Professional Documents
Culture Documents
Top of Form Search Books, Presentations, Business, Academics..
Top of Form Search Books, Presentations, Business, Academics..
Top of Form Search Books, Presentations, Business, Academics..
Upload a Document
Top of Form
Bottom of Form
Explore
Documents
Books - Fiction
Books - Non-fiction
Brochures/Catalogs
Government Docs
How-To Guides/Manuals
Magazines/Newspapers
Recipes/Menus
School Work
+ all categories
Featured
Recent
People
Authors
Students
Researchers
Publishers
Businesses
Musicians
Teachers
+ all categories
Most Followed
Popular
Savin Shetty
Account
Home
My Documents
My Collections
My Shelf
View Public Profile
Messages
Notifications
Settings
Help
Log Out
First Page
Previous Page
Next Page
1
/ 123
Zoom Out
Zoom In
Fullscreen
Exit Fullscreen
View Mode
BookSlideshowScroll
Top of Form
Search w ith
Bottom of Form
« previousnext »
Readcast
Add a Comment
Reading should be social! Post a message on your social networks to let others know
what you're reading. Select the sites below and start sharing.
Link account
Readcast Complete!
edit preferences
Set your preferences for next time...Choose 'auto' to readcast without being prompted.
Top of Form
Savin Shetty
Savin Shetty
Link account
Advanced Cancel
Bottom of Form
Top of Form
f51d233278e17e
Add a Comment
Submit
View comments
1 document_comme 4gen
Bottom of Form
Add to Collections
Download
Auto-hide: off
A PROJECT
REPORT
ON
E-BANKING
Introduction
Electronic banking is an umbrella term for the process by which a customer may
Electronic banking is an activity that is not new to banks or their customers. Banks
having been providing their services to customers electronically for years through
software programs. These software programs allowed the user’s personal computer to
dial up the bank directly. In the past however, banks have been very reluctant to provide
their customers with banking via the Internet due to security concerns.
Today, banks seem to be jumping on the bandwagon of Internet banking. Why is there a
sudden increase of bank interests in the Internet? The first major reason is because of the
improved security and encryption methods developed on the Internet. The second reason
is that banks did not want to lose a potential market share to banks that were quick to
offer their services on the Internet.
Many of the banks like ICICI, HDFC, IndusInd, IDBI, Citibank,Global Trust Bank
(GTB), Bank of Punjab and UTI were offering E-banking services. Based on the above
statistics and the analysts’ comments that India had a high growth potential for e-banking
the players focused on increasing and improving their E-banking services. As a part of
this, the banks began to collaborate with functions online.
Why is there a sudden increase of bank interests in the Internet? The first major reason is
because of the improved security and encryption methods developed on the Internet. The
second reason is that banks did not want to lose a potential market share to banks that
were quick to offer their services on the Internet.
E-banking is defined as the automated delivery of new and traditional banking products
The E-banking was firstly introduced in India by the ICICI around 1996. There after
many other banks like HDFC, IndusInd bank, IDBI, Citibank Trust Banks, UTI, etc.
followed the service. As today private and foreign bank had started capturing the market
through e-banking hence “the competition is heating up and the lack of technology can
make a bank loose a customer” so now the public banks are breaking the shackles of
traditional set-up and gearing up to face the competition posed by the private sector
counterparts.
The banking industry is expected to be a leading player in e-business. While the banks in
developed countries are working primarily via Internet as non-branch banks, banks in the
developing countries use the Internet as an information delivery tool to improve
relationship with customers.
Banks have established an Internet presence with various objectives. Most of them are
using the Internet as a new distribution channel. Financial services, with the use of
Internet, may be offered in an equivalent quantity with lower costs to the more potential
customers. There may be contacts from each corner of the world at any time of day or
night. This means that banks may enlarge their market without opening new branches.
The banks in the US are using the Web to reach opportunities in three different
categories: to market information, to deliver banking products and services, and to
improve customer relationship.
In Asia, the major factor restricting growth of e-banking is security, in spite of several
countries being well connected via Internet. Access to high-quality e-banking products is
an issue as well. Majority of banks in Asia are just offering basic services compared with
those of developed countries. Still, e-banking seems to have a future in Asia. According
to McKinsey survey, e-banking will succeed if the basic features, especially bill payment,
are handled well. Bill payment was the most popular feature, cited by 40 percent of
respondents of the survey. However, providing this service would be difficult for banks
in Asia because it requires a high level of security and involves arranging transactions
with a variety of players.
In 2001, over 50 percent of the banks in the US were offering e-banking services.
However, large banks appeared to have a clear advantage over small banks in the range
of services they offered. Some banks in the US were targeting their Internet strategies
towards business customers. Apart from affecting the way customers received banking
services; e-banking was expected to influence the banking industry structure. The
economics of e-banking was expected to favor large banks because of economies of scale
and scope, and the ability to advertise heavily. Moreover, e-banking offered entry and
expansion opportunities that small banks traditionally lacked.
In Europe, the Internet is accelerating the reconfiguration of the banking industry into
being further driven by the Internet, due to the combined impact of:
The emergence of new, more focused business models.
costs.
High degree of uncertainty over the impact that new entrants will have on current
business models.
Though e-banking in the Europe is still in the evolutionary stage, it is very clear that it is
having a significant impact on traditional banking activities. Unlike in the US, though
large banks in the Europe have a competitive edge due to their ability to invest heavily in
new technologies, they are still not ready to embrace e-banking. Hence, medium-sized
banks and start-ups have an important role to play on the e-banking front if they can take
concrete measures quickly and effectively.
Convergence is one of the clear visible trends in the banking industry. Here, convergence
does not mean offering banking, broking and insurance services under one corporate
name through the Internet. It covers different dimensions, including channel delivery,
sales culture, back-office processes, and the knowledge management infrastructure all
being integrated via Internet. Few banks take these different dimensions into
consideration. Instead, they view convergence purely as a product-centric development
that will enable them to cross-sell products. A strategy that does not go beyond product
convergence is bound to have some limitations. For example, imagine a situation where
customer service personnel in a so called `converged' bank is required to answer banking,
brokerage, and insurance questions coming through multiple channels including the
Internet, branches, call centers, or ATMs. This bank is unlikely to succeed since, though
it has expanded the product line, it has not made any efforts to broaden the skill sets of
the personnel who support these channels.
Successful convergence will help them in the development of a seamless supply chain
To succeed on the Internet, banks must continually differentiate from their competitors,
broaden their market and provide value through their products and services. For example,
Wells Fargo had shifted 1.4 million of its traditional banking customers online within five
years of the development of its transactional website. However, the company had
maintained its Internet strategy as a complement to existing channels and had found that
its e-banking customers were more than 50 percent less likely to leave the bank than non-
Internet customers. The bank continued to enter new alliances and expanded its web
offerings to maintain its dominant position.
Finally, developing just a me-too website would not work for banks. Several banks are
creating electronic financial communities in which customers assemble to present and
pay bills while satisfying other financial and informational needs. By bringing consumers
and vendors together at one site, financial institutions can leverage the trust, clients have
in them, and act as the intermediary to ensure billers get paid and consumers get
satisfactory services. Last but not the least, banks may conduct periodical surveys and
take customer views on the simplicity and ease of operation of their websites and other e-
banking initiatives.
As per the international report the banking transactions on a brick and mortar banking
costs around $ 1.1. While through ATM it costs around $ 0.27 and just 1 percent of over
the counter banking in case of Internet banking. Statistics such as these have woken the
Indian Banking Industry. Thus, the Indian banking system is seeing a fabulous change in
the quality of service provided by them. Technology is the root of this change, which is
implemented by the banks’ to win more business from customers.
Almost all the private sector banks are moving towards e-enabling their existing
products. HDFC Bank and ICICI Bank have taken a lead in introducing e-banking in
India.
Internet banking starts from migrating existing products to the net. This started initially
with simple functions such as getting information about interest rates, checking account
balances and computing loan eligibility. Then the services were extended to online bill
payment, transfer of funds between accounts and cash management services for
corporates. Recently, banks started setting up payment gateways for B2B and B2C
transactions. This is to facilitate payment for e-commerce transactions by directly
debiting bank accounts or through credit cards. Banks can earn a commission based
income, on the transaction or sale value resulting in higher other income. This could be
more than the revenues they can generate from credit card transactions.
Private sector banks have leveraged the Internet effectively in taking away the customers
from public sector banks and significantly increased their revenue potential. Internet
banking is just one manifestation of these banks’ technological capabilities. They have a
complete automation, an electronic customer database, real time transaction processing
capabilities and the latest technological platforms. Management of these banks is very
focused in using technology as a key competitive tool. The capability of the management
is also visible in terms of their profitability. Among the private sector banks HDFC Bank
and ICICI Bank have excellent returns on equity compared to their peers in the industry.
These banks commenced operations few years and have negligible excess in terms of
branches and employees. Therefore unlike most other banks around the world, e-banking
is not an added cost for them. In fact it is expected to contribute significantly to their
revenues and profits in years to come.
Particulars *
HDFC
Bank
ICICI
Bank
SBI Corporation
Bank
6.9
2.9
0.9 1.1
P/E (x)
30.3
9.0
1.1 1.8
Profits/employee (Rs m)
2.5
2.5
0.1 0.3
The distribution of banking business in India is highly skewed both geographically and in
terms of customer segment. Geographically the top 100 centres account for around 70
percent of the loans disbursed. This are expected to account for mostly early Internet
users. In terms of customer segment, key focus on the asset side is the corporate sector.
This segment accounts for a high share of profits of banks and is likely to be an early
adapter to the Internet. On the liability side Internet banking is expected to boost
customer acquisition and profitability significantly in the top corporate segment and in
the urban high/middle income retail segments.
Apart from e-banking, future prospects of e-commerce is also strong as it is set for
explosive growth rates. According to the NASSCOM’s survey, e-business transactions in
India are expected to reach to Rs 12 billion by 2000-01 from Rs 4.5 billion in the
previous year. For e-commerce to take off there is a need for real time financial
intermediation and there are very few banks offering this in India. The right combination
of customer relationship and technological competency is required to dominate the
financial intermediation of e-commerce. Who else than private sector banks can provide
such services? They are all set to lead the segment with a marginal competition from
foreign banks. Going forward, as the share of e-commerce in the economy increases,
these banks should be able to move up their market share apart from generating higher
fee based income.
Particulars
FY98
FY02E
0.5
4.5
600
Source: NASSCOM
But one does wonder what difference e-banking make with only 22 percent of the
Internet uses globally utilizing e-banking services. In India also the penetration is less
than 1 percent. It is not all win-win case for Internet banking in India. A number of
uncertainties surround e-banking and e-commerce ventures. Among the others, hurdles
like low Internet penetration, security issues, tax considerations and credit issues continue
to depress the growth of the segment. Even if the government has passed the cyber laws,
still there is a lack of clarity about legislative aspects governing the sector and the
effectiveness of the administration to track & punish cyber crimes. It all depends on the
ability of banks to enter these businesses successfully.
