradual
shift away from Visa and MasterCard." The implementation of core banking
solutions by all public sector banks has not only helped banks rationalise their costs,
but has also allowed them to explore new ways of optimally utilising their resources.
Core banking, which facilitates linking up of a bank's branches across the country,
has enabled banks to improve their efficiency.
"Now, decisions can be taken remotely and the activities too can be undertaken in a
centralised location. This means that branches need not spend time on processing
transactions and other back office operations, and rather utilise the time and
resources to function as selling outlets. Centralised operations benefit from
economies of scale and help in reducing bank costs," explains Janmejaya Sinha,
managing director of India operations, Boston Consulting Group.
2.5OPPORTUNITIES IN ONLINE (E-BANKING)
It has always been a chicken-and-egg dilemma in business. Either firms wait
for the market to mature until customers are ready for the products and services. Or,
firms can go ahead and offer the products and services, hoping that their customers
will catch on soon.
The same is true for new products and services that have emerged and
continue to emerge in the world of electronic banking (e-banking). Banking
executives interviewed by BusinessWorld Online have different ways of resolving
the issue. Some would go ahead with new ideas, wanting to take the first-mover
advantage. Others would wait in the sidelines, but armed nevertheless just in the
case the market take up suddenly increases.
into a chick. Technology providers are always up on their toes, like
chicken ready to ca Is There a Future Whether first-movers or
latecomers, there is one partner in the e-banking game that is not
waiting for the chicken to lay the egg, or wait for the egg to hatch
in Online Banking?
By this point, no one can dismiss online banking as a fad. However, it is worth
considering whether the trend towards online financial transactions is going to slow
or reverse in the years to come. There will continue to be people who resist online
banking in favor of offline transactions just as there are people who prefer to keep
their money in mattresses instead of putting it in banks. Whether these people will
exert serious influence on the movement towards online banking can be examined
by looking at the needs of modern consumers, and the interests of the banks
themselves.
The Move to Online Business
The global connectivity provided by the internet, combined with the fallout from the
global financial crisis has encouraged a growing number of entrepreneurs to start
their own businesses online. As an increasing number of people look to save
themselves from unemployment or augment otherwise insufficient salaries by
finding new ways to make money online, they will require new ways to send,
receive, and invest their online funds.
The Rise of Mobile Banking
As handheld mobile devices become more sophisticated, users are experimenting
with more sophisticated transactions. Moving beyond ringtone downloads;
consumers can now shop online and purchase software upgrades and augmentations
through app stores. In addition to this buying and selling, anyone with a web
browser on their phone can access their bank’s online banking site to move and
manage their money in more locations than ever before.
Staffing Solutions
As banks consolidate and grow larger, they are looking for more ways to cut costs,
and reducing the number of full-time employees on their payroll is an attractive
option. Encouraging customers to do their banking online allows banks to close
smaller branches in outlying locations and use economies of scale to develop
customer assistance centers in locations where the labor market is more favorable.
Physical Footprints
Online banking is also more attractive to banks because a reduced physical footprint
means reduced costs in other areas. In addition to saving the money that would
normally be associated with operating and maintaining physical branches, no longer
having to print and mail paper statements to customers would be a huge savings for
banks. As an added bonus, banks have been able to take advantage of current proenvironment sentiment by marketing online banking as a “green” alternative.
By appealing to more mobile customers and more cost-conscious financial service
providers alike, online banking continues to be an attractive option for everyone
involved. However, when discussing the internet it is dangerous to assume that
everything is going to be moved online; there will always be individuals, industries,
and transactions that are grounded in the real world with no desire to change the way
they do business.
Growth of Internet
The increase in the growth of internet usage will definitely help the cause of growth
of online banking in India. The following chart shows the growth of internet in India
during the past decade or so
YEAR
Users
Population
% Penetration
1998
1,400,000
1,094,870,677
0.1 %
1999
2,800,000
1,094,870,677
0.3 %
2000
5,500,000
1,094,870,677
0.5 %
2001
7,000,000
1,094,870,677
0.7 %
2002
16,500,000
1,094,870,677
1.6 %
2003
22,500,000
1,094,870,677
2.1 %
2004
39,200,000
1,094,870,677
3.6 %
2005
50,600,000
1,112,225,812
4.5 %
2006
40,000,000
1,112,225,812
3.6 %
2007
42,000,000
1,129,667,528
3.7 %
CHAPTER-4
4.1 MAIN & IMPORTANTCONCERNS RELATING TO ONLINE
BANKING
In a survey conducted by the Online Banking Association, member institutions rated
security as the most important issue of online banking. There is a dual requirement
to protect customers' privacy and protect against fraud. Banking Securely: Online
Banking via the World Wide Web provides an overview of Internet commerce and
how one company handles secure banking for its financial institution clients and
their customers. Some basic information on the transmission of confidential data is
presented in Security and Encryption on the Web. PC Magazine Online also offers a
primer: How Encryption Works. A multi-layered security architecture comprising
firewalls, filtering routers, encryption and digital certification ensures that your
account information is protected from unauthorised access:
Firewalls and filtering routers ensure that only the legitimate Internet users are
allowed to access the system.
Encryption techniques used by the bank (including the sophisticated public
key encryption) would ensure that privacy of data flowing between the
browser and the Infinity system is protected.
Digital certification procedures provide the assurance that the data you receive
is from the Infinity system.
Security concerns:
Security fears have served as deterrents to online growth. Of particular concern are
threats of pharming and phishing. Phishing is an internet fraud, through which
innocent people are enticed to divulge their personal information like user ID and
passwords, which are later on used by scammers in unauthorized ways.
The most common method of phishing is sending emails claiming to be from your
bank or other financial institutions which are dealing that already has your personal
information and you will be asked to confirm the details by clicking a particular link
(URL) provided in this fake email. This URL will take you to a fake website which
will be similar to your genuine website, and the information provided by the
customer in the forms provided in the fake website will be gathered and used for
committing fraud in their accounts or withdraw funds unauthorizedly from these
accounts.
Pharming is another internet fraud, whereby as many as users as possible are
redirected before they reach the legitimate online banking websites they intend to
visit and they are lead to malicious ones. The bogus sites to which victims are
redirected without their knowledge or consent, will likely looks the same as genuine
site. But when users enter their login name or password, the information is captured
by criminals.
4.2 FURTHER PROBLEMS RELATING TO NET BANKING IN
INDIA
Given that India is the IT and tech services outsourcing hotspot of the world, it's
surprising that Internet banking has not really taken off. Despite the advent of a very
tech-savvy and vast consumer class in recent years, a mix of industry issues and
unique challenges continue to thwart the expansion of net banking in India.
Technology challenges, IT practices, certain cultural issues, industry lethargy, and
workplace constraints have affected widespread acceptance of Internet banking.
1.Low Broadband Internet Penetration
India has one of the lowest broadband connectivity penetration rates in Asia as
compared to Japan, Taiwan, Korea and Singapore. While the bigger cities such as
Mumbai, Delhi, Chennai, and Bangalore have relatively better broadband
penetration rates, PC users in smaller cities and towns still use dial-up options to
connect to the Internet. Slow connectivity speeds often dampen the online banking
experience for many customers eager to use such services.
2.Banks' Ambivalent Commitment Levels
Internet banking did take off in India at the turn of the millennium but soon faltered
due to lack of takers. In the middle of this decade, multinational and domestic
private banks started offering net banking services as a competitive differentiator.
Only recently, state-owned and public sector banks have started doing likewise.
However, banks' ambivalent commitment levels and their reluctance to allocate huge
budgets for net banking branding initiatives, as well as a lack of industry advocacy
efforts, have resulted in poor acceptance levels of Internet banking by customers.
3.Customers' Preference for Traditional Branches
There are thousands of highly active traditional bank branches in India's crowded
cities and major towns. Office workers take longer lunch breaks to finish banking
activities and transactions at these branches rather than conduct them online. Most
customers prefer the personal touch and customized service offered by staff in brickand-mortar bank branches. Many Indians are also averse to calling call centers and
banks' customer contact lines to address issues related to online bank accounts.
4.Fear of Online Threats/Scams
Ubiquitous and prevalent online threats about hackers, identity theft, stolen
passwords, viruses, worms and spyware tend to make customers wary just like in
any other country. Conservative Indian bank customers used to years of saving in an
erstwhile mixed-socialist economy are always fearful of losing hard-earned savings
in online scams. These customers are also not sure about the efficacy of banks'
websites and their commitment to allocate funds for reliable encryption mechanisms
and robust back-end technologies and systems.
5.Other Problems
Workplace constraints and corporate policies about using external websites or
pursing personal activities such as online banking have affected its expected fastpaced acceptance among the growing affluent class in India. Cultural issues, such as
parents giving priority use of the home PC to their children rather than using it
themselves, stifle the potential growth of home access to Internet banking services.
Public sector banks with vast customer bases also don't tend to invest money in
training personnel for e-banking initiatives, resulting in poor customer service levels.
4.2 SOLUTION TO THE PROBLEMS IN NET BANKING
Here are some simple tips to prevent you from falling into the trap of cyber
criminals. Remember, a simple ignorance or oversight can make a huge dent in your
hard- earned savings.
Securing your account: Avoid online banking on unsecured wifi systems and
operate only from PCs at home. Never reveal password to anyone. Do not
even write it on a piece of paper on diary. Just memorise it. It should be
alphanumeric and change it frequently.
Never reply to queries from bank online about account or personal details. The
personal information should not be kept in a public computer or in emails.
Phishing: A person's personal details are obtained by fraudsters posing as
bankers, who float a site similar to that of the person's bank. They are asked to
provide all personal information about themselves and their account to the
bank on the pretext of database upgradation. The number and password are
then used to carry out transactions on their behalf without their knowledge.
Phishing involves using a form of spam to fraudulently gain access to people's
online banking details. As well as targeting online banking customers, phishing
emails may target online auction sites or other online payment facilities. Typically, a
phishing email will ask an online banking customer to follow a link in order to
update personal bank account details. If the link is followed, the victim downloads a
program which captures his or her banking login details and sends them to a third
party.
Spam: Spam is an electronic 'junk mail' or unwanted messages sent to your
email account or mobile phone. These messages vary, but are essentially
commercial and often annoying in their sheer volume. They may try to
persuade you to buy a product or service, or visit a website where you can
make purchases; or they may attempt to trick you into divulging your bank
account or credit card details.
Nigerian Scam: Nigerian or Frauds 409 or 419 are basically the lottery scam
in which some overseas persons are involved to cheat innocent persons or
organizations by promising to give a good amount of money at nominal fee
charges. Their intention is to steal money in the form of fee against the lottery
prize.
Spyware:
Spyware such as Trojan horse is generally considered to be
software that is secretly installed on a computer and takes things from it
without the permission or knowledge of the user. Spyware may take personal
information, business information, bandwidth; or processing capacity and
secretly gives it to someone else.
"Trojan Horse" scheme unfolds when malicious software (malware) embeds to a
consumer's computer without the consumer being aware of it. Trojans often come in
links or as attachments from unknown email senders. After installation the software
detects when a person accesses online banking sites and records the username and
password to transmit to the offender. People using public computers, in places like
Internet cafes, are often susceptible to Trojans like malware or spyware.
