Professional Documents
Culture Documents
Internet Banking
Internet Banking
104
UNIT 5: INTERNET ORONLINE BANKING 105
In 1981, when four of majorUS banks viz., Citibank, Chase Manhattan
and others came up with this idea, there were not enough takers, and hence
it failed to gain momentum. The next wave of online banking came in
mid-1990s. It was in 1994 that Stanford Federal Credit Union became
the first institution in the US to offer online banking to its customers.
Initially customers were reluctant to use online banking because of lack
of security features and lack of awareness as to how to make use of this
channel of banking.
ICICI Bank was the first bank in India to introduce Internet banking,
followed by HDFC Bank and Citibank in the year 1999.
5.2 How Internet Banking Works
An Internet banking server hosts the internet banking programs and is
interfaced with the CBS Server. Usually customers access internet bank
ing page through a designated web-server which is placed in a DMZ
(De-Militarized Zone) for security reasons. Customers can visit the internet
banking page from their own PCs/mobile phones/laptops/tablets etc. They
can register and link their accounts and these accounts can be accessed/
operated through the internet. The bank provides ID and Password for
login and on login attempt, the Internet banking server verifies the ID,
password entered by the customer against its database for the login details,
and then, permits login if those tally. The software links the customer to
his CBS accounts, and he can then transact as per menus in the webpage.
Internet banking uses many additional checks for some or allas the rules
are set transactions, particularly (security checks with additional ques
tions, one-time password during transaction sent to customer's registered
mobilele-mail for screen entry and verification by system, etc.). This is
because Internet banking has some inherent risks attached to it.
Account Derails: One can track the entire account details by viewing
balance, downloading statements and more. All other accounts, such as
credit card (of thesame bank), loan, DEMAT accounts, etc., can be linked
and tracked in one single location.
Remittances and Funds transfer: Using internet banking facility one can
transfer funds to own accounts in same bank/other bank accounts or to
bank accounts of others with the same bank or with different banks, using
systems such as NEFT, RTGS or IMPS/UPI.
Request Services: Through this service, requests can be made to issue
Cheque book, Demand draft, Stop Cheque payment, Debit card loyalty
point redemption, etc.
Bill payment services:One can facilitate payment of electricity and tele
phone bills, mobile phone, credit card and insurance premium and other
utility bills, without going to the sites of those service providers, as cach
bank has tie-ups with various utility companies, service providers and in
surance companies across the country. To pay one's bills, all that is needed
to be done is to complete a simple one-time registration for each biller.
One can also set up standing instructions, online, to pay recurring bills
automatically. Apart from these 'registered' automated payments (by
SIs), or auto-collected bills to be paid (the biller registration process),
normally most of online payments each time on ad hoc basis, are enabled
and provided in the software to be paid by Credit/Debit cards or internet
banking, or from some wallets, or also from the account directly by transfer
online; this mode is the most popular as it does not need a 'registration'
and the customer is free to choose which bank account or even card-debit
or credit, etc., to pay from.
Investing through Internet Banking:-One can now open an Fixed Deposit,
or many other accounts as the Bank may like to provide for, online includ
ing funding the account by funds transfer. Now investors with interlinked
demat and bank accounts can easily trade in the stock market and the
amounts will be automatically debited/credited to their respective bank
accounts and the shares will be credited/debited to their demat account(s).
Moreover, some banks even extend the facility to purchase mutual funds
directly through the online banking system.
UNIT 5 : INTERNET OR ONLINE BANKING 107
Recharging prepaid phones: Now one can top-up his/her prepaid mobile
cards by logging on to Internet banking. By just selectring the telecom
operator's name, entering the mobile number and the amount of recharge,
the phone can be again back in action, within few minutes.
Shopping: With a range of all kind of products, one can shop online and
the payment is also made conveniently through the account. One can also
buy railway and air tickets using Internet Banking.
Obviously for the above, site-to-site integrations of banks, telecoms and
other online sellers, biller organisations directly (providing mutually be
tween two organisations, - connections, as also credentials, access, agreeing
on formats and contents of messages, and then data exchange and messages
exchanges, and, lastly, programs to handle these access controls, exchange
of messages/data. Initially, the industry started with one-to-one tie-ups
(a bank and an organisation, say Railway). Slowly some banks and some
organisations matured to asituation, that they created acommon standard
of data exchanges and routines, a common set of agreed technical details
for site-to-site handshake between the organisations. This way, many
counterparties can register with one, when they adopt the same technical
details, message formats, standards, routines etc., and can have online
transactions across the two organisations. The customer in the front-end
gets aseamless experience of visitingshop Xor Zsite, paying online from
bank Y, or visiting bank Ysite and pay a tax online to the Govt. or shop at
shop Xor Z, etc., as the bank hosting the online application will provide
for in the sofrware.
This is acase of one-to-many exchange, where one organisation (bank) hosts
the software where others connect with their sites for online exchanges.
Examples may be abank hosting asite for online Tax or some money trans
fer etc. service-other organisations connecting can use those functions by
logging from their own site and they can enhance their software in-house
so that some more service or control to their own users/employees can
be provided. Similarly it can be a Railway ticketing service online, where
many banks can connect, and so, allow its customers to book e-tickets
and pay online from the bank account. This leads to transactions which
are all paperless and instantaneous, with the related entities (shop, bank,
Govt.) providing e-acknowledgements, receipts, as agrecd.