Those banks which have already started e-banking will have to continuously update their
services to retain the potential customers since any customer is just a click away from a
competitor elsewhere. Also, one cannot afford to depend only on Internet banking; brick
and mortar will continue to play an important role. For those, which are yet to begin, are
ignoring the potential customers by remaining away from the latest technology.
Citibank
stop payments
Request a deposit
Pay utility bills
E-mail queries
ICICI Bank
HDFC Bank
Mediums of E-banking
Electronic banking, also known electronic fund transfer (EFT), uses computer and
electronic technology as a substitute for checks and other paper transactions. EFTs are
initiated through devices like cards or codes that let you, or those you authorize, access
your account. Many financial institutions use ATM or debit cards and Personal
Identification Numbers (PINs) for this purpose. Some use other forms of debit cards and
personal Identification Numbers (PINs) for this purpose. Some use other forms of debit
cards such as those that require, at the most, your signature or a scan. The federal
Electronic Fund Transfer Act (EFT Act) covers some electronic consumer transactions.
Following are the electronic medium by which services are generally provided by the
1) Internet Banking
3) Phone Banking
4) Mobile Banking
All the above mediums provide services, which can be, also know as “any time any
where banking”. This facilitates the customer of the bank to operate their account from
any corner of the world, without visiting local or any subsidiary branch of their banks.
Efforts are made by the bank not only to provide the facility to the customer, but also to
reduce the operational cost of the bank by providing e-banking services. So with this,
banks have to employ less staff and still would be able to deliver service to the customer,
Internet Banking
Net banking is a web-based service that enables the banks authorized customers to access
their account information. It allows the customers to log on to the banks website with the
help of bank’s issued identification and personal identification number (PIN). The
banking system verifies the user and provides access to the requested services, the rage of
products and service offered by each bank on the internet differs widely in there content.
Most banks offer net banking as a value-added service. Net banking has also led to the
emergent of new banks, which operate only through the internet and do not exists
physically, Such banks are called “virtual” banks or “Internet Only” banks.
A couple of years ago, there was a belief even among bankers that customers opening
new accounts wanted the online banking facility, just to ‘feel good’ and very few of them
actually used that services. Today, bankers believe that the trend from ‘nice to have’ is
changing to ‘need to have’ .after all it depends on how busy a person is.
1) account information
Account information
Allow transaction tracking which enables retrieval of transaction details based on cheque
number, transaction amount, and date. Provide account statement and transaction reports
used on user-defined criteria. Customers can even download and print the statement of
accounts.
Banks Bill Pa is the easiest way to manage bills. A/c holder can pay their regular monthly
bills i.e. telephone, electricity, mobile phone, insurance etc. at anytime, anywhere for
free.
Saves time and effort. Make bill payments at customer’s convenience form their home or
office.
Lets a/c holders check their hill amount before it is debited form their account. No debits
Track payment history – all payments to a biller are stored automatically for future
reference.
No queuing up at collection centers or writing cheque any more! Just a few clicks and
customers account will be debited for the exact amount they ask.
Cheque-book
Stop payment instructions
Opening a fixed deposit
Opening a recurring deposit
Intimate for the loss of ATM card
Register online for phone and mobile banking
Cheque status
Online application for debit card
Issue a DD or a Banker’s cheque form account at special rates. Just select the account to
be debited form and give details of the amount, location and beneficiary. The demand
draft will be couriered to a/c holder at their mailing address.
Customers can get their applications for issuance of Letters of Credit and Bank
Guarantees processed online
Book your Railways Ticket Online
Demat Account
Share Trading
In share trading a customer can buy and sell securities online without stepping into a
broker’s office. Once the share are dematerialized then the trading can be done from
home or office. As demat a/c are directly linked to the customer’s bank a/c, so there is no
need to write cheque for the payments or to fill up the slips to deposit the cheque.
Amount for the purchase and sale of securities is automatically debited or credited to
their bank a/c. it also brings the same convenience while investing in Mutual funds also
Hassle free and Paperless
ATMs
Automated Teller Machines or 24-hour Tellers are electronic terminals that let you bank
almost anytime. To withdraw cash, make deposits, or transfer funds between accounts,
you generally insert an ATM card and enter your PIN. Some financial institution and
ATM owners charge a fee, particularly to consumers who don’t have accounts with them
or on transactions at remote locations. Generally, ATMs must tell you they charge a fee
and its amount on or at the terminal screen before you complete the transaction. Check
the rules of our institution and ATMs you use to find out when or whether a fee is
charged.
It won’t be just if I start explaining what an ATM is. ATMs and cash dispensers are by
far the largest investment ever made in electronic self-service by financial institutions.
Over US$ 40 billion has been invested in simply buying these machines and many times
that in running them. There are now over 1.1 million machines operating in over 140
countries worldwide.
The banks are losing the cashiers checks, check cashing and even cash dispensing to the
c-stores and grocery stores. They are asleep at the switch and watching more transactions
walk away to convenience stores and supermarkets that provide 24 hour access and
integrated transactions.
ATMs do provide a larger set of functions, such as check cashing, ticket sales or money
orders. We already know that cash dispensing as a dedicated function is a sustainable
applications, the question is whether that application can be incorporated successfully
into a more complex consumer product that offers multiple applications.
It is worth noting that, due to market saturation, overall ATM usage is increasing while
Cash withdrawal: Withdraw upto Rs.15,000/- per day from your account. Fast cash
options provides the facility of withdrawing prefixed amounts. Ultra Fast Cash opetion
Mini Statement: Get a printout of your last 8 transactions and your current balance.
Deposit Cash / Cheques : available at all full function ATMs. Customers can deposit
both cash and cheques. / Cash deposited in ATMs will be credited to the account on the
same day (provided cash is deposited before the clearing) and cheques are sent for
clearing on the next working day.
Funds Transfer: Transfer funds from one account to another linked account in the same
branch.
PIN Changes: Change the Personal Identification Number (PIN) of ATM or Debit card.
Payments: The latest feature of our ATMs, this functionality can be used for payment of
bills, making donations to temples / trusts, buying internet packs, airtime recharges for
Others: Request for a checkbook from our ATMs and our concerned branch will
dispatch it such that it reaches you within 10 working days.
ATM Advantages
You can withdraw up to Rs. 10,000/- per day on your ATM Card. The fast cash
option saves your time by providing the cash in denominations of Rs. 500/-
Balance inquiry
Your updated balance will appear on the screen and will also be printed on the
transaction slip.
Mini-statement request
Get details of the last 9 transactions on your account with the mini-statement, along
Send us a request for a cheque book or account statement it will arrive at your
doorstep.
Funds transfer
Transfer money from one of your accounts to another. It’s easy, select the acoount from
which you want to transfer, then indicate the amount and the accont to which your want it
transferred. Both accounts must be linked to your ATM card and customer ID. A
maximum of 5 saving and 5 Current accounts can be linked.
PIN change
Your can conveniently charge your (PIN) given at the time of opening your account)
whenever you wish. Stay totally in control and ensure complete security for your ATM
Card.
Bill Pay
Pay your cellular, telephone and electricity bills using your ATM Card.
The card industry, which is growing at the rate of 20% per annum, is flooded with cards
ranging from gold, silver, global, smart to secure>>> the list is endless. From just two
players in early 80s, the industry now houses over 10 major players vying for a major
chunk of the card pie.
Currently four major bishops are ruling the card empire – Citibank, Standard Chartered
Bank. HSBC and State Bank of India (SBI). The industry, which is catering to over 3.8
million card users, is expected to double by the fiscal 2003. Accordingly to a study
conducted by State bank of India, Citibank is the dominant player, having issued 1.5
million cards so far. Stanch art follows way behind with 0.67 million, while Hong Kong
Bank has 0.3 million credit card customers. Among the nationalized banks, SBI tops the
list with 0.28 million cards, followed by Blanks of Baroda at 0.22 million.
The credit card market in India, which started out in 1981, is on the verge of an
unprecedented boom. Between 1987 and 2000, the market has virtually grown to over 3.8
million cards with almost 25-30% growth in new cardholders.
The latest innovation in credit cards is the introduction of a magnetic slip in the card for
use in withdrawing cash at the automatic teller machine (ATM), of which abut 60000 are
already in existence in the world. In India also ATMs have made late appearance, but
now spreading very rapidly. As per statistics published by RBI there are 895 ATMs in
India as at the end of the year 2001 but it is also regularly increasing.
1. The credit card holders need not to carry either traveler’s cheques or cash with
2. Traveling facilities are available in hotels, restaurants and airways to the card
holders.
3. Each card holder gets insurance facility which is up to one lakh on ordinary
insurance.
4. It has become a status symbol. Railway tickets are available on special windows. Extra
charges are made by the railway and the cancellation of tickets is also allowed and the
amount is directly credited in the bank account of the card holder.
5. The business of the card holder individuals or institution has been because the
businessmen are assured for the payment as the transactions have been finalized on the
basis of credit cards.
6. Credit cards enhance the credit of banks and the credit of new customers and
consumers is enhanced.
7. Deposits in saving and current accounts increase.
8. Service charges on credit card increase the profitability of banks.
1. Credit card is a contact in advance and if the card holder does not make payment,
2. Card holders spend in excess of their incomes and it poses the problem of
In India this facility has increased the business activities; middle and upper middle
classes are availing this facility. It has become popular and status symbol in our country
hence the prospects of credit cards are bright.
Smart Cards
A smartcard resembles a credit card except that it has a microchip embedded within it,
which allows the smartcard to store information and sometimes to even perform simple
calculations. Common smartcard chips typically holds about 8,000 bytes (characters) of
information, which enables the smartcard to perform a variety of functions such as
identification , storing bank account information an holding digital cash.
A number of smartcards are on the market today, and these are used in a wide range of
applications. Mondex has received a lot of recognition in the financial press, and several
banks have already conducted trials with its smartcard. Wells Fargo & Co., a major
California bank based in San Franscisco, will issue Mondex smartcards to all of its online
banking customers in 2998, a number which could reach into the hundreds of thousands.
Because MasterCard International holds a 51% stake in Mondex, it could become the
defacto international standard for bank-issued smartcards.
A smart card is a miniaturized personal computer (PC), which can be used for a dazzling
array of applications, and also as ‘digital’ cash. It contains a microprocessor, memory and
tailored software. The software security system used for these cards is almost as
foolproof as those used by nuclear establishments and leading international banks! Smart
cards can manage security procedures using passwords and state-of-the- art encryption
techniques. Further, identity traits such as digitized photos, signatures and fingerprints
being placed on the card make it fraud-proof.
E-money
E-money may be broadly defined as “an electronic store of monetary value on a technical
device used for making payments to undertakings other than the issuer on a technical
device used for making payments to undertakings other than the issuer on a technical
device used for making payments to undertakings other than the issuer without
necessarily involving bank accounts in the transaction, but acting as a prepaid bearer
instrument” (Eropean Central Bank, 1998)These products could be classified in to two
broad categories viz.,
B) Pre-paid software based product that used computer networks such as internet
The stored value card scheme typically uses a microprocessor chip embedded in a plastic
card while software based scheme typically specialized software installed in a personal
computer. The stored value card could be of three types single-purpose card, closed-
system or limited-purpose card could be of three types single-purpose card, closed-
system or limited-purpose card and general-purpose or multi-purpose card.
