Chapter One Chapter Five

Basics of Computer ICT Policy and IT Audit

1. Generation Of Computers 40. Information and Communications Technology (Ict)
2. Capabilities & Limitations Of Computer? Audit? Need For It Audit
3. TYPES OF COMPUTERS 41. Audit Trail?
4. Impact Of Computerization In Banking Sector? 42. ICT Policy scenario in Bangladesh?
5. Use Of Computer In Cash Management? 43. Audit trail:
6. Types Of Computer Networks? 44. Cyber Crime:
45. Objective of ICT policy:
46. Cyber law in Bangladesh
Chapter Two
Hardware and Software
7. Input, Output, Central Processing Unit Of Computer? Chapter Six
8. Data Storage Device & Types? Modern Banking
9. Operating System (OS)? 47. Personal Banking?
10. Difference Between Hardware & Software? 48. Online Banking?
11. Various Types Of Software? 49. Mobile Banking?
12. What Is Utility Software Give 5 Example? 50. What Is ANY BRANCH BANKING?
13. Software Package 51. Difference between Debit Card & Credit Card?
14. What Are The Software Development Life Cycle 52. Master Card & VISA Card?
Phases? 53. P/N (Personal identification number)
15. ERP Software: Enterprise Resource Planning 54. Smart Card
Software? 55. Online Banking:
16. COMPUTER MEMORY? 56. Sms banking:
17. Core Banking Software? 57. Mobile Banking:
18. Cache Memory 58. Smart Card?
19. Micro-processor 59. Website?
20. Architecture of a computer: 60. Plastic Money?
21. systems software and application software 61. Difference between OMR, OCR, and MICR?
22. What does Storage Device mean? Mechanism of 62. “ATM has made our life easy”-Explain.
storing data in a hard disk: 63. CHIPS
64. Internet Banking:
Chapter Three 65. Difference between smart card & other cards:
Number system
23. Number System? Decimal Number System? Binary Chapter Seven
Number System? Octal Number System? Online Banking
Hexadecimal Number System 66. SWIFT & Its Use?
24. Parity Bit? 67. Electronic Funds Transfer (EFT)?
25. ASCII, BCD, UNICODE? 68. Online CIB services ?
26. What is number system? Describe four number 69. Electronic Payment System?
systems with example. 70. BATCH PROCESSING
71. Bangladesh Automated Clearing House (BACH)
Chapter Four 72. Compiler, interpreter & assembler: Assembler,
Data management System and Disaster Recovery Compilers and Interpreters
27. Database Management System? 73. Interbank Reconciliations
28. Data Center ? How Does A Data Center Work? 74. Online CIB
29. DR (Disaster Recovery) Plan? 75. RTGS:
30. Disaster Recovery Site Selection: Factors And 76. Electronic Payment System:
Approach?
31. Business Continuity Plan Chapter Eight
32. Data Security Through Encryption & Decryption Virus- Antivirus
33. Digital Signature? Digital Signature & Data 77. Computer Virus?
Genuineness 78. Phishing?
34. RSA Data Security Digital Signature Process 79. Name of different antivirus software?
35. Data Warehouse 80. SPAM & Spyware?
36. Digital Signature 81. P/N (Personal identification number)
37. Database Base Management System (DBMS) 82. Spam & Spyware
38. How to ensure data security in banks: 83. Fire Wall:
39. Digital Bangladesh: 84. What is e-commerce? What are the benefits of e-
commerce?
Page 1 of 57
 Chapter One
Basics of Computer
1. Generation Of Computers
2. Capabilities & Limitations Of Computer?
3. TYPES OF COMPUTERS
4. Impact Of Computerization In Banking Sector?
5. Use Of Computer In Cash Management?
6. Types Of Computer Networks?

1. Generation of Computers
The development of electronic computers can be
divided into five generations depending upon the
technologies used. The following are the five
generations of computers.
 First Generation of Computers (1942-1955)
The first generation computers were used during
1942-1955. They were based on vacuum tubes.
Examples of first generation computers are ENIVAC
and UNIVAC-1.
Advantages
 Vacuum tubes were the only electronic component
available during those days.
 Vacuum tube technology made possible to make
electronic digital computers.
 These computers could calculate data in
millisecond.
Disadvantages
 The computers were very large in size.
 They consumed a large amount of energy.
 They heated very soon due to thousands of vacuum
tubes.
 Non-portable.
 Used machine language only.
 Used magnetic drums which provide very less data
storage.
 Used punch cards for input.
 Second Generation Computers (1955-1964)
The second generation computers used transistors.
The size of the computers was decreased by replacing
vacuum tubes with transistors. The examples of
second generation computers are IBM 7094 series,
IBM 1400 series and CDC 164 etc.
Advantages
 Smaller in size as compared to the first generation
computers.
 The 2nd generation Computers were more reliable
 Used less energy and were not heated.
 Used faster peripherals like tape drives, magnetic
disks, printer etc.
 Used Assembly language instead of Machine
language.
 Accuracy improved.
Disadvantages
Page 2 of 57
 Cooling system was required
 Constant maintenance was required
 Commercial production was difficult
 Only used for specific purposes
 Costly and not versatile
 Puch cards were used for input.
 Third Generation Computers (1964-1975)
The Third generation computers used the
integrated circuits (IC). A single IC chip may contain
thousands of transistors. The computer became
smaller in size, faster, more reliable and less
expensive. The examples of third generation
computers are IBM 370, IBM System/360, UNIVAC
1108 and UNIVAC AC 9000 etc.
Advantages
 Smaller in size as compared to previous
generations.
 More reliable.
 Used less energy, Produced less heat as compared
to the previous two generations of computers.
 Better speed and could calculate data in
nanoseconds.
 Used fan for heat discharge to prevent damage.
 Could be used for high-level languages.
 Versatile to an extent
 Used mouse and keyboard for input.
Disadvantages
 Air conditioning was required.
 Highly sophisticated technology required for the
manufacturing of IC chips.
 Fourth Generation Computers (1975-
Present)
The fourth generation computers started with the
invention of Microprocessor. It greatly reduced the
size of computer. It can contain millions of electronic
circuits. The examples of fourth generation computers
are Apple Macintosh & IBM PC.
Advantages
 More powerful and reliable than previous
generations.
 Small in size
  Fast processing power with less power
consumption
 Fan for heat discharging and thus to keep cold.
 Commercial production
 Cheapest among all generations
 All types of High level languages can be used in this
type of computers
Disadvantages
 The latest technology is required for
manufacturing of Microprocessors.
 Fifth Generation Computers (Present &
Beyond)
Scientists are working hard on the 5th generation
computers with quite a few breakthroughs. It is based on
the technique of Artificial Intelligence (AI). Computers can
understand spoken words & imitate human reasoning.
Scientists are constantly working to increase the processing
power of computers. They are trying to create a computer
with real IQ with the help of advanced programming and
technologies. IBM Watson computers one example that
outsmarts Harvard University Students. The advancement
in modern technologies will revolutionize the
computer in future.

2. Capabilities & Limitations of computer?

Capability is that it can do anything, as required and programmed by the programmers, and users. but the major
limitation is that we, the Human cannot fill life into it.
 Capabilities of computers
a. speed because they can process data faster
b. repetitiveness because they can perform same operation tirelessly
c. accuracy because they have specific results
d. can perform logical operations
e. they can store and recall info because it has data storage capability
f. self checking for they can verifies the accuracy of its own
g. self operating because its capable of executing instructions

 Limitations of computers
1. The computer can only perform the tasks you ask it to. You cannot expect a computer to be smarter than the person
running it, though it can sometimes seem that way. Basically, as the person running it you have to tell the computer
what tasks you want it to do. Yes, there are processes in the background, but these run based on preset information
built in to the operating system.
2. A computer cannot generate information by itself. You have to give the computer operations, and even new
instructions from time to time. Updates for example are a way to get new information to your computer to help
streamline its functionality, but you still have to feed it that information by having an internet connection and
automatic updates.
3. If you give the computer wrong data it is going to give you wrong information. The computer can only work with
what you give it. It is just like giving directions to someone. If you tell someone to go right when they should have
gone left, you are giving them the wrong information and they will not be able to find you.
4. Computers are unable to correct wrong instructions. The computer is always going to depend on your instructions,
so you have to correct your mistake if you want it to work right.
5. Overall, a computer was built by humans and new technology comes out all the time. Hardware will eventually fade
out and deteriorate. Given these properties it can be hard for a computer to remain a primo machine. These are five
limitations computers have. There are more, but note most are based on human interaction with the computer, thus
humans are part of the limitation a computer will have.

2. TYPES OF COMPUTERS
Computers can be classified based on their principles of operation or on their configuration. By configuration, we
mean the size, speed of doing computation and storage capacity of a computer.

 Types of Computers based on Principles of Operation/performance

There are three different types of computers according to the principles of operation. Those three types of computers
are
 Analog Computers
 Digital Computers
 Hybrid Computers

Page 3 of 57
  Analog Computers
Analog Computer is a computing device that works on continuous range of values. The results given by the analog
computers will only be approximate since they deal with quantities that vary continuously. It generally deals with
physical variables such as voltage, pressure, temperature, speed, etc.

 Digital Computers
On the other hand a digital computer operates on digital data such as numbers. It uses binary number system in which
there are only two digits 0 and 1. Each one is called a bit.

 Types of Computers based on Configuration/construction/capacity/size

There are five different types of computers when we classify them based on their performance and capacity. The four
types are
 Super Computers
 Mainframe Computers
 Mini Computers
 Micro Computers
 Micro Processors

 Super Computers
When we talk about types of computers, the first type that comes to our mind would be Super computers. They are the
best in terms of processing capacity and also the most expensive ones. These computers can process billions of
instructions per second. Normally, they will be used for applications which require intensive numerical computations
such as stock analysis, weather forecasting etc. Other uses of supercomputers are scientific simulations, (animated)
graphics, fluid dynamic calculations, nuclear energy research, electronic design, and analysis of geological data (e.g. in
petrochemical prospecting). Perhaps the best known super computer manufacturer is Cray Research. Some of the
"traditional" companies which produce super computers are Cray, IBM and Hewlett-Packard.
As of July 2009, the IBM Roadrunner, located at Los Alamos National Laboratory, is the fastest super computer in the
world.
 Mainframe Computers
Mainframe computers can also process data at very high speeds vi.e., hundreds of million instructions per second and
they are also quite expensive. Normally, they are used in banking, airlines and railways etc for their applications.
 Mini Computers
Mini computers are lower to mainframe computers in terms of speed and storage capacity. They are also less
expensive than mainframe computers. Some of the features of mainframes will not be available in mini computers.
Hence, their performance also will be less than that of mainframes.
 Micro Computers
The invention of microprocessor (single chip CPU) gave birth to the much cheaper micro computers. They are further
classified into
 Desktop Computers
 Laptop Computers
 Handheld Computers(PDAs)
a) Desktop Computers: Today the Desktop computers are the most popular computer systems.These
desktop computers are also known as personal computers or simply PCs. They are usually easier to
use and more affordable. They are normally intended for individual users for their word processing
and other small application requirements.
b) Laptop Computers: Laptop computers are portable computers. They are lightweight computers
with a thin screen. They are also called as notebook computers because of their small size. They can
operate on batteries and hence are very popular with travellers. The screen folds down onto the
keyboard when not in use.
c) Handheld Computers: Handheld computers or Personal Digital Assistants (PDAs) are pen-based
and also battery-powered. They are small and can be carried anywhere. They use a pen like stylus
and accept handwritten input directly on the screen. They are not as powerful as desktops or laptops
but they are used for scheduling appointments, storing addresses and playing games. They have
touch screens which we use with a finger or a stylus.

Page 4 of 57
04. Impact of computerization in banking sector?
There are various ways through which computers are widely used in the banking industry. It can be used to carry out
from simple to complex tasks of the banks. For example, instead of making manual records and then storing the files,
all data is stored on computers. It is more quick and productive. More data can be stored in this way. Moreover, data
can be easily stored, and retrieved from computers.
The advantages accruing from computerization are three-directional - to the customer, to the bank and to the
employee.
For the customer:-
 Self-inquiry facility: Facility for logging into specified self-inquiry terminals at the branch to inquire and
view the transactions in the account.
 Remote banking: Remote terminals at the customer site connected to the respective branch through a
modem, enabling the customer to make inquiries regarding his accounts, on-line, without having to move
from his office.
 Anytime banking- Anywhere banking: Networking of computerized branches inter-city and intra-city, will
permit customers of these branches, when interconnected, to transact from any of these branches
 Telebanking: A 24-hour service through which inquiries regarding balances and transactions in the account
can be made over the phone.
For the bank:-
 Availability of a wide range of inquiry facilities, assisting the bank in business development and follow-up.
 Immediate replies to customer queries without reference to ledger-keeper as terminals are provided to
Managers and Chief Managers.
 Automatic and prompt carrying out of standing instructions on due date and generation of reports.
 Generation of various MIS reports and periodical returns on due dates.
 Fast and up-to-date information transfer enabling speedier decisions, by interconnecting computerized
branches and controlling offices.
For the employees:-
 Accurate computing of cumbersome and time-consuming jobs such as balancing and interest calculations on
due dates.
 Automatic printing of covering schedules, deposit receipts, pass book / pass sheet, freeing the staff from
performing these time-consuming jobs, and enabling them to give more attention to the needs of the
customer.
 Signature retrieval facility, assisting in verification of transactions, sitting at their own terminal.
 Avoidance of duplication of entries due to existence of single-point data entry.

5. Use of computer in cash management?

 Cash management refers to a broad area of finance involving the collection, handling, and usage of cash. It
involves assessing market liquidity, cash flow, and investments.
 In banking, cash management, or treasury management, is a marketing term for certain services related to
cash flow offered primarily to larger business customers. It may be used to describe all bank accounts (such
as checking accounts) provided to businesses of a certain size, but it is more often used to describe specific
services such as cash concentration, zero balance accounting, and automated clearing house facilities.
Sometimes, private banking customers are given cash management services.
 Financial instruments involved in cash management include money market funds, treasury bills, and
certificates of deposit.

6. Types of Computer Networks?

There are different types of computer networks. Some of the common ones include;
1. Local Area Network LAN – These types of computer networks connect network devices over a relatively
short distance. Quite often, a networked office building, home or school contains a single LAN although it is
normal to come across a building that contains a few small LANs. On a few occasions, a LAN may also span
over a group of nearby buildings. Such computer networks are usually owned by one organisation.
2. Wide Area Network WAN – As the name suggests, a WAN spans over a large physical distance. It may be
regarded as a collection of LANs dispersed over a geographical area. The internet is a very good example of a
WAN. LANs are connected to a WAN through a device referred to as a router. In IP networking, both the LAN
and WAN addresses are maintained by the router. Most WANs exist under distributed or collective ownership
and management and unlike the LANs, are not necessarily owned by one organisation.
Page 5 of 57
 3. Wireless Local Area Network WLAN – These types of computer networks refer to LANs that are based on
Wi-Fi wireless network technology.
4. Metropolitan Area Network MAN – This is a network that spans over a physical area like a city that is
smaller than a WAN but larger than a LAN. Quite often, such computer networks are owned and operated by
single entities such as government bodies or large corporations.
5. Campus Area Network CAN – This type of network spans over multiple LANs but is generally smaller than a
MAN. You could find such computer networks in universities or local business campuses.
6. Storage Area Network SAN – This type of computer network connects servers to devices for data storage
using technology such as Fibre channel.
7. System Area Network – This type of computer network is also referred to as a Cluster Area Network. It links
high-performance computers in a cluster configuration with high-speed connections.
LAN and WAN were the original categories of area networks, while the others have gradually emerged ove r many
years of technology evolution.

Page 6 of 57
 Chapter Two
Hardware and Software
1. Input, Output, Central Processing Unit Of Computer?
2. Data Storage Device & Types?
3. Operating System (OS)?
4. Difference between Hardware & Software?
5. Various Types Of Software?
6. What Is Utility Software Give 5 Example?
7. Software Package
8. What Are The Software Development Life Cycle Phases?
9. ERP Software: Enterprise Resource Planning Software?
10. COMPUTER MEMORY?
11. Core Banking Software?
12. Cache Memory
13. Micro-processor
14. systems software and application software
15. What does Storage Device mean? Mechanism of storing data in a hard disk:

1. Input, Output, Central Processing Unit Of Computer? Architecture of a computer:

Architecture of a computer:
Input, output & central processing unit:

 Input Unit
Input Unit accepts the instructions and data
from the outside world. Then it converts
these instructions and data in computer
acceptable form. after that it supplies the
converted instructions and data to the
computer system for further processing.

 Output Unit
The output unit is just reverse of the input
unit. it accepts the result produced by
computer, which are in coded form and
can't be easily understood by us. Then it
converts these coded result into human
readable form. After that it supplies the
converted results to the outside world.

 Memory Unit
The Memory Unit is the part of the computer that holds data and instructions for processing. Although it is closely
associated with the CPU, in actual fact it is separate from it. Memory associated with the CPU is also called primary
storage, primary memory, main storage, internal storage and main memory. When we load software from a floppy
disk, hard disk or CD-ROM, it is stored in the Main Memory.

Page 7 of 57
There are two types of computer memory inside the computer:
 Primary Memory
 Secondary Memory

Primary Memory
Primary storage, presently known as main memory, is the only one directly accessible to the CPU. The CPU
continuously reads instructions stored there and executes them as required. Any data actively operated on is also
stored there in uniform manner. However, the primary memory can hold information only while the computer system
is ON. As soon as the computer system is switched off or rest, the information hold in primary memory disappears.
Also it has limited storage capacity because it is very expensive. It is made up of semiconductor devices.

Secondary Memory
Secondary storage, sometimes called auxiliary storage, is all data storage that is not currently in a computer's primary
storage or memory. This is computer memory that is not directly accessible to the processor but uses the I/O
channels. It is for storing data not in active use and preserves data even without power, meaning it is non-volatile. In a
personal computer, secondary storage typically consists of storage on the hard disk and on any removable media, if
present, such as a CD or DVD.

 Arithmetic Logical Unit

An arithmetic logic unit (ALU) is a digital circuit that performs arithmetic and logical operations. The ALU is a
fundamental building block of the central processing unit (CPU) of a computer, and even the simplest microprocessors
contain one for purposes such as maintaining timers. The processors found inside modern CPUs and graphics
processing units (GPUs) accommodate very powerful and very complex ALUs; a single component may contain a
number of ALUs. Most ALUs can perform the following operations:
1).Integer arithmetic operations (addition, subtraction, and sometimes multiplication and division).
2).Bitwise logic operations (AND, NOT, OR, XOR)
3).Bit-shifting operations (shifting or rotating a word by a specified number of bits to the left or right, with or without
sign extension).