108 MODULE A:DIGITAL BANKING PRODUCTS
Banks are also offering customized offers to their customers through net
banking as per their customer category. Some banks are extending life
time free credit cards totheiraccount holders through net banking. Banks
are utilising their net banking channels, often for croSs selling. Internet
banking enables a very cheap, easy and fast channel to reach customers,
market new products, extend customer education, etc.
Internet enables cheap, fast and widespread communication to non-cus
tomers similarly. So, in marketing and promotions, this platform is quite
useful.
5.5.4 Spoofing
Fake or spoofed organizations: - Organizations such as distributors, es
crows, and other third party mediators are used often. Customers may trust
totransact with. Such transactions usually involve monetary exchanges.
Escrow/Distributor or other agencies services collect the payment from
a buyer on behalf of an online seller, aid in the delivery of the purchased
item to the buyer, or provide maintenance or value-added services. In
instances where this third party is illegitimate, the user will interact in
the spoofed web site, and get defrauded, lose money, may not, receive the
purchased item nor will be able to recover the money paid to the escrow
service. There have been several instances where illegitimate users claim to
be sellers on certain websites, posting falsified auction items, withholding
the customers' payments, but never delivering the goods.
5.5.5 Cyber-mugging
Some emails appear legitimate, but when opened, installTrojans and
Keystroke sniffers onto customer's computers so that sensitive informa
UNIT 5: INTERNET OR ONLINE BANKING 115
Once that information is out there, you don't necessarily have control
of how other people use it.
7. If you have a"wipe your phone" feature, you should set it up
Features such as Find My iPhone, Android Lost or BlackBerry
Protect allow you to remotely to erase all your personal data, should
your device be lost or stolen. In the case where your phone is gone
for good, having a wipe feature can protect your information from
falling into the wrong hands.
8. Only shop online on secure sites
Before entering your card details, always ensure that the locked
padlock or unbroken key symbol is showing in your browser.
Additionaly the beginning of the online retailer's internet address
will change from "http" to "https" to indicatea connection is secure.
Be wary of sites that change back to http once you've logged on.
9. Don't assume banks will pay you back
Banks must refund a customer if he or she has been the victim of
fraud, unless they can prove that the customer has acted "fraudulently
or been "grossly negligent". Yet as with any case of fraud, the matter
is always determined on an individual basis.
10. Ignore pop-ups
Pop-ups can contain malicious software which can trick a user into
verifying something, when you do a download will be performed
in the background, which will install malware known as a drive-by
download. Always ignore pop-ups offering things like site surveys
on e-commerce sites, as they are sometimes where the malicious
code is.
11. Be wary of public Wi-Fi
Most Wi-Fi hotspots do not encrypt information and once a piece
of data leaves your device headed for a web destination, it is "inthe
clear" as it transfers through the air on the wireless network. That
means any packet sniffer [a program which can intercept data)
or malicious individual who is sitting in a public destination with
a piece of software that searches for data being transferred on a
UNIT 5: INTERNET OR ONLINE BANKING 123
verification code sent via SMS to your phone. Ahacker might crack
your password, but without the unique and temporary verification
code should not be able to access your account.
16. Lock your phone and tablet devices
Keep your phone and Tablet devices locked, just as you would your
front door. Keying in a password or code 40-plus times a day might
seem like a hassle but It's your first line of defense. Next-generation
devices, however, are employing fingerprint scanning technology as
additional security.
17. Be careful on e-commerce sites
Check the seller feedback and if a deal looks too good then it may
well be. Keep your online payment accounts secure by regularly
changing your passwords, checking the bank account to which it is
linked and consider having a separate bank account or credit card
for use on them, to limit any potential fraud still further.
18. Lock down your Facebook account
Facebook regularly updates its timeline and privacy settings, so it is
wise to monitor your profile, particularly if the design of Facebook
has changed. Firstly, in the privacy settings menu, under "who can
see my stuff?" change this to "friends". Also in privacy, setting "limit
old posts" applies friends-only sharing to past as well as furure posts.
Disable the ability of other search engines to link to your timeline.
Also, remove your home address, phone number, date of birth and
any other information that could used to fake your identity. Similarly
you might want to delete or edit your "likes" and "groups" - the
more hackers know about you, the more convincing a phishing
email they can spam you with.
While much of the above are technical solutions to prevent you
being hacked and scammed, hacking done well is really the skill of
tricking human beings, not computers, by preying on their gullibility,
taking advantage of our trust, greed or altruistic impulses. Human
error is still the most likely reason why you'llget hacked.
UNIT 5: INTERNET OR ONLINE BANKING 125
5.7 Keywords
> Phishing Phishing email messages, websites, and phone calls are
designed to steal money. Cybercriminals can do this by installing
malicious software on your computer or stealingpersonal information
off of your computer
> Brandspoofng: Hackers will fake or spoofwebsites of legitimate and
existing organizations to deceive customers intothinking they are
interacting with the legitimate company
Gyber-mugging: Some emails appear legitimate, but when opened,
install Trojans and Keystroke sniffers onto customer's computers so
that sensitive information can be stolen.