The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

The Impact of Cyber Security Risk on Client Satisfaction in

Banking Sector of Pakistan

by

SANIA NAZEER

Supervised by

Dr. ABDUL WAHEED SIYAL

1
The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

A thesis

Submitted in partial fulfillment of the requirements

for the degree of Master of Business Administration

to Office of Research, Innovation & Commercialization

(ORIC), Institute of Business & Technology,

Karachi

2
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

Contents

Introduction..................................................................................................................................4

1.1 Overview........................................................................................................................4

1.2 Background.....................................................................................................................5

1.3 Statement of Problem......................................................................................................6

1.4 Research Questions.............................................................................................................7

1.5 Objective of the Study........................................................................................................7

1.6 Justification of the study.....................................................................................................7

1.7 Importance of the Study......................................................................................................7

1.8 Limitations of the Study....................................................................................................10

1.9 Definitions........................................................................................................................10

Literature Review.........................................................................................................................11

Future Areas of Research..........................................................................................................15

Conceptual Framework.................................................................................................................16

Research Methods and Procedures...............................................................................................17

Research Design and Methods..................................................................................................17

Data Collection.........................................................................................................................18

References................................................................................................................................19

3
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

Chapter 1: Introduction

1.1 Overview

The Evil Internet Minute report published by Attack Surface Management Firm RisklQ

reveals that the cyber criminals will costs the world $11.4m each minute by 2021.

[CITATION THE02 \l 1033 ] This estimation excluded additional losses of identity theft and

property theft. The chances of losses by cyber criminals to financial institution are

increasing globally and it will reach to $10.5trillion annually by 2025 which is threefold

increase in a decade. Especially, the companies and institutions who always wished to

have a fasten communication system, real-time remote system, use the internet as a

marketing tool and sale tool, the intrusion for them is growing daily.

With the advancement of computers and internet where the opportunities has become

risen worldwide, on the other hand it cause business and banks a threats to spiteful

activities and cybercrime. By using computers and technology cybercriminals try to reach

destructive activities on the internet. The baking sector is assume to be a hub of financial

activities rather than any other financial institution. It is necessary to distinguish the three

different parts of cybercrime which becomes more complicated in our country Pakistan.

a. Card Skimming: This is main too of cybercriminals that when a customer pays his or

her bill after shopping or dinning, the dealers swiped its card for payment and the

information of that card being stolen with the help of magnetic strip. This is happening

worldwide except few countries who have found precautions for that. When if we travel

4
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

abroad and use debit or credit card for payments the information can be stolen at any

level.

b. Cybercriminals tries to get financial information of customers’ by using many tools of

identity theft. They impersonate the client’s identity by using different methods of

cybercrime like phishing (the practice of sending fraud emails by any reputable company

and try to get customers information) smashing (a fraudulent activity of sending

messages and get customers information i.e. password or credit card number) Vishing (a

fraudulent activity of calling customers with a fake identity of any reputable officer or

from department asking personal information related to their financial ids)

c. Hacking: Cybercriminals always try to breach banking network system and get

customers access to their accounts by hacking. In past few years this is happened in

Pakistan which result a hug loss of customers. The reason of being hacked customers

account is that the user id or password are too weak that the system cannot protect it

enough to be secured.

With the advancement of paper money Pakistan is facing card skimming issues and

thieving for a long time. There are many groups of hackers who are working with the

fraudulent identity of Govt. and try to get customers id by personally linking them.

Approximately. 8000 to 10000 accounts and its information were stolen from 25

Pakistani Banks and it result many losses. [ CITATION Sen18 \l 1033 ]

5
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

1.2 Background

The Islamic Republic of Pakistan's banking sector has been dealing with a wide range of

threats and issues related to cyber security. Pakistan's banking sector has been in grave

risk due to cyber security breaches and the theft of personal information from clients.

ATM skimming, unlabeled and questioned exchanges have become commonplace in the

Islamic Republic of Pakistan's banking sector.