Control Unit
The control unit (often called a control system or central controller) directs the various components of a computer. It
reads and interprets (decodes) instructions in the program one by one. The control system decodes each instruction
and turns it into a series of control signals that operate the other parts of the computer. Control systems in advanced
computers may change the order of some instructions so as to improve performance. its functions are:
1. Read the code for the next instruction from the cell indicated by the program counter.
2. Decode the numerical code for the instruction into a set of commands or signals for each of the other systems.
3. Increment the program counter so it points to the next instruction.
4. Read whatever data the instruction requires from cells in memory (or perhaps from an input device). The location
of this required data is typically stored within the instruction code.
5. Provide the necessary data to an ALU or register.
6. If the instruction requires an ALU or specialized hardware to complete, instruct the hardware to perform the
requested operation.
7. Write the result from the ALU back to a memory location or to a register or perhaps an output device. 8. Jump back
to step (1).

Central Processing Unit

The control unit and ALU of a computer system are jointly known as the CPU. The CPU is the brain of computer
system. It takes all calculations and comparisons in a computer systems and it s also responsible for activating and
controlling the operations of other units of computer system.

Page 8 of 57
 2. What does Storage Device mean? Types? Mechanism of storing data in a hard disk?
A data storage device is a device for recording (storing) information (data). Recording can be done using virtually
any form of energy, spanning from manual muscle power in handwriting, to acoustic vibrations in phonographic
recording, to electromagnetic energy modulating magnetic tape and optical discs.
A storage device is any computing hardware that is used for storing, porting and extracting data files and objects. It
can hold and store information both temporarily and permanently, and can be internal or external to a computer,
server or any similar computing device.
A storage device may also be known as a storage medium.
Storage devices are one of the core components of any computing device. They store virtually all the data and
applications on a computer, except hardware firmware. They are available in different form factors depending on the
type of underlying device. For example, a standard computer has multiple storage devices including RAM, cache, a
hard disk, an optical disk drive and externally connected USB drives. There are two different types of storage devices:
 Primary Storage Devices: Generally smaller in size, are designed to hold data temporarily and are internal
to the computer. They have the fastest data access speed, and include RAM and cache memory.
 Secondary Storage Devices: These usually have large storage capacity, and they store data permanently.
They can be both internal an
Some examples of data storage devices include:
 Hard drives
 CD, DVD, and Blu-Ray drives
 Floppy drives
 Zip drives
 USB Flash drives
 CompactFlash cards
 SD cards
 Tape drives

 Mechanism of storing data in a hard disk:

Data on a hard disk is stored in microscopic areas called magnetic domains on the magnetic material. Each domain
stores either a 1 or 0 value. Similar to a floppy disk, a hard disk records its data in concentric circles or tracks, which
are numbered from the outermost edge to the innermost edge of the platter. These tracks are further subdivided into
smaller units called sectors which typically store 512 bytes of data each. Zoning may be needed to further optimise the
data storage as the outer circumference would normally pack more sector units than the inner circumference.
As the head writes data onto the disk, it changes its magnetic polarization to induce either a one or zero value. During
a read request, data is interpreted when the magnetic fields on the platter brings about an electrical change (as a
result of change in electrical resistance of some special material property) in the read-head that passes over it. These
electrical fields are then encoded and transmitted to the CPU to be processed and read by the system.

3. Operating System (OS)?

 What is an Operating System?
The operating system is the most important program that runs on a
computer. Every general-purpose computer must have an operating
system to run other programs. Operating systems perform basic tasks,
such as recognizing input from the keyboard, sending output to the
display screen, keeping track of files and directories on the disk, and
controlling peripheral devices such as disk drives and printers.
For large systems, the operating system has even greater
responsibilities and powers. It is like a traffic cop -- it makes sure
those different programs and users running at the same time do not
interfere with each other. The operating system is also responsible for
security, ensuring that unauthorized users do not access the system.

Operating systems can be classified as follows:

 Multi-user: Allows two or more users to run programs at the
same time. Some operating systems permit hundreds or even thousands of concurrent users.
Page 9 of 57
  Multiprocessing : Supports running a program on more than one CPU.
 Multitasking : Allows more than one program to run concurrently.
 Multithreading : Allows different parts of a single program to run concurrently.
 Real time: Responds to input instantly. General-purpose operating systems, such as DOS and UNIX, are not
real-time.

 How Operating Systems Work

When you turn on your computer, it's nice to think that you're in control. There's the trusty computer mouse, which
you can move anywhere on the screen, summoning up your music library or Internet browser at the slightest whim.
Although it's easy to feel like a director in front of your desktop or laptop, there's a lot going on inside, and the real
man behind the curtain handling the necessary tasks is the operating system.
Most desktop or laptop PCs come pre-loaded with Microsoft Windows. Macintosh computers come pre-loaded with
Mac OS X. Many corporate servers use the Linux or UNIX operating systems. The operating system (OS) is the first
thing loaded onto the computer -- without the operating system, a computer is useless.
More recently, operating systems have started to pop up in smaller computers as well. If you like to tinker with
electronic devices, you're probably pleased that operating systems can now be found on many of the devices we use
every day, from cell phones to wireless access points. The computers used in these little devices have gotten so
powerful that they can now actually run an operating system and applications. The computer in a typical modern cell
phone is now more powerful than a desktop computer from 20 years ago, so this progression makes sense and is a
natural development.
The purpose of an operating system is to organize and control hardware and software so that the device it lives in
behaves in a flexible but predictable way. In this article, we'll tell you what a piece of software must do to be called an
operating system, show you how the operating system in your desktop computer works and give you some examples
of how to take control of the other operating systems around you.

4. Difference between Hardware & Software?

There are several differences between computer hardware and software.
Hardware Software
Collection of instructions that enables a user to interact
Devices that are required to store and execute with the computer. Software is a program that enables
Definition
(or run) the software. a computer to perform a specific task, as opposed to the
physical components of the system (hardware).

Input, storage, processing, control, and output System software, Programming software, and
Types
devices. Application software.

CD-ROM, monitor, printer, video card, scanners , Quick books, Adobe Acrobat, Winoms-Cs, Internet
Examples
label makers, routers , and modems.
Hardware serve as the delivery system for
software solutions. The hardware of a computer
is infrequently changed, in comparison with
Function
software and data, which are “soft” in the sense
that they are readily created, modified, or
erased on the computer
Inter Hardware starts functioning once software is
dependency loaded.
Hardware failure is random. Hardware does
Failure
have increasing failure at the last stage.
Durability Hardware wears out over time.
Nature Hardware is physical in nature.
Explorer , Microsoft Word , Microsoft Excel
To perform the specific task you need to complete.
Software is generally not needed to for the hardware to
perform its basic level tasks such as turning on and
responding to input.
To deliver its set of instructions, Software is installed
on hardware.
Software failure is systematic. Software does not have
an increasing failure rate.
Software does not wear out over time. However, bugs
are discovered in software as time passes.
Software is logical in nature.

Page 10 of 57
 5. Various Types of Software?
Software can be categorized according to what it is designed to accomplish. There are two main types of software:
systems software and application software.

Systems Software
It helps in running the computer hardware and the computer system. System software is a collection of
operating systems; device drivers, servers, windowing systems and utilities. System software is the
communicator of user and hardware.

Systems software includes the programs that are dedicated to managing the computer itself, such as the
operating system, file management utilities, and disk operating system (or DOS). The operating system
manages the computer hardware resources in addition to applications and data. Without systems software
installed in our computers we would have to type the instructions for everything we wanted the computer to
do!

Applications Software
Application software consists of standalone programs that solve a specific business need. Business software,
databases and educational software are some forms of application software. Different word processors,
which are dedicated for specialized tasks to be performed by the user, are other examples of application
software.

Application software, or simply applications, are often called productivity programs or end-user programs
because they enable the user to complete tasks such as creating documents, spreadsheets, databases, and
publications, doing online research, sending email, designing graphics, running businesses, and even playing
games! Application software is specific to the task it is designed for and can be as simple as a calculator
application or as complex as a word processing application. When you begin creating a document, the word
processing software has already set the margins, font style and size, and the line spacing for you. But you can
change these settings, and you have many more formatting options available. For example, the word
processor application makes it easy to add color, headings, and pictures or delete, copy, move, and change the
document's appearance to suit your needs.

Other Software
 Programming Software: This software comes in forms of tools that assist a programmer in writing
computer programs. Computer programs are sets of logical instructions that make a computer system
perform certain tasks. The tools that help the programmers in instructing a computer system include text
editors, compilers and interpreters.
 Engineering / Scientific Software : These software ranges from astronomy to volcanology, from automotive
stress analysis to space shuttle orbital dynamics and from molecular biology to automated manufacturing.
This software is used in various aspects of engineering examination, scientific experiments and calculations
etc.
 Embedded Software: Embedded software resides within a product to perform some specific tasks. Such as
the button control pad of microwave oven, the display controller, fuel controller of an automobile, secure gate
pass of an elevator or lift etc.
 Product-line Software: Software that are designed to use by many different customers. Product-line
software can focus on a limited marketplace such as inventory control products or address mass consumer
markets such as word processing, spreadsheets, graphics etc.
 Web Applications: Web applications are online software. These software work through web sites mainly.
These applications not only provide standalone features but also integrated with corporate databases and
business applications.
 Artificial Intelligence Software: AI software makes use of nonnumeric algorithms to solve complex
problems that are amenable to computation or straightforward analysis. Application within this area includes
robotics, expert systems, pattern recognition, game playing etc.

Page 11 of 57
6. What Is Utility Software Give 5 Example?
A Utility software is a computer software designed to help in the management and tuning of operating systems,
computer hardware and application software. It is designed to perform a single task or a multiple of small tasks.
Examples of utility software's include:
 Disk defragmenters,
 System Profilers,
 Network Managers,
 Application Launchers and
 Virus Scanners.

7. Software Package
(1) A special method of distributing and installing software (or software upgrades) to a computer. For example, on a
Macintosh computer, a package usually means "software." It's specifically a directory, presented as a single file, that
contains all the information the Mac OS X Installer application needs to install your software. That includes the
software itself, as well as files that are used only during the installation process. In a Windows environment it is
sometimes called an installation package or update package.
(2) Multiple software programs that work together (or performs similar functions) and is bundled and sold together
as a software package.
(3) Term used to describe software that is bunched together making a complete set. For example, Microsoft Office is
packaged software that includes many software programs that may be used in the office, such as Microsoft Excel,
Microsoft Word and Microsoft Access.

8. What are the Software Development Life Cycle phases?

Software life cycle models describe phases of the software cycle and the
order in which those phases are executed. Each phase produces deliverables
required by the next phase in the life cycle. Requirements are translated into
design. Code is produced according to the design which is called
development phase. After coding and development the testing verifies the
deliverable of the implementation phase against requirements.
There are following six phases in every Software development life cycle
model:
1. Design
2. Implementation or coding
3. Testing
4. Deployment
5. Maintenance
6. Requirement gathering and analysis
1) Requirement gathering and analysis: Business requirements are gathered in this phase. This phase is the
main focus of the project managers and stake holders. Meetings with managers, stake holders and users are held in
order to determine the requirements like; Who is going to use the system? How will they use the system? What data
should be input into the system? What data should be output by the system? These are general questions that get
answered during a requirements gathering phase. After requirement gathering these requirements are analyzed for
their validity and the possibility of incorporating the requirements in the system to be development is also studied.
Finally, a Requirement Specification document is created which serves the purpose of guideline for the next phase of
the model.
2) Design: In this phase the system and software design is prepared from the requirement specifications which were
studied in the first phase. System Design helps in specifying hardware and system requirements and also helps in
defining overall system architecture. The system design specifications serve as input for the next phase of the model.
3) Implementation / Coding: On receiving system design documents, the work is divided in modules/units and
actual coding is started. Since, in this phase the code is produced so it is the main focus for the developer. This is the
longest phase of the software development life cycle.
4) Testing: After the code is developed it is tested against the requirements to make sure that the product is actually
solving the needs addressed and gathered during the requirements phase. During this phase unit testing, integration
testing, system testing, acceptance testing are done.
5) Deployment: After successful testing the product is delivered / deployed to the customer for their use.

Page 12 of 57
6) Maintenance: Once when the customers starts using the developed system then the actual problems comes up and
needs to be solved from time to time. This process where the care is taken for the developed product is known as
maintenance.

9. ERP Software: enterprise resource planning software?

Enterprise resource planning (ERP) is business process management software that allows an organization to use a
system of integrated applications to manage the business and automate back office functions. ERP software integrates
all facets of an operation, including product planning, development, manufacturing processes, sales and marketing.
Enterprise resource planning (ERP) is business management software—usually a suite of integrated applications—
that a company can use to store and manage data from every stage of business, including:
 Product planning, cost and development
 Manufacturing
 Marketing and sales
 Inventory management
 Shipping and payment
ERP provides an integrated real-time view of core business processes, using common databases maintained by a
database management system. ERP systems track business resources—cash, raw materials, production capacity—and
the status of business commitments: orders, purchase orders, and payroll. The applications that make up the system
share data across the various departments (manufacturing, purchasing, sales, accounting, etc.) that entered the data.
ERP facilitates information flow between all business functions, and manages connections to outside stakeholders.
Enterprise system software is a multi-billion dollar industry that produces components that support a variety of
business functions. IT investments have become the largest category of capital expenditure in United States-based
businesses over the past decade. Though early ERP systems focused on large enterprises, smaller enterprises
increasingly use ERP systems.
Organizations consider the ERP system a vital organizational tool because it integrates varied organizational systems
and facilitates error-free transactions and production. However, ERP system development is different from traditional
systems development. ERP systems run on a variety of computer hardware and network configurations, typically
using a database as an information repository.

10 COMPUTER MEMORY?
Memory is an essential element of a computer.
Without its memory, a computer is of hardly any use.
Memory plays an important role in saving and
retrieving data. The performance of the computer
system depends upon the size of the memory.
Memory is of following types:
1. Primary Memory / Volatile Memory.
2. Secondary Memory / Non Volatile Memory.

1. Primary Memory / Volatile Memory: Primary Memory is internal memory of the computer. RAM AND ROM both
form part of primary memory. The primary memory provides main working space to the computer. The following
terms comes under primary memory of a computer are discussed below:

 Random Access Memory (RAM): The primary storage is referred to as random access memory (RAM)
because it is possible to randomly select and use any location of the memory directly store and retrieve data.
It takes same time to any address of the memory as the first address. It is also called read/write memory. The
storage of data and instructions inside the primary storage is temporary. It disappears from RAM as soon as
the power to the computer is switched off. The memories, which lose their content on failure of power supply,
are known as volatile memories .So now we can say that RAM is volatile memory.
 Read Only Memory (ROM): There is another memory in computer, which is called Read Only Memory
(ROM). Again it is the ICs inside the PC that form the ROM. The storage of program and data in the ROM is
permanent. The ROM stores some standard processing programs supplied by the manufacturers to operate
the personal computer. The ROM can only be read by the CPU but it cannot be changed. The basic
input/output program is stored in the ROM that examines and initializes various equipment attached to the
Page 13 of 57
 PC when the power switch is ON. The memories, which do not lose their content on failure of power supply,
are known as non-volatile memories. ROM is non-volatile memory.
 PROM: There is another type of primary memory in computer, which is called Programmable Read Only
Memory (PROM). You know that it is not possible to modify or erase programs stored in ROM, but it is
possible for you to store your program in PROM chip. Once the programmers’ are written it cannot be
changed and remain intact even if power is switched off. Therefore programs or instructions written in PROM
or ROM cannot be erased or changed.
 EPROM: This stands for Erasable Programmable Read Only Memory, which overcome the problem of PROM
& ROM. EPROM chip can be programmed time and again by erasing the information stored earlier in it.
Information stored in EPROM exposing the chip for some time ultraviolet light and it erases chip is
reprogrammed using a special programming facility. When the EPROM is in use information can only be read.
 Cache Memory: The speed of CPU is extremely high compared to the access time of main memory. Therefore
the performance of CPU decreases due to the slow speed of main memory. To decrease the mismatch in
operating speed, a small memory chip is attached between CPU and Main memory whose access time is very
close to the processing speed of CPU. It is called CACHE memory. CACHE memories are accessed much faster
than conventional RAM. It is used to store programs or data currently being executed or temporary data
frequently used by the CPU. So each memory makes main memory to be faster and larger than it really is. It is
also very expensive to have bigger size of cache memory and its size is normally kept small.
 Registers: The CPU processes data and instructions with high speed; there is also movement of data between
various units of computer. It is necessary to transfer the processed data with high speed. So the computer
uses a number of special memory units called registers. They are not part of the main memory but they store
data or information temporarily and pass it on as directed by the control unit.

2. Secondary Memory / Non-Volatile Memory: Secondary memory is external and permanent in nature. The
secondary memory is concerned with magnetic memory. Secondary memory can be stored on storage media like
floppy disks, magnetic disks, magnetic tapes, This memory can also be stored optically on Optical disks - CD-ROM. The
following terms comes under secondary memory of a computer are discussed below:

1. Magnetic Tape: Magnetic tapes are used for large computers like mainframe computers where large volume
of data is stored for a longer time. In PC also you can use tapes in the form of cassettes. The cost of storing
data in tapes is inexpensive. Tapes consist of magnetic materials that store data permanently. It can be 12.5
mm to 25 mm wide plastic film-type and 500 meter to 1200 meter long which is coated with magnetic
material. The deck is connected to the central processor and information is fed into or read from the tape
through the processor. It’s similar to cassette tape recorder.
 Magnetic Disk: You might have seen the gramophone record, which is circular like a disk and coated with
magnetic material. Magnetic disks used in computer are made on the same principle. It rotates with very high
speed inside the computer drive. Data is stored on both the surface of the disk. Magnetic disks are most
popular for direct access storage device. Each disk consists of a number of invisible concentric circles called
tracks. Information is recorded on tracks of a disk surface in the form of tiny magnetic spots. The presence of
a magnetic spot represents one bit and its absence represents zero bit. The information stored in a disk can
be read many times without affecting the stored data. So the reading operation is non-destructive. But if you
want to write a new data, then the existing data is erased from the disk and new data is recorded. For
Example-Floppy Disk.
 Optical Disk: With every new application and software there is greater demand for memory capacity. It is the
necessity to store large volume of data that has led to the development of optical disk storage medium.
Optical disks can be divided into the following categories:
1. Compact Disk/ Read Only Memory (CD-ROM
2. Write Once, Read Many (WORM)
3. Erasable Optical Disk

11. Core Banking Software?

A core banking system is the software used to support a bank’s most common transactions. Core banking functions
differ depending on the specific type of bank. Retail banking, for example, is geared towards individual customers;
wholesale banking is business conducted between banks; and securities trading involves the buying and selling of
stocks, shares and so on. Core banking systems are often specialized for a particular type of banking. Products that are

Page 14 of 57
designed to deal with multiple types of core banking functions are sometimes referred to as universal banking
systems.

 Elements of core banking include:

1. Making and servicing loans.
2. Opening new accounts.
3. Processing cash deposits and withdrawals.
4. Processing payments and cheques.
5. Calculating interest.
6. Customer relationship management (CRM) activities.
7. Managing customer accounts.
8. Establishing criteria for minimum balances, interest rates, number of withdrawals allowed and so on.
9. Establishing interest rates.
10. Maintaining records for all the bank’s transactions.
In addition, there are many third party interfaces that a core banking system must accommodate. These include:
 CANNEX
 ATM & ABM
 FundSERV
 Telpay
 Cheque Clearing
 Equifax
 TransUnion
 Point of Sale (POS)

 Examples of core banking products include Infosys’ Finacle, Nucleus FinnOne and Oracle's Flexcube
application (from their acquisition of Indian IT vendor i-flex).