Check sites Url: Always check the URL of your bank's web site. Fraudsters
can lure you to enter your user ID and password at a fake website that
resembles your bank. If you see anything other than the bank's genuine URL,
it has to be fake.
Never enter your user ID or password or such sensitive information without
ascertaining that you are on the right website. Always type the Web address of your
bank into the browser address space. Never click on the link in the email.
Fool-proof password: Change your online banking password at regular
intervals. Also, avoid easy-to-guess passwords, like first names, birthdays,
kid's or spouse's name and telephone numbers. Try to have an alpha-numeric
password, one that combines alphabets and numbers.
If you have several bank accounts, never use the same online banking password for
all. Never select the option on browser that stores or retains user name and
password. As it can easily be cracked by cyber criminals. Also, never paste your
password, always type it in. This little amount of `finger exercise' will go a long way
in safety.
Always check 'last logged': Most banks have a 'last logged in' panel on their
websites. If your bank has it, check the panel whenever you log in. If you
notice irregularities (like you are logging in after two days, but the panel says
you logged in that morning!), report the matter immediately to your bank and
change your password right away.
Always log out when you exit the online banking portal. Close the browser to ensure
that your secure session is terminated. Never exit simply by closing the browser.
Keep your system up to date: Regularly check for security updates for your
computer operating system. Most security updates are aimed at reducing risks
to your computer, these may be data-related or otherwise. Make sure that your
operating system and browser have the latest security patches installed. And,
always install these only from trusted websites.
Install a personal firewall to prevent hackers from gaining unauthorised access to
your computer, especially if you connect to the Internet through a cable or a DSL
modem.
Public access can be injurious: Don't leave the PC unattended after keying
in information while transacting on the website. Avoid accessing your bank
online at cyber cafes or on a share or public computer. Also, avoid locations
that offer online connections through wireless networks (Wi-Fi), where
privacy and security are minimal.
Follow Bank instructions: Banks say that appropriate upgradations are
carried out from time to time by their IT departments for risk mitigation. They
issue instructions to the customers to manage their accounts through virtual
keyboards by way of which the characters typed by them are not identified by
hackers. SMS alerts are also an important tool since any transaction carried
out on account is reported to the account holder through an SMS.
Protection: Learn the ways to protect yourself from online banking fraud schemes.
Detect Trojans that appear on your PC in the form of viruses, spyware or malware
through Antivirus Software, anti Spyware, and Adware. Also, learn to keep your
cards, documents and passwords safe, and monitor your accounts to safeguard
yourself from bank fraud committed through identity theft.
4.3 INTERNET BANKING GUIDELINES INDIA
Reserve Bank of India had set up a ‘Working Group on Internet Banking’ to examine
different aspects of Internet Banking (I-banking). The Group had focused on three
major areas of I-banking, i.e.
(i) technology and security issues,
(ii) legal issues and
(iii) regulatory and supervisory issues.
RBI has accepted the recommendations of the Group to be implemented in a phased
manner. Accordingly, the following guidelines are issued for implementation by
banks. Banks are also advised that they may be guided by the original report, for a
detailed guidance on different issues.
I. Technology and Security Standards:
a. Banks should designate a network and database administrator with clearly
defined roles as indicated in the Group’s report.
b. Banks should have a security policy duly approved by the Board of Directors.
There should be a segregation of duty of Security Officer / Group dealing
exclusively with information systems security and Information Technology
Division which actually implements the computer systems. Further,
Information Systems Auditor will audit the information systems.
c. Banks should introduce logical access controls to data, systems, application
software, utilities, telecommunication lines, libraries, system software, etc.
Logical access control techniques may include user-ids, passwords, smart
cards or other biometric technologies.
d. At the minimum, banks should use the proxy server type of firewall so that
there is no direct connection between the Internet and the bank’s system. It
facilitates a high level of control and in-depth monitoring using logging and
auditing tools. For sensitive systems, a state full inspection firewall is
recommended which thoroughly inspects all packets of information, and past
and present transactions are compared. These generally include a real time
security alert.
e. All the systems supporting dial up services through modem on the same LAN
as the application server should be isolated to prevent intrusions into the
network as this may bypass the proxy server.
f. PKI (Public Key Infrastructure) is the most favoured technology for secure
Internet banking services. However, as it is not yet commonly available, banks
should use the following alternative system during the transition, until the PKI
is put in place:
1. Usage of SSL (Secured Socket Layer), which ensures server
authentication and use of client side certificates issued by the banks
themselves using a Certificate Server.
2. The use of at least 128-bit SSL for securing browser to web server
communications and, in addition, encryption of sensitive data like
passwords in transit within the enterprise itself. (Para 6.4.5)
g. It is also recommended that all unnecessary services on the application server
such as FTP (File Transfer Protocol), telnet should be disabled. The
application server should be isolated from the e-mail server. (Para 6.4.6)
h. All computer accesses, including messages received, should be logged.
Security violations (suspected or attempted) should be reported and follow up
action taken should be kept in mind while framing future policy. Banks should
acquire tools for monitoring systems and the networks against intrusions and
attacks. These tools should be used regularly to avoid security breaches. The
banks should review their security infrastructure and security policies
regularly and optimize them in the light of their own experiences and
changing technologies. They should educate their security personnel and also
the end-users on a continuous basis.
i. The information security officer and the information system auditor should
undertake periodic penetration tests of the system, which should include:
1. Attempting to guess passwords using password-cracking tools.
2. Search for back door traps in the programs.
3. Attempt to overload the system using DDoS (Distributed Denial of
Service) & DoS (Denial of Service) attacks.
4. Check if commonly known holes in the software, especially the browser
and the e-mail software exist.
j. The penetration testing may also be carried out by engaging outside experts
(often called ‘Ethical Hackers’).
k. Physical access controls should be strictly enforced. Physical security should
cover all the information systems and sites where they are housed, both
against internal and external threats.
l. Banks should have proper infrastructure and schedules for backing up data.
The backed-up data should be periodically tested to ensure recovery without
loss of transactions in a time frame as given out in the bank’s security policy.
Business continuity should be ensured by setting up disaster recovery sites.
These facilities should also be tested periodically.
m. All applications of banks should have proper record keeping facilities for legal
purposes. It may be necessary to keep all received and sent messages both in
encrypted and decrypted form.
n. Security infrastructure should be properly tested before using the systems and
applications for normal operations. Banks should upgrade the systems by
installing patches released by developers to remove bugs and loopholes, and
upgrade to newer versions which give better security and control.
II. Legal Issues
a. Considering the legal position prevalent, there is an obligation on the part of
banks not only to establish the identity but also to make enquiries about
integrity and reputation of the prospective customer. Therefore, even though
request for opening account can be accepted over Internet, accounts should be
opened only after proper introduction and physical verification of the identity
of the customer.
b. From a legal perspective, security procedure adopted by banks for
authenticating users needs to be recognized by law as a substitute for
signature. In India, the Information Technology Act, 2000, in Section 3(2)
provides for a particular technology (viz., the asymmetric crypto system and
hash function) as a means of authenticating electronic record. Any other
method used by banks for authentication should be recognized as a source of
legal risk.
c. Under the present regime there is an obligation on banks to maintain secrecy
and confidentiality of customers‘ accounts. In the Internet banking scenario,
the risk of banks not meeting the above obligation is high on account of
several factors. Despite all reasonable precautions, banks may be exposed to
enhanced risk of liability to customers on account of breach of secrecy, denial
of service etc., because of hacking/ other technological failures. The banks
should, therefore, institute adequate risk control measures to manage such
risks.
d. In Internet banking scenario there is very little scope for the banks to act on
stop-payment instructions from the customers. Hence, banks should clearly
notify to the customers the timeframe and the circumstances in which any
stop-payment instructions could be accepted.
e. The Consumer Protection Act, 1986 defines the rights of consumers in India
and is applicable to banking services as well. Currently, the rights and
liabilities of customers availing of Internet banking services are being
determined by bilateral agreements between the banks and customers.
Considering the banking practice and rights enjoyed by customers in
traditional banking, banks’ liability to the customers on account of
unauthorized transfer through hacking, denial of service on account of
technological failure etc. needs to be assessed and banks providing Internet
banking should insure themselves against such risks.
III. Regulatory and Supervisory Issues:
As recommended by the Group, the existing regulatory framework over banks will
be extended to Internet banking also. In this regard, it is advised that:
1. Only such banks which are licensed and supervised in India and have a
physical presence in India will be permitted to offer Internet banking products
to residents of India. Thus, both banks and virtual banks incorporated outside
the country and having no physical presence in India will not, for the present,
be permitted to offer Internet banking services to Indian residents.
2. The products should be restricted to account holders only and should not be
offered in other jurisdictions.
3. The services should only include local currency products.
4. The ‘in-out’ scenario where customers in cross border jurisdictions are offered
banking services by Indian banks (or branches of foreign banks in India) and
the ‘out-in’ scenario where Indian residents are offered banking services by
banks operating in cross-border jurisdictions are generally not permitted and
this approach will apply to Internet banking also. The existing exceptions for
limited purposes under FEMA i.e. where resident Indians have been permitted
to continue to maintain their accounts with overseas banks etc. will, however,
be permitted.
Given the regulatory approach as above, banks are advised to follow the following
instructions:
a. All banks, who propose to offer transactional services on the Internet should
obtain prior approval from RBI. Bank’s application for such permission
should indicate its business plan, analysis of cost and benefit, operational
arrangements like technology adopted, business partners, third party service
providers and systems and control procedures the bank proposes to adopt for
managing risks. The bank should also submit a security policy covering
recommendations made in this circular and a certificate from an independent
auditor that the minimum requirements prescribed have been met. After the
initial approval the banks will be obliged to inform RBI any material changes
in the services / products offered by them.
b. Banks will report to RBI every breach or failure of security systems and
procedure and the latter, at its discretion, may decide to commission special
audit / inspection of such banks.
c. The guidelines issued by RBI on ‘Risks and Controls in Computers and
Telecommunications’ vide circular DBS.CO.ITC.BC. 10/ 31.09.001/ 97-98
dated 4th February 1998 will equally apply to Internet banking. The RBI as
supervisor will cover the entire risks associated with electronic banking as a
part of its regular inspections of banks.
d. Banks should develop outsourcing guidelines to manage risks arising out of
third party service providers, such as, disruption in service, defective services
and personnel of service providers gaining intimate knowledge of banks’
systems and misutilizing the same, etc., effectively.
e. With the increasing popularity of e-commerce, it has become necessary to set
up ‘Inter-bank Payment Gateways’ for settlement of such transactions. The
protocol for transactions between the customer, the bank and the portal and
the framework for setting up of payment gateways as recommended by the
Group should be adopted.
f. Only institutions who are members of the cheque clearing system in the
country will be permitted to participate in Inter-bank payment gateways for
Internet payment. Each gateway must nominate a bank as the clearing bank to
settle all transactions. Payments effected using credit cards, payments arising
out of cross border e-commerce transactions and all intra-bank payments (i.e.,
transactions involving only one bank) should be excluded for settlement
through an inter-bank payment gateway.
g. Inter-bank payment gateways must have capabilities for both net and gross
settlement. All settlement should be intra-day and as far as possible, in real
time.
h. Connectivity between the gateway and the computer system of the member
bank should be achieved using a leased line network (not through Internet)
with appropriate data encryption standard. All transactions must be
authenticated. Once, the regulatory framework is in place, the transactions
should be digitally certified by any licensed certifying agency. SSL / 128 bit
encryption must be used as minimum level of security. Reserve Bank may get
the security of the entire infrastructure both at the payment gateway’s end and
the participating institutions’ end certified prior to making the facility
available for customers use.
i. 2. The Reserve Bank of India have decided that the Group’s recommendations
as detailed in this circulars should be adopted by all banks offering Internet
banking services, with immediate effect. Even though the recommendations
have been made in the context of Internet banking, these are applicable, in
general, to all forms of electronic banking and banks offering any form of
electronic banking should adopt the same to the extent relevant.
j. 3. All banks offering Internet banking are advised to make a review of their
systems in the light of this circular and report to Reserve Bank the types of
services offered, extent of their compliance with the recommendations,
deviations and their proposal indicating a time frame for compliance. The first
such report must reach us within one month from the date of this circular.