For a long time, the financial sector has been subjected to an attack. In any event, it was a

thorough physical heist of funds. By that time, the PC had been entirely shattered. Today,

it's an automated ruse, similar to hacking into employees, to persuade a client to divulge

sensitive information in the future (PII). As a result, it's clear why cutting-edge banking

security is so critical. Because people and businesses do the majority of their transactions

online, the possibility of a knowledge entry grows over time. This is frequently why there

is a more fundamental feature to look at the magnitude of automated security in banking

portion measures. [ CITATION PRE19 \l 1033 ]

1.3 Statement of Problem

Before banking system, people used to save their moneys to a depository but in this

system they were in fear of stealing money. After revolution of banking system, when

ATM cards, Debit/Credit Cards. Online payment between Accounts E-banking, etc. has

been launched for the ease of customers, the chances of cyber fraud has been risen in

Pakistan’s banking sector. Pakistan’s banking is not only facing cyber frauds but hacking

is being common in banking sector which result in huge losses. Customers use an online

system where they can make payments online, for this purpose they their Ids or data

being hacked easily.

6
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

The Significance of cyber security is increasing because it plays a vital role in banking

sector of Pakistan. Customers prefer to keep credit cards for payments instead of cash.

They use it for any checkout pages and physical credit scanners. From where, there

confidential data being stolen and cyber criminals use it for further frauds.

This not only harm the customers but also the goodwill of bank put a stake. The bank has

to pay thousands of dollars to release that data and further they lose the customer and its

confidence. When cyber securities are not implemented the chances of frauds by cyber

criminals increases. In addition, it also cause a wastage of time for customers to

deactivate their all credit cards, close bank accounts and open it another bank but it

doesn’t mean that their PII (Personally Identifiable Information) won’t be use by Cyber

Criminals. [ CITATION PRE19 \l 1033 ]

1.4 Research Questions

To investigate the effects of cyber security risk on customer satisfaction in Pakistan's

banking sector.

1.5 Objective of the Study

The goal of this investigation is to learn more about the impact of digital threats and their

manifestations in Pakistan's financial sector. This study investigates the impact of data

security awareness on the relationship between digital threat and hierarchical execution.

1.6 Justification of the study

Since the banking sector of Pakistan has consistently faced cyber-threats and cyber-

tackles challenges and concerns. As a result, the State Bank of Pakistan has been training

7
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

and encouraging advertising banks in Pakistan to enhance their IT Security Departments

in order to ensure the security of customer accounts information in IT.

1.7 Importance of the Study

Cybercrime is not only a mainstream offence as it is breaches its limits to worldwide.

Cybercrime means any illegal activity that uses computers, cell phones or any other

digital device. These digital devices works as an agent for cyber criminals because it

contains the confidential information of user’s. By using internet, cybercriminals take full

advantage of obscurity, secrecy or interconnections. They take full leverage of modern

internet banking technology. Every bank and financial institution are facing breach of

cyber space. The fear of data theft is increasing day by day as the world is changing

towards plastic money. Cyber attacker’s favorite targets are banks as they always have

highly valuable data of customers.

Banks are more likely to being target by cyber criminals it assume to be a financial hub.

No organization is being hack as the banks usually hacked in past years. The chances of

being hacking are also increased because the products usually bank offers is used in

different platforms like ATM cards, internet banking, e-payments etc. Cyber criminals

get access to their personal information which results in huge loss not only for customers

but the bank as well. The share of the banks also get decrease if it is repeatedly being

hacked by the cyber criminals. Banking industry is assume to be more critical since it is

suspect to be more financial lure for transgressor.

In Pakistan, the users in banking industry are increasing rapidly. The process of

information theft and fabrication is also multiplying by using different channels of

8
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

banking facilities. In past few years it has been recorded that some cyber breaches result a

hug loss. In 2018, it has been recorded that some overseas hackers stolen the data which

result in US$ 6 million of loss. From 22 Pakistani banks, the data almost 19,864 were

stolen through debit/credit cards.

However, in January 2019 Meezan Bank Ltd becomes the victim of cybercrime. Gemini

Advisory: a body who gives advices for emerging cyber threats stated the information of

January 24 and January 30, 2019 which is associated with Meezan Bank Ltd. It stated

that cybercriminals used fake cards to either buy services or goods by ATMs and then

sold by fraudsters. Despite of making security measures by banks, the cybercriminals

finds ways to theft information at the point of every sale.

The government and societies are paying millions of dollars in a year just to prevent from

cybercriminals. The consequences of any single successful cybercriminals is far reaching

that it cause a huge loss to anyone and result in loss of confidence and tryst in a bank.

