Online banking or eBanking allows customers of a financial
institution to conduct financial transactions on a secure website
operated by the institution, which can be a retail or virtual bank, credit
union or building society.
About 680,000,000 results of eBanking available on Google.
The precursor for the modern home online banking services were the
distance banking services over electronic media from the early 1980’s.
The term online became popular in the late '80s and referred to the
use of a terminal, keyboard and monitor to access the banking system
using a phone line.
Online services started in New York in 1981 when four of the city’s
major banks offered home banking services using the videotex system.
using the videotex system.
Security of a customer's financial information is very important,
without which online banking could not operate.
Financial institutions have set up various security processes to reduce
the risk of unauthorized online access to a customer's records, but
there Is no consistency to the various approaches adopted.
The use of a secure website has become almost universally adopted.
Though single password authentication is still in use, it by itself is not
considered secure enough for online banking in some countries.
Most of the attacks on online banking used today are based on
deceiving the user to steal login data and valid TANs.
Two well known examples for those attacks
are phishing and pharming.
Cross-site scripting and key logger/Trojan horses can also be used to
steal login information.
There exist several countermeasures which try to avoid attacks.
Digital certificates are used against phishing and pharming, the use of
class-3 card readers is a measure to avoid manipulation of transactions
by the software in signature based online banking variants.
To protect their systems against Trojan horses, users should use virus
scanners and be careful with downloaded software or e-mail
In 2001 the U.S. Federal Financial Institutions Examination
Council issued guidance for multifactor authentication (MFA) and
then required to be in place by the end of 2006.
Mobile banking is a system that allows customers of a financial
institution to conduct a number of financial transactions through a
mobile device such as a mobile phone or personal digital assistant.
Mobile banking differs from mobile payments, which involve the use of
a mobile device to pay for goods or services either at the point of sale or
remotely,analogously to the use of a debit or credit card to effect
an EFTPOS payment.
The earliest mobile banking services were offered over SMS, a service
known as SMS banking.
With the introduction of smart phones with WAP support enabling the
use of the mobile web in 1999, the first European banks started to offer
mobile banking on this platform to their customers.
Mobile banking has until recently (2010) most often been performed
via SMS or the mobile web.
Physical part of the hand-held device. If the bank is offering smart-
card based security, the physical security of the device is more
Security of any thick-client application running on the device. In case
the device is stolen, the hacker should require at least an ID/Password
to access the application.
User ID / Password authentication of bank’s customer.
SMS banking is a type of mobile banking, a technology-enabled
service offering from banks to its customers, permitting them to
operate selected banking services over their mobile phones using SMS
SMS banking services are operated using both push and pull messages.
Push messages are those that the bank chooses to send out to a
customer's mobile phone, without the customer initiating a request for
Pull messages are those that are initiated by the customer, using a
mobile phone, for obtaining information or performing a transaction in
the bank account.
CONCERNS AND SKEPTICISM ABOUT
There is a very real possibility for fraud when SMS banking is involved,
as SMS uses insecure encryption and is easily spoof able.
Supporters of SMS banking claim that while SMS banking is not as
secure as other conventional banking channels, like the ATM and
the SMS banking channel is not intended to be used for very high-risk
QUALITY OF SERVICES IN SMS
Because of the concerns made explicit above, it is extremely important
that SMS gateway providers can provide a decent quality of service for
banks and financial institutions in regards to SMS services.
Therefore, the provision of Service Level Agreement(SLA) is a
requirement for this industry
it is necessary to give the bank customer delivery guarantees of all
messages, as well as measurements on the speed of delivery,
SLAs give the service parameters in which a messaging solution is
guaranteed to perform.
Electronic funds transfer
Electronic funds transfer (EFT) is the electronic exchange.
Transfer of money from one account to another, either within a
single financial institution or across multiple institutions,
through computer-based systems.