Banks not offering any kind of I-banking may submit a ‘nil’ report.
k. 4. Banks who are already offering any kind of transactional service are
advised to report, in addition to those mentioned in paragraph above, their
business models with projections of cost / benefits etc. and seek our post-facto
approval.
CHAPTER-5
CASE STUDIES
1. Email password Hacking-
One day a lady came to cyber cell office and reported that she and her
brothers e-mail ID’S had been hacked by someone she suspected him to be her
husband. The lady had already lodged a case against him for dowry and was pending
for trial in Bhopal court.
The suspect had hacked lady’s and her brother e-mail ID account and copied all the
information to his e-mail and produced selected e-mails to claim that . she was
happy with him and case of dowry is a false one .
To malign the image of her brother the suspect sent a copy of FIR lodged against
him at police station Habibganj. This indicated that the husband of the lady was
behind the whole affair but police had not any evidence against him.
Cyber cell started enquiry by an order of IGP and obtained the login logs from
rediff.com .The logs indicated that the email IDs password were changed and
anonymous emails were sent from the house of lady’s husband and sent from his.
Cyber cell registered a case under section 66 IT act and submitted Challan has been
filed against the suspect and trial is over.
Court has hold the conviction against the suspect Sabrish Pillai but found that the
matter came before the court as Sabrish was having family dispute with his wife and
the, act of hacking was not against the society at large, Hence let him free after
warning.
2. Internet Lottery Fraud :
MP Cyber police has investigated several case of cheating through Internet
lottery offer which is commonly known as Nigerian 419 scam. In this kind of
cheating the culprits used to send bulk emails, bulk SMS to millions of users using
software, stating that the receiver has won lottery worth thousands of pounds or
dollars which comes out to be crores of Indian rupees, in a lucky draw. They used to
create fake lottery winning certificate using logo and text from original website,
which seems to be original at a glance. This kind of sending bulk emails or SMS is
an act of commonly known as Phishing attack. Those who are lured by such offer
often tempted to contact them. The culprits then ask the target to fill a form and thus
receive all the personal information of the target and asks him to deposit token
money in various names to earn the lottery prize. The target who is hoping to earn
huge amount of money finds these charges to be minimal. The culprit asks the target
to deposit money in the name yellow tag, custom clearance UN anti terrorism
certificate, RBI charges or any other name they feel it to suitable to convince the
target. The culprits ask the target to deposit in various bank accounts and once the
money is deposited by the target it is withdrawn same day by the suspect.
After losing lakhs of amount people come to know that they are being cheated. In
this kind of cheating the contact number are usually taken in the fake names or in the
other Indian guys name, account are being opened in the fake names or acquired on
the basis of commission by fooling the account holders.
Mp cyber police has investigated the case of Internet lottery fraud and arrested
Nigerian national Godspower from Meharauli Delhi with the suspected mobile used
for communication, one laptop, printer and box used for black dollar scam.
Mp cyber police has investigated the case of Internet lottery fraud Crime no 07/09
420,468,34 IPC and crime no 05/10 420,468,34 AIPC and arrested Nigerian national
Idiiogbe Joseph from Mumbai with the suspected mobile used for communication,
laptop, fake Income tax certificate and seals.
Apart from the above MPCP is investigating two more such cases in which
suspects are being monitored and efforts are being made to arrest them.
CHAPTER-6
DATA ANALYSIS
A survey was conducted on online banking in India for the primary data
among 25 people. The analysis of this survey or data is as follows:Q. What kind of banking do you prefer?
14
12
10
8
6
4
2
0
Traditional
Online
Both
POLL out of 25: Traditional – 5 ; Online – 8 ; Both – 12
FINDINGS: This shows us the preference of the people towards the type of
banking. They prefer to use the services of both the online and traditional banking
rather than a particular type.
Q. Do you think online banking is better than traditional banking?
YES
NO
CAN'T SAY
POLL out of 25: Yes - 13; No - 5; Can’t Say – 7
FINDINGS: The people understand that online banking is better than the traditional
banking because of its nature. While a few of the people are still not fully convinced.
Q. Do you feel you account is secured in online banking?
12
10
8
6
4
2
0
YES
NO
CANT SAY
Poll out of 25: Yes - 11; No - 7; Can’t Say – 7
FINDINGS: Majority of the people think that their Account is secured, but not all.
Their security concern should be eradicated. This will attract customers.
Q. How frequently do you use banking services?
12
10
8
6
4
2
0
WEEKLY
MONTHLY REGULARLY
RARELY
POLL out of 25: Weekly - 5; Monthly - 11; Regularly - 2; Rarely – 7
FINDINGS: Most of the people do not need the services of banks regularly or
maybe there is no need. They may transact with the bank on monthly basis for most
of the time.
Q. How happy are you with services of online banking provided by your bank?
10
8
6
4
2
0
COMPLETELY
PARTIALLY
FAIRLY
NOT AT ALL
POLL out of 25: Completely - 4; Partially - 9; Fairly - 9; Not at all - 3
FINDINGS: The satisfaction level of people with the online banking services of
their banks has a mixed review. This may be due to multiple reasons.
Q. What type of transaction do you make in online banking?
POLL out of 25: Check balances - 11; Payments - 7; Transfer of fund - 2; Other -5
FINDINGS: The utility of the online banking is service is not used to the extent is
should be and it is being majorly used for the purpose of checking the balance in the
account. The reason for this is the low volume of transaction among the people.
CHAPTER-7
RECOMMENDATIONS & CONCLUSIONS
CONCLUSION:
People are not confident enough to whether to rely completely on online
banking. There is hesitancy in their minds with regards to preference. So they
use both the techniques of banking i.e. Online and Traditional.
Because of the complexity and the unawareness in the people regarding the
online banking, there is less utilization of the online banking services provided
by the banks.
People are not sure whether their account is completely secured in online
banking. Security concern is the main and the core reason why people do not
tend to use online banking.
People in India are not aware of the full utility of online banking and the
services that can be availed of in online banking.
Most of the Indian population are salaries employees who do not have that
volume of transaction that can be used for online transaction.
RECOMMENDATION:
After analyzing the entire study on online banking with respect to both the primary
and the secondary data, the following recommendations can be put forth: The infrastructure for the development is not being implemented in way that
could be beneficial.
There are various obstacles in the banking scenario with regards to guidelines
and issues for functioning. This has led to decline in the usage of the online
banking service of the banks.
The people having accounts can be urged to take up an internet banking
facility. They should be motivated rather than just being told that there exists a
service of online banking.
There are more people who are not actually aware of all the benefits that they
reap out of the transaction of online banking. They should be proper
awareness.
Most of the people o not count online banking due the problems of security
concerns. Proper security software should be developed and people should be
convinced that their accounts are secured in online transactions.
CHAPTER-8
BIBLIOGRAPHY
WEBSITES:
http://www.onlinebanking.net/online-banking-services/
http://www.productivity501.com/choosing-online-bank/244/
http://www.thewisdomjournal.com/Blog/pros-and-cons-of-onlinebanking/
http://www.networkmagazineindia.com/200302/feature.shtml
www.google.com
REFERENCE BOOKS:
R.K. UPPAL
BANKING WITH TECHNOLOGY
NEW CENTURY PUBLICATIONS
NEW DELHI
CHAPTER-9
APPENDIX
ONLINE BANKING IN INDIA (Survey)
Q.1 WHICH BANK DO YOU HAVE AN ACCOUNT?
(1 – Private sector bank; 2 – Public sector bank; 3 – Other)
Q.2 WHAT KIND OF BANKING DO YOU PREFER?
(1 – Traditional; 2 – Online; 3 – Both)
Q.3 DO YOU THINK ONLINE BANKING IS USEFUL?
(1 – Yes; 2 – No; 3 – Can’t say)
Q.4 HOW FREQUENTLY DO YOU USE BANKING SERVICES?
(1 – Weekly; 2 – Monthly; 3 – Regularly; 4 – Rarely)
Q.5 DO YOU THINK ONLINE BANKING IS BETTER THAN TRADITIONAL BANKING?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.6 DO YOU FEEL ONLINE BANKING HAS A GROWTH POTENTIAL IN INDIA?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.7 WHAT TYPE OF TRANSACTION DO YOU MAKE IN ONLINE BANKING?
(1 – Check balances; 2 – Make payments; 3 – Transfer funds; 4 – Other)
Q.8 DO YOU FEEL YOUR ACCOUNT IS COMPLETELY SECURED IN ONLINE BANKING?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.9 ARE YOU HAPPY WITH THE SERVICES OF ONLINE BANKING PROVIDED BY YOUR BANK?
(1 – Completely; 2 – Partially; 3 – Fairly; 4 – Not at all)
Q.10 FOR ME ONLINE BANKING IS
NAME:
EMAIL ID:
PHONE:
INTRODUCTION
1.1 INTRODUCTION TO ONLINE BANKING
Online banking is an electronic payment system that enables customers of a financial
institution to conduct financial transactions on a website operated by the institution,
such as a retail bank, virtual bank, credit union or building society. Online banking is
also referred as Internet banking, e-banking, virtual banking and by other terms.
To access a financial institution's online banking facility, a customer with Internet
access would need to register with the institution for the service, and set up some
password (under various names) for customer verification. The password for online
banking is normally not the same as for telephone banking. Financial institutions
now routinely allocate customers numbers (also under various names), whether or
not customers have indicated an intention to access their online banking facility.
Customers' numbers are normally not the same as account numbers, because a
number of customer accounts can be linked to the one customer number. The
customer can link to the customer number any account which the customer controls,
which may be cheque, savings, loan, credit card and other accounts. Customer
numbers will also not be the same as any debit or credit card issued by the financial
institution to the customer.
To access online banking, a customer would go to the financial institution's secured
website, and enter the online banking facility using the customer number and
password previously setup. Some financial institutions have set up additional
security steps for access to online banking, but there is no consistency to the
approach adopted.
1.2 HISTORY OF ONLINE BANKING
Online banking was first introduced in the early 1980s in New York. Four major
banks--Citibank, Chase Manhattan, Chemical and Manufacturers Hanover-offered home banking services. Chemical introduced its Pronto services for
individuals and small businesses in 1983. It allowed individual and smallbusiness clients to maintain electronic checkbook registers, see account balances,
and transfer funds between checking and savings accounts. Pronto failed to
attract enough customers to break even and was abandoned in 1989. Other banks
had a similar experience.
1.3 ORIGIN OF ONLINE BANKING
The advent of the Internet and the popularity of personal computers presented both
an opportunity and a challenge for the banking industry.