Pakistani bank also give insurance policy to customers to safeguard their finance but the

banks doesn’t seems much interested. This is the main reason that why Pakistani

customers being hacked frequently. The banks assume that giving insurance is good

enough to being safe from this problem and they don’t focus on securing their networks

from cyber criminals. It result in discourage of online banking and distrust. Customers

prefer saving their money at home rather than keeping in bank records, it result in

downfall of economic system. This is the severe issue that Pakistani banks are failed to

give security to customers from cyberattack.

In Pakistan, there is a need to invest in youth and make them capable to build such

infrastructure which can prevent the banking online network from cyber criminals. We

9
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

are in need to improve and work on artificial intelligence, lock chain and in software

robots as Chief Technology Officer Huawei Jorge Sebastiano has suggested.

IT department of banking system can only be stronger f we provide them a strong cyber

infrastructure that guarantees a strong cyber security. Pakistan is not only a country who

is a victim of such cyber criminals. It is a kind of issue, which is being faced by every

country. So, with the collaboration of other countries at international level this problem

can be resolve by improving cyber security. It is a global challenge facing every country

and can be resolve at collective approach. It will not only secure the banking system but

it will also gain confidence of customers and they will use baking channels for every

payment and receiving. It will also boost up the economy of country.

Pakistan has a membership at Multilateral Partnership against Cyber Threats

(ITUIMPACT) to secure banking system of Pakistan. It also provide a platform of

“International Cooperation” to prevent from cybercriminals. It is observes that Pakistan

Cyber Security has not taken it serious so that they can take this agenda at international

level. However, Pakistan has need to prevent its system from cyber criminals. [ CITATION

BAS20 \l 1033 ]

1.8 Limitations of the Study

This study paper is being researched around financial division of Islamic Republic of

Pakistan, so similar investigations to other areas can’t be summed up in different areas. In

addition, a similar investigation from top to bottom in different social areas will help to

research different discoveries.

10
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

1.9 Definitions

Cyber-Crime

The use of computer, cell phones or any other digital gadget cause cybercrime.

Cybercrime also called computer crime where hackers use the confidential information of

customers with intention to make them loss financially. It also consist of different frauds

like trafficking intellectual property, stealing identities, violating privacy etc. Since the

internet becomes the central of commerce for private and government sectors the chances

of cybercrime is increasing daily. [ CITATION Sen18 \l 1033 ]

Cyber threats

A cyber threat is a spiteful attack with intention of seeking data, damaging it, steal data,

corrupt data or disrupt digital life in general. Cyber-attacks could be in shape of computer

virus, and Denial of Service (DoS) attacks.[ CITATION Sen18 \l 1033 ]

Hacking

Hacking means identifying weaknesses of a computer or network with intention to gain

personal or business data. By using password bricking algorithm the information can be

hacked and can be used illegally. [ CITATION Sen18 \l 1033 ]

Chapter 2: Literature Review

The most rising issue in Pakistan is a cyber threat. Due to incompatible parameters in

cyber space, cybercrime is becoming the most important issue which needs to be resolved

on urgent basis. As long as technology is being advanced, Pakistan is expending its

11
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

resilience on cyberspace. In other words, Pakistan hasn’t got such infrastructure yet

which could be helpful to accommodate in expending technology. Now it is become

national responsibility to work on it in order to secure digital banking in our country. The

challenges has become stronger that no one can defeat them individually. For such

purpose Pakistan really need a secure cyber mechanism in order to deal with cyber threat.

[ CITATION SAD15 \l 1033 ]

The banking industry is being advanced as they launch new products, services and a very

different way to do new business. Since the past few years banking industry has

expended with the help of adopting new technology. As long as the banking industry

adapted the new technologies, the risk has maximized as well. Now there is a need to

analysis the hindrance which occurs while implementing new technologies in banking

sector. Before going with full speed, there is a responsibility of banking management and

security risk analyst to provide such cyber security and environment in which customers

can relay.

The financial sectors are continuously involve in maintaining new businesses,

organizations and services including cooperative groups. For this purpose, the usage of

funds by investing in different sectors helps to encourage the information advancement to

cooperate arrangement. As indicated, it is a key which needs to be access and know the

barriers that works beside the employment of progressing improvement and new methods

that are united to the fund foundation. A threat is something which begin the reason of

barriers in something and stop us to achieve a target goal. The threat could be in internal

factors or could be faced by external segments, it depends upon the way we chose to

succeed in. for this purpose threat management always built to help minimize the risk. It

12
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

is not only help to solve the problem but it also discriminate the threats. It is a complete

cycle which helps to recognize the threat, dismembering and then lad to solution.