The single-purpose card generally with a magnetic chip recording the amount of fund
therein is designed to facilitate only one type of transaction e.g telephone calls, public
transportation, laundry, parking facilities etc. Here, the distinguishing point is that the
issuer and the service provider (acceptor ) are identical for the cards. These cards are
expected to substitute coins and currency notes. It is important to note that the European
Central Bank (ECB) has exempted these single-purpose pre-paid cards from the purview
of their policy initiatives on e-money because of their smaller denominations as well as
limited risk exposure for customers and the financial system as a whole.
The closed-system or the limited-purpose cards are generally used in a small number
The multipurpose card on the other hand can perform variety of functions with several
vendors’ viz., credit card, debit card, stored value card, identifications card, repository of
these cards with respect to regulatory oversight, restrictions on issuers and their
implications or monetary policy. These cards may reduce demand for current accounts in
the bank for likely reduction in transaction costs, and prudent portfolio management.
Phone Banking
Now your bank account is now just a phone call away. Through Phone Banking you
Phone banking facility is available round the clock, everyday, in Mumbai, Delhi,
Chennai, Kolkata, Banglore, Hyderabad, Ahmedabad, Chandigarh and Pune.
E-age Advantages
Security
When you use the Phone Banking facilities, your transactions are completely secure.
When you open an account with us, you are given a unique Telephone Identification
Number (TIN), which is completely confidential.
You can choose between English and Hindi for guidance through the Interactive
Voice Response (IVR) menu of services, at the time of calling the bank.
Get up-to-the-second details of your Savings or Current Accounts and your fixed
Deposits. Get details of the last five transactions (on the IVR), which would be read out
to you at the touch of a button,. What’s more, you can even have a mini account
statement of the last 9 transactions faxed to you.
Register a request for statement of accounts for the current period through the IVR
and the same will be mailed to you on the next working day.
Stop payment of a cheque, 24 hours a day. You have the facility to stop a single
Fixed Deposits
You can easily open a Fixed Deposit over the phone, by simply authorizing a transfer of
funds from your savings Account. The deposits can be opened in the names of the
account holders in the funding account. You may also book the Fixed Deposit in your
name alone in the funding account. You may also book the Fixed Deposit in your name
alone and maintain a sweep-in facility. You can also enquire about the details
of your Fixed Deposit, or tax deducted at Source, if any, using the Phone Banking
service.
This facility is available only during Phone Banking hours.
If you happen to lose your ATM/Debit card, call your local Phone banking number
Demand Drafts
You can now place a request for a Demand Draft or Manager’s Cheque worth up to Rs.
50,000/- per customer ID per day, on the phone. For HDFC Banked Preferred clients the
limit is Rs. 100,000/- per day. The draft or cheque will be sent to the address on our
records by courier on the next working day.
Fund transfers
If you hold multiple accounts with us, all you have to do is call in to transfer funds
between accounts, provided the same are linked to the same Cost ID number. There is no
fund transfer limit.
You can talk to a phone Banker for all the financial transactions and for any other
E-Banking Transactions
Informational website
the website is not properly isolated from the financial institution’s internal
network;
.. Potential liability for spreading viruses and other malicious code to computers
communicating with the institution’s website; and
.. Negative public perception if the institution’s on-line services are disrupted or
Translational Website
Transactional websites provide customers with the ability to conduct transactions through
the financial institution’s website by initiating banking transactions or buying products
and services. Banking transactions can range from something as basic as a retail account
balance inquiry to a large business-to-business funds transfer. E-banking services, like
those delivered through other delivery channels, are typically classified based on the type
of customer they support..
.. Losses from fraud if the institution fails to verify the identity of individuals or
E-Banking components
core processing system. Thus, the oranisation has day-to-day responsibility for system
administration.
Web linkings
A large number of Organisations maintain sites on the World Wide Web. Some websites
are strictly informational, while others also offer customers the ability to perform
financial transactions, such as paying bills or transferring funds between accounts.
Virtually every website contains “weblinks.” A weblink is a word, phrase, or image on a
webpage that contains coding that will transport the viewer to a different part of the
website or a completely different website by just clicking the mouse. While weblinks are
a convenient and accepted tool in website design, their use can present certain risks.
Generally, the primary risk posed by weblinking is that viewers can become confused
about whose website they are viewing and who is responsible for the information,
products, and services available through that website. There are a variety of risk
management techniques institutions should consider using to mitigate these risks. These
risk management techniques are for those institutions that develop and maintain their own
websites, as well as institutions that use third-party service providers for this function.
The agencies have issued guidance on weblinking that provides details on risks and risk
management techniques financial institutions should consider.1
Account Aggregation
Account aggregation is a service that gathers information from many websites, presents
that information to the customer in a consolidated format, and, in some cases, may allow
the customer to initiate activity on the aggregated accounts. The information gathered or
aggregated can range from publicly available information to personal account
information (e.g., credit card, brokerage, and banking data). Aggregation services can
improve customer convenience by avoiding multiple log-ins and providing access to tools
that help customers analyze and manage their various account portfolios. Some
aggregators use the customer-provided user IDs and passwords to sign in as the customer.
Once the customer’s account is accessed, the aggregator copies the personal account
information from the website for representation on the aggregator’s site (i.e., “screen
scraping”). Other aggregators use direct data-feed arrangements with website operators or
other firms to obtain the customer’s information. Generally, direct data feeds are thought
to provide greater legal protection to the aggregator than does screen scraping.
Organisations are involved in account aggregation both as aggregators and as aggregation
targets. Risk management issues examiners should consider when reviewing
.. Protection of customer passwords and user IDs – both those used to access the
institution’s aggregation services and those the aggregator uses to retrieve customer
information from aggregated third parties – to assure the confidentiality of customer
information and to prevent unauthorized activity,
.. Assurance of the accuracy and completeness of information retrieved from the
Electronic Authentication
Verifying the identities of customers and authorizing e-banking activities are integral
parts of e-banking financial services. Since traditional paper-based and in-person identity
authentication methods reduce the speed and efficiency of electronic transactions,
financial institutions have adopted alternative authentication methods, including
The authentication methods listed above vary in the level of security and reliability they
provide and in the cost and complexity of their underlying infrastructures. As such, the
choice of which technique(s) to use should be commensurate with the risks in the
products and services for which they control access.2 Additional information on customer
authentication techniques can be found in this booklet under the heading “Authenticating
E-Banking Customers.”
The Electronic Signatures in Global and National Commerce (E-Sign) Act establishes
some uniform federal rules concerning the legal status of electronic signatures and
records in commercial and consumer transactions so as to provide more legal certainty
and promote the growth of electronic commerce.3 The development of secure digital
signatures continues to evolve with some financial institutions either acting as the
certification authority for digital signatures or providing repository services for digital
certificates.
Website Hosting
Some organisations host websites for both themselves as well as for other businesses.
Organisations that host a business customer’s website usually store, or arrange for the
storage of, the electronic files that make up the website. These files are stored on one or
more servers that may be located on the hosting financial institution’s premises. Website
hosting services require strong skills in networking, security, and programming. The
technology and software change rapidly. Institutions developing websites should monitor
the need to adopt new interoperability standards and protocols such as Extensible Mark-
Up Language (XML) to facilitate data exchange among the diverse population of Internet
users.
Risk issues examiners should consider when reviewing website hosting services include
.. Downtime (i.e., times when website is not available) or inability to meet
.. Inaccurate website content (e.g., products, pricing) resulting from actions
hackers),
Many businesses accept various forms of electronic payments for their products and
services. Financial institutions play an important role in electronic payment systems by
creating and distributing a variety of electronic payment instruments, accepting a similar
variety of instruments, processing those payments, and participating in clearing and
settlement systems. However, increasingly, financial institutions are competing with third
parties to provide support services for e-commerce payment systems. Among the
electronic payments mechanisms that financial institutions provide for e-commerce are
automated clearing house (ACH) debits and credits through the Internet, electronic bill
payment and presentment, electronic checks, e-mail money, and electronic credit card
payments. Additional information on payments systems can be found in other sections of
the IT Handbook.
Most organisations permit intrabank transfers between a customer’s accounts as part of
their basic transactional e-banking services. However, third-party transfers – with their
heightened risk for fraud – often require additional security safeguards in the form of
additional authentication and payment confirmation.
Bill payment services permit customers to electronically instruct their financial institution
to transfer funds to a business’s account at some future specified date. Customers can
make payments on a one-time or recurring basis, with fees typically assessed as a “per
Here we discusses the front-end controls related to the initiation, storage, and
transmission of bill payment transactions prior to their entry into the industry’s retail
payment systems (e.g., ACH, check processing, etc.). The extent of front-end operating
controls directly under the financial institution’s control varies with the system
configuration. Some examples of typical configurations are listed below in order of
increasing complexity, along with potential control considerations.
.. Organisations that do not provide bill payment services, but may direct
customers to select from several unaffiliated bill payment providers. Caution customers
regarding security and privacy issues through the use of on-line disclosures or, more
conservatively, e-banking agreements.
.. Organisations that rely on a third-party bill payment provider including Internet
- Set dollar and volume thresholds and review bill payment transactions for suspicious
activity.
- Gain independent audit assurance over the bill payment provider’s processing controls.
- Restrict employees’ administrative access to ensure that the internal controls limiting
their capabilities to originate, modify, or delete bill payment transactions are at least as
strong as those applicable to the underlying retail payment system ultimately transmitting
the transaction.
- Restrict by vendor contract and identify the use of any subcontractors associated with
the bill payment application to ensure adequate oversight of underlying bill payment
system performance and
availability.
- Evaluate the adequacy of authentication methods given the higher risk associated with
-.. Organisations that use third-party software to host a bill payment application
internally.
In addition, some businesses have begun offering electronic bill presentment directly
from their own websites rather than through links on the e-banking screens of a
organisation. Under such arrangements, customers can log on to the business’s website to
view their periodic bills. Then, if so desired, they can electronically authorize the
business to “take” the payment from their account. The payment then occurs as an ACH
debit originated by the business’s organisation as compared to the ACH credit originated
by the customer’s organisation in the bill payment scenario described above.
Organisations should ensure proper approval of businesses allowed to use ACH payment
technology to initiate payments from customer accounts.
Cash management applications would include the same control considerations described
above, but the Organisation should consider additional controls because of the higher risk
associated with commercial transactions. The adequacy of authentication methods
becomes a higher priority and requires greater assurance due to the larger average dollar
size of transactions. Institutions should also establish additional controls to ensure
binding agreements – consistent with any existing ACH or wire transfer agreements –
exist with commercial customers. Additionally, cash management systems should
provide adequate security administration capabilities to enable the business owners to
restrict access rights and dollar limits associated with multiple-user access to their
accounts.