 Core Banking Software used in Bangladesh:

1. Flora UBS: NCCB, Jamuna, Trurt, MTBL
2. Oracle : DBBL, ONE Etc
3. Bankers Solution.
4. Temenos T24: Sonali Bank
5. Infinity: Janata

12 Cache Memory
Cache (pronounced cash) memory is extremely fast memory that is built into a computer’s central processing unit
(CPU), or located next to it on a separate chip. The CPU uses cache memory to store instructions that are repeatedly
required to run programs, improving overall system speed.
The advantage of cache memory is that the CPU does not have to use the motherboard’s system bus for data transfer.
Whenever data must be passed through the system bus, the data transfer speed slows to the motherboard’s capability.
The CPU can process data much faster by avoiding the bottleneck created by the system bus. When the processor
needs to read from or write to a location in main memory, it first checks whether a copy of that data is in the cache. If
so, the processor immediately reads from or writes to the cache, which is much faster than reading from or writing to
main memory.
Disadvantage of the Cache: Just in case the Cache memory is full and data that is required to process or an application
required to run doesn't fit into the Principle of Locality (that is not in the nearby location) then it is obvious that the
time required for the main memory to access the information would increase. Because, first the data need to be
relocated into the cache and then process over here if the cache memory was missing it would be quicker.
Furthermore being such an extensive memory they are very small in size which requires location and relocation of the
data or applications. It allows commonly accessed data to be stored in full and referenced faster than recompiling the
data each time.

Page 15 of 57
13. Micro-processor
A microprocessor incorporates the functions of a computer's central processing unit (CPU) on a single integrated
circuit (IC), or at most a few integrated circuits. It is a multipurpose, programmable device that accepts digital data as
input, processes it according to instructions stored in its memory, and provides results as output. It is an example of
sequential digital logic, as it has internal memory. Microprocessors operate on numbers and symbols represented in
the binary numeral system.
The advent of low-cost computers on integrated circuits has transformed modern society. General-purpose
microprocessors in personal computers are used for computation, text editing, multimedia display, and
communication over the Internet. Many more microprocessors are part of embedded systems, providing digital
control over myriad objects from appliances to automobiles to cellular phones and industrial process control

Page 16 of 57
 Chapter Three
Number system
1. What is number system? Describe four number systems with example.
2. Parity Bit?
3. ASCII, BCD, UNICODE?

1. What is number system? Describe four number systems with example.

Number System is a set of values used to represent different quantities. For example, a number system can be used to
represent the number of students in a class or number of viewers watching a certain TV program etc. The digital
computer represents all kinds of data and information in binary numbers. It includes audio, graphics, video, text and
numbers. The total number of digits used in a number system is called its base or radix. The base is written after the
number as subscript such as 51210.
Some important number systems are as follows.
1. Decimal number system
2. Binary number system
3. Octal number system
4. Hexadecimal number system

The decimal number system is used in general. However, the computers use binary number system. The octal and
hexadecimal number systems are used in the computer.
DECIMAL (base 10) - Possible digits: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
The Decimal Number System consists of ten digits from 0 to 9. These digits can be used to represent any numeric
value. The base of decimal number system is 10. It is the most widely used number system. The value represented by
individual digit depends on weight and position of the digit.
Each number in this system consists of digits which are located at different positions. The position of first digit
towards left side of the decimal point is 0. The position of second digit towards left side of the decimal point is 1.
Similarly, the position of first digit towards right side of decimal point is -1. The position of second digit towards right
side of decimal point is -2 and so on.
The value of the number is determined by multiplying the digits with the weight of their position and adding the
results. This method is known as expansion method. The rightmost digit of number has the lowest weight. This digit is
called Least Significant Digit (LSD). The leftmost digit of a number has the highest weight. This digit is called Most
Significant Digit (MSD). The digit 7 in the number 724 is most significant digit and 4 is the least significant digit.

BINARY (base 2) - Possible digits: 0, 1

Digital computer represents all kinds of data and information in the binary system. Binary Number System consists of
two digits 0 and 1. Its base is 2. Each digit or bit in binary number system can be 0 or 1. A combination of binary
numbers may be used to represent different quantities like 1001. The positional value of each digit in binary number
is twice the place value or face value of the digit of its right side. The weight of each position is a power of 2.

OCTAL (base 8) - Possible digits: 0, 1, 2, 3, 4, 5, 6, 7

Octal Number System consists of eight digits from 0 to 7. The base of octal system is 8. Each digit position in this
system represents a power of 8. Any digit in this system is always less than 8. Octal number system is used as a
shorthand representation of long binary numbers. The number 6418 is not valid in this number system as 8 is not a
valid digit.

HEXADECIMAL (base 16) - Possible digits: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F

(Note: In base 10, A = 10, B = 11, C = 12, D = 13, E = 14, F = 15)
The Hexadecimal Number System consists of 16 digits from 0 to 9 and A to F. The alphabets A to F represent decimal
numbers from 10 to 15. The base of this number system is 16. Each digit position in hexadecimal system represents a
power of 16. The number 76416 is valid hexadecimal number. It is different from 76410 which is seven hundred and
sixty four. This number system provides shortcut method to represent long binary numbers.
Page 17 of 57
Decimal Number System
The number system that we use in our day-to-day life is the decimal number system. Decimal number system has base
10 as it uses 10 digits from 0 to 9. In decimal number system, the successive positions to the left of the decimal point
represent units, tens, hundreds, thousands and so on.
Each position represents a specific power of the base (10). For example, the decimal number 1234 consists of the digit
4 in the units position, 3 in the tens position, 2 in the hundreds position, and 1 in the thousands position, and its value
can be written as
(1x1000)+ (2x100)+ (3x10)+ (4xl)
(1x103)+ (2x102)+ (3x101)+ (4xl00)
1000 + 200 + 30 + 4
1234
As a computer programmer or an IT professional, you should understand the following number systems, which are
frequently used in computers.

S.N. Number System & Description

Binary Number System
1
Base 2. Digits used: 0, 1
Octal Number System
2
Base 8. Digits used: 0 to 7
Hexa Decimal Number System
4
Base 16. Digits used: 0 to 9, Letters used: A- F
Binary Number System
Characteristics
 Uses two digits, 0 and 1.
 Also called base 2 number system.
 Each position in a binary number represents a 0 power of the base (2). Example, 2 0.
 Last position in a binary number represents a x power of the base (2). Example, 2 x where x represents the last
position - 1.
Example
Binary Number: 101012
Calculating Decimal Equivalent:
Step Binary Number Decimal Number
Step
101012 ((1 x 24) + (0 x 23) + (1 x 22) + (0 x 21) + (1 x 20))10
1
Step
101012 (16 + 0 + 4 + 0 + 1)10
2
Step
101012 2110
3
Note: 101012 is normally written as 10101.
Octal Number System
Characteristics
 Uses eight digits: 0, 1, 2, 3, 4, 5, 6, 7.
 Also called base 8 number system.
 Each position in a octal number represents a 0 power of the base (8). Example, 8 0.
 Last position in a octal number represents a x power of the base (8). Example, 8x where x represents the last
position - 1.
Example
Octal Number: 125708
Calculating Decimal Equivalent:
Step Octal Number Decimal Number
Step
125708 ((1 x 84) + (2 x 83) + (5 x 82) + (7 x 81) + (0 x 80))10
1

Page 18 of 57
Step
125708 (4096 + 1024 + 320 + 56 + 0)10
2
Step
125708 549610
3
Note: 125708 is normally written as 12570.
Hexadecimal Number System
Characteristics
 Uses 10 digits and 6 letters: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F.
 Letters represent numbers starting from 10. A = 10. B = 11, C = 12, D = 13, E = 14, F = 15.
 Also called base 16 number system.
 Each position in a hexadecimal number represents a 0 power of the base (16). Example, 16 0.
 Last position in a hexadecimal number represents a x power of the base (16). Example, 16x where x
represents the last position - 1.
Example
Hexadecimal Number: 19FDE16
Calculating Decimal Equivalent:
Step Hexadecimal Number Decimal Number
Step
19FDE16 ((1 x 164) + (9 x 163) + (F x 162) + (D x 161) + (E x 160))10
1
Step
19FDE16 ((1 x 164) + (9 x 163) + (15 x 162) + (13 x 161) + (14 x 160))10
2
Step
19FDE16 (65536+ 36864 + 3840 + 208 + 14)10
3
Step
19FDE16 10646210
4

2. Parity bit?
A parity bit, or check bit, is a bit added to the end of a string of binary code that indicates whether the number of bits
in the string with the value one is even or odd. Parity bits are used as the simplest form of error detecting code.
There are two variants of parity bits: even parity bit and odd parity bit. In case of even parity, the parity bit is set to
1 if the count of ones in a given set of bits (not including the parity bit) is odd, making the count of ones in the entire
set of bits (including the parity bit) even. If the count of ones in a given set of bits is already even, it is set to a 0. When
using odd parity, the parity bit is set to 1 if the count of ones in a given set of bits (not including the parity bit) is even,
making the count of ones in the entire set of bits (including the parity bit) odd. When the count of set bits is odd, then
the odd parity bit is set to 0.
If the parity bit is present but not used, it may be referred to as mark parity (when the parity bit is always 1) or
space parity (the bit is always 0).

8 bits including parity

7 bits of data (count of 1 bits)
even odd
0000000 0 00000000 00000001
1010001 3 10100011 10100010
1101001 4 11010010 11010011
1111111 7 11111111 11111110

A parity bit is a single bit added to a binary data transmission used to indicate if whether the 0's and 1's within that
data transmission is an even or odd number. The parity bit is used in parity error checking to find errors that may
occur during data transmission. In the picture to the right, is an example of a 8-bit binary number with the ninth digit
being the parity bit.

Page 19 of 57
 3. ASCII, BCD, UNICODE?
**ASCII : ASCII codes represent text in computers, communications equipment, and other devices that work with text.
ASCII, pronounced "ask-ee" is the acronym for American Standard Code for Information Interchange. It's a set of
characters which, unlike the characters in word processing documents, allow no special formatting like different
fonts, bold, underlined or italic text. ASCII is computer code for the interchange of information between terminals.
An "ASCII file" is a data or text file that contains only characters coded from the standard ASCII character set.
Characters 0 through 127 comprise the Standard ASCII Set and characters 128 to 255 are considered to be in the
Extended ASCII Set. These codes, however, may not be the same in all computers and files containing these characters
may not display or convert properly by another ASCII program. ASCII characters are the ones used to send and receive
email.
**The reflected binary code, also known as Gray Code after Frank Gray, is a binary numeral system where two
successive values differ in only one digit.The reflected binary code was originally designed to prevent spurious output
from electromechanical switches. Today, Gray codes are widely used to facilitate error correction in digital
communications such as digital terrestrial television and some cable TV systems. This is a variable weighted code and
is cyclic.
This means that it is arranged so that every transition from one value to the next value involves only one bit change.
The gray code is sometimes referred to as reflected binary, because the first eight values compare with those of the
last 8 values, but in reverse order. The gray code is often used in mechanical applications such as shaft encoders.
**Unicode is an industry standard allowing computers to represent & manipulate text expressed in any of the world’s
writing systems. It consists of about 10000 characters, a set of code charts for visual reference, an encoding
methodology and a set of character encodings, rules, etc. It allows for combining characters as it contains
precomposed versions of most letter combinations in normal use. This makes conversion to and from encodings
simpler. It covers almost all scripts like Arabic, Bengali, Greek, Hebrew, Latin, Gujrati, etc. It is used in operating
systems, email, web, fonts, etc.
**Binary coded decimal (BCD) is a system of writing numerals that assigns a four-digit binary code to each digit 0
through 9 in a decimal (base-10) numeral. The four-bit BCD code for any particular single base-10 digit is its
representation in binary notation, as follows:
0 = 0000
1 = 0001
2 = 0010
3 = 0011
4 = 0100
5 = 0101
6 = 0110
7 = 0111
8 = 1000
9 = 1001
Numbers larger than 9, having two or more digits in the decimal system, are expressed digit by digit. For example, the
BCD rendition of the base-10 number 1895 is
0001 1000 1001 0101
The binary equivalents of 1, 8, 9, and 5, always in a four-digit format, go from left to right.
The BCD representation of a number is not the same, in general, as its simple binary representation. In binary form,
for example, the decimal quantity 1895 appears as
11101100111
Other bit patterns are sometimes used in BCD format to represent special characters relevant to a particular system,
such as sign (positive or negative), error condition, or overflow condition.
The BCD system offers relative ease of conversion between machine-readable and human-readable numerals. As
compared to the simple binary system, however, BCD increases the circuit complexity. The BCD system is not as
widely used today as it was a few decades ago, although some systems still employ BCD in financial applications.
32. Inter-Branch Reconciliation: Inter-branch reconciliation is a major activity for banks and financial institutions
looking to create a balanced co-ordination between their various branches and their activities. Inter-branch
reconciliation can help the organisation discover any errors or negligence in transactions and make due changes.

Page 20 of 57
 Chapter Four
Data management System and Disaster Recovery
1. Database Management System?
2. Data Center? How Does A Data Center Work?
3. DR (Disaster Recovery) Plan?
4. Disaster Recovery Site Selection: Factors And Approach?
5. Business Continuity Plan
6. Data Security Through Encryption & Decryption
7. Digital Signature? Digital Signature & Data Genuineness
8. RSA Data Security Digital Signature Process
9. Data Warehouse
10. Digital Signature
11. Database Base Management System (DBMS)
12. How to ensure data security in banks:
13. Digital Bangladesh:

1. Database Management System? why Database Base Management System (DBMS)

 Database Base Management System (DBMS) is a set of programs that enables you to store, modify, and
extract information from a database, it also provide users with tools to add, delete, access, modify, and
analyze data stored in one location. A group can access the data by using query and reporting tools that are
part of the DBMS or by using application programs specifically written to access the data. The following are
examples of database applications:
 computerized library systems
 automated teller machines
 flight reservation systems
 computerized parts inventory systems

 WHY USE DATABASE MANAGEMENT SYSTEMS (DMSS):

• To provide a uniform, logical model for representing data (relational data model)
• To provide a powerful, uniform language for querying and updating data (SQL)
• To allow powerful optimizations for efficient query evaluation (indexing, query transformation)
• To ensure data integrity within single applications (constraint checking, recovery)
• To ensure data integrity across multiple concurrent applications (concurrency control)

2. Data Center? How Does A Data Center Work?

 Data Center
A data center is a computer system's most important and vulnerable component. At its most basic, the data center is a
physical place that houses a computer network's most critical systems, including backup power supplies, air
conditioning, and security applications. We're talking a large amount of data here, stored in a large number of
computers.
A typical example of a company that almost certainly has a data center is a bank or other kind of financial institution.
A bank's data center will have a mainframe or other kind of computer network, on which customers' account
information and other data are stored. A university will also have a data center, which includes not only personal
information about the university's employees and students, but also information on the university's buildings,
construction projects, and physical and intellectual history.

Page 21 of 57
These kinds of data centers contain information that is critical to the continued operation of the bank, university, or
other business. Therefore, that data cannot be lost. Security measures surrounding such data centers are usually very
strong, as are systems of climate control that keep the data center's computer systems from malfunctioning. Data
centers will also almost certainly contain backup computers or mirror drives that protect against massive data loss.
Such backup computers or mirror drives are routinely dependent not only on electronic power but also on battery
power, so that they can continue to function in the case of an interruption of electronic power.
Other kinds of data centers can be found in government institutions; companies that have multiple headquarters; and
providers of electronic services such as television, mobile phones, and the like. A data center can also be a single
computer, storing and accessing one company's or one person's critical data. Smaller data centers usually have less
complicated forms of data protection. No matter the size, all data centers serve the same function: to compile and
protect the data of a person or company.

 How Does a Data Center Work?

A data center's primary function is to centralize and organize the data processing and other information technology
(IT) services of a business or other organization. Locating all the computer hardware in a special, climate-controlled
environment makes it far easier for IT to manage both the servers and the applications and data they hold.
Data centers are generally sorted into two classifications:
 Enterprise Data Centers
o The servers in these centers host the data and applications of a corporation or other entity.
o Access is generally restricted to employees and other approved users, rather than the public.
 Internet data centers
o The servers in these data centers are public and usually have a browser-based interface.
o They may have thousands of (most likely anonymous) users.
As a rule, enterprise data centers are used by small to medium businesses, or private users (e.g., gamers) looking to
centralize their computer operations. Internet data centers are used by large corporations and companies whose
goods and services are provided to the public via their servers (e.g., Amazon's cloud storage and instant video
services, Apple's iCloud, etc.).
Enterprise or Internet, all data centers have certain features in common, including:
The data center facility. This is the physical location and “white space,” (i.e., the space available for servers and other
IT equipment).
Support Infrastructure This equipment is responsible for ensuring the data center has the highest uptime rate
possible. The opposite of downtime, uptime is the amount of time in a given period when a server, website, or
application is running properly.
The Uptime Institute (a third-party body that establishes and governs the criteria for data center layout and
management) has created four tiers under which data centers can fall. Uptime standards for these tiers range
99.671% to 99.995%, with Tier One having the lowest uptime minimum, and Tier Four having the highest.
The standards for each tier are as follows:
 Tier 1: Non-redundant capacity components (single data uplink and servers).
 Tier 2: Tier 1 plus redundant capacity components.
 Tier 3: Tiers 1 and 2, plus some dual-powered equipment and multiple data uplinks.
 Tier 4: Tiers 1, 2, and 3, plus fully fault-tolerant components and support tech, including storage, data
uplinks, and HVAC components. Everything in the center is dual-powered.
Support infrastructure components include:
 Environmental Control Systems:
o Computer room air conditioners (CRAC)
o Advanced exhaust systems (to remove excess heat and moisture)
o Heating, ventilation, and air conditioning (HVAC) systems
o Custom architectural design to maximize equipment performance (e.g., elevated floors)
 Uninterruptible power sources (UPS):
o Generators
o Redundant power sources
o Battery arrays
 Physical security:
o Video surveillance equipment
o Reinforced construction
o Biometrics (e.g., fingerprint and retina scanners)
Page 22 of 57
 o install the Right SensorProbe. For optimum security monitoring, choose a SecurityProbe model.
The SecurityProbe has the same easy-to-use web interface as the BitSight with a Linux operating
system that offers 128 MB of Flash and 64 MB of SDRAM. With 8 ports for sensors and connections
for 4 external cameras on each SecurityProbe, you can monitor all of your security conditions from a
single interface.
o Monitor All Potential Entry Points. In order for a security breach to occur, an unauthorized person
must be able to physically gain access to the data center and do so unnoticed. Make sure that doesn’t
happen by installing a security sensor on every door, window, or emergency exit that could provide
access to the data center. The security sensor has a magnetic open/close switch that will trigger an
automatic alert when any entry point is accessed.
o Install Motion Detectors. As another line of defense, install a motion detector at key locations that
will alert security personnel that a potential security issue is occurring. The Ravica motion sensor
has a RJ45 jack to plug directly into a port on the SecurityProbe.
o Integrate High Quality Security Cameras. Install a variety of security cameras including fixed and
Pan/Tilt cameras that can proactively capture crucial images as the events occur. With the Ravica
web-interface, you can set up notifications that will automatically trigger a time-stamped, picture log
when an event occurs with the security sensor, motion detector or any other sensor. The pictures
are captured in a standard JPEG format at up to 640 x 480 pixels, so you get a clear image of the
event.
o Send a LOUD and Clear Message Regarding Security. Not only can notifications be set up to send
email, voice, or text alerts to security personnel when a potential security breach is occurring; you
can also include a siren/strobe light that can be triggered automatically by an alarm status on any
other sensor. The siren/strobe can also be triggered manually from the web-interface, deterring
nefarious activity and giving a call-to-action signal to other personnel in the vicinity of the breach.
IT computers and equipment: This is the equipment necessary for running the organization's network and storing
its data. IT equipment includes:
 Servers
 Cabling
 Security hardware (e.g., firewalls, routers)
 Storage and racks
IT operations staff: These people monitor and maintain both the network and the hardware on which it resides—as
well as the infrastructure equipment that supports the entire data center—24/7.