[ CITATION Noa19 \l 1033 ]

The abnormal increase in cyber fraud becomes the reason for financial institutions to be

worry in twenty first century. This is the reason to make ensure that the net is having

additional security at every level. In current banking system cybercrime is the only

barrier which is being faced by the worldwide. It is being caused to reduce the

productivity of banking sectors. The smart solution of this problem could be affiliations.

Affiliation is the only way to handle delayed outcomes of cybercrime. Budgetary

affiliation could help in reducing such online cybercrime by allowing security pop-ups

while using internet banking. They should take into account such security measures

which facilitate in rising the notifications of peril for people for the sake of security and

superintend smart cash connected and business condition. The purpose of cybercrime is

to fund raising by illegal method and it is more trending across the world. Affiliation

helps in this regard. Affiliation purpose is to raise security notices while review of each

and every on-line danger and intimate the users to be caution while exchanging

information. The technology helps to move information in this knowledge society. It

helps the users of computer purchasers to accommodate with the fingerprint knowledge

in this fast era. The online purchasing key is an effective tool for every business and not

only for business but it is also trending on its peak. For this regards, banks are playing

vital role to promote online purchasing. Banking association are also interested in

expending digital banking with safe zone. They are investing further to minimize the risk

while using digital banking. The threat of losing information, data and knowledge

13
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

changing activity by controller of electronic money becomes the more severe threat and

they keeps forefront to reduce the connectivity of any fraudulent activity and for the sake

of society and technology advancement.

Security Organizers are trying to cope up with such fraudulent activity to reduce it down

and they are making such frameworks which can be helpful in this regard to slow down

such activity. They are succeeding in this stage and we hardly hear any news related

being fraud by cybercrime. [ CITATION Lia16 \l 1033 ]

Electronic banking are playing vital role for the businesses and clients irrespective of

threats and challenges to businesses and individuals and become reason for continuous

improvement with potential. Where are uncountable advantages of cyberspace, a

disadvantage of cyberspace becoming more critical to handle all over the world. As the

technology being advanced, companies, business, and individual’s resilience increasing

day by day. It is becoming almost impossible to live without cyberspace in daily routine

but the increasing tendency of white collar crimes are increasing rapidly. It is not only a

crucial part but it is also has changed the way of bank robbery. Web banking's

exponential growth, the ever-gifting and by and large nature of open structures, and later

on the staggering reliance on it have all paved the way for increased security difficulties.

Updates in IT, banking rules, and, of course, the evident remote systems association

provides that must be required to be considered by the firm. [ CITATION Atu13 \l 1033 ]

Banking movement is defined as the knowledge and communication moves used by

banks to transmit various relationships to their customers at an electronic stage in a

secure and dependable manner. Both buyers and banks have benefited shrewdly from the

task of high-level knowing advancement during the last two decades to leave the globe in

14
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

its everyday works. Client service, branch benefit, improved alliance transport, quick and

trustworthy support, dependable extra move, probability association, and consistent data

structure are just a few of the most important factors to consider as the data progresses.

New business sectors, new things, new affiliations, and advantageous progress channels

for the money connected have emerged as a result of the advancement of information

improvement. The advancement of progress and, as a result, the improvement of when all

is said and done money linked systems has essentially expanded the exchanging of

central focuses from one location to the next and the methodology of centre money linked

association to its clients. Banks can use knowledge growth to wear down their front

offices and back off by using the right reactions. Throughout the 2000s, banks began

executing information advancement with a focus on the selection of central money-

related strategies, centralization of endeavors, and complete mechanization of banks.

Knowledge development provides an open door for banks to collect new structures that

answer a wide range of client wishes while also addressing specific needs that are not

now possible. Progress updates are having a significant impact on the reshaping of the

money-related firm, by highlighting the advancement of current money-related items and

new ways for accommodating its clientele.

[ CITATION RRa15 \l 1033 ]

E-banking is a term that refers to a variety of banking activities in which bank customers

search for information and investigate retail banking affiliations such as account

transfers, balance mentioning, charge packs, and so on, using an association structure that

is unambiguous of the customer going to his or her affiliation or homes. These

affiliations/elective techniques are intended to provide banking clients with each click of

15
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

specific associations, comprehend the lower cost of jobs for both banks and their clients,

and ensure capable and productive cash-related activities for all parties involved.