Person-to-Person Payments
offered by an insured financial institution, but are frequently offered by other businesses
as well.
Some of the risk issues examiners should consider when reviewing bill payment,
.. Liability for bill payment instructions originating from someone other than the
deposit account holder,
.. Losses from person-to-person payments funded by transfers from credit cards
or deposit accounts over which the payee does not have signature authority,
mail or for releasing funds in response to e-mail from someone other than the
intended payee.
Technology in Banking
The cost of the average payment transaction on the Internet is minimum. Several studies
found that the estimated transaction cost through mobile phone is16 cents, a fully
computerized bank using its own software is 26 cents, a telephone bank is 54 cents, a
bank branch, $1.27, an ATM, 27 cents, and on the Internet it costs just 13 cents. As a
result, the use of the Internet for commercial transactions started to gain momentum in
1995. More than 2,000 banks in the world now have transactional websites and the
growth of online lending solutions is making them more cost efficient. Recent
developments are now encouraging banks to target small businesses as a separate lending
category online.
Banks are increasingly building payment infrastructure with various security mechanisms
(SSL, SET) because there is tremendous potential for profit, as more and more payments
will pass through the Internet. However, the challenge for banks is to offer a payments
back-bone system that will be open enough to support multiple payment instruments
(credit cards, debit cards, direct debit to accounts, e-checks, digital money etc.) and
The market for Electronic Bill Presentment and Payment (EBPP) is growing. According
to a study, 18 million households in the US are expected to pay their bills online by 2003
compared to 2 million households in 2001. As more number of bill payers are getting
online, several banks are making efforts to find ways to meet the growing needs of EBPP.
Established banks can emerge as key online integrators of customer bills and can
capitalize on this high potential market. Growing with the popularity of EBPP is also the
paying of multiple bills at a single site known as bill aggregation. Offering online bill
payment and aggregation will increase the competitiveness and attractiveness of e-
banking services and will allow banks to generate service-fee income from the billers.
In the B2B segment, the customer value proposition for online bill payment is more
compelling. B2B e-commerce is expected to grow from $406 bn in 2000 to $2.7 tn by
2004, and more than half of all transactions will be routed through online B2B
marketplaces. There is a need for automated payment systems to reduce cost and human
error, and enhance cash-flow management. To meet this need, a group of banks and non-
financial institutions led by Citibank and Wells Fargo have formed a company called
FinancialSettlementsMatrix (FSMx). It provides business buyers and sellers with access
to secure payment processing, invoicing and other services that participating financial
services firms offer.
A B2B marketplace would provide minimum value to its customers if it just matches
buyers and sellers, leaving the financial aspects of transactions to be handled through
traditional non-Internet channels. Hence, the marketplace must be capable of providing
the payments processing, treasury management services, payables/receivables data flows,
and credit solutions to complete the full cycle of a commercial transaction on the Internet.
The web-based B2B e-commerce offers tremendous opportunities for banks, payment
technology vendors and e-commerce companies to form strategic alliances. This new
form of collaboration between partners with complementary core competencies may
prove to be an effective business model for e-business.
Technology in Banking
We have been witnessing since about the early Eighties the phenomenon of widespread
use of computers and communication technology in the industrial, as well as emerging
market economies. This has resulted in faster funds movement across nations and
borders. Globalisation of economies and financial liberalisation within the economies
have opened new opportunities of growth for techno-savvy institutions, while for the
others these have resulted in shrinkage of revenues. The use of IT in the banking industry
in our country has however been somewhat limited and has, as a result, restricted our
presence in international operations. Even in critical spheres such as those involving
funds transfer, and MIS based decision making, there has been little evidence of
proactive movement towards wholesale computerisation upnto the middle of the Nineties
Howver Indian Banks have come to start this process after a decade or so. It is only with
the growing recognition of the need for having in place financial reforms, has the interest
in IT application in the banking sector in India increased. But though the process started
late, computerising the vast net work of branches of several banks is planned and being
executed methodically and the benefit is expected to be fully perceived by the year 2010.
The RBI Report on Banking published on 15.11.2001 starts with the opening narration-
"In recent years, the banking industry has been undergoing rapid changes, reflecting a
number of underlying developments. The most significant has been advances in
communication and information technology, which have accelerated and broadened the
dissemination of financial information while lowering the costs of many financial
activities. A second key impetus for change has been the increasing competition among a
broad range of domestic and foreign institutions in providing banking and related
financial services. Third, financial activity has become larger relative to overall economic
activity in most economies. This has meant that any disruption of the financial markets or
financial infrastructure has broader economic ramifications than might have been the case
previously".
The report gives a brief summary of the progress made in the usage of information
technology and networking of different branches and different banks. The contents of the
report are reproduced in this First Page dealing with advent of e-banking in India.
Detailed information about each area or field of in the usage of IT is discussed in
subsequent pages. (please refer the column to the left for a subject-wise Table of
Contents on "Computerisation").
The text of the report dealing with Technology in Banking is reproduced as under-
As part of restructuring of the banking sector, special emphasis has been accorded to
improvements in payment and settlement systems. Prominent among the measures
initiated in these areas include introduction of Electronic Funds Transfer (EFT), Real
Time Gross Settlement System (RTGS), Centralised Funds Management System
(CFMS), the NDS and the Structured Financial Messaging Solution (SFMS). The SFMS
would be the backbone for all message-based communication over the Indian Financial
Network (INFINET)
The EFT scheme enables transfer of funds within and across cities and between branches
of a bank and across banks. The scheme, which is operated by the Reserve Bank is
available for funds transfer across thirteen major cities in the country, as on September
30, 2001. The facility is being extended to two more centres. The scheme was originally
intended for small value transactions. However, with effect from October 1, 2001, even
large value transactions (as high as Rs. 2 crore) have also been permitted.
The work on operationalisation of RTGS system continued during the year. The major
project components completed during the year included the finalisation of the design for
RTGS system, issue of the tender for the development of the software, evaluation of the
technical components of the bids received, site visits and evaluation of the commercial
proposals. The implementation of RTGS is targeted to be accomplished within 12 to 15
months of award of the contract for software development and implementation.
The CFMS would enable the funds and treasury managers of commercial banks to obtain
the consolidated account-wise, centre-wise position of their balances with all the 17
Deposit Accounts Departments (DAD) of the Reserve Bank. The system has been tested
prior to installation and phase-wise implementation commenced from November 2001.
The CFMS would enable better funds management by constituent current account holders
of the Reserve Bank
At the base of all inter-bank message transfers using the INFINET is the SFMS. SFMS
would serve as a safe, secure communication carrier built with templates for transmission
of intra and inter-bank messages in fixed message formats, which would facilitate
"Straight Through Processing". SFMS comprises the central server in the form of a hub
located at the Institute for Development and Research in Banking Technology (IDRBT),
Hyderabad and individual bank gateways to which the branches of the banks would be
connected with a provision for banks to have multiple bank level gateways. The SFMS
would provide for all inter-bank transactions to be stored and switched at the central hub,
while intra-bank messages will be switched and stored by the bank gateway. Adequate
security in the form of smart card authentication apart from the Public Key Infrastructure
(PKI) would be an integral part of the SFMS. All these would result in the security levels
matching those of international standards.
Houses and make necessary recommendations. The Group submitted the Report in May
2001. The recommendations of the Group were discussed with a select group of bankers
and regulators. Based on these discussions, a roadmap has been drawn for
implementation of these recommendations which fall under the following
d. formation of an Internal Group at each Regional Office of the Reserve Bank to review
the trends reported by the clearing house and plan follow up action as deemed necessary;
The recommendations which could be implemented immediately are being taken up with
the four major metropolitan clearing houses managed by the Reserve Bank. Action on
implementing these at the clearing houses managed by State Bank of India / other banks
would also be taken up concurrently.
Imaging of Instruments
A process of capturing the images of the instruments as they are being processed was
introduced during the year at the four metropolitan National Clearing Cells managed by
the Reserve Bank. Imaging facilitates in quicker balancing during the cheque-processing
cycle and also in reducing clearing reconciliation differences.
The INFINET has been operational for almost two years. Started as a closed user group
communication network for the banking sector in India, the members of this network are
the public sector banks. During the year 2000-01, the membership was opened up for
other banks and financial institutions that need to communicate with one another.
Magnetic Ink Character Recognition (MICR) based cheque-clearing accounts for about
65 per cent of the value of cheques processed in the country. In addition, Magnetic Media
Based Clearing Systems account for about 10 per cent of the remaining value while
claim-based processes cover the rest of clearing. It may be pertinent to note that growth
in cheque volumes has decelerated to 10 per cent in 2000-01 from 12 per cent during the
previous year. This is reflective of general trends the world over, indicating the migration
towards electronic funds transfer mechanisms.
With the popularity of PCs, easy access to Internet and World Wide Web (WWW),
Internet is increasingly used by banks as a channel for receiving instructions and
delivering their products and services to their customers. This form of banking is
generally referred to as Internet Banking, although the range of products and services
offered by different banks vary widely both in their content and sophistication.
Broadly, the levels of banking services offered through INTERNET can be categorized in
to three types:
i.
The Basic Level Service is the banks’ websites which disseminate information on
different products and services offered to customers and members of public in general. It
may receive and reply to customers’ queries through e-mail
ii.
In the next level are Simple Transactional Websites which allow customers to submit
their instructions, applications for different services, queries on their account balances,
etc, but do not permit any fund-based transactions on their accounts,
iii.
The third level of Internet banking services are offered by Fully Transactional Websites
which allow the customers to operate on their accounts for transfer of funds, payment of
different bills, subscribing to other products of the bank and to transact purchase and sale
of securities, etc. The above forms of Internet banking services are offered by traditional
banks, as an additional method of serving the customer or by new banks, who deliver
banking services primarily through Internet or other electronic delivery channels as the
value added services. Some of these banks are known as ‘virtual’ banks or ‘Internet-only’
banks and may not have any physical presence in a country despite offering different
banking services
From the perspective of banking products and services being offered through Internet,
Internet banking is nothing more than traditional banking services delivered through an
electronic communication backbone, viz, Internet. But, in the process it has thrown open
issues which have ramifications beyond what a new delivery channel would normally
envisage and, hence, has compelled regulators world over to take note of this emerging
channel. Some of the distinctive features ofi-banking are:
It has added a new dimension to different kinds of risks traditionally associated with
banking, heightening some of them and throwing new risk control challenges,
It poses a strategic risk of loss of business to those banks who do not respond in time, to
this new technology, being the efficient and cost effective delivery mechanism of
banking services
A new form of competition has emerged both from the existing players and new
i.
ii.
iii.
Legal issues cover those relating to the jurisdiction of law, validity of electronic contract
including the question of repudiation, gaps in the legal / regulatory environment for
electronic commerce. On the question of jurisdiction the issue is whether to apply the law
of the area where access to Internet has been made or where the transaction has finally
taken place. Allied to this is the question where the income has been generated and who
should tax such income. There are still no definite answers to these issues.