For years, financial institutions have used powerful computer networks to automate
millions of daily transactions; today, often the only paper record is the customer's
receipt at the point of sale. Now that its customers are connected to the Internet via
personal computers, banks envision similar economic advantages by adapting those
same internal electronic processes to home use.
Banks view online banking as a powerful "value added" tool to attract and retain
new customers while helping to eliminate costly paper handling and teller
interactions in an increasingly competitive banking environment.
Brick-to-click banks
Today, most large national banks, many regional banks and even smaller banks and
credit unions offer some form of online banking, variously known as PC banking,
home banking, electronic banking or Internet banking. Those that do are sometimes
referred to as "brick-to-click" banks, both to distinguish them from brick-and-mortar
banks that have yet to offer online banking, as well as from online or "virtual" banks
that have no physical branches or tellers whatsoever.
The challenge for the banking industry has been to design this new service channel
in such a way that its customers will readily learn to use and trust it. After all, banks
have spent generations earning our trust; they aren't about to risk that on a Web site
that is frustrating, confusing or less than secure.
Most of the large banks now offer fully secure, fully functional online banking for
free or for a small fee. Some smaller banks offer limited access or functionality; for
instance, you may be able to view your account balance and history but not initiate
transactions online. As more banks succeed online and more customers use their
sites, fully functional online banking likely will become as commonplace as
automated teller machines.
1.3 DEVELOPMENT OF ONLINE BANKING THROUGH EVOLUTION OF
INFORMATION TECHNOLOGE &ECOMMERCE
INFORMATION TECHNOLOGY
Many of the largest and most successful banks in the world emerged from the
technical changes that they are able to recognize at an early stage. India’s banking
sector has a long way to go before it can compete globally. Situation is especially
maintained in the late introduction of ICT in India banks. Our information
technology is designed to compete with information technology in the world, and
when we are in the area very quickly, it can be difficult for us to benefit from
liberalization.
Bank, with the right technology to provide timely information to increase
productivity and thus see a competitive advantage. Compete in the economy, which
has been opened, it is certainly the Indian banks to comply with the latest technology
and adapt to its surroundings. Except that the banks need much improved use of
technology to customer-friendly, efficient and competitive in the current authorities
and businesses, they also need the technology to newer products and newer forms of
service and the increasingly dynamic global environment to offer. Information
technology allows banks to build new systems, which bite the needs of many
customers that cannot be considered today.
On-line banking, for example, promises customers to conduct banking transactions
in a direct access to the core of the bank customer account works. Customers to
verify all information, all so far, all the checks, all credit card information.
In the future, the banks freed from the constraints of a delivery channel. They can
create, package, market and product niches, and because the tumbling price of the
technology, they can do so cost-effectively.
Technology gives banks the opportunity to be closer to customers, to a broader range
of services at lower costs, streamline the March belang systems so that all
information in one place where it can be used for the trends that can quickly lead
into new products. Electronic banking data can be gathered and analyzed.
Interactivity allows the consumer to save the settings, directing the development of
truly new products.
The development of I.T has helped the boom of E – Commerce. So it is also
important to know the concept of E – Commerce.
E-COMMERCE
Electronic
commerce,
commonly
known
as e-commerce, ecommerce or e-
commerce, refers to the buying and selling of products or services over electronic
systems such as the Internet and other computer networks. However, the term may
refer to more than just buying and selling products online. It also includes the entire
online process of developing, marketing, selling, delivering, servicing and paying for
products and services. The amount of trade conducted electronically has grown
extraordinarily with widespread Internet usage. The use of commerce is conducted
in this way, spurring and drawing on innovations in electronic funds transfer, supply
chain management, Internet marketing, online transaction processing, electronic data
interchange (EDI), inventory management systems, and automated data collection
systems. Modern electronic commerce typically uses the World Wide Web at least at
one point in the transaction's life-cycle, although it may encompass a wider range of
technologies such as e-mail, mobile devices and telephones as well.
A large percentage of electronic commerce is conducted entirely in electronic form
for virtual items such as access to premium content on a website, but mostly
electronic commerce involves the transportation of physical items in some way.
Online retailers are sometimes known as e-tailors and online retail is sometimes
known as e-tail. Almost all big retailers are now electronically present on the World
Wide Web.
Electronic commerce that takes place between businesses is referred to as businessto-business or B2B. B2B can be open to all interested parties (e.g. commodity
exchange) or limited to specific, pre-qualified participants (private electronic
market). Electronic commerce that takes place between businesses and consumers,
on the other hand, is referred to as business-to-consumer or B2C. This is the type of
electronic commerce conducted by companies such as Amazon.com. Online
shopping is a form of electronic commerce where the buyer is directly online to the
seller's computer usually via the internet. There is no intermediary service involved.
The sale or purchase transaction is completed electronically and interactively in realtime such as in Amazon.com for new books. However in some cases, an
intermediary may be present in a sale or purchase transaction such as the
transactions on eBay.com.
Electronic commerce is generally considered to be the sales aspect of e-business. It
also consists of the exchange of data to facilitate the financing and payment aspects
of business transactions.
E-COMMERCE APPLICATION IN BANKING INDUSTRY
New information technologies and emerging business forces have triggered a
new wave of financial innovation – electronic banking (e-banking). The banking and
financial industry is transforming itself in unpredictable ways (Crane and Bodie
1996), powered in an important way by advances in information technology
(Holland and Westwood 2001). Since the 1980s, commercial banking has
continuously innovated through technology-enhanced products and services, such as
multi-function ATM, tele-banking, electronic transfers and electronic cash cards.
Over the past decade, the Internet has clearly played a critical role in providing
online services and giving rise to a completely new channel. In the internet age, the
extension of commercial banking to the cyberspace is an inevitable development
(Liao and Cheung 2003).
E-banking creates unprecedented opportunities for the banks in the ways they
organize financial product development, delivery and marketing via the internet.
While it offers new opportunities to banks, it also poses many challenges such as the
innovation of IT applications, the blurring of market boundaries, the breaching of
industrial barriers, the entrance of new competitors and the emergence of new
business models (Saatcioglu et al. 2001, Liao and Cheung 2003). Now the speed and
scale of the challenge are rapidly increasing with the pervasiveness of the internet
and the extension of information economy (Holland and Westwood 2001).
Globally, e-commerce growth has been led by the popularity of online shopping
portals like amazon.com and ebay.com but in India that has not been the case. It is
mainly driven by the online travel industry and banking sector. For instance, 29% of
Indian Internet users book airline tickets online and the figure is expected to touch
46% next year. Online rail ticket booking stands at 39% of the total bookings. As far
as banking is concerned, there are 4.6 million online banking users in India. This
figure is expected to go up to over 16 million by 2007-08 that will include both
internet and mobile banking users. According to the Internet and Mobile Association
of India (IAMAI), the e-commerce industry in India is expected to grow to a size of
Rs. 2,300 crore by 2007 against the Rs.1,200 crore. The total number of internet
users which right now is 38.5 million is expected to reach 100 million by 2008.
1.4 NEED OF ONLINE BANKING
Online banking is a great convenience for many people. Whether people use it to
manage traditional accounts or switch all of their banking to an online-only firm, it
is a wonderful improvement over the days when everything had to be done face-toface.
No matter what kind of banking is done online, it starts with a secure web site.
Usually, the bank will have certain requirements to ensure password strength as well.
This and other security measures ensure that online accounts are safe from
tampering. From there, all of the necessary services can be accessed.
Online banking is quite simple once the basics are understood. Depositing money is
simple, and can be done in a number of ways. The most popular method is likely
direct deposit. Many employers offer direct deposit of paychecks, and by providing
them with your online bank account number, your checks will go right into that
account. Other ways of depositing money include bank and wire transfers. Some
accounts even allow customers to mail their checks in.
Paper checks are typically provided with online checking accounts. This, however, is
not likely to be the most common way a customer will access funds. Online bill
payment allows users to pay their bills without mailing checks, and those who use
web-based accounts typically prefer this and other electronic payment methods.
Most types of bills can be paid via a debit card or electronic checks, as well. This
makes it easy to eliminate the need for paper checks entirely. Still, many find it
useful to have a few checks on hand for those few companies that haven’t quite
reached the modern age.
The management of traditional accounts is another common use for online banking.
Most banks offer online access to accounts, and all customers need to do to make
use of the service is sign up through their bank’s site. Once this is done, checking
your balance, seeing which payments have cleared, and other common banking
operations can be done from the computer. This eliminates the need to call or visit
the bank for simple account maintenance needs.
Every online banking interface is slightly different, but all banks try to make things
easy and intuitive for users. It won’t take long for a new user to figure out exactly
how everything works. Sign up for an online bank account or online access to your
current one, and soon you’ll wonder how you could have lived without it.
CHAPTER-2
2.1ONLINE BANING FEATURES
We need to be able to manage our finances from anywhere in the world. Rich online
banking services are much more important than a physical location. Since I have
been doing all of my banking online with quite a few different online banks as I
looked for the best solution, I’ve had a chance to really experiment with what works
and what doesn’t work for us.
Here is a checklist of things to look for in an online bank. Some items you may be
familiar with. Others might be new to you if it isn’t something your current bank
offers.
1. Bill Pay Service - One of the biggest reasons for going with an online bank is to
get really good bill payment services. Different banks handle bill payment different
ways. Here are some things to think about:
A. How many bills are you allowed to pay per month?
B. What are the fees for going over the limit?
C. Can the bill payment send physical checks to merchants who aren’t set up to take
electronic payments?
D. Do checks come from your account or from a third party service? For privacy
reasons, it might be better to be able to pay someone without giving them your bank
account number on the check. On the other hand, if the checks actually come from
your account, the money doesn’t get taken out until the check is cashed.
E. Can you set up reoccurring payments?
2. Electronic Bill Notification – With electronic bills, your merchant (credit card
company, gas company, electric company, etc.) sends an electronic bill to your bank.
You can set it up to pay automatically or notify you for approval. This can be
particularly good for people who are on the road because it reduces the amount of
physical mail you have to somehow get read or forwarded to you.
3. Online Check Images – Most banks will show you an image of the check, which
makes it really easy to balance your account if you can’t remember what a particular
payment was for. (Ideally, you should minimize the number of physical checks you
write to reduce fraud.)
4. Online Deposit Slip Images – Most banks just record the total with no image. It
will let you see an image of each deposit slip. Having the images available can be
very helpful if you ever have to prove something for tax purposes or need to
remember where that $2581 deposit came from.
5. Reporting Tools – Most banks offer basic reporting tools that will let you see how
much you have spent in each category you’ve created. This may not be an issue if
you use desktop money management software, but it still can be handy if you are
traveling and want to see how much you’ve paid on your mortgage over the past 12
months.
6. Linked Accounts – Can you link your bank account with a brokerage account?
Can you add your minor children as custodial accounts and manage them all
centrally? If you and your spouse both set them up IRAs, is it easy to view them both
alongside the rest of your finances, or do you have to have a separate login for each
IRA to keep them on separate SSNs? These are small things that many banks don’t
support, but it starts getting really complicated when you have to manage a bunch of
accounts instead of having a single place to manage all of your money.
7. Convenient Deposit Methods - Since you may not be anywhere near the physical
location of your bank, make sure you understand how to deposit money. Payroll can
be set up on direct deposit, but there will be times when you need to deposit checks.