Because instant and always-on access to the Internet or even a company intranet is now the norm, data centers run
'round the clock to ensure the content they contain is accessible at all times. In order to maximize uptime, they often
rely on a sophisticated array of redundant power supplies and data management systems. These systems can keep
websites, files, or applications available even if connection, power, or hardware issues arise.

3. DR (Disaster Recovery) Plan?

Setup a full replica of critical data from one location onto
another physical location that can scale

A Disaster Recovery plan typically includes creating a

duplicate of the original business site, with full computer
systems as well as near-complete backups of user data.
Following a disaster, businesses can relocate to normal
operations in a matter of hours with minimal losses.
IBackup now offers Disaster Recovery plan for data for
small to medium sized businesses. You can setup the
Disaster Recovery plan from your office to another
branch office or even to your home.
With a few simple steps, you can replicate the data that
can scale, one way from the primary location to the
secondary location.

Page 23 of 57
  Steps to setup your organization’s Data Disaster Recovery plan:
Step 1
Schedule regular transfers (Backup) from the primary center to your IBackup account. The data is transferred with all
possible optimizations including encrypted and compressed delta transfers and incremental transfers - i.e. only new
files and modified portions of the already backed up file(s) are backed up after the initial first backup.
Step 2
Schedule regular transfers (Restore) from IBackup account to your disaster recovery site. The data is transferred with
all possible optimizations as described in Step 1.
You can optimize the schedules of your backups and restore to keep data almost mirrored between primary and
disaster recovery sites, with minimal delay. This solution is reliable, scalable to multiple terabytes of data and
efficient. You will have primary and secondary locations with full copy of data, and in addition, a copy available on the
web accessible from anywhere.
Some key features that are part of the IBackup Disaster Recovery Solution:
 Highly scalable and reliable
 Data is encrypted with 256 bit AES with optional private key for additional security during transit
 Data is never deleted from the disaster recovery site even if it is deleted from the primary site
 Open files (such as quickbooks, outlook and other database type files) are also mirrored while they are in use

4. Disaster Recovery Site Selection: Factors and Approach?

Disaster recovery is an important aspect of a company’s strategy for providing uninterrupted services to its customers
and end users. With a robust DR/BCP program in-place, various business outcomes can be achieved. Some of them
are: improved business operations, improved performance, agility and availability, reduced disruptions and loss to
business, and higher customer satisfaction.
For a DR strategy to work as per design, one of the important contributors is DR site as it will define service
availability to customers during disasters. Further section details about factors to be considered for DR site selection
with an approach.
Factors to Consider
DR site is very crucial for any business as it will help to keep business running in adverse scenarios. DR site selection
is crucial decision as it will impact availability of services to client, RPO/RTO requirements and service performance.
Some of the factors which need to be considered are:
1. Data Center Tier – Datacenter tiers are divided across Tier 1 (basic datacenter with availability of 99.67%), Tier 2
(redundant infrastructure components with availability of 99.74%), Tier 3 (has all attributes of tier1 and 2 and in
addition has multiple distribution paths, dual powered etc. with availability of 99.98%) and Tier 4 (has all capabilities
of prior tiers with completely redundant and highly available infrastructure and availability of 99.995%). Based on
the requirement of various applications and availability, DR site tiers have to be decided.
2. Distance from Primary Data Center – Another factor which will help us determine site for DR is the distance
between primary and DR site. This is crucial since it will affect latency and performance of applications.
As an illustration, if DR data center is housed at a larger distance, client will not be able to mirror data in real time in
an effective manner. This will cause a risk that data will be lost if we need to switch to DR site in event of a disaster. On
other hand, if distance is too small, data backup will be efficient but it will pose other threats.
3. Seismic Zone Details – Seismic zone is a region where seismic activity remains fairly constant. Each nation has
divided entire area in various zones and the data is readily available in public domain. From DR site selection
perspective, Primary and DR sites should be preferably in different seismic zones as it will help to curb issues arising
from various seismic activities.
4. Environment Details – Next factor to consider is environment details of the area, these could be weather details,
environmental hazards etc. This will help to plan out various things like resource availability, environmental cleaning
mechanisms (if required), site construction and maintenance etc.
5. Third party services availability – For any datacenter site, we require to interact with a number of third parties and
service providers like utilities, telecom etc. This will become more critical in case of a DR site, as the site is not up and
running for 100% of the time. Two important considerations are Availability of service (whether service is available
24X7 for 365 days or for some limited period) and SLAs (what are the SLAs for the services provided by third parties?
This is critical parameter as based on this, company will confirm on the SLAs with business and its customers).
6. Accessibility of Data Center – Next factor will be accessibility to DR site. This will become crucial in case disaster
occurs and we need to switch operations to DR site. If the site is accessible, operations can be resumed faster. This will
focus on Modes of transportation to reach DR site, Proximity to airport etc.

Page 24 of 57
7. Capacity Available for Further Expansion – Capacity and scalability of DR site has to be looked into considering
future growth plans.
8. Network Latency – For DR strategy to work as per requirement, data has to be copied from primary datacenter to
DR. Network latency plays a major role in this and becomes a crucial factor while deciding for DR site.
9. Cost Implications – Last but not the least is cost implications of building a DR site at a particular location. This
involves both CAPEX and OPEX.
Once factors are finalized for DR site selection, next action will be to select a site based on it. Next section defines
about the approach for the same.
DR Site Selection – Approach
Approach for selecting a DR site is very similar to ones which we use for making most of business decisions. It
includes data collection, followed by assessment and decision. Before a company starts the process of site selection for
its DR Datacenter, company should have made a decision on Primary datacenter site and DR strategy is in place. Post
this, below approach will help to select a site for DR Datacenter:
Step 1 – Requirement gathering: During this phase, DR strategy and policies formulated by company should be well
understood. In addition to that various application requirements w.r.t. RPO/RTO and SLAs have to be collected and
documented.
Step 2 – Assessment: Post data collection, next step is to assess the requirements and finalize various factors that
need to be considered for site selection. Some of the above mentioned factors will help on the same.
Weighted score method can be used to work on various options that are available for DR site. Below diagram depicts
an illustrative weighted score method for site selection.
Step 3 – Decision/Report: Based on analysis, weighted score method and experience, final decision need to be taken
for DR site selection.
In summary, selecting a DR site is an important step in customer’s journey to build a world class infrastructure for
servicing its customers. With a well-defined DR strategy and site selection process, it will become easier for
companies to succeed in its business goals.

5. Business Continuity Plan

A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of
emergency or disaster. Such emergencies or disasters might include a fire or any other case where business is not able
to occur under normal conditions. Businesses need to look at all such potential threats and devise BCPs to ensure
continued operations should the threat become a reality. A business continuity plan involves the following:
1. Analysis of organizational threats
2. A list of the primary tasks required to keep the organization operations flowing
3. Easily located management contact information
4. Explanation of where personnel should go if there is a disastrous event
5. Information on data backups and organization site backup
6. Collaboration among all facets of the organization
7. Buy-in from everyone in the organization

 Importance:
Here are the top five ways a business continuity plan can help your organization minimize the effects of emergencies
and disasters:
1. Ensure important business operations continue. A business continuity plan helps identify even simple contingency
plans, such as installing generators at a hospital to ensure important equipment continues to operate during power
outages.
2. Allow for remote operation. A larger event, such as a fire or flood, could prevent your staff from getting to your
offices. A business continuity plan could include processes that would, for example, enable staff to work from a remote
location via laptops or tablet computers.
3. Protect your important assets, such as your customer and accounting data. An important aspect of business
continuity planning is identifying your key assets and ensuring they are stored in secured locations. In the case of data,
you may want to create a duplicate storage facility in a secondary location.
4. Reduce your downtime. Every hour your business is down costs you money. With a business continuity plan in place,
you will get back up and running more quickly.
Page 25 of 57
5. Prevent you from going out of business. During larger events, your business could be down for an extended period
of time, resulting in significant revenue losses. Ultimately, a business continuity plan could prevent your business from
going under.

Steps Regarding BCP

 1Document internal key personnel and backups. These are people who fill positions without which your business
absolutely cannot function – make the list as large as necessary but as small as possible.

 Consider which job functions are critically necessary, every day. Think about who fills those positions when
the primary job-holder is on vacation.
 Make a list of all those individuals with all contact information including business phone, home phone, cell
phone, pager, business email, personal email, and any other possible way of contacting them in an emergency
situation where normal communications might be unavailable.
 2Identify who can telecommute. Some people in your company might be perfectly capable of conducting
business from a home office. Find out who can and who cannot.
 You might consider assuring that your critical staff (identified in Step 1) can all telecommute if necessary.
 3Document external contacts. If you have critical vendors or contractors, build a special contact list that includes
a description of the company (or individual) and any other absolutely critical information about them including key
personnel contact information.
 Include in your list people like attorneys, bankers, IT consultants...anyone that you might need to call to assist
with various operational issues.
 Don’t forget utility companies, municipal and community offices (police, fire, water, hospitals) and the post
office!
 4Document critical equipment. Personal computers often contain critical information (you do have off-site
backups, don’t you?).
 Some businesses cannot function even for a few hours without a fax machine. Do you rely heavily on your
copy machine? Do you have special printers you absolutely must have?
 Don’t forget software – that would often be considered critical equipment especially if it is specialized
software or if it cannot be replaced.
 5Identify critical documents. Articles of incorporation and other legal papers, utility bills, banking information,
critical HR documents, building lease papers, tax returns...you need to have everything available that would be
necessary to start your business over again.
 Remember, you might be dealing with a total facility loss. Would you know when to pay the loan on your
company vehicles? To whom do you send payment for your email services?
 6Identify contingency equipment options. If your company uses trucks, and it is possible the trucks might be
damaged in a building fire, where would you rent trucks? Where would you rent computers? Can you use a business
service outlet for copies, fax, printing, and other critical functions?

Page 26 of 57
 7Identify your contingency location. This is the place you will conduct business while your primary offices are
unavailable.
 It could be a hotel – many of them have very well-equipped business facilities you can use. It might be one of
your contractors’ offices, or your attorney’s office.
 Perhaps telecommuting for everyone is a viable option.
 If you do have an identified temporary location, include a map in your BCP. Wherever it is, make sure you
have all the appropriate contact information (including people’s names).
 8Make a "How-to". It should include step-by-step instructions on what to do, who should do it, and how.
 List each responsibility and write down the name of the person assigned to it. Also, do the reverse: For each
person, list the responsibilities. That way, if you want to know who is supposed to call the insurance
company, you can look up "Insurance." And if you want to know what Joe Doe is doing, you can look under
"Joe" for that information.
 9Put the information together! A BCP is useless if all the information is scattered about in different places. A BCP
is a reference document – it should all be kept together in something like a 3-ring binder.
 Make plenty of copies and give one to each of your key personnel.
 Keep several extra copies at an off-site location, at home and/or in a safety-deposit box.
 10Communicate. Make sure everyone in your company knows the BCP.
 Hold mandatory training classes for each and every employee whether they are on the critical list or not. You
do not want your non-critical staff driving through an ice storm to get to a building that has been damaged by
fire then wondering what to do next.
 11Test the plan! You’ve put really good ideas down, accumulated all your information, identified contingency
locations, listed your personnel, contacts and service companies, but can you pull it off?
 Pick a day and let everyone know what’s going to happen (including your customers, contractors and
vendors); then on that morning, act as though your office building has been destroyed. Make the calls – go to
the contingency site.
 One thing you will definitely learn in the test is that you haven’t gotten it all just exactly right. Don’t wait until
disaster strikes to figure out what you should do differently next time. Run the test.
 If you make any major changes, run it again a few months later. Even after you have a solid plan, you should
test it annually.
 12Plan to change the plan. No matter how good your plan is, and no matter how smoothly your test runs, it is
likely there will be events outside your plan. The hotel you plan to use for your contingency site is hosting a huge
convention. You can’t get into the bank because the disaster happened on a banking holiday. The power is out in your
house. The copy machine at the business services company is broken. Your IT consultant is on vacation.
 13Review and revise. Every time something changes, update all copies of your BCP.
 Never let it get out of date. An out-of-date plan can be worse than useless: it can make you feel safe when you
are definitely not safe.

6. Data security through Encryption & Decryption?

In cryptography, encryption is the process of encoding messages (or information) in such a way that third parties
cannot read it, and only authorized parties can. Encryption doesn't prevent hacking but it prevents the hacker from
reading the data that is encrypted. In an encryption scheme, the message or information (referred to as plaintext) is
encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.). This is usually done with the
use of an encryption key, which specifies how the message is to be encoded. Any adversary that can see the ciphertext
should not be able to determine anything about the original message. An authorized party, however, is able to decode
the ciphertext using a decryption algorithm, that usually requires a secret decryption key, that adversaries do not
have access to. For technical reasons, an encryption scheme usually needs a key-generation algorithm to randomly
produce keys.
To encrypt more than a small amount of data, symmetric encryption is used. A symmetric key is used during both the
encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the
data must be used.
The goal of every encryption algorithm is to make it as difficult as possible to decrypt the generated ciphertext
without using the key. If a really good encryption algorithm is used, there is no technique significantly better than
methodically trying every possible key. For such an algorithm, the longer the key, the more difficult it is to decrypt a
piece of ciphertext without possessing the key.

Page 27 of 57
It is difficult to determine the quality of an encryption algorithm. Algorithms that look promising sometimes turn out
to be very easy to break, given the proper attack. When selecting an encryption algorithm, it is a good idea to choose
one that has been in use for several years and has successfully resisted all attacks.

7. Digital Signature? Digital Signature & Data Genuineness

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or
the signer of a document, and possibly to ensure that the original content of the message or document that has been
sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be
automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender
cannot easily repudiate it later.
A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver
can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital
signature of the certificate-issuing authority so that anyone can verify that the certificate is real.

 Digital Signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason to believe that the message was created by a
known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution,
financial transactions, and in other cases where it is important to detect forgery or tampering. In some countries,
including the United States, India, and members of the European Union, electronic signatures have legal significance.

 Uses of digital signatures

 Authentication: Although messages may often include information about the entity sending a message, that
information may not be accurate. Digital signatures can be used to authenticate the source of messages. When
ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the
message was sent by that user. The importance of high confidence in sender authenticity is especially obvious
in a financial context. For example, suppose a bank's branch office sends instructions to the central office
requesting a change in the balance of an account. If the central office is not convinced that such a message is
truly sent from an authorized source, acting on such a request could be a grave mistake.
 Integrity: In many scenarios, the sender and receiver of a message may have a need for confidence that the
message has not been altered during transmission. Although encryption hides the contents of a message, it
may be possible to change an encrypted message without understanding it. (Some encryption algorithms,
known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any
change in the message after signature will invalidate the signature. Furthermore, there is no efficient way to
modify a message and its signature to produce a new message with a valid signature, because this is still
considered to be computationally infeasible by most cryptographic hash functions (see collision resistance).
 Non-repudiation: Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of
digital signatures. By this property, an entity that has signed some information cannot at a later time deny
having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid
signature

 Digital Signature & Data Genuineness

Just as handwritten signatures or physical thumbprints are commonly used to uniquely identify people for legal
proceedings or transactions, so digital signatures ("digital thumbprints") are commonly used to identify electronic
entities for online transactions. A digital signature uniquely identifies the originator of digitally signed data and also
ensures the integrity of the signed data against tampering or corruption.
One possible method for creating a digital signature is for the originator of data to create the signature by encrypting
all of the data with the originator's private key and enclosing the signature with the original data. Anyone with the
originator's public key can decrypt the signature and compare the decrypted message to the original message.
Because only someone with the private key can create the signature, the integrity of the message is verified when the
decrypted message matches the original. If an intruder alters the original message during transit, the intruder cannot
also create a new valid signature. If an intruder alters the signature during transit, the signature does not verify
properly and is invalid.

Page 28 of 57
 8. RSA Data Security Digital
Signature Process
In the RSA digital signature process, the private
key is used to encrypt only the message digest.
The encrypted message digest becomes the digital
signature and is attached to the original data.
Figure 14.7 illustrates the basic RSA Data Security
digital signature process.

To verify the contents of digitally signed data, the

recipient generates a new message digest from the
data that was received, decrypts the original
message digest with the originator's public key,
and compares the decrypted digest with the newly
generated digest. If the two digests match, the
integrity of the message is verified. The identify of
the originator also is confirmed because the public
key can decrypt only data that has been encrypted
with the corresponding private key.

9. Data Warehouse
A Data Warehouse or Enterprise Data Warehouse (DW, DWH, or EDW) is a database used for reporting and data
analysis. It is a central repository of data which is created by integrating data from one or more disparate sources.
Data warehouses store current as well as historical data and are used for creating trending reports for senior
management reporting such as annual and quarterly comparisons.
The data stored in the warehouse are uploaded from the operational systems. The data may pass through an
operational data store for additional operations before they are used in the DW for reporting.
The typical ETL-based data warehouse uses staging, data integration, and access layers to house its key functions. The
staging layer or staging database stores raw data extracted from each of the disparate source data systems. The
integration layer integrates the disparate data sets by transforming the data from the staging layer often storing this
transformed data in an operational data store (ODS) database. The integrated data are then moved to yet another
database, often called the data warehouse database, where the data is arranged into hierarchical groups often called
dimensions and into facts and aggregate facts. The combination of facts and dimensions is sometimes called a star
schema. The access layer helps users retrieve data.
 Benefits of a data warehouse:
 A data warehouse maintains a copy of information from the source transaction systems.
 Gather data from multiple sources into a single database so a single query engine can be used to present data.
 Mitigate the problem of database isolation level lock contention in transaction processing systems caused by
attempts to run large, long running, analysis queries in transaction processing databases.
 Maintain data history, even if the source transaction systems do not.
 Integrate data from multiple source systems, enabling a central view across the enterprise. This benefit is
always valuable, but particularly so when the organization has grown by merger.
 Improve data quality, by providing consistent codes and descriptions, flagging or even fixing bad data.
 Present the organization's information consistently.
 Provide a single common data model for all data of interest regardless of the data's source.
 Restructure the data so that it makes sense to the business users.
 Restructure the data so that it delivers excellent query performance, even for complex analytic queries,
without impacting the operational systems.
 Add value to operational business applications, notably customer relationship management (CRM) systems

Page 29 of 57
10. How to ensure data security in banks?