Security of i-banking transactions is one of the most important areas of concerns to the
regulators. Security issues include questions of adopting internationally accepted state-of-
the art minimum technology standards for access control, encryption / decryption
( minimum key length etc), firewalls, verification of digital signature, Public Key
Infrastructure (PKI) etc. The regulator is equally concerned about the security policy for
the banking industry, security awareness and education
The supervisory and operational issues include risk control measures, advance warning
system, Information technology audit and re-engineering of operational procedures. The
regulator would also be concerned with whether the nature of products and services
offered are within the regulatory framework and whether the transactions do not
camouflage money-laundering operations.
The world over, central bankers and regulators have been addressing themselves to meet
the new challenges thrown open by this form of banking. Several studies have pointed to
the fact that the cost of delivery of banking service through Internet is several times less
than the traditional delivery methods. This alone is enough reason for banks to flock to
Internet and to deliver more and more of their services through Internet and as soon as
possible. Not adopting this new technology in time has the risk of banks getting edged
out of competition. In such a scenario, the thrust of regulatory thinking has been to ensure
that while the banks remain efficient and cost effective, they must be aware of the risks
involved and have proper built-in safeguards, machinery and systems to manage the
emerging risks. It is not enough for banks to have systems in place, but the systems must
be constantly upgraded to changing and well-tested technologies, which is a much bigger
challenge. The other aspect is to provide conductive regulatory environment for orderly
growth of such form of banking. Central Banks of many countries have put in place broad
regulatory framework for i-banking
In India, too i-banking has taken roots. A number of banks have set up banking portals
allowing their customers to access facilities like obtaining information, querying on their
accounts, etc. Soon, still higher level of online services will be made available. Other
banks will sooner than later, take to Internet banking.
In the above background Reserve Bank of India constituted a Working Group to examine
different issues relating to i-banking and recommend technology, security, legal standards
and operational standards keeping in view the international best practices. The Group is
headed by the Chief General Manager–in–Charge of the Department of Information
Technology and comprised experts from the fields of banking regulation and supervision,
commercial banking, law and technology. The Bank also constituted an Operational
Group under its Executive Director comprising officers from different disciplines in the
bank, who would guide implementation of the recommendations.
The Working Group, as its terms of reference, was to examine different aspects of
Internet banking from regulatory and supervisory perspective and recommend
appropriate standards for adoption in India, particularly with reference to the following:
1. Risks to the organization and banking system, associated with Internet banking
and methods of adopting International best practices for managing such risks.
2. Identifying gaps in supervisory and legal framework with reference to the existing
banking and financial regulations, IT regulations, tax laws, depositor protection,
consumer protection, criminal laws, money laundering and other cross border issues and
suggesting improvements in them.
5. Clearing and settlement arrangement for electronic banking and electronic money
6. Any other matter, which the Working Group may think as of relevance to Internet
banking in India
The first meeting of the Working Group was held on July 19, 2000. The Group held that
i-banking did not mean any basic change in the nature of banking and the associated risks
and returns. All the same, being a public domain and a highly cost effective delivery
channel, it does impact both the dimension and magnitude of traditional banking risks. In
fact, it adds new kinds of risk to banking. Some of the concerns of the Regulatory
Authority in i-banking relate to technology standards including the level of security and
uncertainties of legal jurisdiction etc. Its cost effective character provides opportunities
for efficient delivery of banking services and higher profitability and a threat to those
who fail to harness it.
The Group decided to focus on above three major areas, where supervisory attention was
needed. Accordingly, three sub-groups were formed for looking into three specific areas
i.
ii.
iii.
The Working Group had a number of deliberations. The views of the Group were
crystallized in its report, which cover the following by way of its contents:
i.
iii.
iv.
different types of risks associated with banking in general and i-banking in particular.
Emphasis is given on normal risks associated with banking which gets accentuated when
the services are delivered through Internet. Risks relating to money laundering and other
cross border transactions are discussed .
v.
Technology and security standards are discussed with emphasis onpolicy issues
vi.
The legal environment in which i-banking transactions are carried out is an important
regulatory concern. The group has identified gaps in the existing framework and has
suggesed changes required.
vii.
Operational aspects like internal control, early detection system, IT audit, technical
manpower, etc are also discussedalong with addressing the impact of i- banking on
clearing and settlement arrangements.
viii.
The specific recommendations of the group were given at the end of the report.
Wireless Banking
Overview
Risk Implications
operations risk due to limitations in wireless technology. Security solutions that work in
wired networks must be modified for application in a wireless environment. The transfer
of information from a wired to a wireless environment can create additional risks to the
integrity and confidentiality of the information exchanged.
Strategic risk – Organisation considering wireless services should carefully evaluate the
significant strategic risks posed by this service delivery channel. Standards for wireless
communication are still evolving, creating considerable uncertainty regarding the
scalability of existing wireless products. Organizations should exercise extra diligence in
preparing and evaluating the cost-effectiveness of investments in wireless technology or
in decisions committing the institution to a particular wireless solution, vendor or third-
party service provider.
Risk Managment
Messege Enctryption
Wireless encryption that occurs as part of the data transmission process is based upon the
device's operating system. A key risk-management control point in wireless banking
occurs at the wireless gateway-server where a transaction is converted from a wireless
standard to a secure socket layer (SSL) encryption standard and vice versa. Wireless
network security reviews should focus on how institutions establish, maintain, and test
the security of systems throughout the transmission process, from the wireless device to
the institutions’ systems and back again. For example, a known wireless security
vulnerability exists when the Wireless Application Protocol (WAP) transmission
encryption process is used. WAP transmissions deliver content to the wireless
gatewayserver where the data is decrypted from WAP encryption and re-encrypted for
Internet delivery. This is often called the “gap-in-WAP” (e.g., wireless transport layer
security (TLS) to Internet-based TLS). This brief instant of decryption increases risk and
becomes an important control point, as the transaction may be viewable in plain text
(unless encryption also occurred in the application layer). The WAP Forum, a group that
oversees WAP protocols and standards, is discussing ways to reduce or eliminate the gap.
Password Security
Wireless banking increases the potential for unauthorized use due to the limited
availability of authentication controls on wireless devices and higher likelihood that the
device may be lost or stolen. Authentication solutions for wireless devices are currently
limited to username and password combinations that may be entered and stored in clear
text view (i.e., not viewed as asterisks “****”). This creates the risk that authentication
credentials can be easily observed or recalled from a device’s stored memory for
unauthorized use.
Cellular phones also have more challenging methods to enter alphanumeric passwords.
Customers need to depress telephone keys multiple times to have the right character
displayed. This process is complicated if a phone does asterisk password entries, as the
user may not be certain that the correct password is entered. This challenge may result in
users selecting passwords and personal identification numbers that are simple to enter and
easy to guess.
The wireless device manufacturers and content and application providers are working on
common standards so that device and operating systems function seamlessly. Standards
can play an integral role in providing a uniform entry point to legacy transaction systems.
A standard interface would allow institutions to add and configure interfaces, such as
wireless delivery, without having to modify or re-write core systems. Interoperability is a
critical component of mobile wireless because there are multiple device formats and
communication standards that can vary the users’ experience.
Wireless Vendors
Wireless communication “dead zones” – geographic locations where users cannot access
wireless systems – expose institutions and service providers to reliability and availability
problems in some parts of the world. For some areas, the communications dead zones
may make wireless banking an unreliable delivery system. Consequently, some
customers may view the institution as responsible for unreliable wireless banking
services provided by third parties. A financial institution's role in delivering wireless
banking includes developing ways to receive and process wireless device requests.
Institutions may find it beneficial to inform wireless banking customers that they may
encounter telecommunication difficulties that will not allow them to use the wireless
banking products and services.
The screen size of wireless devices and slow communication speeds may limit a financial
institution's ability to deliver meaningful disclosures to customers. However, use of a
wireless delivery system does not absolve a financial institution from disclosure
requirements. Moreover, limitations on the ability of wireless devices to store documents
may affect the institution’s consumer compliance disclosure obligations.18 Additionally,
any institution that opts to rely upon voice recognition technology as a means to
overcome the difficulty of entering data through small wireless devices should be aware
of the uncertain status of voice recognition under the E-SIGN Act.19 Wireless banking
may expose institutions to liability under the Electronic Fund Transfer Act (Regulation E)
for unauthorized activities if devices are lost or stolen. The risk exposure is a function of
the products, services, and capabilities the institution provides through wireless devices
to its customers. For example, the loss of a wireless device with a stored access code for
conducting electronic fund transfers would be similar to losing an ATM or debit card
with a personal identification number written on it. However, the risk to the institution
may be greater depending on the types of wireless banking services offered (e.g., bill pay,
person-to-person payments) and on the authentication process used to access wireless
banking services.
M-Banking
. A mobile phone, equipped with a Smart SIM card can also act as a bank.
Smart SIM card is an upgrade of the regular SIM card, the basic form of
identification belonging to each mobile telecommunications user. The new card adds a
new option, named MOBITEL to the existing menu, which is enabling even friendlier
accesstonumerousMobitelGSMservices.
The M-Banking menu includes all the basic banking services: insight into the balance
on the user's bank account – either personal or one, for which the user is authorized;
insight into transactions made to and from the bank account; insight into transactions,
performed via mobile phone; payments of bills and money orders; intra-bank
transactions; limit alarms at violations of the account's limits; requesting an increased
bank account limit; depositing resources for a longer period...
Introduction:
The next step in automation that IT has provided is user accessibility to his most common
tasks from his mobile phone. Theoretically, today everything that a desktop pc can
perform can be accomplished with a combination of mobile phones and handheld
devices. But issues like device incompatibility, affordability, security, etc mar this theory.
Another issue that comes up is that making an existing application to be mobile enabled
is a money and resource intensive operation. A company that has already spent a lot of
money and resources getting its operations automated/net enabled/computerized is
hesitant to invest again.
Advantages
To provide a solution that allows the users of the client to receive from an efficient way,
useful information through a movable-cellular device. Scalability of new services that the
client wants to offer his users. By means of this proposal, the client not only acquires a
mail solution, but also a prepared infrastructure to harness a marketing "one to one" with
hisusers.
To implement better and more fluid communication between the client and his users,
which will be able to accede to information of fast form, simple and safe.
To provide a new scheme of access to the information through end technology, that will
serve to give one more a more modern image of the Client and to offer a better service to
itsusers.
SMS System will allow to send information to the most varied client, contributing an
added value. Here are some cases of shipment and more typical reception of information:
as insurance
Credit cards - due payment enquiry, due date, minimum payment due, an last
Credit card Reception of automatic messages (n) previous days to the victory of
the quota.
Though e-banking offers vast opportunities, yet even less than one in three banks have an
e-banking strategy in place. According to a study, less than 15 percent of banks with
transactional websites will realize profits directly attributable to those sites. Hence, banks
must recognize the seriousness of the challenge ahead and develop a strategy that will
enable them to leverage the opportunities presented by the Internet.