Does the bank provide postage paid envelopes and deposit slips? Some banks work
with FedEx or UPS stores to allow you to send in a deposit overnight for free.
8. Low ATM Fees and Convenient Locations – If you need to get cash, will the
bank refund the ATM fees? Are there only certain ATMs that are free, and if so, are
they located near places you normally go? Are the ATMs available nationwide so you
can use them on vacation? What are the fees for using the ATM internationally and
how is the exchange rate handled?
9. Integration with Desktop Software – If you use Microsoft Money, Quicken or
something similar, you’ll want to make sure your bank supports it. Make sure you
understand if downloading transactions require you to login and manually download
a file, or if your money management software can directly connect and download
new transactions. If you are using Quicken on a Mac, make sure the bank is paying
Quickens extortion fee so the files will work with Mac users.
10. Many Account Types – Some banks only offer basic checking and savings
accounts. Ideally you want a bank that makes it easy to open money market accounts,
IRAs, health savings accounts, etc. If you have to go to another institution to open a
different type of account, it is more difficult to manage–especially if you are on the
road. You want to be able to easily open a CD to take advantage of a higher interest
rate, easily open an IRA to help reduce your tax liability, etc.
11. Free Money Transfers – Be sure to consider how easy it is to move money in
and out of the account. You should be able to set up links with your accounts from
other institutions to transfer money back and forth as necessary. Make sure you
understand what type of fees are associated with these transfers. Good banks should
allow a certain number of transfers per month with no fee.
12. Security Balanced with Convenience - Some banks spend so much effort trying
to keep things secure that you’ll find yourself automatically logged out of their
website while you try to balance your account. You want security but you don’t want
it to get in the way of you doing your banking. Also check into what type of
additional security features are available. For example, some banks will offer you an
RSA keychain with a number that changes every 60 seconds. In addition to your
password, you will need the number from that key in order to get access to your
account.
13. Ease of Use – This is something that most banks seem to struggle with. Right
now I have my personal account with one online bank and my business accounts with
another. I dread using the business accounts and I absolutely love using my personal
account. At first I thought I was just more familiar with the bank where my personal
accounts are, but I finally realize that it comes down to the ease of use. One is ok and
the other is superb, but it makes a big difference.
2.2ADVANTAGES OF ONLINE BANKING TO BANKS AS WELL
AS CUSTOMERS
ADVANTAGES TO BANKS
OVERVIEW
Online banking has enjoyed increased popularity, and some banks actually require it.
From standard, brick-and-mortar institutions to cloud managed institutions, online
banking offers flexibility and convenience for all involved
Each visit to a bank costs the institution money, whether in bank teller wages and
benefits to security costs to maintenance costs. Online banking reduces those costs
and increases the bank’s profit margin.
Online banking reduces the need for the number of physical locations and services
offered within each. Because Customer Service Departments are united into fewer
locations, asset sharing within those locations further reduce bank costs.
More Customers
Through online banking, better service levels and strategic marketing
initiatives, banks are able to reach out to more customers than possible through
traditional banking through physical location branches.
Online Only Products and Services
Leveragability--and amenability of new technologies, tools and widespread
broadband Internet acceptance--has made it possible for banks to offer a whole host
of online only products and services to customers, such as CDs, e-bank statements,
financial calculators, and personal finance news feeds.
Broader Customer Base
Banking online has afforded customers user-friendly features of Websites,
robust security technologies, privacy protection measures, and mainstream Internet
acceptance. Banks can reach out to a broader customer base beyond the geographical
confines of their locations or base operations.
Attractive Rates and Incentives
Better management practices, consolidated operations and streamlined savings
from managing and delivering online banking services allow banks to offer attractive
rates and other incentives to customers.
Cost Savings
Banks save a significant amount of operational capital from not having to
open brick and mortar branches in new locations and far-flung areas. These savings
are passed onto the consumer in the form of reduced or no fees for inter-bank and
even intra-bank money transfers, no fees for online payment of utilities' bills, and
cash-back options on frequent use of online-applied bank credit cards.
ADVANTAGES TO CUSTOMER
At a time where it seems like you can do just about anything on the internet, it seems only right to be
to get your banking needs done online. Let’s look at the advantages of online
banking versus going to a physical bank branch.
1. Convenience
able
Sometimes there just isn’t enough time in the day to get everything you need-to-do
done, that’s why convenience is one of the biggest advantages of online banking.
With business hours ranging from approximately 9am to 6pm, shorter hours on
Saturday, and often closed on Sundays, making a trip to the bank can easily become
a difficult task for customers with a regular 9 – 5 work schedule. Instead of running
around town, trying to make it to the bank before they close, just login online and
get your banking done whenever it’s convenient for you.
2. No Lines
One of the things most people dislike about banks is waiting in line. It is not
uncommon to find yourself waiting in line at a bank, waiting to be helped. By
banking online, you don’t have to wait in line to get your baking done, leaving you
with more time to get other things done.
3. Availability
With online banking, you can keep track of your money much easier because your
account information is available anytime online. To get your balance, simply login to
your account. Avoid getting stuck waiting for the bank to open again, having to visit
an ATM, or calling a time consuming customer service number to get the same
information. You can even save money, since some ATMs and customer service calls
charge a small fee to get your account balance.
4 .Ubiquity
If you're out of state or even out of the country when a money problem arises, you
can log on instantly to your online bank and take care of business, 24/7.
5.Transaction speed
Online bank sites generally execute and confirm transactions at or quicker than ATM
processing speeds.
6.Efficiency:
You can access and manage all of your bank accounts, including IRAs, CDs, even
securities, from one secure site.
7.Effectiveness:
Many online banking sites now offer sophisticated tools, including account
aggregation, stock quotes, rate alerts and portfolio managing programs to help you
manage all of your assets more effectively. Most are also compatible with money
managing programs such as Quicken and Microsoft Money.
2.3DISADVANTAGES OF ONLINE BANIKING
1.Start-up may take time:
In order to register for your bank's online program, you will probably have to
provide ID and sign a form at a bank branch. If you and your spouse wish to view
and manage your assets together online, one of you may have to sign a durable
power of attorney before the bank will display all of your holdings together.
2.Learning curve:
Banking sites can be difficult to navigate at first. Plan to invest some time and/or
read the tutorials in order to become comfortable in your virtual lobby.
3.Bank site changes:
Even the largest banks periodically upgrade their online programs, adding new
features in unfamiliar places. In some cases, you may have to re-enter account
information.
4.The trust thing:
For many people, the biggest hurdle to online banking is learning to trust it. Did my
transaction go through? Did I push the transfer button once or twice? Best bet:
always print the transaction receipt and keep it with your bank records until it shows
up on your personal site and/or your bank statement.
2.4 HOW DOES ONLINE BANKINK WORK?
Online banking provides many identical services that a traditional bank does with
the biggest difference is in teller availability: Human tellers leave; electronic tellers
—the websites—are available virtually all day, everyday—weekends and holidays,
included.
Online Banking Structure:
Online banking mirrors traditional banking procedures in many instances, and in
some, actually improves security and reduces both banks’ and customer’s costs.
In electronic form, online banking still allows:
1. Deposits to the account, whether via payroll deposits or funds transfers.
2. Bill payments via automatic payment schedules or individually ordered payments.
Most bill pay users opt for the bank-generated checks, but payments can be ordered
in a one off situation or scheduled regularly.
3. Statement formats can be electronic or paper; most who prefer online banking
choose the electronic statements for convenience and reduced paper use.
4. Wire transfers to accounts within and without the bank’s structure, though some
banks charge additional transaction fees for wire transfers.
5. Differing services depending on the individual financial institute.
Online Actions
All online banking transactions are initiated by creating an online account
identity. Account login name and password creation is followed by choosing and
answering security questions. It’s not recommended that security questions and
answers be common or known by others; they should have unique answers, whether
historically true or not.
For example, if a user chooses a security question, “What is the name your first
elementary school,” choose an answer that is not the actual name or the actual
elementary school. Use instead the name of another school or anything else that is
easily remembered.
Provide an email address that is not tied to an Internet Service Provider. If the user
changes ISPs, that email address will be lost. Instead, use a free email address that
can last for as long as the user chooses.
Once the security aspects are in place and verified, look around the bank’s website
and note important areas, such as:
1. Account activity
2. Statement delivery change areas
3. Customer Service options
4. Bill pay procedures, if any
5. And any other area provided on the website.
Online banking often reduces funds availability delays and hastens resolution to
disputes and inquiries. While some complaints and problems do require human
intervention, Customer Service Agents are available for longer during a calendar day
than local branch personnel are.
Online banking differs from traditional banking when physical checks or cash is
deposited; human interaction via a drive thru lane or at the counter is required.
Cashier checks, traveler checks, and money orders cannot be purchased from the
institution via online banking, but because all transactions allowed are electronic,
tracking and accountability are easily provided.
2.4CHALLENGES OF ONLINE BANKING
Information technology analyst firm, the Meta Group, recently reported that
"financial institutions who don't offer home banking by the year 2000 will become
marginalized." By the year of 2002, a large sophisticated and highly competitive
Internet Banking Market will develop which will be driven by
Demand side pressure due to increasing access to low cost electronic
services.
Emergence of open standards for banking functionality.
Growing customer awareness and need of transparency.
Global players in the fray
Close integration of bank services with web based E-commerce or even
disintermediation of services through direct electronic payments (E- Cash).
More convenient international transactions due to the fact that the Internet
along with general deregulation trends, eliminate geographic boundaries.
Move from one stop shopping to 'Banking Portfolio' i.e. unbundled product
purchases.
Online security of financial data has evolved tremendously since the early
days of online banking, and often transactions can be even more secure than
those conducted in a drive thru lane.
Online banking transactions require not only a secure login but also require
secured password entry. In-person transactions are based on account
information and a photo ID, both of which can be obtained “under the
radar.”Online banking transactions also track the Internet Protocol (IP)
address of the computer used in the transaction. The IP can be traced to the
method or mode of Internet access, often through an Internet Service
Provider who always notes activity, computer, and actions performed under
that IP address assigned to the ISP account holder. Whether a dynamic or
changing IP address or a static or unchanging IP address is used, the ISP
always records what IP address is assigned to what ISP account at any time.
Comprehensive Help sections on banks’ websites often reduce on-location
inquiries, further reducing overhead costs for banking institutions.
Additional service enrollment or dis-enrollment, address updates, and
account status and verification are all time saving activities for both the bank
and the banking customer.
Online Bill Pay processes reduce stolen or counterfeit checks which cost
banks billions of dollars every month. Each online bill pay transaction
allows for a grace period from the payment order date to the actual check
delivery date, which also allows the account holder additional time to
preview activity and account status.
Certainly some existing brick and mortar banks will go out of business. But
that's because they fail to respond to the challenge of the Internet. The
Internet and it's underlying technologies will change and transform not just
banking, but all aspects of finance and commerce. It represents much more
than a new distribution opportunity. It will enable nimble players to leverage
their brick and mortar presence to improve customer satisfaction and gain
share. It will force lethargic players who are struck with legacy cost basis,
out of business-since they are unable to bring to play in the new context.