1. User ID Maintenance: Each user must have a unique User ID and a valid password. User ID shall be locked
up after 3 unsuccessful login attempts. User ID and password shall not be same. User ID Maintenance form
with access privileges shall be duly approved by the appropriate authority. Access privileges shall be
changed/ locked within 24 hours or as per bank's policy when users' status changed or user left the bank.
2. Password Control: The password definition parameters ensure that minimum password length is specified
according to the Bank's ICT Security Policy (at least 6 characters, combination of uppercase, lowercase,
numbers & may include special characters). Administrative password of Operating System, Database and
Banking Application shall be kept in sealed envelope and kept in a safe custody (centralized/decentralized).
The maximum validity period of password shall not be beyond the number of days permitted in the Bank's
ICT Security Policy (within 30 to 90 days cycle).
3. Input Control: Software shall not allow the same user to be both maker and checker of the same transaction.
Management approval must be in place for delegation of authority. The system shall be restricted from being
accessed especially in sensitive data/fields.
4. Network Security: The Network Design and its security shall be implemented under a documented plan.
Physical security for the network equipment shall be ensured. Specifically: Access shall be restricted and
controlled. Network equipment shall be housed in a secure environment. Unauthorized access and electronic
tampering shall be controlled strict Firewall shall be in place on the network for any external connectivity.
There shall be a system to detect unauthorized intruder in the network. Connection of personal laptop to
office LAN or any personal wireless modem with the office laptop/desktop must be secured.
5. Data Encryption: Mechanism shall be in place to encrypt and decrypt sensitive data travelling through WAN
or public network.
6. Virus Protection: Anti‐virus software shall be installed in each server and computer whether it is connected
to network or not. Virus auto protection mode shall be enabled. Anti‐virus software shall always be updated
with the latest virus definition file. All computers in the network shall get updated signature of anti‐virus
software automatically from the server.

11. Digital Bangladesh:

The use of information and communication technology has been playing a vital role in the 21st century due to
globalization and the government is encouraged to adapting with the coming future. The democratic
government has declared the “Vision 2021” in the election manifesto which targets establishment of a
resourceful and modern country by 2021 through effective use of information and communication
technology-a “Digital Bangladesh”.
“Digital Bangladesh” does not only mean the broad use of computers, perhaps it means the modern
philosophy of effective and useful use of technology in terms of implementing the promises in education,
health, job placement, poverty reduction etc. Therefore, the government underscores a changing attitude,
positive thinking and innovative ideas for the success of “Digital Bangladesh”.
The philosophy of “Digital Bangladesh” comprises ensuring people’s democracy and rights, transparency,
accountability, establishing justice and ensuring delivery of government services in each door through
maximum use of technology-with the ultimate goal to improve the daily lifestyle of general people.
Government’s “Digital Bangladesh” includes all classes of people and does not discriminate people in terms of
technology. Hence, government have emphasized on the four elements of “Digital Bangladesh Vision” which
are human resource development, people involvement, civil services and use of information technology in
business.

Page 30 of 57
 Chapter Five
ICT Policy and IT Audit
1. Information and Communications Technology (Ict) Audit? Need for IT Audit?
2. Audit Trail?
3. ICT Policy scenario in Bangladesh?
4. Audit trail:
5. Cyber Crime:
6. Objective of ICT policy:
7. Cyber law in Bangladesh

1. Information and communications technology (ICT) Audit? Need for IT Audit?

 IT AUDIT
IT audit is the process of collecting and evaluating evidence to determine whether a computer system has been
designed to maintain data integrity, safeguard assets, allows organisational goals to be achieved effectively and uses
resources efficiently. An effective information system leads the organisation to achieve its objectives and an efficient
information system uses minimum resources in achieving the required objectives. IT auditors must know the
characteristics of users of the information system and the decision-making environment in the auditee organisation
while evaluating the effectiveness of any system.
Use of computer facilities has brought about radically different ways of processing, recording and controlling
information and has combined many previously separated functions. The potential for material systems error has
thereby been greatly increased causing great costs to the organisation. The highly repetitive nature of many computer
applications means that small errors may lead to large losses. For example, an error in the calculation of income tax to
be paid by employees in a manual system will not occur in each case, but once an error is introduced in a
computerised system, it will affect each case. This makes it imperative for the auditor to test the invisible processes
and to identify the vulnerabilities in a computer information system, as through errors and irregularities, the costs
involved can be high.

 NEED FOR IT AUDIT

Management employing the use of information systems have objectives and
expectations of what they intend to achieve from the large investment made in utilising technology. Reasons for
implementing ICT within the organisation include the desire to obtain business value through reduced costs, greater
effectiveness, enhanced efficiency and/or increased service delivery. It is against these objectives that an IT auditor is
required to provide management assurance. Typically, management’s goals and objectives in utilising technology to
support business processes include:
• Confidentiality;
• Integrity;
• Availability;
• Reliability; and
• Compliance with legal and regulatory requirements.
Underpinning these goals and objectives is the need to ensure information technology, and the controls supporting
such technology, assists the organisation to achieve its business objectives (effectiveness) with appropriate use of
resources (efficiency).

 Confidentiality
Confidentiality concerns the protection of sensitive information from unauthorised disclosure.Consideration needs to
be given to the level of sensitivity to the data, as this will determine how stringent controls over its access should
be.Management need assurance of the organisation’s ability to maintain information confidential, as compromises in
confidentiality could lead to significant public reputation harm, particularly where the information relates to sensitive
client data.

Page 31 of 57
  Integrity
Integrity refers to the accuracy and completeness of information as well as to its validity in accordance with business
values and expectations. This is an important audit objective to gain assurance on because it provides assurance to
both management and external report users that the information produced by the organisation’s information systems
can be relied and trusted upon to make business decisions.
 Availability
Availability relates to information being available when required by the business process now and in the future. It also
concerns the safeguarding of necessary resources and associated capabilities. Given the high-risk nature of keeping
important information stored on computer systems, it is important that organisations gain assurance that the
information they need for decision-making is available when required. This implies ensuring that the organisation has
measures in place to ensure business continuity and ensuring that recovery can be made in a timely manner from
disasters so that information is available to users as and when required.
 Reliability
Reliability refers to the degree of consistency of a system or the ability of a system (or component) to perform its
required function under stated conditions.Reliability is an important audit objective in order to provide assurance
that the system consistently operates and performs its stated functions as expected.
 Compliance with Legal and Regulatory Requirements
Compliance deals with complying with those laws, regulations and contractual obligations to which the business
process is subject, that is, externally imposed business criteria. Management and key stakeholders require assurance
that necessary compliance procedures have been put in place, as there is a potential risk that the organisation could
incur penalties should legal and regulatory procedures not be enforced.

2. Audit Trail?
A record showing who has accessed a computer system and what operations he or she has performed during a given
period of time. Audit trails are useful both for maintaining security and for recovering lost transactions. Most
accounting systems and database management systems include an audit trail component. In addition, there are
separate audit trail software products that enable network administrators to monitor use of network resources.
An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of
records that provide documentary evidence of the sequence of activities that have affected at any time a specific
operation, procedure, or event. Audit records typically result from activities such as financial transactions, scientific
research and health care data transactions or communications by individual people, systems, accounts, or other
entities.
The process that creates an audit trail is typically required to always run in a privileged mode, so it can access and
supervise all actions from all users; a normal user should not be allowed to stop/change it. Furthermore, for the same
reason, trail file or database table with a trail should not be accessible to normal users. Another way of handling this
issue is through the use of a role-based security model in the software. The software can operate with the closed-
looped controls, or as a 'closed system,' as required by many companies when using audit trail functionality.
In accounting, an audit trail is the sequence of paperwork that validates or invalidates accounting entries. In
computing, the term is also used for an electronic or paper log used to track computer activity. For example, a
corporate employee might have access to a section of a network in a corporation such as billing but be unauthorized
to access all other sections. If that employee attempts to access an unauthorized section by typing in passwords, this
improper activity is recorded in the audit trail.

3. ICT Policy scenario in Bangladesh?

Objective of ICT policy:

Vision Expand and diversify the use of ICTs to establish a transparent, responsive and accountable government;
develop skilled human resources; enhance social equity; ensure cost-effective delivery of citizen-services through
public-private partnerships; and support the national goal of becoming a middle-income country within 2021 and join
the ranks of the developed countries of the world within thirty years.

Page 32 of 57
  Objectives

Social Equity:
Ensure social equity, gender parity, equal opportunity and equitable participation in nation-building through access to
ICTs for all, including persons with disabilities and special needs Productivity: Achieve higher productivity across all
economic sectors including agriculture and SMME (small, medium and micro enterprises) through the use of ICTs.

Integrity: Achieve transparency, accountability, responsiveness and higher efficiency in the delivery of citizen-
services. Education and Research: Expand the reach and quality of education to all parts of the country using ICTs,
ensure computer literacy at all levels of education and public service and facilitate innovation, creation of intellectual
property and adoption of ICTs through appropriate research and development.
Employment Generation: Enlarge the pool of world-class ICT professionals to cater to the local and overseas
employment opportunities.
Strengthening Exports: Ensure a thriving software, ITES and IT manufacturing industry to meet domestic and global
demands and thereby increase foreign exchange earnings, attract foreign direct investments and reduce dependence
on imports.
Healthcare: Ensure quality healthcare to all citizens by innovative application of ICTs.
Universal Access: Ensure connectivity to all as a public service obligation (PSO).
Environment, Climate and Disaster Management: Enhance creation and adoption of environment-friendly green
technologies, ensure safe disposal of toxic wastes, minimize disaster response times and enable effective climate-
change management programs through use of ICTs as Bangladesh is facing the dual scourge of environmental
pollution due to rising industrial and consumer wastes and also global-warming-induced climate-change due to
excessive carbon emissions of the industrialized countries.

 Importance Given to ICT

 ICT has been given considerable importance from the Prime Minister’s Office in the last few years
 A National ICT Task Force has been formed which is headed by the Honorable Prime Minister
 The Executive Committee of the National ICT Task Force, headed by the Honorable Principal Secretary,
administers the implementation of decisions taken by the Task Force
 A program called the Support to ICT Task Force (SICT) has been initiated, with financial support from the
Government, to provide implementation and monitoring support to the Task Force.
 The Ministry of Science and Technology has been renamed as the Ministry of Science and ICT and has been
entrusted the duty of working as the primary hub for ICT policy and implementation in the country.
 The Ministry of Science and ICT has come up with a comprehensive ICT Policy in 2002.
 The Ministry of Post and Telecom has also come up with a National Telecom Policy in 1998 (time for a revised
policy)

 Status of ICT Policy & Implementation

Broad Areas
 ICT Infrastructure
 ICTE and Capacity Building
 Support to ICT Industry
 Applications of ICTs for Socio-Economic Development
 Regulatory Issues
 Financing of ICT-Related Projects
 Research and Development in ICT
Structure (ICTE and capacity building)
 Policy
 What Has Been Achieved
 What Has NOT Been Achieved

Page 33 of 57
  ICTE and capacity building

Policy
 Facilities shall be built to promote ICT training and computer aided training at all levels of education
including Primary Schools and Madrasahs.
 Universities, Bangladesh Institutes of Technology and colleges, both in the public and private sectors,
shall be strengthened to produce ICT graduates in four-year Computer Science and/or Engineering
courses.
 Establish multimedia institutes up to district level.
 Diploma and Trade Certificate in ICT will be offered in both public and private institutes including
Polytechnics.
 Use the potential of ICT for delivery of distance education to help stretch the country’s limited
teaching resources and ensure quality education to all.
 Preference shall be given to ICT literate candidates for the purpose of recruitment in public offices.
ICT-literacy shall also be evaluated in the Annual Confidential Report (ACR) of officials to ensure
utilization of ICTs in the public services.

What Has Been Achieved

 Computer science as a course has been introduced at the high school level, but has not been
mandatory. A fair number of students are taking this course at the high school level.
 Almost all public and private universities pay particular emphasis on training students in ICT-related
fields.
 Different public offices have taken up initiatives to provide ICT training to government officials and
staff.
 The Ministry of Science and ICT and its subsidiary Bangladesh Computer Council are playing
important roles in training public officials, school teachers and also citizens at low cost.
 Private ICT training institutes have sprung up in large numbers over the last few years in major
urban centers.
 The Ministry of Science and ICT has introduced an ICT Internship Program in cooperation with the
private sector, to support the development of quality professionals for the ICT industry.

 What Has NOT Been Achieved

 Due to lack of adequate number of working computers in public high schools at rural level and lack of
sufficiently trained teachers, most students do not get enough exposure to ICT.
 Not enough jobs are getting created to absorb the ICT-trained human resources.
 Much of the government IT training is isolated and project-based – a coordinated national effort to
build ICT capacity in the government is yet to be implemented.
 ICT-based education is not a policy priority.
 Excessive emphasis on computerization without sufficient consideration to enabling factors such as
teachers training, curriculum modernization etc.
 In government recruitment and promotion, IT skills is still not taken into consideration

4. Cyber Crime:
Cyber crime refers to all activities done with criminal intent in cyberspace. These fall into three slots.
 Against persons
 Against Business and Non-business organizations
 Crime targeting the government

Cyber crime is the unlawful act wherein the computer information technology is used either as a tool or a target or
both. Cybercrime covers many crimes. The computer itself is a tool that may be used for an unlawful act. This kind of
activity usually involves modification of a conventional crime by using computers.
This kind of activity usually involves modification of a conventional crime by using computers. The following are the
examples of cybercrime-
Financial crime: Financial crimes include cheating, credit card frauds, money laundering etc.
Cyber Pornography: Cyber Pornography includes pornographic websites, pornographic magazines produced by
using computer and the Internet to download and transmit pornographic pictures, photos, writings etc
Page 34 of 57
.
Sale of Illegal Articles: Sale of illegal articles includes sale of narcotics, weapons and wildlife, illegal medicine etc.
This can be by posting information on websites, auction websites and bulletin boards or simply by using e-mail
communications. Many of the auction sites are believed to be selling cocaine in the name of honey.
Online Gambling : There are millions of websites, all hosted on servers abroad that offer online gambling. In fact, it is
believed that many of these websites are actually fronts for money laundering .
Intellectual Property Crimes: These include software piracy, copyright infringement, trademarks violations, theft of
computer source code etc.
E-mail spoofing: A spoofed email is that email which appears to originate from one source but actually has been sent
from another source. This can also be termed as E-mail forging.
Forgery: Counterfeit currency notes, postage and revenue stamps, mark sheets etc. can be forged using sophisticated
computers, printers and scanners. This is becoming a booming business now a days.
Cyber Defamation : This occurs when defamation takes place with the help of computers and or the Internet e.g.
someone publishes defamatory matter about someone on websites or sends e-mail to his friends containing
defamatory information.
Cyber Stalking :Cyber stalking involves a person’s movements across the Internet. The person sends the message on
the bulletin boards frequently to the victim. He can enter chat rooms and disturb the victim by constantly sending
emails.

5. Cyber law in Bangladesh

In the Information Communication Technology Act of Bangladesh does not define what the Cyber law by any section
is. But Cyber laws are contained in the Information and Communication Technology Act, 2006. Therefore this Act
provide the legal infrastructure for e-commerce others legal solution relating with cyber crime in Bangladesh. The
said Act enable (a) Legal recognition of electronic transaction, (b) Legal recognition of digital signature, (c)
Acceptance to con-tract expressed by electronic means, (d) e-commerce and electronic form, (f) publication of official
gazette in the electronic form, (g) prevention of computer crime, forged electronic records, international alteration of
electronic records fraud, forgery or falsification in e-commerce and electronic transaction, (h) and others solutions of
the crime relation with information Communication Technology.

Page 35 of 57
 Chapter Six
Modern Banking
1. Personal Banking?
2. Online Banking?
3. Mobile Banking?
4. What Is ANY BRANCH BANKING?
5. Difference between Debit Card & Credit Card?
6. Master Card & VISA Card?
7. P/N (Personal identification number)
8. Smart Card
9. Online Banking:
10. Sms banking:
11. Mobile Banking:
12. Smart Card?
13. Website?
14. Plastic Money?
15. Difference between OMR, OCR, and MICR?
16. “ATM has made our life easy”-Explain.
17. CHIPS
18. Internet Banking:
19. Difference between smart card & other cards:

1. Personal Banking?
PC banking refers to a person being able to access their banking information from a "personal computer." It has
become a popular method for people to manage money and pay bills using online servers to log in to their account and
pay bills, transfer money between accounts and reconcile check ledgers.”
Example of Personal Banking Is-
ATM:-“Automated Teller Machines (ATM) are computerized machines that allow customers to conduct basic banking
transactions without an attendant or bank teller.”
How Does It Works:-
ATM Processing is similar to credit card processing, except with ATM Machines the processing center uses ATM
networks instead of credit networks. To begin with, we will have to program or re-programmed your ATM machine
with a TID (terminal ID number) assigned to your ATM at location . This is the number that identifies your ATM
machine on our ATM processing system
Before a transaction can be processed, the ATM machines must receive authorization from the customer's native
bank, such as confirmation that the customer has sufficient funds in his account to permit cash withdrawal. Interbank
networks allow this authorization process to take place in seconds.
Personal Banking Used For:-
Transactional:-
 Bill payments and wire transfers to third parties,
 Fund transfer between customer's transactional and savings account,
 Sale and purchase of investments,
 Applications and transactions for loans and enrollment repayments.
Non-Transactional:-
 Analyzing recent transactions,
 Downloading bank statements,
 Viewing paid cheques.
 Financial Institution Administration
 Transaction approval process
Page 36 of 57
 2. Online Banking?
A system allowing individuals to perform banking activities at home, via the internet. Some online banks are
traditional banks which also offer online banking, while others are online only and have no physical presence. Online
banking through traditional banks enable customers to perform all routine transactions, such as account transfers,
balance inquiries, bill payments, and stop-payment requests, and some even offer online loan and credit card
applications. Account information can be accessed anytime, day or night, and can be done from anywhere. A few
online banks update information in real-time, while others do it daily.

Online banking enables bank customers to handle account management and perform account transactions directly
with the bank through the internet. This is also known as internet banking
“Online banking enables bank customers to handle account management and perform account transactions directly
with the bank through the internet. This is also known as internet banking.”
Online Banking Used For:-
Personal financial management support- Importing data to personal accounts software. Supporting account
aggregation which allows the customers to manage all of their accounts in one place irrespective of their location.