No single e-banking strategy is right for every banking company. But whether they adopt
an offensive or a defensive posture, they must constantly re-evaluate their strategy. In the
fast-paced e-economy, banks have to keep up with the constantly evolving business
models and technology innovations of the Internet space. Early e-business adopter like
Wells Fargo not only entered the e-banking industry first but also showed flexibility to
change as the market developed. Not many banks have been as e-business-savvy. But the
pressure is now building for all banks to develop sound e-business strategies that will
attract and retain increasingly discriminating customers.
The major problem with the banks, which have already invested huge amounts in their
online initiatives, is that their online offerings remain unprofitable. Though banks have
enrolled some existing customers in their online programs, they are not getting customers
in large numbers. This has made banks wonder whether there is any value in the online
channel. Just enrolling customers for online banking may not be sufficient until and
unless they use the site actively. Banks must make efforts to increase their site usage by
customers and effectively co-ordinate the online channel with branches and call centers.
Then only they will be able to derive maximum value that includes cost reduction, cross-
selling opportunities, and higher customer retention.
Customers have some rational reasons for staying offline. Some of these reasons include
usability features of the site, concerns about security and frequent complaints that signing
up is complicated and time-consuming. Banks can solve these problems by refocusing
portal. Conveniently, the portal can be accessed with various terminal devices whenever
Multi-Bank Support: The Finance Portal integration layer can amalgamate several core
financial applications so as to provide the user with information and services from
various banking and insurance back-end applications. Content Management System
Integration: The Finance Portal can have access to the bank’s content management
system, which allows the user to monitor the recurring subject matter that these
organisations normally generate. Content is retrieved from the content management
system based on set personalisation and customisation parameters, and the user’s profile.
The content management system can contain formatted content for all supported device
types and languages.
Service and Information Providers: Third party eCommerce services, such as electronic
invoices (eInvoice) and electronic salary statements (eSalary), can be integrated into the
Finance Portal. Additional information about rates and news from other sources, for
example Reuters, can also be included as well as targeted offers for customers.
The Finance Portal supports the development of completely new business services where
the business logic may be placed in the portal layer and the core financial applications of
the bank are needed only for retrieving information about customers’ financial matters.
Accounts
• Accounts summary
• Account details and transactions
• Single transaction information
• Default account settings
• Personal account sets for corporate users
• Real-time balances of group and single accounts
• Group account structures
• Currency exchange services
Payments
• Payments summary
• Internal transfers
• Domestic payments
• Foreign payments
• Intra-group payments
• File transfers
• Due payments and transfers
• Unconfirmed payments
• Payment confirmation
• Rejected payments and transfers
• Payment history
• Beneficiary register management
Cards
• Cards summary
• Card details and transactions
• New PIN codes
• Security limits
• eService agreements
• Agreement history
• Agreement users and authorisation
Portal Functionality
As the Finance Portal is based on a technical framework, it can therefore offer several
key services:
• Multi-terminal device support enabling its users to use the Finance Portal with a wide
• Multi-bank support support, meaning that the Finance Portal can integrate with several
• Logging services services, consisting of such things as error analysis, statistics, click-
• Authorisation services that contain the user’s permissions to access business and
chargeable services.
• System configuration and management services including the configuration data service
and administration services.
• Various portal services various services, such as menu, shortcuts and content
• Two-way CRM integration and user profile handling. -The Finance Portal user’s profile
is a collection of user related data, which can be used within the portal personalisation
and customisation parameters. The bank´s CRM system can be integrated with the
Finance Portal user profile.
• Communication services services, such as secure mail and push services (alerts).
• Web application integration providing a single-signol for both internal and external
web applications.
Based on the Finance Portal’s user profile attributes and values, the fundamental part of
the Finance Portal solution is its range of personalisation and customization capabilities.
Based on the user's characteristics, personalization refers to the bank personalising such
essential details as the interface layout and content. More specifically, the rules of this
personalisation cover both portal functionality and data handling. These rules include:
• Available services and their details
• User interface flow
• User interface layout
• Portal menus
• Help menus
• Campaigns and targeted offers
• Other content
Moreover, the Internet poses a range of risks and threats. Some of them are:
Security risk that may arise due to the unauthorized access to a bank's key information
like accounting system, risk management system and portfolio management system. A
breach of security could result in direct financial loss to the bank. In addition to external
attacks, banks are exposed to security risk from internal sources e.g. employee fraud.
Employees can acquire the authentication data in order to access the customer accounts
causing losses to the bank.
Operational risks that may arise due to inaccurate processing of transactions, non-
Banks face the risk of wrong choice of technology, improper system design and
inadequate control processes. Technology, which is outdated, not scalable or not proven,
may lead to loss of bank's investment and risk its business. Many banks rely on outside
service providers to implement, operate and maintain their e-banking systems since they
do not have the requisite expertise. However, it adds to the operational risk.
Legal risk arises when violation of laws, rules and regulations or prescribed practices
takes place, or when the legal rights and obligations of parties to a transaction are not
well established. These risks may also arise due to uncertainty about the validity of some
agreements formed via electronic media and law, regarding customer disclosures and
privacy protection.
E-Banking extends the geographic reach of banks and customers beyond national borders
which may lead to cross-border risks. This risk involves legal and regulatory risks, as
there may be uncertainty about legal requirements in some countries and jurisdiction
ambiguities with respect to the responsibilities of different national authorities. Such
considerations may expose banks to legal risks associated with non-compliance of
different national laws and regulations. Cross-border transaction also involves credit risk,
since it is difficult to appraise an application for a loan from a customer in another
country. Banks accepting foreign currencies in payment for electronic money may be
subjected to market risk because of movements in foreign exchange rates.
The risk of unauthorized data alteration is real in an e-banking environment, both when
data is being transmitted or stored. Proper access control and technological tools to
ensure data integrity is of utmost importance to banks. Banks' system must be
technologically equipped to handle these risks.
Reputational risk is the risk of getting significant negative public opinion, which may
result in loss of funding or customers. The main reasons for this risk may be system or
product not working to the expectations of the customers, system deficiencies, security
breach, inadequate information to customers about product use and problem resolution
procedures, problems with communication networks that impair customers' access to
their funds, or account information. This may cause the customer to discontinue the use
of product/service.
As e-banking transactions are conducted remotely, banks may find it difficult to apply
traditional method for detecting and preventing undesirable criminal activities, which
may lead to money laundering risk. Application of money laundering rules may also be
inappropriate for some forms of electronic payments. This may result in legal problems
for non-complying to `knowing your customer' laws.
Several bank's IT infrastructure and applications are being exposed to system outages and
cyber-attacks. In 2000, Barclays, one of Britain's biggest online banks was forced to shut
down its website as customers were able to access each other's accounts. In Norway, a
hacker led to a major software problem on the website of a leading national bank. These
cyber-crimes demand global solutions. Though some progress has been made in this
direction, a lot remains to be done. For example, Bank for International Settlements has
constituted a committee involving representatives of national regulators and supervisors,
which closely examine the security and reliability of electronic money. It has called for
the development of prudent risk management for e-money activities and stronger
cooperation with banks to identify good practices and standards. The International
Association of Insurance Supervisors (IAIS), the International Organization of Security
Commissions (IOSCO) and the European Commission have started similar initiatives.
The financial sector especially the banking industry in most emerging economies
including India is passing through a process of change. As the financial activity has
become a major economic activity in most economies, any disruption or imbalance in its
infrastructure will have significant impact on the entire economy. By developing a sound
financial system, the banking industry can bring stability within the financial markets.
Deregulation in the financial sector had widened the products range in the developed
markets. Some of the new products introduced are LBOs, structured transaction, credit
cards, housing finance, derivatives and various off balance sheet items. Thus new vistas
have created multiple sources for banks to generate higher profits than the traditional
financial intermediation. Simultaneously they have opened new areas of risk also. Many
unknown issues that are intricately related to new products have exposed banks to various
risks across the globe and India is no exception.
During the past decade, the Indian banking industry continued to respond to the emerging
challenges of competition, risks and uncertainties. Risks originate in the forms of
customer default, funding a gap or adverse movements of markets. Measuring and
quantifying risks is neither easy nor intuitive. Our regulators have made some sincere
attempts to bring prudential and supervisory norms conforming with international bank
practices with an intention to strengthen the stability of the banking system.
.. Goals and expectations that management can use to measure the e-banking
policies and controls to manage e-banking risks and for the audit of e-banking
activities.
E-Banking Strategy
Financial institution management should choose the level of e-banking services provided
to various customer segments based on customer needs and the institution’s risk
assessment considerations. Institutions should reach this decision through a
boardapproved, e-banking strategy that considers factors such as customer demand,
competition, expertise, implementation expense, maintenance costs, and capital support.
Some institutions may choose not to provide e-banking services or to limit e-banking
services to an informational website. Financial institutions should periodically reevaluate
this decision to ensure it remains appropriate for the institution’s overall business
strategy. Institutions may define success in many ways including growth in market share,
expanding customer relationships, expense reduction, or new revenue generation. If the
financial institution determines that a transactional website is appropriate, the next
decision is the range of products and services to make available electronically to its
customers.7 To deliver those products and services, the financial institution may have
more than one website or multiple pages within a website for various business line.
Financial institutions should base any decision to implement e-banking products and
services on a thorough analysis of the costs and benefits associated with such action.
Some of the reasons institutions offer e-banking services include
.. Improved or sustained competitive position, .. Increased customer demand for
services, and .. New revenue opportunities.
The individuals conducting the cost-benefit analysis should clearly understand the risks
associated with e-banking so that cost considerations fully incorporate appropriate risk
mitigation controls. Without such expertise, the cost-benefit analysis will most likely
underestimate the time and resources needed to properly oversee e-banking activities,
particularly the level of technical expertise needed to provide competent oversight of
inhouse or outsourced activities. In addition to the obvious costs for personnel, hardware,
software, and communications, the analysis should also consider
.. Changes to the institution’s policies, procedures, and practices;
.. The impact on processing controls for legacy systems;
.. The appropriate networking architecture, security expertise, and software tools
attempts;
.. The skilled staff necessary to support and market e-banking services during
expanded hours and over a wider geographic area, including possible expanded
.. The additional expertise and MIS needed to oversee e-banking vendors or
.. The higher level of legal, compliance, and audit expertise needed to support
technology-dependent services;
.. Expanded MIS to monitor e-banking security, usage, and profitability and to
Once an institution implements its e-banking strategy, the board and management should
periodically evaluate the strategy’s effectiveness. A key aspect of such an evaluation is
the comparison of actual e-banking acceptance and performance to the institution’s goals
and expectations. Some items that the institution might use to monitor the success and
cost effectiveness of its e-banking strategy include
In evaluating the effectiveness of the institution’s e-banking strategy, the board should
also consider whether appropriate policies and procedures are in effect and whether risks
are properly controlled. Unless the initial strategy establishes clear accountability for the
development of policies and controls, the board will be unable to determine where and
why breakdowns in the risk control process occurred.