[CITATION Oke15 \l 1033 ]

Future Areas of Research

Identity Theft, Hacking, Spamming, and ATM/Debit Card Skimming account for

approximately 89.3 percent of the impact on customer satisfaction in Pakistan's banking

sector. The remainder of the elements, which could not be included in this study, are also

accountable for the impact of Customer Satisfaction in Pakistan's Banking Sector. These

are the variables that will be studied in the future by finance students.

Conceptual Framework

Dependent Variable

Customer Satisfaction

Independent Variable

- Identity theft

- Hacking

- Spamming

- ATM/ Debit Card Skimming

16
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

Hypothesis

H1 In Pakistan's banking sector, identity theft has no major negative influence

on customer satisfaction.

H2 In Pakistan's banking sector, hacking has no substantial negative influence

on customer satisfaction.

H3 Spamming has no major negative influence on customer satisfaction in

Pakistan's banking sector.

H4 The use of an ATM or a debit card has no negative influence on customer

satisfaction in Pakistan's banking sector.

17
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

Chapter 3: Research Methods

Research Design and Methods

The purpose of using research methodology is to collect data, analyze the answers of

hypothesis in more systematic way and reach to conclusion. In this research paper we use

quantitative data instead of qualitative. The data was collected by the help of

questionnaire which was distributed among customers of bank and almost 300 responds

were received. A large number of responses are involved in this research paper to

thoroughly identify the relation between dependent and independent variable.

Respondent of the Study

Collection of data from the population for research is the fastest growing technique.

There are numbers of banks in Karachi and thousands of people are customer of it. So,

collecting data by a questionnaire is very helpful. In this regard we have decided to at

least receive 300 responses for this questionnaire.

Research Instrument

Questionnaire is considered a very cheap resource to gather a large number of responses

at a certain time. For respondent it is also become so easy to read and understand the

question and to give reply accordingly their experience. So, for this purpose, I also prefer

a questionnaire to collect maximum responses by a large number of samples.

Data Collection

I opted to use primary data to investigate the impact of cyber security risk on customer

satisfaction in Pakistan's banking sector. A study questionnaire will be created for this

purpose, in which statements will be included on dependent and independent factors.

18
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

References

Cybercrime will cost global economy $11.4m per minute by 2021

https://tribune.com.pk/story/2266019/cybercrime-will-cost-global-economy-114m-per-

minute-by-2021

Malik, R. (2018, December 07). Cyber security for banks and national institutions.

Retrieved from The Nation: https://nation.com.pk/07-Dec2018/cyber-security-for-banks-

and-national-institutions

19
 The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

Khatri, P. (2019, September 25). The importance of cyber security in banking. Retrieved

from The Global Treasurer: https://www.theglobaltreasurer.com/2019/09/25/the-

importance-ofcyber-security-in-banking

Khalil, B. (2020, March 20). Pakistan: Cybercrime Affecting Banking Sector And

Economy – OpEd. Retrieved from www.eurasiareview.com:

https://www.eurasiareview.com/22032020-pakistan-cybercrimeaffecting-banking-sector-

and-economy-oped

Rasool, S. (August, 2015). Cyber Security Threats in Pakistan: Causes Challenges and

Way Forward. International Scientific Online Journal

Noah N. Gana, S. M. (2019). Security Risk Analysis and Management in Banking Sector:

A Case Study of a Selected Commercial Banks in Nigeria. I.J. Information Engineering

and Electronic Business

Liaqat Ali, F. A. (23rd December, 2016). The Effects of Cyber Threats on Customer’s

Behavior in e-Banking Services. International Journal of e-Education, e-Business, e-

Management and e-Learning, 7

Atul Bamrara, G. S. (June, 2013). Cyber Attacks and Defense Strategies in India: An

Empirical Assessment of Banking Sector. International Journal of Cyber Criminology

R Rajesh, A. P. (25 March.2015). A Study on Impact of Information Technology in

Banking Sector With Reference To Southern Tamilnadu. International Conference on

Inter Disciplinary Research in Engineering and Technology

20
The Impact of Cyber Security Risk on Client Satisfaction in Banking Sector of Pakistan

21