3. Mobile Banking?
Mobile Banking refers to provision and availment of banking- and financial services with the help of mobile
telecommunication devices. The scope of offered services may include facilities to conduct bank and stock market
transactions, to administer accounts and to access customized information.“
OR
“Mobile banking through cell phone is really catching up. Now you can access your account, transfer funds or make
payments with your mobile. Mobile connectivity is vast and this makes mobile banking very successful.”
 Benefits of Mobile Banking:-
 In case of online banking, you must have an internet connection and a computer. However, with mobile
banking, connectivity is not a problem. You can find mobile connectivity in the remotest of places also where
having an internet connection is a problem.
 Mobile banking thorough cell phone is user friendly. The interface is also very simple. You just need to follow
the instructions to make the transaction. It also saves the record of any transactions made.
 Cell phone banking is cost effective. Various banks provide this facility at a lower cost as compared to banking
by self.
 Banking through mobile reduces the risk of fraud. You will get an SMS whenever there is an activity in your
account. This includes deposits, cash withdrawals, funds transfer etc. You will get a notice as soon as any
amount is deducted or deposited in your account.
 Banking through cell phone benefits the banks too. It cuts down on the cost of tele- banking and is more
economical.
 Mobile banking through cell phone is very advantageous to the banks as it serves as a guide in order to help
the banks improve their customer care services.
 Banks can be in touch with their clients with mobile banking.
 Banks can also promote and sell their products and services like credit cards, loans etc. to a specific group of
customers.
 Various banking services like Account Balance Enquiry , Credit/Debit Alerts, Bill Payment Alerts, Transaction
History, Fund Transfer Facilities, Minimum Balance Alerts etc. can be accessed from your mobile.
 You can transfer money instantly to another account in the same bank using mobile banking.
 You can make transactions or pay bills anytime. It saves a lot of time.

4. What is ANY BRANCH BANKING?

Any Branch Banking (ABB) is a facility for our customers to operate their account from any of our networked
branches. The branch where the customer maintains his account is the base branch and the branch from
where he carries out his transactions is referred as the remote branches. Any Branch Banking facility is
available in ALL branches of Corporation Bank.

 FACILITIES available under ABB:

Cash Withdrawal: You can withdraw cash from your account from any of our Core connected branches by
presenting a self drawn cheque. This facility is not extended for withdrawals by any third party. Maximum
Page 37 of 57
 amount of cash that can be withdrawn across the Bank on a particular day is Rs One Lakh only
Cash Deposit: Deposit cash for credit of your account through any of our core connected branches. Maximum
amount of cash that can be deposited across the Bank on a particular day is Rs One Lakh only
Fund Transfers: Instantly transfer funds between your accounts or between your account and any third
party account maintained at different core connected branches.
Purchase of Demand Drafts / Pay Orders: Purchase demand drafts / pay orders at any remote branch by
debiting your account maintained at the base branch.
Deposit of Local Cheques: You can deposit local cheques at remote branches for credting the proceeds after
realization to your account maintained at base branches.
Stop Payment facility at Remote Branches: You can give instructions to Stop Payment of cheques issued by
you at any of our branches by simply giving a written request. You can also revoke the stop payment
instruction issued by you earlier
Repayment to Loan accounts: Now you can make repayments to your loans such as Home Loan, Vehicle
Loan, etc. held with your branch through any of the Corp Bank Branches by Cash / Local cheque.

5. “ATM has made our life easy”-Explain.

An automated teller machine (ATM), also known as automatic banking machine (ABM), Cash Machine, or Cashpoint, is
a computerized telecommunications device that provides the clients of a financial institution with access to financial
transactions in a public space without the need for a cashier, human clerk or bank teller. It allows the bank clients for
banking services round the clock i.e. 24 hours. On most modern ATMs, the customer is identified by inserting a plastic
ATM card with a magnetic stripe or a plastic smart card with a chip that contains a unique card number and some
security information such as an expiration date or CVVC (CVV). Authentication is provided by the customer entering a
personal identification number (PIN).
Services Offered by ATMs:
I. Cash deposit/ cash withdrawal
II. Balance inquiry
III. Fund transfer
IV. Standing instruction
V. Utility bill payment
VI. Making payments for application for IPOs
Advantages of ATMs:
1. ATM provides 24 hours service: ATMs provide service round the clock. The customer can withdraw cash upto a
certain a limit during any time of the day or night.
2. ATM gives convenience to bank's customers: ATMs provide convenience to the customers. Now-a-days, ATMs are
located at convenient places, such as at the air ports, railway stations, etc. and not necessarily at the Bank's premises.
It is to be noted that ATMs are installed off-site (away from bank premises) as well as on site (installed within bank's
premises). ATMs provide mobility in banking services for withdrawal.
3. ATM reduces the workload of bank's staff: ATMs reduce the work pressure on bank's staff and avoids queues in bank
premises.
4. ATM provides service without any error: ATMs provide service without error. The customer can obtain exact amount.
There is no human error as far as ATMs are concerned.
5. ATM is very beneficial for travelers: ATMs are of great help to travelers. They need not carry large amount of cash
with them. They can withdraw cash from any city or state, across the country and even from outside the country with
the help of ATM.
6. ATM may give customers new currency notes: The customer also gets brand new currency notes from ATMs. In other
words, customers do not get soiled notes from ATMs.
7. ATM provides privacy in banking transactions: Most of all, ATMs provide privacy in banking transactions of the
customer.

6. P/N (Personal identification number)

A personal identification number is a secret numeric password shared between a user and a system that can be used
to authenticate the user to the system. PINs are most often used for ATMs but are increasingly used at the Point of
sale, for debit cards and credit cards. Apart from financial uses, GSM mobile phones usually allow the user to enter PIN
between 4 and 8 digits length. The PIN is recorded in the SIM card.
Page 38 of 57
 7. Difference between Debit Card & Credit Card?
A debit card is either linked to a bank account or is a prepaid card. In either case, the card draws on funds that the
consumer (owner of the card) has already deposited with a financial institution.
a credit card is a kind of loan. When a consumer uses a credit card, the financial institution fronts to the consumer
credit (a loan). Purchases are totaled and billed monthly and the user pays a few weeks after receiving the monthly
bill.
Comparison chart
Credit Card Debit Card
Funds taken from the money that you have
Where money Borrowing money from a bank or financial institution.
in your bank account. (Spending your
comes from (Spending "other's" money)
"own" money)
Debit or credit card i.e., a debit card may be
Can be used as Credit card only used without a PIN for certain types of
transactions such as e-commerce.
Line of Credit Carries Line of Credit No Line of Credit
Usually not. However, some credit cards may provide
PINs to allow consumers to withdraw money from ATMs PIN number provided, but not always
PIN Number
just like debit cards. Such withdrawals are generally a asked to punch in.
bad idea because they carry high fees and interest rates.
Picture ID
required
Yes No
before
issuance
No interest is charged because no money is
If a credit card bill is not paid in full, interest is charged
Interest borrowed. Consumer's own funds are used
on outstanding balance and the interest rate is very high.
to make purchases.
Responsible credit card usage and payment can improve
one's credit rating. Credit cards typically report account
Credit History Does not affect credit history.
activity to at least one of the three major credit bureaus
on a monthly basis.
Lean. Consumer liability limit for debit
Strict. Consumer liability limit for credit card fraud is $50
Legal Liability card fraud is $50 if the bank is notified
if the credit card company is notified within 60 days in
laws within two days of noticing the fraudulent
written since the fraudulent charges.
charges.
High, as they are attached to a bank
Low. Consumers are protected against unauthorized
account. A person does not need a PIN
purchases as long as the fraud is reported in a timely
Risk involved number to use a debit card and therefore
manner. Consumers are not responsible for charges
can easily drain a persons bank account,
incurred in fraudulent transactions.
causing extreme problems.
With a debit card the person has to figure
Only problem is proving that someone else has used the out how to get their money back and if any
Fraud
card. checks bounced they are responsible for
those as well.
Credit line, which can be increased/decreased from the
Limit Equals your account limit.
time of applying.
Low. Some credit card companies allow to overdraw High "overdraft" fees. Possible to overdraw
Overdraw Fees
amount over the maximum credit line with a fee. amount over the account limit
Connected to Need not be connected to any bank account. Checking or Savings Account
Monthly bills Yes No
Offers Sometimes. For example, extended
Often. For example, extended warranties on new
protection and warranties on new products, or insurance
products, or insurance on a rental car.
other benefits on a rental car.

Page 39 of 57
 8. Smart Card
A smart card is a plastic card about the size of a credit card, with an embedded microchip that can be loaded with data,
used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for
additional use.
Features of a smart card:
 Smart cards can provide identification, authentication, data storage and application processing. Smart cards
may provide strong security authentication for single sign-on (SSO) within large organizations.
 Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for pay
television, household utility pre-payment cards, high-security identification and access-control cards, and
public transport and public phone payment cards.
 Smart cards may also be used as electronic wallets. The smart card chip can be "loaded" with funds to pay
parking meters, vending machines or merchants. Cryptographic protocols protect the exchange of money
between the smart card and the machine. No connection to a bank is needed. The holder of the card may use
it even if not the owner.
 A smart card contains more information than a magnetic stripe card and it can be programmed for different
applications. Some cards can contain programming and data to support multiple applications and some can
be updated to add new applications after they are issued. Smart cards can be designed to be inserted into a
slot and read by a special reader or to be read at a distance, such as at a toll booth. Cards can be disposable (as
at a trade-show) or reloadable (for most applications).
A smart card, chip card, or integrated circuit card (ICC) is any pocket-sized card with embedded integrated
circuits. Smart cards are made of plastic, generally polyvinyl chloride,
Smart cards can provide identification, authentication, data storage and application processing. Smart cards may
provide strong security authentication for single sign-on (SSO) within large organizations.
A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside
-- a normal credit card is a simple piece of plastic. The inside of a smart card usually contains an embedded
microprocessor. The microprocessor is under a gold contact pad on one side of the card.
The most common smart card applications are:
 Credit cards
 Electronic cash
 Computer security systems
 Wireless communication
 Loyalty systems (like frequent flyer points)
 Banking
 Satellite TV
 Government identification

9. Sms banking:
SMS banking is a type of mobile banking, a technology-enabled service offering from banks to its customers,
permitting them to operate selected banking services over their mobile phones using SMS messaging.
SMS banking services are operated using both push and pull messages. Push messages are those that the bank chooses
to send out to a customer's mobile phone, without the customer initiating a request for the information. Typically
push messages could be either Mobile marketing messages or messages alerting an event which happens in the
customer's bank account, such as a large withdrawal of funds from the ATM or a large payment using the customer's
credit card, etc. (see section below on Typical Push and Pull messages).

10. Internet Banking:

Advantages of Internet banking
 Convenience – Banks that offer internet banking are open for business transactions anywhere a client might
be as long as there is internet connection. Apart from periods of website maintenance, services are available
24 hours a day and 365 days round the year. In a scenario where internet connection is unavailable, customer
services are provided round the clock via telephone.
 At the touch of a button, actual time account balances and information are availed. This hastens the banking
processes hence increasing their efficiency and effectiveness.

Page 40 of 57
  Online banking allows for easier updating and maintaining of direct accounts. The time for changing mailing
address is greatly reduced, ordering of additional checks is availed and provision of actual time interest rates.
 Friendlier rates – Lack of substantial support and overhead costs results to direct banks offering higher
interest rates on savings and charge lower rates on mortgages and loans.
 Some banks offer high yield certificate of deposits and don’t penalize withdrawals on certificate of deposits,
opening of accounts without minimum deposits and no minimum balance.
 Transfer services – Online banking allows automatic funding of accounts from long established bank accounts
via electronic funds transfers.
 Ease of monitoring – A client can monitor his/her spending via a virtual wallet through certain banks and
applications and enable payments.
 Ease of transaction – the speed of transaction is faster relative to use of ATM’s or customary banking.

Disadvantages of Internet banking

 Banking relationship – Customary banking allows creation of a personal touch between a bank and its clients.
A personal touch with a bank manager for example can enable the manager to change terms in your account
since he/she has some discretion in case of any personal circumstantial change. It can include reversal of an
undeserved service charge.
 Security matters – Direct banks are governed by laws and regulations similar to those of customary banks.
Accounts are protected by Federal Deposit Insurance Corporation (FDIC).
 Complex encryption software is used to protect account information. However, there are no perfect systems.
Accounts are prone to hacking attacks, phishing, malware and illegal activities.
 Learning – Banks with complicated sites can be cumbersome to navigate and may require one to read
through tutorials to navigate them.
The following guides may help secure the using of Internet banking:
1. Firstly, it is very important for the Internet banking user to read the Terms and Conditions of use carefully.
This contains a hint at the key legal issue, namely the obligation of the contract parties and the liability, which
bank customer should be aware of. 2. The Internet banking user must safeguard the authorization data. Do
not reveal your PIN or passwords to anyone and regularly changing them if possible. 3. By access the Internet
banking website, the user must make sure, that the correct URL and browser have been used. Type the bank
URL yourself and do not click on any automatic hotlink found in an E-mail or other website. And properly log
off and close your browser after using Internet banking. 4. Make sure that anti-virus program is running at all
times, so that the computer does not become infected with spyware. And keep the program update regularly.
5. Avoid using Internet banking in the public places. And if possible, limit your access and transfer amount at
a time. 6. Monitoring your online banking account regularly and contact the bank and the authorities
immediately, if you suspect you are a victim of fraud or theft. 7. Ignore the Phishing mail, bank will not ask for
password or PIN via E-mail. 8. Be aware of the risks related to Internet banking and exercise special care.

11. Phone Banking:

Telephone banking is a service provided by a bank or other financial institution, that enables customers to
perform financial transactions over the telephone, without the need to visit a bank branch or automated teller
machine. Telephone banking times can be longer than branch opening times, and some financial institutions
offer the service on a 24-hour basis. From the bank's point of view, telephone banking reduces the cost of
handling transactions by reducing the need for customers to visit a bank branch for non-cash withdrawal and
deposit transactions.

12. Difference between smart card & other cards:

Smart cards are more expensive than credit cards to produce, but your personal information is safer. Smart
cards hold more than just your financial information and reduce the need for you to carry multiple cards.
Your information is protected internally on the chip inside the smart card. Credit cards are easy to hack and
only have your financial information on them. The information is inaccessible on credit cards when the
magnetic stripe is demagnetized or damaged, which happens frequently because of the exposed position of
the stripe.
Page 41 of 57
 13. CHIPS
The Clearing House Interbank Payments System (CHIPS) is the main privately held clearing house for large-value
transactions in the United States, settling well over US$1 trillion a day in around 250,000 interbank payments.
Together with the Fedwire Funds Service (which is operated by the Federal Reserve Banks), CHIPS forms the primary
U.S. network for large-value domestic and international USD payments (where it has a market share of around 96%).
CHIPS transfers are governed by Article 4A of Uniform Commercial Code.
CHIPS is owned by financial institutions. CHIPS participants may be commercial banks, Edge Act corporations or
investment companies. Until 1998, to be a CHIPS participant, a financial institution was required to maintain a branch
or an agency in New York City. A non-participant wishing to make international payments using CHIPS was required
to employ one of the CHIPS participants to act as its correspondent or agent.
Banks typically prefer to make payments of higher value and of a less time-sensitive nature by CHIPS instead of
Fedwire, as CHIPS is less expensive (both by charges and by funds required).
CHIPS differs from the Fedwire payment system in three key ways. First, it is privately owned, whereas the Fed is part
of a regulatory body. Second, it has 47 member participants (with some merged banks constituting separate
participants), compared with 9,289 banking institutions (as of March 19, 2009) eligible to make and receive funds via
Fedwire. Third, it is a netting engine (and hence, not real-time).
Only the largest banks dealing in U.S. dollars participate in CHIPS; about 70% of these are non-U.S. banks. Smaller
banks have not found it cost effective to participate in CHIPS, but many have accounts at CHIPS-participating banks to
send and receive payments.

14. Master Card & VISA Card?

Visa and MasterCard are used the world over to make payments using and represent global credit card companies.
Though the differences between these two methods of payment were discernible in the past the same cannot be said
of the present as they are almost identical. Differences may emerge when looking at the interest rates charged on the
particular cards.
Products Payment systems Payment systems
Type Public Public
Industry Financial services Financial services
MasterCard Worldwide (NYSE:MA) is an Visa Inc. (NYSE: V) is an American multinational
American multinational corporation with its corporation with its headquarters in in Foster City,
Introduction headquarters in the MasterCard International California. Visa targets consumers, businesses,
Global Headquarters in Harrison, New York, financial institutions and governments in more than
United States. 200 countries and territories.
Revenue US$5.539 Billion (FY 2010) US$8.065 Billion (FY 2010)
Net income US$1.846 Billion (FY 2010) US$2.966 Billion (FY 2010)
Headquarters New York San Francisco
Employees 5,600 (2010) 6,900 (2010)
Operating
US$2.757 Billion (FY 2010) US$4.638 Billion (FY 2010)
income
Founded 1966 1970
Total assets US$8.837 Billion (FY 2010) US$33.408 Billion (FY 2010)
Total equity US$5.216 Billion (FY 2010) US$25.014 Billion (FY 2010)
Acceptance Worldwide Worldwide

15. Difference between dot matrix and laser jet printer?

Laser Printers Inkjet Printers Dot Matrix Printers
Developed in the early Introduced by Digital Equipment
Invented 1969 by Gary Starkweather.
1950s. Corporation in 1970.
Laser printers use fine ink Inkjet printers spray liquid
Dot Matrix works having pins pushed
How it works powder and heat the ink on paper through
against an ink soaked ribbon to paper.
powder on the paper. microscopic nozzles.
Types Personal and Office Continuous (CIJ) and drop- Serial Dot Matrix printers and Line Dot

Page 42 of 57
 printers. Black and White or on demand (DOD). Matrix.
color printers.
USD 0.6 for black and white USD 0.20 color page; USD
Price per page page. Much higher for a 0.4-0.5 black and white Copies are quite cheap.
color page. page.
Approximately USD 60- Basic cost of printer is quite expensive.
Approximately USD 100-
Cost for basic printer 1000, depending on the size Compared to an inkjet, dot matrix can
150
and use of the printer. cost between two to ten times more.
Printing speed 20 pages a minute 6 pages a minute 30-550 characters per second.

Printing quality is adequate. Printing quality is good, Printing quality is bad if printing images.
Quality
Best for black and white. specially for smaller fonts. In terms of text, printing is fine.

Basic models only offer black

28Color Printing and white, with higher models Yes provides color printing. Limited color printing.
providing color printing.
Black and white quality is
Black and White Black and white quality is Can print adequate quality
excellent, specially with small
Quality adequate, best for bulk printing. images.
fonts.

Color quality is a bit poor, with Color printing is sharp and Only works best with low-res
Color Quality
banding. excellent. images.