DEVELOPMENT:
Increasingly, more and more people are switching to electronic platforms for
executing financial transactions. The wider usage of cell phone and internet certainly
seems to be playing a role in blurring physical boundaries, and unlocking a whole
new world of opportunities for banks in tapping newer customer segments and in
recording greater volume of transactions.
If latest RBI data on retail electronic payment systems is anything to go by,
electronic banking is set to become the catalyst for change in the way money moves.
Provisional data show that in FY09 to January, a total of 5,587.85 lakh transactions
were executed through the electronic channel, a rise of 234.76 lakh transactions over
the previous fiscal.
This growth was facilitated by the introduction of real-time gross transfer (RTGS)
and national electronic funds transfer (NEFT), which enabled fund transfers among
account
holders
of
the
same
bank
as
well
as
inter-bank
transfers.
The growth has also been aided by banks' efforts to offer innovative services and
tighten security measures, and the increase in awareness of services available. RBI
outlining guidelines on mobile banking, setting up of the National Payments
Corporation of India and passage of the Payments and Settlement Act too have given
a positive thrust to the growth in electronic payments. The impact of all these
measures is likely to be felt in the current fiscal, which may well mean FY10 could
become a watershed year for e-banking. While opinions of industry players differ on
whether FY10 will indeed prove to be a tipping point, there seems to be consensus
that the year would mark a critical phase in the evolution of the payments and
settlement systems in India. "FY10 will certainly herald an important phase for
electronic banking in India and an upsurge in internet and ATM transactions," says
Ashvin Parekh, partner and national industry leader, financial services, Ernst &
Young. "At the same time, traditional fund transfer will continue to hold its own. We
are going to witness a co-existence of these two systems. In the regulatory space,
there will be huge changes. As and when India Pay, which will eventually settle
credit card and ATM transactions, comes into the picture, we could witness a gradual
shift away from Visa and MasterCard." The implementation of core banking
solutions by all public sector banks has not only helped banks rationalise their costs,
but has also allowed them to explore new ways of optimally utilising their resources.
Core banking, which facilitates linking up of a bank's branches across the country,
has enabled banks to improve their efficiency.
"Now, decisions can be taken remotely and the activities too can be undertaken in a
centralised location. This means that branches need not spend time on processing
transactions and other back office operations, and rather utilise the time and
resources to function as selling outlets. Centralised operations benefit from
economies of scale and help in reducing bank costs," explains Janmejaya Sinha,
managing director of India operations, Boston Consulting Group.
2.5OPPORTUNITIES IN ONLINE (E-BANKING)
It has always been a chicken-and-egg dilemma in business. Either firms wait
for the market to mature until customers are ready for the products and services. Or,
firms can go ahead and offer the products and services, hoping that their customers
will catch on soon.
The same is true for new products and services that have emerged and
continue to emerge in the world of electronic banking (e-banking). Banking
executives interviewed by BusinessWorld Online have different ways of resolving
the issue. Some would go ahead with new ideas, wanting to take the first-mover
advantage. Others would wait in the sidelines, but armed nevertheless just in the
case the market take up suddenly increases.
into a chick. Technology providers are always up on their toes, like
chicken ready to ca Is There a Future Whether first-movers or
latecomers, there is one partner in the e-banking game that is not
waiting for the chicken to lay the egg, or wait for the egg to hatch
in Online Banking?
By this point, no one can dismiss online banking as a fad. However, it is worth
considering whether the trend towards online financial transactions is going to slow
or reverse in the years to come. There will continue to be people who resist online
banking in favor of offline transactions just as there are people who prefer to keep
their money in mattresses instead of putting it in banks. Whether these people will
exert serious influence on the movement towards online banking can be examined
by looking at the needs of modern consumers, and the interests of the banks
themselves.
The Move to Online Business
The global connectivity provided by the internet, combined with the fallout from the
global financial crisis has encouraged a growing number of entrepreneurs to start
their own businesses online. As an increasing number of people look to save
themselves from unemployment or augment otherwise insufficient salaries by
finding new ways to make money online, they will require new ways to send,
receive, and invest their online funds.
The Rise of Mobile Banking
As handheld mobile devices become more sophisticated, users are experimenting
with more sophisticated transactions. Moving beyond ringtone downloads;
consumers can now shop online and purchase software upgrades and augmentations
through app stores. In addition to this buying and selling, anyone with a web
browser on their phone can access their bank’s online banking site to move and
manage their money in more locations than ever before.
Staffing Solutions
As banks consolidate and grow larger, they are looking for more ways to cut costs,
and reducing the number of full-time employees on their payroll is an attractive
option. Encouraging customers to do their banking online allows banks to close
smaller branches in outlying locations and use economies of scale to develop
customer assistance centers in locations where the labor market is more favorable.
Physical Footprints
Online banking is also more attractive to banks because a reduced physical footprint
means reduced costs in other areas. In addition to saving the money that would
normally be associated with operating and maintaining physical branches, no longer
having to print and mail paper statements to customers would be a huge savings for
banks. As an added bonus, banks have been able to take advantage of current proenvironment sentiment by marketing online banking as a “green” alternative.
By appealing to more mobile customers and more cost-conscious financial service
providers alike, online banking continues to be an attractive option for everyone
involved. However, when discussing the internet it is dangerous to assume that
everything is going to be moved online; there will always be individuals, industries,
and transactions that are grounded in the real world with no desire to change the way
they do business.
Growth of Internet
The increase in the growth of internet usage will definitely help the cause of growth
of online banking in India. The following chart shows the growth of internet in India
during the past decade or so
YEAR
Users
Population
% Penetration
1998
1,400,000
1,094,870,677
0.1 %
1999
2,800,000
1,094,870,677
0.3 %
2000
5,500,000
1,094,870,677
0.5 %
2001
7,000,000
1,094,870,677
0.7 %
2002
16,500,000
1,094,870,677
1.6 %
2003
22,500,000
1,094,870,677
2.1 %
2004
39,200,000
1,094,870,677
3.6 %
2005
50,600,000
1,112,225,812
4.5 %
2006
40,000,000
1,112,225,812
3.6 %
2007
42,000,000
1,129,667,528
3.7 %
CHAPTER-4
4.1 MAIN & IMPORTANTCONCERNS RELATING TO ONLINE
BANKING
In a survey conducted by the Online Banking Association, member institutions rated
security as the most important issue of online banking. There is a dual requirement
to protect customers' privacy and protect against fraud. Banking Securely: Online
Banking via the World Wide Web provides an overview of Internet commerce and
how one company handles secure banking for its financial institution clients and
their customers. Some basic information on the transmission of confidential data is
presented in Security and Encryption on the Web. PC Magazine Online also offers a
primer: How Encryption Works. A multi-layered security architecture comprising
firewalls, filtering routers, encryption and digital certification ensures that your
account information is protected from unauthorised access:
Firewalls and filtering routers ensure that only the legitimate Internet users are
allowed to access the system.
Encryption techniques used by the bank (including the sophisticated public
key encryption) would ensure that privacy of data flowing between the
browser and the Infinity system is protected.
Digital certification procedures provide the assurance that the data you receive
is from the Infinity system.
Security concerns:
Security fears have served as deterrents to online growth. Of particular concern are
threats of pharming and phishing. Phishing is an internet fraud, through which
innocent people are enticed to divulge their personal information like user ID and
passwords, which are later on used by scammers in unauthorized ways.
The most common method of phishing is sending emails claiming to be from your
bank or other financial institutions which are dealing that already has your personal
information and you will be asked to confirm the details by clicking a particular link
(URL) provided in this fake email. This URL will take you to a fake website which
will be similar to your genuine website, and the information provided by the
customer in the forms provided in the fake website will be gathered and used for
committing fraud in their accounts or withdraw funds unauthorizedly from these
accounts.
Pharming is another internet fraud, whereby as many as users as possible are
redirected before they reach the legitimate online banking websites they intend to
visit and they are lead to malicious ones. The bogus sites to which victims are
redirected without their knowledge or consent, will likely looks the same as genuine
site. But when users enter their login name or password, the information is captured
by criminals.
4.2 FURTHER PROBLEMS RELATING TO NET BANKING IN
INDIA
Given that India is the IT and tech services outsourcing hotspot of the world, it's
surprising that Internet banking has not really taken off. Despite the advent of a very
tech-savvy and vast consumer class in recent years, a mix of industry issues and
unique challenges continue to thwart the expansion of net banking in India.
Technology challenges, IT practices, certain cultural issues, industry lethargy, and
workplace constraints have affected widespread acceptance of Internet banking.
1.Low Broadband Internet Penetration
India has one of the lowest broadband connectivity penetration rates in Asia as
compared to Japan, Taiwan, Korea and Singapore. While the bigger cities such as
Mumbai, Delhi, Chennai, and Bangalore have relatively better broadband
penetration rates, PC users in smaller cities and towns still use dial-up options to
connect to the Internet. Slow connectivity speeds often dampen the online banking
experience for many customers eager to use such services.
2.Banks' Ambivalent Commitment Levels
Internet banking did take off in India at the turn of the millennium but soon faltered
due to lack of takers. In the middle of this decade, multinational and domestic
private banks started offering net banking services as a competitive differentiator.
Only recently, state-owned and public sector banks have started doing likewise.
However, banks' ambivalent commitment levels and their reluctance to allocate huge
budgets for net banking branding initiatives, as well as a lack of industry advocacy
efforts, have resulted in poor acceptance levels of Internet banking by customers.
3.Customers' Preference for Traditional Branches
There are thousands of highly active traditional bank branches in India's crowded
cities and major towns. Office workers take longer lunch breaks to finish banking
activities and transactions at these branches rather than conduct them online. Most
customers prefer the personal touch and customized service offered by staff in brickand-mortar bank branches. Many Indians are also averse to calling call centers and
banks' customer contact lines to address issues related to online bank accounts.
4.Fear of Online Threats/Scams
Ubiquitous and prevalent online threats about hackers, identity theft, stolen
passwords, viruses, worms and spyware tend to make customers wary just like in
any other country. Conservative Indian bank customers used to years of saving in an
erstwhile mixed-socialist economy are always fearful of losing hard-earned savings
in online scams. These customers are also not sure about the efficacy of banks'
websites and their commitment to allocate funds for reliable encryption mechanisms
and robust back-end technologies and systems.
5.Other Problems
Workplace constraints and corporate policies about using external websites or
pursing personal activities such as online banking have affected its expected fastpaced acceptance among the growing affluent class in India. Cultural issues, such as
parents giving priority use of the home PC to their children rather than using it
themselves, stifle the potential growth of home access to Internet banking services.
Public sector banks with vast customer bases also don't tend to invest money in
training personnel for e-banking initiatives, resulting in poor customer service levels.
4.2 SOLUTION TO THE PROBLEMS IN NET BANKING
Here are some simple tips to prevent you from falling into the trap of cyber
criminals. Remember, a simple ignorance or oversight can make a huge dent in your
hard- earned savings.
Securing your account: Avoid online banking on unsecured wifi systems and
operate only from PCs at home. Never reveal password to anyone. Do not
even write it on a piece of paper on diary. Just memorise it. It should be
alphanumeric and change it frequently.
Never reply to queries from bank online about account or personal details. The
personal information should not be kept in a public computer or in emails.
Phishing: A person's personal details are obtained by fraudsters posing as
bankers, who float a site similar to that of the person's bank. They are asked to
provide all personal information about themselves and their account to the
bank on the pretext of database upgradation. The number and password are
then used to carry out transactions on their behalf without their knowledge.