Audit
.. Scope and coverage, including the entire e-banking process as applicable (i.e.,
.. Personnel with sufficient technical expertise to evaluate security threats and
The board and senior management must provide effective oversight of third-party
vendors providing e-banking services and support. Effective oversight requires that
institutions ensure the following practices are in place:
.. Effective due diligence in the selection of new service providers that considers
customer satisfaction;
.. Written contracts with specific provisions protecting the privacy and security of
an institution’s data, the institution’s ownership of the data, the right to audit security and
controls, and the ability to monitor the quality of service, limit the institution’s potential
liability for acts of the service provider, and terminate the contract;
notification.
As with all outsourced financial services, institutions must have a formal contract with
the TSP that clearly addresses the duties and responsibilities of the parties involved. In
the past, some institutions have had informal security expectations for software vendors
or Internet access providers that had never been committed to writing. This lack of clear
responsibilities and consensus has lead to breakdowns in internal controls and allowed
security incidents to occur.. Institutions should tailor these recommendations to e-banking
services as necessary. Specific examples of e-banking contract issues include
.. Restrictions on use of nonpublic customer information collected or stored by
the TSP;
security administration. Adverse test results indicate a control is not functioning and
cannot be relied upon. Follow-up can include correction of the specific control, as well as
a search for, and correction of, a root cause. Types of tests include audits, security
assessments, vulnerability scans, and penetration tests.
onthird parties to verify the identity of an applicant or assist in the verification. The
financial institution is responsible for ensuring that the third party uses the appropriate
level of verification procedures to confirm the customer’s identity. New account
applications submitted on-line increase the difficulty of verifying the application
information. Many institutions choose to require the customer to come into an office or
branch to complete the account opening process. Institutions conducting the entire
account opening process through the mail or on-line should consider using third-party
databases to provide
and
.. Negative verification to ensure that information provided has not previously
In addition to the initial verification of customer identities, the financial institution must
also authenticate its customers’ identities each time they attempt to access their
confidential on-line information. The authentication method a financial institution 12
FFIEC Guidance: Authentication in an Electronic Banking Environment (July 30, 2001).
.. Something only the user should know, such as a password or PIN; .. Something
.. Something the user is, such as a biometric characteristic like a fingerprint or iris
pattern. Authentication methods that depend on more than one factor are typically more
difficult to compromise than single-factor systems therefore suggesting a higher
reliability of authentication. For example, the use of a customer ID and password is
considered single factor authentication since both items are something the user knows. A
common example of two-factor authentication is found in most ATM transactions where
the customer is required to provide something the user possesses (i.e., the card) and
something the user knows (i.e., the PIN). Single factor authentication alone may not be
adequate for sensitive communications, high dollar value transactions, or privileged user
access (i.e., network administrators). Multi-factor techniques may be necessary in those
cases. Institutions should recognize that a single factor system may be “tiered” (e.g.,
multiple passwords) to enhance security without the implementation of a true two-factor
system.
Password Administration
Despite the concerns regarding single-factor authentication, many e-banking services still
rely on a customer ID and password to authenticate an existing customer. Some security
professionals criticize passwords for a number of reasons including the need for
passwords whose strength places the password beyond the user’s ability to comply with
other password policies such as not writing the password down. Password-cracking
software and log-on scripts can frequently guess passwords regardless of the use of
encryption. Popular acceptance of this form of authentication rests on its ease of use and
its adaptability within existing infrastructures.
A “tiered” single factor authentication system would include the use of multiple levels of
a single factor (e.g., the use of two or more passwords or PINs employed at different
points in the authentication process). Tiering may not be as strong as two-factor
authentication because the means used to steal the first password may be equally
effective against the second password.
Financial institutions that allow customers to use passwords with short character length,
readily identifiable words or dates, or widely used customer information (e.g., Social
Security numbers) may be exposed to excessive risks in light of the security threats from
hackers and fraudulent insider abuse. Stronger security in password structure and
implementation can help mitigate these risks. Another way to mitigate the risk of scripted
attacks is to make the user ID more random and not based on any easily determined
format or commonly available information. There are three aspects of passwords that
contribute to the security they provide: password secrecy, password length and
composition, and administrative controls.
Password secrecy.
The security provided by password-only systems depends on the secrecy of the password.
If another party obtains the password, he or she can perform the same transactions as the
intended user. Passwords can be compromised because of customer behavior or
techniques that capture passwords as they travel over the Internet. Attackers can also use
well-known weaknesses to gain access to a financial institution's (or its service
provider’s) Internet-connected systems and obtain password files. Because of these
vulnerabilities, passwords and password files should be encrypted when stored or
transmitted over open networks such as the Internet. The system should prohibit any user,
including the system or security administrator, from printing or viewing unencrypted
passwords. In addition, security administrators should ensure password files are protected
and closely monitored for compromise because if stolen an attacker may be able to
decrypt an encrypted password file.
accessed. Financial institutions that assess the risk and decide to rely on passwords,
Administrative Controls
E-banking presents new administrative control requirements and potentially increases the
importance of existing controls. Management must evaluate its administrative controls to
maximize the availability and integrity of e-banking systems. E-banking information can
support identity theft for either fraud at the subject institution or for creating fraudulent
accounts at other institutions. Institutions should consider the adequacy of the following
controls:
fraud;
.. Dual-control procedures especially for sensitive functions like encryption key
volumes;
.. Periodic monitoring to detect websites with similar names, possibly established
E-banking activities are subject to the same risks as other banking processes. However,
the processes used to monitor and control these risks may vary because of e-banking’s
heavy reliance on automated systems and the customer’s direct access to the institution’s
computer network. Some of the controls that help assure the integrity and availability of
e-banking systems are discussed below.
Internal Controls
Segregation of duties.
E-banking support relies on staff in the service provider’s operations or staff in the
institution’s bookkeeping, customer service, network administration, or information
security areas. However, no one employee should be able to process a transaction from
start to finish. Institution management must identify and mitigate areas where conflicting
duties create the opportunity for insiders to commit fraud. For example, network
administrators responsible for configuring servers and firewalls should not be the only
ones responsible for checking compliance with security policies related to network
access. Customer service employees with access to confidential customer
accountinformation should not be responsible for daily reconcilements of e-banking
transactions.
Dual controls.
Some sensitive transactions necessitate making more than one employee approve the
transaction before authorizing the transaction. Large electronic funds transfers or access
to encryption keys are examples of two e-banking activities that would typically warrant
dual controls.
Reconcilements.
fraudrelated events may require the filing of a SAR with the Financial Crimes
Financial institutions should exercise care in selecting their website name(s) in order to
reduce possible confusion with those of other Internet sites. Institutions should
periodically scan the Internet to identify sites with similar names and investigate any that
appear to be posing as the institution. Suspicious sites should be reported to appropriate
criminal and regulatory authorities.
Error checks.
On-line instructions, help features, and proactive confirmations are typically part of the
basic design of an e-banking system and should be evaluated as part of the initial due
diligence process. On-line forms can include error checks to identify common mistakes in
various fields. Proactive confirmations can require customers to confirm their actions
would enter the amount and date of payment and specify the intended recipient. But,
before accepting the customer’s instructions for processing, the system might require the
customer to review the instructions entered and then confirm the instruction’s accuracy
by clicking on a specific box or link.
Financial institutions should consider the need to have customers confirm sensitive
transactions like enrollment in a new on-line service, large funds transfers, account
maintenance changes, or suspicious account activity. Positive confirmations for sensitive
on-line transactions provide the customer with the opportunity to help catch fraudulent
activity. Financial institutions can encourage customer participation in fraud detection
and increase customer confidence by sending confirmations of certain high-risk activities
through additional communication channels such as the telephone, e-mail, or traditional
mail.
.. Building redundancy into critical network components to avoid single points of
failure;
can be met.
Based on activity volumes, number of customer effected, and the availability of alternate
service channels (branches, checks, etc.), some institutions may not consider e-banking
services as “mission critical“ warranting a high priority in its business continuity plan.
Management should periodically reassess this decision to ensure the supporting rationale
continues to reflect actual growth and expansion in e-banking services.
.. Clearly identify the official name of the financial institution providing the e-
banking services;
.. Properly disclose their customer privacy and security policies on their websites;
and
.. Ensure that advertisements, notices, and disclosures are in compliance with
Financial institutions should comply with all legal requirements relating to e-banking,
including the responsibility to provide their e-banking customers with appropriate
disclosures and to protect customer data. Failure to comply with these responsibilities
could result in significant compliance, legal, or reputation risk for the financial
institution.
Trade names on the Internet
Financial institutions may choose to use a name different from their legal name for their
e-banking operations. Since these trade names are not the institution’s official corporate
title, information on the website should clearly identify the institution’s legal name and
physical location. This is particularly important for websites that solicit deposits since
persons may inadvertently exceed deposit insurance limits.
.. Disclose clearly and conspicuously, in signs, advertising, and similar materials
.. Use the legal name of the insured institution for legal documents, certificates of
deposit, signature cards, loan agreements, account statements, checks, drafts, and
.. Train staff of the insured institution regarding the possibility of customer
Disclosures must be clear, prominent, and easy to understand. Examples of how Internet
disclosures may be made conspicuous include using large font or type that is easily
viewable when a page is first opened; inserting a dialog page that appears whenever a
customer accesses a webpage; or placing a simple graphic near the top of the page or in
close proximity to the financial institution’s logo. These examples are only some of the
possibilities for conspicuous disclosures given the available technology. Front-line
employees (e.g., call center staff) should be trained to ensure that customers understand
these disclosures and mitigate confusion associated with multiple trade names.
Website contents
Financial institutions can take a number of steps to avoid customer confusion associated
with their website content. Some examples of information a financial institution might
provide to its customers on its website include
.. The name of the financial institution and the location of its main office(and
accounts, etc.;
complaints; and
.. Instructions for obtaining information on deposit insurance coverage and the
level of protection that the insurance affords, including links to the FDIC or
The general requirements and controls that apply to paper-based transactions also apply
permanent rules.
When disclosures are required to be in writing, the E-Sign Act requires that financial
institutions generally must obtain a consumer’s affirmative consent to provide disclosures
electronically. Under the E-Sign Act, a consumer must among other things provide such
consent electronically and in a manner that reasonably demonstrates that he or she can
access the electronic record in the format used by the institution. In addition, the
institution must advise customers of their right to withdraw their consent for electronic
disclosures and explain any conditions, consequences, or fees triggered by withdrawing
such consent.
:Internet Finance
Internet has touched almost all aspects of our lives. The emergence of e-commerce has
revolutionized the way we live, shop, entertain and interact. Therefore, it should not
come as a surprise if it tries to influence the way we save and the way we invest.
Today, when the customer is king and the service providers are rushing to pay obeisance
to the king, financial service providers cannot be left behind. In their quest to differentiate
their services and gain competitive advantage over their competitors, the financial service
providers are trying to provide their services to the customers in the comfort of their
homes. The Internet has emerged as a convenient channel for these service providers.