Size ranges depending on

Smaller is available but is more
Size Smaller and more compact. usage. New compact ones are
common in larger sizes.
also available.
Can be used for wider range of
Offers scanners and faxing
papers (photo paper, vinyl, self- Used for a variety of purposes.
machines built in. Has bigger
Features adhesive papers), accurate Can print on various types of
input trays, direct connecting
photographic images, ink is not papers.
facilities (wireless)
waterproof.
Most commonly used for
More commonly used for homes Used to be used for office uses,
commercial purposes and
Usage as the unit is smaller and ink is but now only used by select
places that require black and
cheaper. places such as banks.
white printing.
Expensive, parts are hard to
Maintenance Expensive Cheaper
come by.
Quieter in operation, high print
Cheaper to print as ribbon is
Advantages Prints faster, bigger input trays. quality, no warm up time, low
cheap.
cost per page
More susceptible to paper jams. Ink is expensive, issues with
Toner is very expensive, print ‘intelligent’ ink cartridges,
Initial purchase is expensive,
quality for color is adequate, lifetime of inkjet prints
Disadvantages maintenance is expensive,
device itself is expensive, has produced by aqueous inks is
prints is not fast, makes noise.
health hazards if not properly shorter, ink is not waterproof,
maintained. and nozzle is prone to clogging.

Page 43 of 57
 16. Difference between OMR, OCR, and MICR?
a) MICR: MICR is a character recognition technology used primarily by the banking industry to facilitate
the processing of cheques. The human readable characters are printed on documents using a magnetic
ink. It stands for Magnetic Ink Character Recognition. (Magnetic Ink Character Recognition is a character
recognition system that uses special ink and characters. When a document that contains this ink needs
to be read, it passes through a machine, which magnetizes the ink and then translates the magnetic
information into characters.
MICR technology is used by banks. Numbers and characters found on the bottom of checks (usually
containing the check number, sort number, and account number) are printed using Magnetic Ink. To
print Magnetic Ink need, you need a laser printer that accepts MICR toner.
MICR provides a secure, high-speed method of scanning and processing information.)

b) OMR: OMR which stands for Optical Mark Recognition is the process of gathering data with an optical
scanner by measuring the reflectively of light at predetermined positions on a surface.
(Short for optical mark recognition, the technology of electronically extracting intended data from marked fields, such
as checkboxes and fill-infields, on printed forms. OMR technology scans a printed form and reads predefined positions
and records where marks are made on the form. This technology is useful for applications in which large numbers of
hand-filled forms need to be processed quickly and with great accuracy, such as surveys, reply cards, questionnaires
and ballots. A common OMR application is the use of “bubble sheets” for multiple-choice tests used by schools. The
student indicates the answer on the test by filling in the corresponding bubble, and the form is fed through an optical
mark reader (also abbreviated as OMR, a device that scans the document and reads the data from the marked fields.
The error rate for OMR technology is less than 1%.)

c) OCR: OCR stands for Optical Character Recognition. OCR is the recognition of printed or written text
characters by a computer. It is the application software that allows a computer to recognize printed or
written characters, e.g. letters, numbers, punctuation marks, and pictograms using an optical scanner for
input. OCR is being used by libraries to digitize and preserve their holdings.
(Often abbreviated OCR, optical character recognition refers to the branch of computer science that
involves reading text from paper and translating the images into a form that the computer can
manipulate (for example, into ASCII codes). An OCR system enables you to take a book or a magazine
article, feed it directly into an electronic computer file, and then edit the file using a word processor.

All OCR systems include an optical scanner for reading text, and sophisticated software for analyzing
images. Most OCR systems use a combination of hardware (specialized circuit boards) and software to
recognize characters, although some inexpensive systems do it entirely through software. Advanced
OCR systems can read text in large variety of fonts, but they still have difficulty with handwritten text.

The potential of OCR systems is enormous because they enable users to harness the power of computers
to access printed documents. OCR is already being used widely in the legal profession, where searches
that once required hours or days can now be accomplished in a few seconds.)

d) OBR: It stands for Optical Bar Code Reader which is used for reading bar-coded data. It scans a set of
vertical bars of different width for specific data and is used to read tags. Bar code reading is done by a
light pen or scanner connected to a computer.

17. Website?
A website is a collection of web pages (documents that are accessed through the Internet), such as the one you're
looking at now. A web page is what you see on the screen when you type in a web address, click on a link, or put a
query in a search engine. A web page can contain any type of information, and can include text, color, graphics,
animation and sound.
When someone gives you their web address, it generally takes you to their website's home page, which should
introduce you to what that site offers in terms of information or other services. From the home page, you can click on
links to reach other sections of the site. A website can consist of one page, or of tens of thousands of pages, depending
on what the site owner is trying to accomplish.

Page 44 of 57
Why Do People Visit Websites?
Generally, people look at websites for two primary reasons:
1. To find information they need. This could be anything from a student looking for pictures of frogs for a
school project, to finding the latest stock quotes, to getting the address of the nearest Thai restaurant.
2. To complete a task. Visitors may want to buy the latest best-seller, download a software program, or
participate in an online discussion about a favorite hobby.
3. The main thing to remember in creating a website is that you're not creating the website for you; you
already know about the information or service you have to offer. You're creating the site for your visitors, so
it should contain the content they want, and be organized in a way that makes sense, even to an outsider.

18. Plastic Money?

Plastic money is a term that is used predominantly in reference to the hard plastic cards we use everyday in place of
actual bank notes. They can come in many different forms such as cash cards, credit cards, debit cards, pre-paid cash
cards and store cards.

Cash Cards - A card that will allow you to withdraw money directly from your bank via an Authorised Teller Machine
(ATM) but it will not allow the holder to purchase anything directly with it.
Credit Cards - Again this card will permit the card holder to withdraw cash from an ATM, and a credit card will allow
the user to purchase goods and services directly, but unlike a Cash Card the money is basically a high interest loan to
the card holder, although the card holder can avoid any interest charges by paying the balance off in full each month.
Debit Cards - This type of card will directly debit money from your bank account, and can directly be used to
purchase goods and services. While there is no official credit facility with debit cards per se, as it is linked to the bank
account the limit is the limit of what is in the account, for instance if an overdraft facility is available then the limit will
be the extent of the overdraft.
Pre-paid Cash Cards - As the name suggests the user will add credit to the card themselves, and will not exceed that
amount. These are usually re-useable in that they can be 'topped up' however some cards, usually marketed as Gift
Cards are not re-useable and once the credit has been spent they are disposed of.
Store Cards - These are similar in concept to the Credit Card model, in that the idea is to purchase something in store
and be billed for it at the end of the month. These cards can be charged at a very high interest rate and can are limited
in the places they can be used, sometimes as far as only the store brand that issued it.

Page 45 of 57
 Chapter Seven
Online Banking
1. SWIFT & Its Use?
2. Electronic Funds Transfer (EFT)?
3. Online CIB services ?
4. Electronic Payment System?
5. BATCH PROCESSING
6. Bangladesh Automated Clearing House (BACH)
7. Compiler, interpreter & assembler: Assembler, Compilers and Interpreters
8. Interbank Reconciliations
9. Online CIB
10. RTGS:
11. Electronic Payment System:

1. SWIFT & Its Use?

SWIFT is the Society for Worldwide Interbank Financial Telecommunication, a member-owned cooperative through
which the financial world conducts its business operations with speed, certainty and confidence. More than 10,000
banking organisations, securities institutions and corporate customers in 212 countries trust us every day to
exchange millions of standardised financial messages.

SWIFT does not facilitate funds transfer; rather, it sends payment orders, which must be settled by correspondent
accounts that the institutions have with each other. Each financial institution, to exchange banking transactions, must
have a banking relationship by either being a bank or affiliating itself with one (or more) so as to enjoy those
particular business features.
SWIFT for banks
Thousands of banks use SWIFT to increase their reach, achieve operational cost efficiencies and enhance their
customer service in payments, trade, treasury and securities services. Here is an overview of SWIFT’s value
proposition for banks:
Financial transaction services
 Provide financial services to your corporate customers
 Offer payments and cash management services to institutional clients
 Connect to an ACH or RTGS for payments clearing and settlement
 Offer trade and supply chain services including the Bank Payment Obligation
 Automate, confirm, match and report foreign exchange and derivatives trades
 Securities pre-trade/trade, post-trade, custody and asset servicing, and funds services
Regulation/liberalization
 Successfully migrate to SEPA
 Reliable, cost-effective compliance services for sanctions screening and sanctions testing
 BCBS compliant intraday liquidity analytics and reporting
 Derivatives regulation / EMIR compliant trade confirmations, clearing and reporting
 Understand what RMB internationalization means for you
Business intelligence
 Analyse your SWIFT messaging flows
 Identify new opportunities, benchmark against competitors using insight dashboards
Thought leadership
 SWIFT white papers on key industry topics in banking
Page 46 of 57
SWIFT hosts a number of community events spanning the global financial

2. Electronic Funds Transfer (EFT)?

An electronic funds transfer (EFT) is a transaction that takes place over a computerized network, either among
accounts at the same bank or to different accounts at separate financial institutions.

 How It Works/Example:
EFTs include direct-debit transactions, wire transfers,
direct deposits, ATM withdrawals and online bill pay
services. Transactions are processed through the
Automated Clearing House (ACH) network, the secure
transfer system of the Federal Reserve that connects all U.S.
banks, credit unions and other financial institutions.
For example, when you use your debit card to make a
purchase at a store or online, the transaction is processed
using an EFT system. The transaction is very similar to an
ATM withdrawal, with near-instantaneous payment to the
merchant and deduction from your checking account.
Direct deposit is another form of an electronic funds
transfer. In this case, funds from your employer’s bank
account are transferred electronically to your bank account,
with no need for paper-based payment systems.
 Why It Matters:
The increased use of EFTs for online bill payments, purchases and pay processes is leading to a paper-free banking
system, where a large number of invoices and payments take place over digital networks. EFT systems play a large
role in this future, with fast, secure transactions guaranteeing a seamless transfer of funds within institutions or
across banking networks.
EFT transactions, also known as an online transaction or PIN-debit transaction, also offer an alternative to signature
debit transactions, which take place through one of the major credit card processing systems, such as Visa,
MasterCard or Discover, and can cost as much as 3% of the total purchase price. EFT processing, on the other hand,
only charges an average of 1% for debit card transactions.

3. Electronic Payment System?

A means of making payments over an electronic network such as the Internet.
Today, many users make payments electronically rather than in person. Hundreds of electronic payment systems have
been developed to provide secure Internet transactions. Electronic payment systems are generally classified into four
categories: credit card and debit cards; electronic cash; micropayment systems; and session-level protocols for secure
communications.
A secure electronic financial transaction has to meet the following four requirements:
1. ensure that communications are private;
2. verify that the communications have not been changed in transmission;
3. ensure that the client and server are who each claims to be;
4. and ensure that the data to be transferred was, in fact, generated by the signed author.
Two cryptographic methods used in electronic payment systems include the secret key (which uses the same key to
encrypt and decrypt and is the fastest method; however, in the initial transmission to the recipient, the secret key is
not secure) and the public key (which uses both a private and a public key).

5. Online CIB
CIB means Credit Information Bureau. To create a disciplined environment for borrowing, the automated CIB service
provides credit related information for prospective and existing borrowers. With this improved and efficient system,
risk management will be more effective. Banks and financial institutions may furnish credit information to CIB
database 24 by 7 around the year; and they can access credit reports from CIB online.

With a view to strengthening credit discipline and streamlining all sorts of data in a systematic way for formulation of
monetary, economic and credit policy, a full-fledged CIB was established in Bangladesh Bank on 18/08/1992. Full
particulars of all borrowers and guarantors (individual/firms/company) of all banks and NBFI in Bangladesh and
Page 47 of 57
whose outstanding balance is Tk. 50000 and above and defaulter credit card borrower of Tk 10000 and above are
maintaining in the CIB department.
In Bangladesh there is loan default culture exists. At present 10% amount of loan is classified. This type of loan is
called non-performing. To avoid the worst situation of default loan, BB has taken some measures. Online CIB is one of
them. Before sanctioning of any loan (and other purposes also) clean report of the borrower and guarantors is
compulsory to obtain for the banking and NBFIs. So, there is no possibility of concealment of fact by any bad elements.
As a result old bad borrowers are not getting fresh loan resulting reduction in bad loans. Defaulter borrowers will not
be eligible to participate in the parliament election, be a CIP, be a director in a bank or NBFI, joint venture
entrepreneur, member of stock exchange etc.

The users of Online CIB are

I. Bank
II. NBFI
III. Ministry of Industry, commerce and finance
IV. Election commission
V. Security and exchange commission
VI. Parliament
VII. Board of investment
VIII. National Board of Revenue
 Effect of online CIB:
Online CIB have following positive effects on banking system:
1. The system will reduce the whole report processing time to only few clicks of computers from around seven
valuable working days, along with ensuring transparency and keeping loan defaulters away from getting fresh loans
through any loopholes. 2. Banks and financial institutions will now be able to access the CIB database online to get the
credit report of the concerned borrower. The database will consist of detailed information of individual borrowers,
owners and guarantors.
3. CIB report, the dynamic and hassle-free system, is considered a pivotal component of risk management measures.

4. Online CIB will minimize the extent of default loan by facilitating the banks and financial institutions with credit
reports of the loan applicants very quickly, and therefore, lending institutions would not encounter any credit risk
while extending lending or rescheduling facility.
5. The CIB online service will play a pivotal role in creating a disciplined environment for borrowing. Risk
management will be more effective as it’s an improved and efficient system. 6. He also hoped that the system will
assist the election commission in finding out the loan status of the candidates competing in national and local
elections, apart from increasing banks’ expertise.
7. The online reports will cut the cost of doing business as officials of banks and NBFIs will not have to wait for long to
get the reports.

4. BATCH PROCESSING
Batch processing is execution of a series of programs ("jobs") on a computer without manual intervention. Jobs are set
up so they can be run to completion without manual intervention, so all input data are preselected through scripts,
command-line parameters, or job control language. This is in contrast to "online" or interactive programs which
prompt the user for such input. A program takes a set of data files as input, processes the data, and produces a set of
output data files. This operating environment is termed as "batch processing" because the input data are collected into
batches of files and are processed in batches by the program.
Benefits:
 It can shift the time of job processing to when the computing resources are less busy.
 It avoids idling the computing resources with minute-by-minute manual intervention and supervision.
 By keeping high overall rate of utilization, it better amortizes the cost of a computer, especially an expensive
one.
 It allows the system to use different priorities for batch and interactive work.

Page 48 of 57
 5. Online Processing vs Batch Processing:
An online system handles transactions when the occur and provides output directly to users. Because it is interactive,
online processing avoids delays and allows a constant dialog between the user and the system. The system processes
transactions completely when and where they occur. Users interact directly with the information system. Users can
access data randomly. The information system must be available whenever necessary to support business functions.
 Batch Processing: Data is processed in groups or
batches. Batch processing is typically used for large
amounts of data that must be processed on a routine
schedule, such as paychecks or credit card transactions. A
batch processing system has several main characteristics:
collect, group, and process transactions periodically.
Batch programs require no user involvement and
requires significantly fewer network resources than
online systems.

6. Bangladesh Automated Clearing House (BACH)

Bangladesh Automated Clearing House (BACH): BACH, the first ever electronic clearing house of Bangladesh, has two
components - the Automated Cheque Processing System (ACPS) and the Electronic Funds Transfer (EFT). Both the
systems operate in batch processing mode- transactions received from the banks during the day are processed at a
pre-fixed time and settled through a single multilateral netting figure on each individual bank’s respective books
maintained with the Bangladesh Bank. A state-of-the-art Data Center (DC) and a Disaster Recovery Site (DRS) have
been established comprising of most modern software and hardware for dealing with the operations of BACH. A
Virtual Private Network (VPN) has been created between the participating commercial banks and Data Center (DC) &
Disaster Recovery Site (DRS) for communicating necessary information related to BACH. Digital Certificate has been
formulated for the first time in Bangladesh for secured data communication.

7. Interbank Reconciliations
Banks maintain checking with other banks to conduct their business activities. Inter- Bank reconciliation refers to the
balancing and verification of a bank holder's checking account to the periodic bank statements that are produced and
sent by the bank to its customer banks.
 Checking Accounts Statements: Checking account statements are generally produced on a monthly basis.
The statement reflects all banking transactions.
 Verification: After the statement from the bank has been received, a cross check of your records to the
statement must take place. All items that appear on the bank statement that you did not know about need to
be segregated and the same holds true for items appearing on your records.
 Bank Balance: To balance your checking account statement to your own records, you must take the above
segregated items and add or subtract each of them as the case may be from the other set of books that were
not yet affected.

8. Compiler, interpreter & assembler: Assembler, Compilers and Interpreters

 Assembler:
Assembler is a computer program which is used to translate program written in Assembly Language in to machine
language. The translated program is called as object program. Assembler checks each instruction for its correctness
and generates diagnostic messages, if there are mistakes in the program.
Various steps of assembling are:
1. Input source program in Assembly Language through an input device.
2. Use Assembler to produce object program in machine language.
3. Execute the program.

Page 49 of 57
  Compiler:
A compiler is a program that translates a programme written in HLL to executable machine language. The process of
transferring HKK source program in to object code is a lengthy and complex process as compared to assembling.
Compliers have diagnostic capabilities and prompt the programmer with appropriate error message while compiling
a HLL program. The corrections are to be incorporated in the program, whenever needed, and the program has to be
recompiled. The process is repeated until the program is mistake free and translated to an object code.
Thus the job of a complier includes the following:
1. To translate HLL source program to machine codes.
2. To trace variables in the program
3. To include linkage for subroutines.
4. To allocate memory for storage of program and variables.
5. To generate error messages, if there are errors in the program.