Phishing involves using a form of spam to fraudulently gain access to people's
online banking details. As well as targeting online banking customers, phishing
emails may target online auction sites or other online payment facilities. Typically, a
phishing email will ask an online banking customer to follow a link in order to
update personal bank account details. If the link is followed, the victim downloads a
program which captures his or her banking login details and sends them to a third
party.
Spam: Spam is an electronic 'junk mail' or unwanted messages sent to your
email account or mobile phone. These messages vary, but are essentially
commercial and often annoying in their sheer volume. They may try to
persuade you to buy a product or service, or visit a website where you can
make purchases; or they may attempt to trick you into divulging your bank
account or credit card details.
Nigerian Scam: Nigerian or Frauds 409 or 419 are basically the lottery scam
in which some overseas persons are involved to cheat innocent persons or
organizations by promising to give a good amount of money at nominal fee
charges. Their intention is to steal money in the form of fee against the lottery
prize.
Spyware:
Spyware such as Trojan horse is generally considered to be
software that is secretly installed on a computer and takes things from it
without the permission or knowledge of the user. Spyware may take personal
information, business information, bandwidth; or processing capacity and
secretly gives it to someone else.
"Trojan Horse" scheme unfolds when malicious software (malware) embeds to a
consumer's computer without the consumer being aware of it. Trojans often come in
links or as attachments from unknown email senders. After installation the software
detects when a person accesses online banking sites and records the username and
password to transmit to the offender. People using public computers, in places like
Internet cafes, are often susceptible to Trojans like malware or spyware.
Check sites Url: Always check the URL of your bank's web site. Fraudsters
can lure you to enter your user ID and password at a fake website that
resembles your bank. If you see anything other than the bank's genuine URL,
it has to be fake.
Never enter your user ID or password or such sensitive information without
ascertaining that you are on the right website. Always type the Web address of your
bank into the browser address space. Never click on the link in the email.
Fool-proof password: Change your online banking password at regular
intervals. Also, avoid easy-to-guess passwords, like first names, birthdays,
kid's or spouse's name and telephone numbers. Try to have an alpha-numeric
password, one that combines alphabets and numbers.
If you have several bank accounts, never use the same online banking password for
all. Never select the option on browser that stores or retains user name and
password. As it can easily be cracked by cyber criminals. Also, never paste your
password, always type it in. This little amount of `finger exercise' will go a long way
in safety.
Always check 'last logged': Most banks have a 'last logged in' panel on their
websites. If your bank has it, check the panel whenever you log in. If you
notice irregularities (like you are logging in after two days, but the panel says
you logged in that morning!), report the matter immediately to your bank and
change your password right away.
Always log out when you exit the online banking portal. Close the browser to ensure
that your secure session is terminated. Never exit simply by closing the browser.
Keep your system up to date: Regularly check for security updates for your
computer operating system. Most security updates are aimed at reducing risks
to your computer, these may be data-related or otherwise. Make sure that your
operating system and browser have the latest security patches installed. And,
always install these only from trusted websites.
Install a personal firewall to prevent hackers from gaining unauthorised access to
your computer, especially if you connect to the Internet through a cable or a DSL
modem.
Public access can be injurious: Don't leave the PC unattended after keying
in information while transacting on the website. Avoid accessing your bank
online at cyber cafes or on a share or public computer. Also, avoid locations
that offer online connections through wireless networks (Wi-Fi), where
privacy and security are minimal.
Follow Bank instructions: Banks say that appropriate upgradations are
carried out from time to time by their IT departments for risk mitigation. They
issue instructions to the customers to manage their accounts through virtual
keyboards by way of which the characters typed by them are not identified by
hackers. SMS alerts are also an important tool since any transaction carried
out on account is reported to the account holder through an SMS.
Protection: Learn the ways to protect yourself from online banking fraud schemes.
Detect Trojans that appear on your PC in the form of viruses, spyware or malware
through Antivirus Software, anti Spyware, and Adware. Also, learn to keep your
cards, documents and passwords safe, and monitor your accounts to safeguard
yourself from bank fraud committed through identity theft.
4.3 INTERNET BANKING GUIDELINES INDIA
Reserve Bank of India had set up a ‘Working Group on Internet Banking’ to examine
different aspects of Internet Banking (I-banking). The Group had focused on three
major areas of I-banking, i.e.
(i) technology and security issues,
(ii) legal issues and
(iii) regulatory and supervisory issues.
RBI has accepted the recommendations of the Group to be implemented in a phased
manner. Accordingly, the following guidelines are issued for implementation by
banks. Banks are also advised that they may be guided by the original report, for a
detailed guidance on different issues.
I. Technology and Security Standards:
a. Banks should designate a network and database administrator with clearly
defined roles as indicated in the Group’s report.
b. Banks should have a security policy duly approved by the Board of Directors.
There should be a segregation of duty of Security Officer / Group dealing
exclusively with information systems security and Information Technology
Division which actually implements the computer systems. Further,
Information Systems Auditor will audit the information systems.
c. Banks should introduce logical access controls to data, systems, application
software, utilities, telecommunication lines, libraries, system software, etc.
Logical access control techniques may include user-ids, passwords, smart
cards or other biometric technologies.
d. At the minimum, banks should use the proxy server type of firewall so that
there is no direct connection between the Internet and the bank’s system. It
facilitates a high level of control and in-depth monitoring using logging and
auditing tools. For sensitive systems, a state full inspection firewall is
recommended which thoroughly inspects all packets of information, and past
and present transactions are compared. These generally include a real time
security alert.
e. All the systems supporting dial up services through modem on the same LAN
as the application server should be isolated to prevent intrusions into the
network as this may bypass the proxy server.
f. PKI (Public Key Infrastructure) is the most favoured technology for secure
Internet banking services. However, as it is not yet commonly available, banks
should use the following alternative system during the transition, until the PKI
is put in place:
1. Usage of SSL (Secured Socket Layer), which ensures server
authentication and use of client side certificates issued by the banks
themselves using a Certificate Server.
2. The use of at least 128-bit SSL for securing browser to web server
communications and, in addition, encryption of sensitive data like
passwords in transit within the enterprise itself. (Para 6.4.5)
g. It is also recommended that all unnecessary services on the application server
such as FTP (File Transfer Protocol), telnet should be disabled. The
application server should be isolated from the e-mail server. (Para 6.4.6)
h. All computer accesses, including messages received, should be logged.
Security violations (suspected or attempted) should be reported and follow up
action taken should be kept in mind while framing future policy. Banks should
acquire tools for monitoring systems and the networks against intrusions and
attacks. These tools should be used regularly to avoid security breaches. The
banks should review their security infrastructure and security policies
regularly and optimize them in the light of their own experiences and
changing technologies. They should educate their security personnel and also
the end-users on a continuous basis.
i. The information security officer and the information system auditor should
undertake periodic penetration tests of the system, which should include:
1. Attempting to guess passwords using password-cracking tools.
2. Search for back door traps in the programs.
3. Attempt to overload the system using DDoS (Distributed Denial of
Service) & DoS (Denial of Service) attacks.
4. Check if commonly known holes in the software, especially the browser
and the e-mail software exist.
j. The penetration testing may also be carried out by engaging outside experts
(often called ‘Ethical Hackers’).
k. Physical access controls should be strictly enforced. Physical security should
cover all the information systems and sites where they are housed, both
against internal and external threats.
l. Banks should have proper infrastructure and schedules for backing up data.
The backed-up data should be periodically tested to ensure recovery without
loss of transactions in a time frame as given out in the bank’s security policy.
Business continuity should be ensured by setting up disaster recovery sites.
These facilities should also be tested periodically.
m. All applications of banks should have proper record keeping facilities for legal
purposes. It may be necessary to keep all received and sent messages both in
encrypted and decrypted form.
n. Security infrastructure should be properly tested before using the systems and
applications for normal operations. Banks should upgrade the systems by
installing patches released by developers to remove bugs and loopholes, and
upgrade to newer versions which give better security and control.
II. Legal Issues
a. Considering the legal position prevalent, there is an obligation on the part of
banks not only to establish the identity but also to make enquiries about
integrity and reputation of the prospective customer. Therefore, even though
request for opening account can be accepted over Internet, accounts should be
opened only after proper introduction and physical verification of the identity
of the customer.
b. From a legal perspective, security procedure adopted by banks for
authenticating users needs to be recognized by law as a substitute for
signature. In India, the Information Technology Act, 2000, in Section 3(2)
provides for a particular technology (viz., the asymmetric crypto system and
hash function) as a means of authenticating electronic record. Any other
method used by banks for authentication should be recognized as a source of
legal risk.
c. Under the present regime there is an obligation on banks to maintain secrecy
and confidentiality of customers‘ accounts. In the Internet banking scenario,
the risk of banks not meeting the above obligation is high on account of
several factors. Despite all reasonable precautions, banks may be exposed to
enhanced risk of liability to customers on account of breach of secrecy, denial
of service etc., because of hacking/ other technological failures. The banks
should, therefore, institute adequate risk control measures to manage such
risks.
d. In Internet banking scenario there is very little scope for the banks to act on
stop-payment instructions from the customers. Hence, banks should clearly
notify to the customers the timeframe and the circumstances in which any
stop-payment instructions could be accepted.
e. The Consumer Protection Act, 1986 defines the rights of consumers in India
and is applicable to banking services as well. Currently, the rights and
liabilities of customers availing of Internet banking services are being
determined by bilateral agreements between the banks and customers.
Considering the banking practice and rights enjoyed by customers in
traditional banking, banks’ liability to the customers on account of
unauthorized transfer through hacking, denial of service on account of
technological failure etc. needs to be assessed and banks providing Internet
banking should insure themselves against such risks.
III. Regulatory and Supervisory Issues:
As recommended by the Group, the existing regulatory framework over banks will
be extended to Internet banking also. In this regard, it is advised that:
1. Only such banks which are licensed and supervised in India and have a
physical presence in India will be permitted to offer Internet banking products
to residents of India. Thus, both banks and virtual banks incorporated outside
the country and having no physical presence in India will not, for the present,
be permitted to offer Internet banking services to Indian residents.
2. The products should be restricted to account holders only and should not be
offered in other jurisdictions.
3. The services should only include local currency products.
4. The ‘in-out’ scenario where customers in cross border jurisdictions are offered
banking services by Indian banks (or branches of foreign banks in India) and
the ‘out-in’ scenario where Indian residents are offered banking services by
banks operating in cross-border jurisdictions are generally not permitted and
this approach will apply to Internet banking also. The existing exceptions for
limited purposes under FEMA i.e. where resident Indians have been permitted
to continue to maintain their accounts with overseas banks etc. will, however,
be permitted.