Living in India, we might find these ideas too far fetched but the truth is that Internet has
changed the way these services are delivered, particularly in countries where the Internet
penetration is high. The different ways in which Internet is trying to revolutionize the
delivery of the financial services and products are given below: -
OnlineBrokerage
Online Broking is emerging as another field where traditional service providers are likely
to face tough competition from the Dot Coms. In Taiwan and Korea, 30% of the stock
trading has already moved online. This is posing a threat to the traditional Full-Service
Brokerages. By leveraging the power of the web, Charles Schwab has emerged as a major
threat to Full-Service brokers like Merrill Lynch. In order to preempt the moves into
these areas by new players, many Banks have already tied up with Online Brokerages.
The Banks have entered the e-trading business. Since many banks are also Depositary
participants, they have tied up with e-traders so that a customer is able to buy or sell
shares
online
and
make
and
receive
payments
through
the
Net.
In India, HDFC Bank has tied up with Investsmart.com and is offering its services to all
the clients of the brokerage. ICICI Bank has gone a step ahead and launched
ICICIDirect.com. These banks have become exclusive providers of banking and
depositary/custodial services to the clients of these online brokerages.
The Banks have started offering banking services like checking your account status fund
transfer, ordering demand drafts and writing out cheques, via the net. Soon these will
formonly a small part of the total array of services being offered by them. TheseBanks
haveembarked on a number of new initiatives to protect their stronghold and to leverage
the net. They are offering value-added services to their customers and at the same time
are trying to get into B2C and B2B e-commerce. They are even trying to get their finger
into various transactions between the Government on one side and the business and the
customer on the other. Banks are trying to become a part of the online value chain. For
example, they are trying to tie up with corporates so as to become a part of their supply
chain and enable electronic transfer of funds between the different components of Supply
Chain. They are doing this by acting as an intermediary between the corporations and
Some Banks are trying to setup portals for routing payments like Excise Duty and Sales
Tax. Not content with that Banks are setting up secure payment gateways to tap the B2C
online market.
Banks have taken the application process for personal loans, car loans, and mortgage,
online. They plan to offer other financial products like Bonds and Mutual Funds through
their financial service portal. This strategy is aimed by pre-empting the entry of new
startups into this business.
Another bit of the Net strategy, involves providing infrastructure for B2C as well as B2B
e-commerce. Banks are setting up secure payment gateways that will allow online retail
shops to obtain instant credit card verifications. Once the buyer hits the pay button at a
B2C portal, the buyer's credit card details will get encrypted and travel securely to the
Visa or MasterCard approval system through the bank's payment gateway.
The banks are also setting up their own shopping portals. HDFC has a stake in a portal
called easy2buy.com where HDFC bank customers can buy using their bank account
number. Federal Bank has similar arrangements with Rediff.com and Fabmart.com.
ICICI has setup Magiccart.com, an e-tailing site.
At the B2B end, Banks are offering Net Banking service that allows electronic fund
transfers among a company, its vendors and dealers. Another service being targeted at
this segment is cash management. This will reduce the float, which is present in physical
processing of the payments.
The Banks are also trying to integrate their systems with the ERP/Supply Chain system of
their clients. This will enable the bank to benefit from the movement towards e-
procurement. E-Procurement involves making transactions online and processing the
payment electronically.
ICICI is one of the leading private sector banks in India, which combines financial
strength with a reputation forinnovation and a universal culture that embraces change. On
March 31, 2002 ICICI formally merged with ICICIbank and emerged as India's first
Universal Bank. ICICI banks retail distribution network continues to expand and itnow
has 409 branches and extension counters and 1,066 ATMS across about 240 locations
(ICICI, 2002 a).
The strategy of ICICI bank after the merger with ICICI Ltd. is that of building a
diversified portfolio. The merged entity will continue to be into project finance and the
focus will be to tap the potential in retail financing.
consortium led by Compaq to take the lead in offering a solution to the Indian e-
commerce community. This consortium offers a B2B and B2C e- commerce payment
gateway within India.
The Bank has been offering phone banking free of charge and was first to launch an
Internet Banking service in the country named Infinity. (ICICI, 2000). Infinity now
provides a host of online banking solutions to retail as well as corporate customers.
ICICI's constant endeavour in providing more value to the customers has resulted in
Infinity being the front-runner amongst online banking offerings in the country. Also, in
keeping with the customers need for increased security, Corporate Infinity now provides
multiple levels of authentication besides user ID/ password and includes security tokens
(ICICI, 2000 – 01, Annual Report).
ICICI also strives to be a center for leading research on financial engineering in India,
particularly in the area of valuation of securities, risk management and derivatives. By
leveraging on the groups resources ICICI provides custom tailored solution that can
support even the most complex business strategy (ICICI 2000(b)).
ICICI is now moving all its operations into the era of 'virtual integration'. Not only has
this drastically reduced costs, but it has also increased and improved its services to
customers. Money 2 India offers a unique facility by ICICI of transferring funds to India.
Additional modules were added-gifting and reminders to broaden its scope and enhance
ICICI's relationship with customers (ICICI, Annual report 2000 –01). The table below
gives the SWOT analysis of ICICI.
Thus, ICICI has been able to use technology to provide value-added service to its
customers during the last few years. For ICICI, technology is an integral part of their
business. However, their overall progress could have been smoother but for certain
internal and extraneous factors and also a pressure on spreads due to a competitive
market (Annual report, 2000 –01).
Conclusion
E-banking has become a necessary survival weapon and is fundamentally changing the
banking industry worldwide. To day, the click of the mouse offers customers banking
services at a much lower cost and also empowers them with unprecedented freedom in
choosing vendors for their financial service needs. No country today has a choice-
whether to implement E-banking or not given the global and competitive nature of the
economy. Banks have to upgrade and constantly think of new innovative customized
packages and services to remain competitive. The invasion of banking by technology has
created an information age and commoditization of banking services.
Banks have come to realize that survival in the new e-economy depends on delivering
some or all of their banking services on the Internet while continuing to support their
traditional infrastructure. The rise of E-banking is redefining business relationships and
the most successful banks will be those that can truly strengthen their relationship with
their customers. Without any doubt, the international scope of E banking provides new
growth perspectives and Internet business is a catalyst for new technologies and new
business processes. With rapid advances in telecommunication systems and digital
technology, E-banking has become a strategic weapon for banks to remain profitable. It
has been transformed beyond what anyone could have foreseen 25 years ago. However,
banks are uncertain about the regulatory framework for conducting E-business and the
regulatory and taxation issues for governing cyberspace presents formidable problems.
Developing such a system is not easy as the Internet is not organized geographically and
it is almost meaningless to refer to a website as national or local. Any successful attempt
at governing cyberspace will involve significant international cooperation. Tax issues are
being dealt with through O.E.C.D codes along with intergovernmental cooperation. The
Indian experience of E-banking is gradually merging with its international counterparts.
While the private sector and foreign banks have been fast in adopting Internet technology
in client servicing, there is a gradual trend for the major public sectors and numerous
cooperative units to move in the same direction. A mix of policy support and security
assurance should propel further E-banking adoption in India.
1.
2.
Use the same secure, mobile password in all devices and channels (including contact
centers), for both identification and transaction confirmation.
3.
Include all services in the same portal to gain economies of scope and repetition.
Introduce new services gradually to keep up user interest.
4.
Provide the same services and user logic to both private and corporate customers to gain
not only the reuse advantages of technology and branding, but also the economy of
repetition.
6.
Let your corporate and private users meet each other in the Internet bank via such thins as
mall-like link collection (available to merchants using the bank's services).
7.
Use both real-life situations and interest based personalisation and customisation to
provide users with targeted offers.
Glossary
Bibliography
Websites
www.rbi.org.in
www.sans.org/rr
www.technologyforfinance.com/whitepaper.asp
www.bankersonline.com
www.indianinfoline.com
www.banknetindia.com
www.checkfreei-series.com
www.icfai.com
www.icici.com
www.equitymaster.com
www.siliconindia.com
www.laws4india.com
www.expresscomputeronline.com
Books
A report onE-Banking
DownloadPrintMobileCollectionsReport Document
Top of Form
f51d233278e17e
doc
Spam or junk
Hateful or offensive
If you are the copyright owner of this document and want to report it, please follow these
directions to submit a copyright infringement notice.
Report
Cancel
Bottom of Form
Reads:
18,108
Uploaded:
12/11/2008
Category:
Uncategorized.
Rated:
4.83333 5 false false 0
(54 Ratings)
Business-Management
applications
bill payment
ebanking users
cover page
international banking
(more tags)
Business-Management
applications
bill payment
ebanking users
cover page
international banking
site
ebanking system
share trading
online share
line
kong
banking hdfc
(fewer)
sachin.nandha
Ads by Google
No Thanks
Related Documents
PreviousNext
28 p.
102 p.
69 p.
54 p.
69 p.
69 p.
69 p.
69 p.
69 p.
57 p.
57 p.
53 p.
69 p.
57 p.
92 p.
80 p.
91 p.
91 p.
91 p.
15 p.
7 p.
1 p.
1 p.
318 p.
28 p.
24 p.
10 p.
1 p.
6 p.
2 p.
3 p.
2 p.
34 p.
3 p.
155 p.
6 p.
1 p.
30 p.
7 p.
15 p.
12 p.
4 p.
226 p.
17 p.
1 p.
266 p.
10 p.
4 p.
49 p.
1 p.
9 p.
9 p.
4 p.
PreviousNext
10 p.
19 p.
4 p.
138 p.
43 p.
7 p.
49 p.
93 p.
18 p.
18 p.
89 p.
3 p.
45 p.
40 p.
27 p.
172 p.
120 p.
123 p.
90 p.
33 p.
100 p.
67 p.
25 p.
49 p.
40 p.
Recent Readcasters
Add a Comment
Top of Form
f51d233278e17e
Submit
document_comme
4gen
Bottom of Form
alok9v@gmail.com
08 / 07 / 2010
Reply
Report
ruchi.gulati@ymail.com
07 / 01 / 2010
Reply
Report
domine
05 / 21 / 2010
Reply
Report
yashwantcabm@gmail.com
05 / 17 / 2010
Reply
Report
05 / 03 / 2010
Reply
Report
Show More
High Quality
Open the downloaded document, and select print from the file menu (PDF reader
required).
Name:
Description:
public - locked
Collection Type:
public locked: only you can add to this collection, but others can view it
public moderated: others can add to this collection, but you approve or reject additions
private: only you can add to this collection, and only you will be able to view it
Save collection
Cancel
Bottom of Form
Name:
Description:
public - locked
Collection Type:
public locked: only you can add to this collection, but others can view it
public moderated: others can add to this collection, but you approve or reject additions
private: only you can add to this collection, and only you will be able to view it
Save collection
Cancel
Bottom of Form
Upload a Document
Top of Form
Bottom of Form
About
Press
Blog
Partners
Branded Reader
Web Stuff
Scribd Store
Support
FAQ
Developers / API
Jobs
Terms - General
Copyright
Privacy
Follow Us!
scribd.com/scribd
twitter.com/scribd
facebook.com/scribd