 Interpreter:
The basic purpose of interpreter is same as that of complier. In compiler, the program is translated completely and
directly executable version is generated. Whereas interpreter translates each instruction, executes it and then the next
instruction is translated and this goes on until end of the program. In this case, object code is not stored and reused.
Every time the program is executed, the interpreter translates each instruction freshly.
It also has program diagnostic capabilities. However, it has some disadvantages as below:
1. Instructions repeated in program must be translated each time they are executed.
2. Because the source program is translated fresh every time it is used, it is slow process or execution takes more time.
Approx. 20 times slower than complier

9. RTGS:
Real time gross settlement systems (RTGS) are specialist funds transfer systems where transfer of money or
securities[1] takes place from one bank to another on a "real time" and on "gross" basis. Settlement in "real time"
means payment transaction is not subjected to any waiting period. The transactions are settled as soon as they are
processed. "Gross settlement" means the transaction is settled on one to one basis without bundling or netting with
any other transaction. Once processed, payments are final and irrevocable. RTGS systems are typically used for high-
value transactions that require immediate clearing. In some countries the RTGS systems may be the only way to get
same day cleared funds and so may be used when payments need to be settled urgently such as when purchasing a
house. However most regular payments would not use a RTGS system, but instead would use a national payment
system or network that allows participants to batch and net payments.
RTGS systems are usually operated by a country's Central bank as it is seen as a critical infrastructure for a country's
economy. Economists view that an efficient national payment system reduces the cost of exchanging goods and
services, and is indispensable to the functioning of the interbank, money, and capital markets. A weak payment system
may severely drag on the stability and developmental capacity of a national economy; its failures can result in
inefficient use of financial resources, inequitable risk-sharing among agents, actual losses for participants, and loss of
confidence in the financial system and in the very use

Page 50 of 57
 Chapter Eight
Virus- Antivirus
1. Computer Virus?
2. Phishing?
3. Name of different antivirus software?
4. SPAM & Spyware?
5. P/N (Personal identification number)
6. Spam & Spyware
7. Fire Wall:

1. Computer Virus?

 What is a Computer Virus:

A Computer Virus is simply a computer program with malicious intent. These programs are usually small in size, and
the more clever ones hide themselves within other innocent programs (e.g. within NOTEPAD), hence the "virus" in
their name. In fact the technical difference between a Computer Virus and a Computer Worm is that the virus inserts
itself within some other legitimate program, while the Worm exists as a standalone program. From a user's
perspective this distiction is somewhat moot, and a worm or a virus can do equal damage. In fact the word "worm" is
used less these days, and virus is often applied to both types of programs.
Viruses are usually written by students with time on their hands, though a few are very sophisticated and obviously
written by professionals (disgruntled employees, frustrated programmers etc.). While there are over 30,000 known
computer viruses, the number of truly original viruses is actually quite limited, as seen by the number of copy-cat
viruses that proliferate after any well-publicized virus incident. For example, there are apparently several hundered
variants of the "ILoveYou" virus out there. Most are just plain copies, or minor variations of the original.
 What do viruses do?
A virus is simply a computer program--it can do anything that any other program you run on your computer can do.
Some viruses are designed to deliberately damage files, and others may just spread to other computers.
 Prevention:
Like sexually transmitted diseases (STDs), computer viruses existed prior to the popularity of the Internet, but as with
the sexual revolution of the '70s, viruses have flourished with the widespread sharing of information. And, much like
the efforts to control STDs, controlling computer viruses is to be done through education and practicing safe hex (a
play on words which means to perform certain measures to protect your computer).
1. Be sure do a full back up of your system on a regular basis. The best way to clean up an infected file is to replace it
with an original non-infected file. Not to mention the grief a current back up will save if a virus takes your system
completely down. It's also a good idea to keep more than one set of backup in case the current one is infected before
the virus is detected.
2. Always use an anti-virus software program, one with both an on-demand and an on-access scanner. You'll want to
look for one that has a fairly complete database of viruses and that is updateable. New viruses are produced daily, so
it's important to have software that can detect the latest threat.
Be sure to read the manual and follow the directions of the software program to ensure it's protecting you properly.
Also, consider buying and using two different brands to be doubly protected. See our review of anti-virus programs.
3. Update the virus database in your anti-virus program regularly (each month or by the direction of the
manufacturer).
4. On a PC, change the CMOS setting of your boot up process from booting first on the A drive (floppy) and then on the
C drive (hard drive) to just booting on the C drive. This will not only speed up your boot up process but also
completely eliminate the risk of infecting your hard drive with an infected floppy disk.
If you should need to boot from a floppy you can easily change the settings back and reboot from the A drive. Please
note: an infected non-bootable floppy disk can just as easily infect your hard drive as would an infected bootable one.
5. Don't allow your web browser to automatically run programs, such as MS Word or other programs through its e-
mail program. Configure your browser to launch WordPad or Notepad instead. One of the biggest and growing threats
is the macro virus, which is spread through data processing and spread sheet programs

Page 51 of 57
6. Configure your web browsers to disable ActiveX, Java, and Javascript. You'll lose some of the fun the Web's been
known for, but you'll save your computer from contracting a virus and speed up your connection.
7. Know that the only way a virus spreads is either by launching an infected file or by booting an infected disk. You can
not get a virus by simply being online or by reading e-mail. You have to download and launch an infected file before it
will spread. Therefore, do not launch any unsolicited executable files sent via e-mail.
8. Using an updated anti-virus program, scan all new software for viruses before installing them on your hard drive.
Even shrink-wrapped software from major publishers has been known to contain viruses.
9. WHEN IN DOUBT, THROW IT OUT! Always use caution and do not open, download, or execute any suspicious files
or email attachments. If the file was in fact legitimate, you can always ask the sender to resend it. Do not open any files
attached to an email
1. from an unknown, suspicious or untrustworthy source.
2. ending with: .exe, .com, .scr, .pif, .vbs.
3. that you were not expecting to receive
4. unless you know what it is, even if it appears to come from a friend or someone you know. Some viruses can
replicate themselves and spread through email. Better to be safe than sorry and confirm that they really sent
it.
5. if the subject line is questionable. When sending e-mail, use a subject that will not be detected as spam, and
do not leave the subject line blank.
10. Delete chain emails and junk email. Do not forward or reply to any to them. These types of email are considered
spam, which is unsolicited, intrusive mail that clogs up the network.
11. Use caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one.
Verify that an anti-virus program checks the files on the download site. If you're uncertain, don't download the file at
all.

2. Phishing?
Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to
protect yourself from phishing is to learn how to recognize a phish.
Phishing emails usually appear to come from a well-known organization and ask for your personal information —
such as credit card number, social security number, account number or password. Often times phishing attempts
appear to come from sites, services and companies with which you do not even have an account.
In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an
email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your
personal information is requested. Legitimate organizations would never request this information of you via email.
What to look for in a phishing email
1. Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use
generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and
send emails one-by-one. If you don't see your name, be suspicious.
2. Forged link. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real
organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a
discrepency, don't click on the link. Also, websites where it is safe to enter personal information begin with
"https" — the "s" stands for secure. If you don't see "https" do not proceed.
3. Requests personal information. The point of sending phishing email is to trick you into providing your
personal information. If you receive an email requesting your personal information, it is probably a phishing
attempt.
4. Sense of urgency. Internet criminals want you to provide your personal information now. They do this by
making you think something has happened that requires you to act fast. The faster they get your information,
the faster they can move on to another victim.
Prevention:
Phishing scams are usually presented in the form of spam or pop-ups and are often difficult to detect. Once the
fraudsters obtain your personal information, they can use it for all types of identity theft, putting your good credit and
good name at risk.
Because phishing is one of the most devious forms of identity theft, it is important for you to become familiar with
various types of phishing scams as well as to learn how to guard against them.
8 Ways To Avoid Phishing Scams
To help you protect yourself from phishing, we offer the following tips:

Page 52 of 57
  1. Guard against spam. Be especially cautious of emails that:
* Come from unrecognized senders.
* Ask you to confirm personal or financial information over the Internet and/or make urgent requests for this
information.
* Aren’t personalized.
* Try to upset you into acting quickly by threatening you with frightening information.

 2. Communicate personal information only via phone or secure web sites. In fact:
When conducting online transactions, look for a sign that the site is secure such as a lock icon on the
browser’s status bar or a “https:” URL whereby the “s” stands for “secure” rather than a “http:”.
Also, beware of phone phishing schemes. Do not divulge personal information over the phone unless you
initiate the call. Be cautious of emails that ask you to call a phone number to update your account
information as well.
 3. Do not click on links, download files or open attachments in emails from unknown senders. It is best
to open attachments only when you are expecting them and know what they contain, even if you know the
sender.
 4. Never email personal or financial information, even if you are close with the recipient. You never
know who may gain access to your email account, or to the person’s account to whom you are emailing.
 5. Beware of links in emails that ask for personal information, even if the email appears to come from an
enterprise you do business with. Phishing web sites often copy the entire look of a legitimate web site,
making it appear authentic. To be safe, call the legitimate enterprise first to see if they really sent that email to
you. After all, businesses should not request personal information to be sent via email.
 6. Beware of pop-ups and follow these tips:
* Never enter personal information in a pop-up screen.
* Do not click on links in a pop-up screen.
* Do not copy web addresses into your browser from pop-ups.
* Legitimate enterprises should never ask you to submit personal information in pop-up screens, so don’t do
it.
 7. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software. Do some
research to ensure you are getting the most up-to-date software, and update them all regularly to ensure that
you are blocking from new viruses and spyware.
 8. Check your online accounts and bank statements regularly to ensure that no unauthorized
transactions have been made.

3. Name of different antivirus software?

1. Kaspersky
2. Avira
3. Avast
4. AVG
5. Symantec (Norton)
6. Quick Heal
7. ESET
8. McAfee
9. Microsoft Security Essentials
10. BitDefender

4. Spam & Spyware

Spam: Spam is unsolicited or junk email that clogs up your email inbox. The best way to deal with spam is not to open
it or reply to it. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in
other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam,
online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social
networking spam, social spam, television advertising and file sharing spam. It is named for Spam, a luncheon meat, by
way of a Monty Python sketch in which Spam is included in almost every dish. A person who creates electronic spam
is called a spammer.

Page 53 of 57
Spyware: Spyware is a software which gathers information about you and transmits it to an unauthorized third party.
This can cover everything from what sites you go to on the web to logging your keystrokes and finding out passwords
and PINs. "Spyware" is mostly classified into four types: system monitors, Trojans, adware, and tracking cookies.
Spyware is mostly used for the purposes such as; tracking and storing internet users' movements on the web; serving
up pop-up ads to internet users. Whenever spyware is used for malicious purposes, its presence is typically hidden
from the user and can be difficult to detect. Some spyware, such as key loggers,

5. Fire Wall
A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls can be
implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent
unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those
that do not meet the specified security criteria.
A firewall is a network security system, either hardware- or software-based, that controls incoming and outgoing
network traffic based on a set of rules.

6. Security Threats of computer system:

Computer security threats are relentlessly inventive. Masters of disguise and manipulation, these threats constantly
evolve to find new ways to annoy, steal and harm. Arm yourself with information and resources to safeguard against
complex and growing computer security threats and stay safe online.
Computer Virus Threats
Perhaps the most well known computer security threat, a computer virus is a program written to alter the way a
computer operates, without the permission or knowledge of the user. A virus replicates and executes itself, usually
doing damage to your computer in the process. Learn how to combat computer virus threats and stay safe online.
Spyware Threats
A serious computer security threat, spyware is any program that monitors your online activities or installs programs
without your consent for profit or to capture personal information. We’ve amassed a wealth of knowledge that will
help you combat spyware threats and stay safe online.
Hackers & Predators
People, not computers, create computer security threats and malware. Hackers and predators are programmers who
victimize others for their own gain by breaking into computer systems to steal, change or destroy information as a
form of cyber-terrorism. What scams are they using lately? Learn how to combat dangerous malware and stay safe
online.
Phishing Threats
Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or personal
information through fraudulent email or instant messages. How can you tell the difference between a legitimate
message and a phishing scam? Educate yourself on the latest tricks and scams.
 How to prevent security threats?
Spyware The best defense against this threat is to only download software from trusted sources, andmaintain a
current Antivirus product on your system which is configured to automatically update.
Phishing
What is the best way to prevent phishing? By paying close attention to messages that you receive – are they asking
you for information a vendor should already know about you? Please note that Home Federal Bank will never ask you
for personal confidential information in an unsolicited Email.
A valuable tool in reducing unauthorized access to your online banking is the use of strong authentication methods
such as security tokens. Security tokens are not only available for use at the time you log on to the system, but more
importantly, for use when completing activities that carry risk. Examples are ACH file submissions and Wire transfers.
For more information, reference the Recommended Security Controls, included in your Home Federal Business Online
Banking Agreement.
Viruses
So, how do you try to prevent this? Maintaining up-to-date Antivirus software is the number one method to counter
this threat. Also, preventing computer systems from going directly to the Internet is important. Most cable modems,
DSL modems, wireless routers, or other devices provided by Internet Service Providers (ISPs) have some firewall
capabilities. If you are performing electronic commerce activities, or utilizing electronic banking services such as

Page 54 of 57
online ACH, wire transfers, etc. you may want to consider investing in a purpose built firewall device. This increases
the level of protection available to you.
Hacking
How can you reduce your risks of being hacked? The primary way that you can reduce your risk is by having a firewall
between your computers and the Internet. In addition, some businesses find, if prudent, to perform online banking
activities from one or two computers only, which helps them monitor the systems more closely. We have already
covered maintaining up-to-date Antivirus software, but keeping software applications up to date is critical here as
well. Many programs will have auto update features which can be leveraged to do this.

7. What is e-commerce? What are the benefits of e-commerce?

E-commerce refers to the buying and selling of products or services over electronic systems through Internet and
other computer networks. The most popular medium in which E-commerce is conducted is the internet. E-commerce
has become a buzzword of modern trading and information technology. It is a modern business methodology that
addresses the needs of organizations, merchants, and consumers to cut costs while improving the quality of products
and services and increasing the speed of service delivery. In general, it is the process of conducting all forms of
business using computer hardware, software, processing data, communication and computer network. E-commerce
allows consumers to electronically exchange goods and services with no barriers of time or distance. Electronic
commerce has expanded rapidly over the past ten years and is predicted to continue at this rate, or even accelerate.
ADVANTAGES OF ECOMMERCE:
1. Overcome Geographical Limitations
2. Gain New Customers with Search Engine Visibility
3. Lower Costs
4. Locate the Product Quicker
5. Eliminate Travel Time and Cost
6. Provide Comparison Shopping
7. Enable Deals, Bargains, Coupons, and Group Buying
8. Provide Abundant Information
9. Create Targeted Communication
10. Remain Open All the Time
11. Create Markets for Niche Products
1) Overcome Geographical Limitations: If you have a physical store, you are limited by the geographical area that
you can service. With an ecommerce website, the whole world is your playground. Additionally, the advent of
mcommerce, i.e., ecommerce on mobile devices, has dissolved every remaining limitation of geography.
2) Gain New Customers with Search Engine Visibility: Physical retail is driven by branding and relationships. In
addition to these two drivers, online retail is also driven by traffic from search engines. It is not unusual for customers
to follow a link in search engine results, and land up on an ecommerce website that they have never heard of. This
additional source of traffic can be the tipping point for some ecommerce businesses.
3) Lower Costs: One of the most tangible positives of ecommerce is the lowered cost. A part of these lowered costs
could be passed on to customers in the form of discounted prices. Here are some of the ways that costs can be reduced
with ecommerce:
 Advertising and Marketing: Organic search engine traffic, pay-per-click, and social media traffic are some of
the advertising channels that can be cost-effective.
 Personnel: The automation of checkout, billing, payments, inventory management, and other operational
processes, lowers the number of employees required to run an ecommerce setup.
 Real Estate: This one is a no-brainer. An ecommerce merchant does not need a prominent physical location.
4) Locate the Product Quicker: It is no longer about pushing a shopping cart to the correct aisle, or scouting for the
desired product. On an ecommerce website, customers can click through intuitive navigation or use a search box to
immediately narrow down their product search. Some websites remember customer preferences and shopping lists to
facilitate repeat purchase.
5) Eliminate Travel Time and Cost: It is not unusual for customers to travel long distances to reach their preferred
physical store. Ecommerce allows them to visit the same store virtually, with a few mouse clicks.
6) Provide Comparison Shopping: Ecommerce facilitates comparison shopping. There are several online services
that allow customers to browse multiple ecommerce merchants and find the best prices.
7) Enable Deals, Bargains, Coupons, and Group Buying: Though there are physical equivalents to deals, bargains,
coupons, and group buying, online shopping makes it much more convenient. For instance if a customer has a deep

Page 55 of 57
discount coupon for turkey at one physical store and toilet paper at another, she may find it infeasible to avail of both
discounts. But the customer could do that online with a few mouse-clicks.
8) Provide Abundant Information: There are limitations to the amount of information that can be displayed in a
physical store. It is difficult to equip employees to respond to customers who require information across product
lines. Ecommerce websites can make additional information easily available to customers. Most of this information is
provided by vendors, and does not cost anything to create or maintain.
9) Create Targeted Communication: Using the information that a customer provides in the registration form, and by
placing cookies on the customer's computer, an ecommerce merchant can access a lot of information about its
customers. This, in turn, can be used to communicate relevant messages. An example: If you are searching for a certain
product on Amazon.com, you will automatically be shown listings of other similar products. In addition, Amazon.com
may also email you about related products.
10) Remain Open All the Time: Store timings are now 24/7/365. Ecommerce websites can run all the time. From
the merchant's point of view, this increases the number of orders they receive. From the customer's point of view, an
"always open" store is more convenient.
11) Create Markets for Niche Products: Buyers and sellers of niche products can find it difficult to locate each other
in the physical world. Online, it is only a matter of the customer searching for the product in a search engine. One
example could be purchase of obsolete parts. Instead of trashing older equipment for lack of spares, today we can
locate parts online with great ease.

8. e-Governance
E-Governance is the application of Information and Communication Technology (ICT) for delivering government
services, exchange of information, communication transactions, integration of various stand-alone systems and
services between Government-to-Citizens (G2C), Government-to-Business (G2B), Government-to-Government (G2G)
as well as back office processes and interactions within the entire government frame work.
Benefits of e-Governance
 It greatly simplifies the process of information accumulation for citizens and businesses.
 It empowers people to gather information regarding any department of government and get involved in the
process of decision making.
 E-Governance strengthens the very fabric of democracy by ensuring greater citizen participation at all levels
of governance
 E-Governance leads to automation of services, ensuring that information regarding every work of public
welfare is easily available to all citizens, eliminating corruption.
 This revolutionizes the way governments function, ensuring much more transparency in the functioning,
thereby eliminating corruption.
 Since the information regarding every activity of government is easily available, it would make every
government department responsible as they know that every action of theirs is closely monitored.
 Proper implementation of e-Governance practices make it possible for people to get their work done online
thereby sparing themselves of unnecessary hassles of traveling to the respective offices.
 Successful implementation of e-Governance practices offer better delivery of services to citizens, improved
interactions with business and industry, citizen empowerment through access to information, better
management, greater convenience, revenue growth, cost reductions etc.
 Furthermore, introduction of e-Governance brings governments closer to citizens.
 E-Governance practices help business access information that might be important for them at a click.

9. . Internet and Intranet

Internet
 Internet is a world-wide/global system of interconnected computer networks.
 Internet uses the standard Internet Protocol (TCP/IP)
 Every computer in internet is identified by a unique IP address.
 IP Address is a unique set of numbers (such as 110.22.33.114) which identifies a computer location.
 A special computer DNS (Domain Name Server) is used to give name to the IP Address so that user can locate
a computer by a name.
 For example, a DNS server will resolve a name http://www.tutorialspoint.com to a particular IP address to
uniquely identify the computer on which this website is hosted.
Page 56 of 57
  Internet is accessible to every user all over the world.

Intranet
 Intranet is system in which multiple PCs are networked to be connected to each other.
 PCs in intranet are not available to the world outside of the intranet.
 Usually each company or organization has their own Intranet network and members/employees of that
company can access the computers in their intranet.
 Each computer in Intranet is also identified by a IP Address, which is unique among the computers in that
Intranet.

Similarities in Internet & Intranet

 Intranet uses the internet protocols such as TCP/IP and FTP.
 Intranet sites are accessible via web browser in similar way as websites in internet. But only members of
Intranet network can access intranet hosted sites.
 In Intranet, own instant messengers can be used as similar to yahoo messenger/gtalk over the internet.
Differences in Internet & Intranet
 Internet is general to PCs all over the world where Intranet is specific to few PCs.
 Internet is wider access and provides a better access to websites to large population whereas Intranet is
restricted.
 Internet is not as safe as Intranet as Intranet can be safely privatized as per the need.

Page 57 of 57