Given the regulatory approach as above, banks are advised to follow the following
instructions:
a. All banks, who propose to offer transactional services on the Internet should
obtain prior approval from RBI. Bank’s application for such permission
should indicate its business plan, analysis of cost and benefit, operational
arrangements like technology adopted, business partners, third party service
providers and systems and control procedures the bank proposes to adopt for
managing risks. The bank should also submit a security policy covering
recommendations made in this circular and a certificate from an independent
auditor that the minimum requirements prescribed have been met. After the
initial approval the banks will be obliged to inform RBI any material changes
in the services / products offered by them.
b. Banks will report to RBI every breach or failure of security systems and
procedure and the latter, at its discretion, may decide to commission special
audit / inspection of such banks.
c. The guidelines issued by RBI on ‘Risks and Controls in Computers and
Telecommunications’ vide circular DBS.CO.ITC.BC. 10/ 31.09.001/ 97-98
dated 4th February 1998 will equally apply to Internet banking. The RBI as
supervisor will cover the entire risks associated with electronic banking as a
part of its regular inspections of banks.
d. Banks should develop outsourcing guidelines to manage risks arising out of
third party service providers, such as, disruption in service, defective services
and personnel of service providers gaining intimate knowledge of banks’
systems and misutilizing the same, etc., effectively.
e. With the increasing popularity of e-commerce, it has become necessary to set
up ‘Inter-bank Payment Gateways’ for settlement of such transactions. The
protocol for transactions between the customer, the bank and the portal and
the framework for setting up of payment gateways as recommended by the
Group should be adopted.
f. Only institutions who are members of the cheque clearing system in the
country will be permitted to participate in Inter-bank payment gateways for
Internet payment. Each gateway must nominate a bank as the clearing bank to
settle all transactions. Payments effected using credit cards, payments arising
out of cross border e-commerce transactions and all intra-bank payments (i.e.,
transactions involving only one bank) should be excluded for settlement
through an inter-bank payment gateway.
g. Inter-bank payment gateways must have capabilities for both net and gross
settlement. All settlement should be intra-day and as far as possible, in real
time.
h. Connectivity between the gateway and the computer system of the member
bank should be achieved using a leased line network (not through Internet)
with appropriate data encryption standard. All transactions must be
authenticated. Once, the regulatory framework is in place, the transactions
should be digitally certified by any licensed certifying agency. SSL / 128 bit
encryption must be used as minimum level of security. Reserve Bank may get
the security of the entire infrastructure both at the payment gateway’s end and
the participating institutions’ end certified prior to making the facility
available for customers use.
i. 2. The Reserve Bank of India have decided that the Group’s recommendations
as detailed in this circulars should be adopted by all banks offering Internet
banking services, with immediate effect. Even though the recommendations
have been made in the context of Internet banking, these are applicable, in
general, to all forms of electronic banking and banks offering any form of
electronic banking should adopt the same to the extent relevant.
j. 3. All banks offering Internet banking are advised to make a review of their
systems in the light of this circular and report to Reserve Bank the types of
services offered, extent of their compliance with the recommendations,
deviations and their proposal indicating a time frame for compliance. The first
such report must reach us within one month from the date of this circular.
Banks not offering any kind of I-banking may submit a ‘nil’ report.
k. 4. Banks who are already offering any kind of transactional service are
advised to report, in addition to those mentioned in paragraph above, their
business models with projections of cost / benefits etc. and seek our post-facto
approval.
CHAPTER-5
CASE STUDIES
1. Email password Hacking-
One day a lady came to cyber cell office and reported that she and her
brothers e-mail ID’S had been hacked by someone she suspected him to be her
husband. The lady had already lodged a case against him for dowry and was pending
for trial in Bhopal court.
The suspect had hacked lady’s and her brother e-mail ID account and copied all the
information to his e-mail and produced selected e-mails to claim that . she was
happy with him and case of dowry is a false one .
To malign the image of her brother the suspect sent a copy of FIR lodged against
him at police station Habibganj. This indicated that the husband of the lady was
behind the whole affair but police had not any evidence against him.
Cyber cell started enquiry by an order of IGP and obtained the login logs from
rediff.com .The logs indicated that the email IDs password were changed and
anonymous emails were sent from the house of lady’s husband and sent from his.
Cyber cell registered a case under section 66 IT act and submitted Challan has been
filed against the suspect and trial is over.
Court has hold the conviction against the suspect Sabrish Pillai but found that the
matter came before the court as Sabrish was having family dispute with his wife and
the, act of hacking was not against the society at large, Hence let him free after
warning.
2. Internet Lottery Fraud :
MP Cyber police has investigated several case of cheating through Internet
lottery offer which is commonly known as Nigerian 419 scam. In this kind of
cheating the culprits used to send bulk emails, bulk SMS to millions of users using
software, stating that the receiver has won lottery worth thousands of pounds or
dollars which comes out to be crores of Indian rupees, in a lucky draw. They used to
create fake lottery winning certificate using logo and text from original website,
which seems to be original at a glance. This kind of sending bulk emails or SMS is
an act of commonly known as Phishing attack. Those who are lured by such offer
often tempted to contact them. The culprits then ask the target to fill a form and thus
receive all the personal information of the target and asks him to deposit token
money in various names to earn the lottery prize. The target who is hoping to earn
huge amount of money finds these charges to be minimal. The culprit asks the target
to deposit money in the name yellow tag, custom clearance UN anti terrorism
certificate, RBI charges or any other name they feel it to suitable to convince the
target. The culprits ask the target to deposit in various bank accounts and once the
money is deposited by the target it is withdrawn same day by the suspect.
After losing lakhs of amount people come to know that they are being cheated. In
this kind of cheating the contact number are usually taken in the fake names or in the
other Indian guys name, account are being opened in the fake names or acquired on
the basis of commission by fooling the account holders.
Mp cyber police has investigated the case of Internet lottery fraud and arrested
Nigerian national Godspower from Meharauli Delhi with the suspected mobile used
for communication, one laptop, printer and box used for black dollar scam.
Mp cyber police has investigated the case of Internet lottery fraud Crime no 07/09
420,468,34 IPC and crime no 05/10 420,468,34 AIPC and arrested Nigerian national
Idiiogbe Joseph from Mumbai with the suspected mobile used for communication,
laptop, fake Income tax certificate and seals.
Apart from the above MPCP is investigating two more such cases in which
suspects are being monitored and efforts are being made to arrest them.
CHAPTER-6
DATA ANALYSIS
A survey was conducted on online banking in India for the primary data
among 25 people. The analysis of this survey or data is as follows:Q. What kind of banking do you prefer?
14
12
10
8
6
4
2
0
Traditional
Online
Both
POLL out of 25: Traditional – 5 ; Online – 8 ; Both – 12
FINDINGS: This shows us the preference of the people towards the type of
banking. They prefer to use the services of both the online and traditional banking
rather than a particular type.
Q. Do you think online banking is better than traditional banking?
YES
NO
CAN'T SAY
POLL out of 25: Yes - 13; No - 5; Can’t Say – 7
FINDINGS: The people understand that online banking is better than the traditional
banking because of its nature. While a few of the people are still not fully convinced.
Q. Do you feel you account is secured in online banking?
12
10
8
6
4
2
0
YES
NO
CANT SAY
Poll out of 25: Yes - 11; No - 7; Can’t Say – 7
FINDINGS: Majority of the people think that their Account is secured, but not all.
Their security concern should be eradicated. This will attract customers.
Q. How frequently do you use banking services?
12
10
8
6
4
2
0
WEEKLY
MONTHLY REGULARLY
RARELY
POLL out of 25: Weekly - 5; Monthly - 11; Regularly - 2; Rarely – 7
FINDINGS: Most of the people do not need the services of banks regularly or
maybe there is no need. They may transact with the bank on monthly basis for most
of the time.
Q. How happy are you with services of online banking provided by your bank?
10
8
6
4
2
0
COMPLETELY
PARTIALLY
FAIRLY
NOT AT ALL
POLL out of 25: Completely - 4; Partially - 9; Fairly - 9; Not at all - 3
FINDINGS: The satisfaction level of people with the online banking services of
their banks has a mixed review. This may be due to multiple reasons.
Q. What type of transaction do you make in online banking?
POLL out of 25: Check balances - 11; Payments - 7; Transfer of fund - 2; Other -5
FINDINGS: The utility of the online banking is service is not used to the extent is
should be and it is being majorly used for the purpose of checking the balance in the
account. The reason for this is the low volume of transaction among the people.
CHAPTER-7
RECOMMENDATIONS & CONCLUSIONS
CONCLUSION:
People are not confident enough to whether to rely completely on online
banking. There is hesitancy in their minds with regards to preference. So they
use both the techniques of banking i.e. Online and Traditional.
Because of the complexity and the unawareness in the people regarding the
online banking, there is less utilization of the online banking services provided
by the banks.
People are not sure whether their account is completely secured in online
banking. Security concern is the main and the core reason why people do not
tend to use online banking.
People in India are not aware of the full utility of online banking and the
services that can be availed of in online banking.
Most of the Indian population are salaries employees who do not have that
volume of transaction that can be used for online transaction.
RECOMMENDATION:
After analyzing the entire study on online banking with respect to both the primary
and the secondary data, the following recommendations can be put forth: The infrastructure for the development is not being implemented in way that
could be beneficial.
There are various obstacles in the banking scenario with regards to guidelines
and issues for functioning. This has led to decline in the usage of the online
banking service of the banks.
The people having accounts can be urged to take up an internet banking
facility. They should be motivated rather than just being told that there exists a
service of online banking.
There are more people who are not actually aware of all the benefits that they
reap out of the transaction of online banking. They should be proper
awareness.
Most of the people o not count online banking due the problems of security
concerns. Proper security software should be developed and people should be
convinced that their accounts are secured in online transactions.
CHAPTER-8
BIBLIOGRAPHY
WEBSITES:
http://www.onlinebanking.net/online-banking-services/
http://www.productivity501.com/choosing-online-bank/244/
http://www.thewisdomjournal.com/Blog/pros-and-cons-of-onlinebanking/
http://www.networkmagazineindia.com/200302/feature.shtml
www.google.com
REFERENCE BOOKS:
R.K. UPPAL
BANKING WITH TECHNOLOGY
NEW CENTURY PUBLICATIONS
NEW DELHI
CHAPTER-9
APPENDIX
ONLINE BANKING IN INDIA (Survey)
Q.1 WHICH BANK DO YOU HAVE AN ACCOUNT?
(1 – Private sector bank; 2 – Public sector bank; 3 – Other)
Q.2 WHAT KIND OF BANKING DO YOU PREFER?
(1 – Traditional; 2 – Online; 3 – Both)
Q.3 DO YOU THINK ONLINE BANKING IS USEFUL?
(1 – Yes; 2 – No; 3 – Can’t say)
Q.4 HOW FREQUENTLY DO YOU USE BANKING SERVICES?
(1 – Weekly; 2 – Monthly; 3 – Regularly; 4 – Rarely)
Q.5 DO YOU THINK ONLINE BANKING IS BETTER THAN TRADITIONAL BANKING?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.6 DO YOU FEEL ONLINE BANKING HAS A GROWTH POTENTIAL IN INDIA?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.7 WHAT TYPE OF TRANSACTION DO YOU MAKE IN ONLINE BANKING?
(1 – Check balances; 2 – Make payments; 3 – Transfer funds; 4 – Other)
Q.8 DO YOU FEEL YOUR ACCOUNT IS COMPLETELY SECURED IN ONLINE BANKING?
(1 – Yes; 2 – No; 3 – Can’t Say)
Q.9 ARE YOU HAPPY WITH THE SERVICES OF ONLINE BANKING PROVIDED BY YOUR BANK?
(1 – Completely; 2 – Partially; 3 – Fairly; 4 – Not at all)
Q.10 FOR ME ONLINE BANKING IS
NAME:
EMAIL ID:
PHONE:
