Internet Banking

[ronnierules]

j) Intra-Bank & Inter-Bank applications: -

Computerization is now all pervasive in banks. Almost all the activities in a bank can be performed more efficiently with the help of computers. Broadly, we can divide the applications of computerization in banks in two types:

I. Intra-Bank Applications: -

i) Funds transfer and payment message
ii) Banks owned ATM/Credit Card and other application on the corporate network
iii) Inter-Branch Reconciliation
iv) Quick disposal of loan/investment proposal
v) Funds information from clearing centers to the fund management office for optimal allocation of funds.
vi) Cash Management Product
vii) Treasury Management
viii) Any Branch Banking
ix) Asset Liability Management
x) E-mail
xi) Software distribution in the bank
xii) Organizational bulletin boards may contain the following:
a. Circulars
b. Newsletters, phone and address directories
c. Undesirable parties
d. Missing security items
e. Confidential circular on attempted frauds.
xiii) Human Resources Development and Personnel Administration
xiv) Auditing and Inspecting computerized branches using the network
xv) Organizational database may include:
a. Statutory returns
b. Control returns
c. Standardized returns
xvi) Management Information Systems:
a. Borrower’s profile
b. Branch profile
c. Employee analysis
d. Product/service profile
e. Business profile of branches.
xvii) Apart from providing efficient service to customers the financial network will also fulfill the following objectives:
a. Timely information to top management
b. Helping in development of new products
c. Speedy communication among branches and with the controlling offices.

II. Inter-Bank Applications: -

i) Electronic Funds Transfer:
a. Retail EFT (Small value credit transfer) on net settlement basis.
b. Wholesale EFT (Large value credit transfer) on Real Time Gross Settlement (RTGS) basis for time critical payments.
ii) Clearing and settlement systems for securities – Delivery vs. Payment (DVP). The final delivery of securities will occur if and only if final payment occurs.

iii) Transferring balance from net settlement systems to RTGS Server at periodic intervals. The net obligation could be from:
a. Local paper-based clearing
b. Inter-city paper-based clearing (including IT discounting facilities)
c. Bulk payments – ECS (Debit, Credit, RAPID) including intercity.
d. Shared ATM networks
e. Smart cards and other pre-paid/pre-authorized debit cards
iv) Exchange of defaulting borrowers list among RBI and banks
v) EDI services to the extent they pertain to payment cycle to EDI (Electronic Data Interchange)
vi) Consolidation of current account balance from the existing DAD (Deposit Accounts Department in RBI Offices) applications synchronously/asynchronously to facilitate balance enquiry by banks on all India/center-wise basis and if necessary to activate transfer of funds among DADs at different centers.
vii) Reporting of government account transactions
viii) Reporting of BSR (Basic Statistical Returns) etc. to RBI
ix) Asset Liability Management
x) Intranet in RBI to enable banks to get circulars, press releases etc.
xi) Returns to be submitted by the banks to Departments of Banking Supervision (DBS) for off-site supervision and monitoring.

[ronnierules]

4. Credit Card Frauds





A. Credit Card Frauds
a) Meaning
b) Aware of Credit Card
c) Advantages of Credit Card
d) Credit Card Frauds


B. The Prevention of Frauds
a) Duplicate Card
b) White plastics
c) Banker’s Role
d) Cyber Laws
e) Altering Sale terminals
f) Internet Relays
g) Monitoring Deposit
h) Risk Management
i) Central Credit Card Clearing House
j) Loss of Credit Cards in Transit
k) Fraud Consciousness
l) Physical Evidence
m) Check the handwriting

[ronnierules]

A. Credit Card Frauds: -

a) Meaning: -

A credit card is a money transaction device without using cash or fiduciary documents.

b) Aware of Credit Card: -

The credit card, as already seen, is a money transaction device. The institutions issuing the credit card give the card holders authority to obtain money, goods, services or any other thing of value, on credit. They guarantee payment of debit so raised. These institutions are banks and other financial institutions, clubs and travel agencies and departmental stores, etc. Credit Cards, Bob Cards, Master Cards, Visa Cards, express Cards, Euro Cards have wide circulation. Some of them have wide circulation. Some of them have world-wide circulation.

c) Advantages of Credit Cards: -

Following types of safety measures are being introduced increasingly in the credit card manufacture. They can be adopted with advantages:

1. Simultaneous printing on both sides of the cards; creating some superimposed graphics, patterns, digits or writings.
2. Multi-layered laminates incorporating lateen images which may distinguish the genuine from the forged.
3. Intricate graphics and distinctive letter and digit designs.
4. Laser printing to engrave the letter and digits on the credit card.
5. Three dimensional insignia, logo of high artistic quality on the credit card.
6. Encoded information track in magnetic inks on magnetic stripe.
7. Cards inserted in the imprinter head, designed and manufactured to rigid specification to permit limited tolerance to admit only genuine credit cards.
8. Secure Signature Panel.
9. 3- Dimensional hologram.
10. U.V. fluorescent images and designs.
11. Micro printing
12. Optically illusive figures, designs, etc.
13. Heavy duty embossing logo.

d) Credit Card Frauds: -

Credit card frauds manifest themselves in a number of ways:
1. Genuine cards are manipulated.
2. Genuine cards are altered.
3. Counterfeit cards are created.
4. Fraudulent telemarketing is done with credit cards.
5. Genuine cards are obtained on fraudulent applications in the names/addresses of other persons and used.

It is feared that with the expansion of E-Commerce, M-Commerce, and Internet facilities being available on massive scale, the fraudulent fund freaking via credit cards will increase tremendously. The shape it takes will be limited only by the ingenuity of the future.

[ronnierules]

B. The Prevention of Frauds:-

a) Duplicate Card: -

The duplicate fraudulent credit cards are those where the defrauders have made sincere efforts to duplicate the original cards through photo-mechanical processes.

They follow the footsteps of the original manufactures of the genuine credit cards to produce as close a replica of the genuine card as possible, employing similar materials and similar processes of printing and embossing, besides magnetic encodings.

b) White Plastic: -

The counterfeit credit cards known as ‘white plastics’ are imitations of credit cards in general aspect.

c) Banker’s Role: -

The credit card industry is one of the fastest growing activities of the banking industry. The artist has to be there (where the money is). The banks have to suffer losses.

d) Cyber Laws: -

Information Technology Ministry be approached for stringent laws against credit card crimes.





e) Altering Sales terminals: -

Internet E-Mail should be utilized on the pattern of Hot Box organized about a decade ago suitably modified to benefit from the advances the information technology has made since them.

f) Internet Relays: -

Computers should be pressed into service via internet connection by suitably upgrading the Television System Vertical blanking Intervals for notifying the fraudulent cards in the market.

g) Monitoring Deposit: -

Monitoring system can help locate the unscrupulous merchants who use or allow the use of ‘white plastics’ and fraudulent cards, knowing full well their fraudulent nature for making a fast back.

h) Risk Management: -

To meet the menace one of the top card companies has imitated risk management service to identify these high risk centers where daily all the inter-change transactions of the areas are scrutinized and the credit card number are checked against those which have been declared fraudulent, stolen or lost.









i) Central credit Card Clearing House: -

There should be a joint list of credit card holders on central basis with their addresses and other details, if any. New applicants to any bank for credit cards should be checked: -
• If he is holding card from other issuers.
• If he has held a card at other times. If so, when? Why did he discontinue?
• If he has applied to more than one credit card issuers
• The new card holder’s business transactions should be watched for some time.

j) Loss of Credit cards in Transit: -

It must be prevented.

It is simple for either the customer to collect personally or the banker should deliver it personally, or it should be sent by courier and confirmation obtained on telephone, in addition to the paper receipt.

k) Fraud Consciousness: -

The problem of credit card frauds must be brought to the notice of users as well as of the servers at sale terminals.

Proper training in the check up of the credit card in its various aspects has no substitute and in view of the huge issues the same is indispensable.





l) Physical Evidence: -

Immediately on the discovery of fraud all the physical evidence available should at once be taken into possession and the case reported to the police for investigation.

m) Check the Handwriting: -

Handwriting (in signatures) is available on sale drafts and on credit cards. The comparison of hand-writing inter se and with that of the suspect and of genuine card holders, can lead to the identity or non-identity of alleged writer.

[ronnierules]

5. Banks Control in Online Banking





A. Will Banks Control Online Banking?: -
a) Internet Banking in India
b) Real threats
c) Online


B. Banking in the Cyber world: -
a) Internet Purchases without Payment Gateways
b) Risk of Gateway

[ronnierules]

A. Will Banks Control Online Banking?: -

a) Internet Banking in India: -

Online banking is expected to explode in the next few years. We will be entering the age of non-physical exchange of cash aided by complete transparency leading to perfectly competitive electronic market place and inevitably to customer supremacy. Growth in online banking will be driven by the following reasons:

• Increasing access to low cost electronic services
• Emergence of open standards in the banking industry
• Improved customer awareness
• Entry of global majors in the market
• Integration of banking services with e-commerce and emergence of e-cash
• Convenient international transactions as Internet eliminates geographic boundaries
• Shift from one-stop shopping to unbundled product purchases











 Internet Banking – An Overview: -

Internet Banking sites can be segregated into four categories from Level I, which offer just minimum functionalities such as access to one’s deposit account data, to Level IV sites that offer sophisticated services. To be successful, an Internet bank must offer:

• High rates on deposits
• 24 hour access
• Free checking and bill payment facilities with rebates on ATM surcharges
• Credit cards with low rates
• Simple and easy online applications for all accounts including personal loans
• Innovative products
• High quality customer service

b) Real Threats: -

• A majority of leading online brokers are beginning to offer banking products and services as part of their overall offers.

• They are actively seeking to capture “excess” balances in existing checking and saving accounts by offering better rates.

• There are other threats to banks as well. Several leading system providers have developed “bank-in-a-box” solution – unbranded, electronic, full-service, virtual-bank system – that can be bought, branded, and offered to consumer by any authorized company that wishes to provide banking service.
c) Online: -

An online service that merely mimics an offline one has a second problem as well; it doesn’t give customers an adequate inducement to move a significant portion of their banking online.

As a result, most customers tend to tend to treat online banking as no more than an extra channel to check their balance and transaction histories, and they continue to do the rest of their business at the ATM or the teller window.

A vicious offering increase the banks’ total costs. This makes the banks reluctant to make further large investments in the online channel, which thus, does nothing to move customers away from tellers and ATMs.

In fact, consumers didn’t stop using tellers to the extent that banks has hoped, but they also used ATMs so frequently that the reduction in cost per use was more than offset by the higher volume of transactions.

The study of Information Systems through broadband connection, through satellite, through a network or through a view chat.

This online information system provides information about all aspects, Information providing on the demand of the subscriber.

This online information system may be of study program, a graduation program or sharing of data through internets, extranet and internet.

[ronnierules]

B. Banking in the Cyber world: -

a) Internet Purchases without Payment Gateway: -

The dangers are three-fold:

• Since a manual process requires human intervention, risk of information leakage exists.
• No exchange of Digital ID, so no authentication of the merchant – risk of bogus merchant.
• No exchange of Digital Certificate to authenticate card holder – risk of repudiation of transaction by the card holder.

The benefits which the user would get by using the Internet payment gateway are:

• Card details travel encrypted on the Net (if encryption facility available on the gateway).
• On-line status of order, if the gateway has on-line authorization.
• Secure Merchant identification, so that fraudulent web sites posing as genuine merchants get weeded out.

 What’s a Payment Gateway?

A payment gateway is software that supports multiple payment models simultaneously in a safe and secure manner.

Funds can be transferred through credit, debit and smart cards, cheques, electronic payment wallets and even direct debits through a central payment switch.

Put simply, a payment gateway enables on-line commercial transactions on the internet on a secure system, which have firewalls against hacking.
b) Risk of Gateways: -

• Currently, in India – HDFC Bank and ICICI – have launched payment gateways for Business to Customer (B2C) transactions.

• Payments can be effected through credit cards or through directly debiting the account of the customers of the respective banks.

• Some payment mechanisms on the Internet are not safe, as they are in the open-loop where a merchant portal can see the credit card number.

• This is unsafe for credit card holder and is susceptible to fraud as his number can be physically seen.

• The dust is yet to settle in the B2C payment gateways, but action is already heating up in the business to business (B2B) arena.

• Besides HDFC Bank and ICICI, Global Tele-System and a few other non-bank companies are toying the idea of launching payment gateways for inter bank and B2B transactions.

• No prizes for guessing who they are targeting, Nationalized banks, of course.

[ronnierules]

6. ICICI Bank: A Case Study




A. ICICI Bank and Sify for Online Distribution of Retail Banking Products & Services.

In a major development in the Internet world, ICICI Bank, the banking subsidiary of ICICI Ltd. (NYSE: IC and IC.D) and Satyam Infoway Ltd. (NASDAQ: SIFY) announced the setting up of a new “.COM” company for on-line distribution of retail banking products and services on the Internet. This landmark agreement marks the coming together of India’s first Internet Banking provider, ICICI Bank, and India’s largest private ISP and mega-Portal, Satyam Infoway, to create a unique partnership between a major Bank and a mega-Portal. The marriage between banking and portals is expected to be a win-win potent combination, which is expected to result in improved customer orientation, lower distribution cost, long-term customer relationships with ease of banking wherever and whenever the customer wants it and enhanced profitability. The range of retail banking products to be distributed through the portal would include savings accounts, current accounts, fixed deposits, bill payments and other retail banking products that ICICI Bank may offer through this on-line channel.


The surge in demand for e-commerce related services stems from the rapid growth in Internet penetration in the country and a fundamental change in the business paradigm. The two companies would therefore also explore several opportunities to complement each other’s strengths to capitalist on the opportunities in e-commerce. This would include providing a platform for trade facilitation and payments over the Internet using innovative banking products of ICICI Bank. SIFY has a buyer to seller ordering/selling website, SeekandSource.com, which is on-line except for the payments that are still physical. ICICI Bank has developed an Internet based ‘business to business’ payment module for purchasers and sellers to effect payments online. A synergistic offering of these two products would be made so that such customers/users can complete the entire transaction and payments online.

The two companies would expect to co-operate wherever feasible to extend the reach and channels for distribution of financial products from ICICI Bank and Internet products from SIFY. ICICI Bank, as a part of its “Click and Brick” strategic focus would set up ATMs at the Satyam Access Points and Cyber Cafes, thereby increasing its reach across the country. It would also offer Satyam Internet terminals at its branches, enabling visitors to surf the Internet, thereby attracting new customers to branches. The two companies shall examine further business opportunities, which would effectively synergies the financial services strength of ICICI Bank and its Affiliates and the technological expertise of Satyam Infoway and its Affiliates. ICICI Bank and Satyam Infoway through this partnership will play a strategic role in providing revolutionary e-commerce solutions in India.

The memorandum of understanding was signed today between Mr. H.N Sinor, Managing Director & CEO of ICICI Bank and Mr. R. Ramraj, Managing Director of Satyam Infoway.

ICICI is a diversified financial services company offering a wide range of products and services to corporate and retail customers in India. ICICI Bank, a subsidiary company has been the pioneer of Internet banking in India. ICICI Bank has been gearing itself for the opportunities that would be created from the e-Commerce revolution.

Satyam Infoway Ltd. Is the leading integrated Internet and e-commerce company operating in India. Satyam Online, the most comprehensive portal site of Indian origin is one of the key offerings from SIFY in the business to consumer segment. Recently it entered into an agreement to acquire India World Communications Private Limited, which would result in the integration of India World’s popular websites like samachar.com, khel.com and khoj.com with SIFY’s portals. The combined portal would be the largest India related Internet portal.

[ronnierules]

B. Recent E-Mail Fraud:-

ONLINE fraudsters targeted ICICI Bank customers through spam mail that asked them to disclose passwords and other information, but the bank said no financial loss was reported so far.

E-mails from `support@icici.com' with the subject `Important information from ICICI Bank' and `Official information from ICICI Bank' started circulating from Monday. Once opened, the mail asked customers to click on a link.

"For security purposes your account has been randomly chosen for verification. To verify your account information we are asking you to provide us with all the data we are requesting. Otherwise we will not be able to verify your identity and access to your account will be denied. Please click on the link below to get to the ICICI secure page and verify your account details. Thank you," the e-mail said.

The ingenuity of the e-mail is striking as when clicked on the link, it opens a Web page that is an exact replica of ICICI Bank's and simultaneously opens the bank Web site.

Customers were asked to key in their identification number, login and fund transfer passwords. The link, however, didn't work on Wednesday.
An ICICI Bank spokesman said so far no financial loss was reported because of the fraud. "It's not easy to say how many of our customers have got it. First, we felt it will be a large number. But now our assessment is it's a small number," the spokesman said.

ICICI Bank sent e-mail to its customers, warning them about the fraud and urging not to respond to such mails. "Such fraudulent communication may also be sent via SMS or the phone," the bank said.

The ICICI Bank spokesman said the bank has alerted the cyber crime cells about the spam mails. But the origin of the spam mail had not been traced, he said.

Such fraudulent mails are becoming rampant across the world as Internet banking has grown in popularity.

[ronnierules]

C. Online fraud: 60-yr-old seeks police action against ICICI Bank officials:-

Karve Nagar resident Vinod Malhotra suffered a loss of Rs 95,000, which was transferred through 19 phone bank transactions in just two minutes.

While cyber criminals are on the prowl, the increasing number of online fraud has also put a question mark on the security system of banks. Vinod Malhotra, a 60-year-old citizen from Karve Nagar, who lost Rs 95,000 to an online fraud, gave a letter to the Shivajinagar police station requesting the investigation officer, police sub inspector S B Ghorpade, to book the ICICI Bank authorities in the case.

The police have so far booked Bhavin Gunwantilal Kakadia of Chira Bazaar, Mumbai. That is because Malhotra’s money was transferred into Kakadia’s account on June 2. But Malhotra has alleged that the loss occurred because ICICI Bank failed to protect his account.

Malhotra received a fraudulent e-mail on April 18, carrying a logo of ICICI Bank, seeking his credit card account details. Taking it to be genuine request, the elderly citizen submitted the details. He then sent an e-mail to ICICI Bank to check if they had actually sought the information.

On April 20, the bank replied that it was a fraudulent email. But on April 21, fraudsters used his credit card for booking tickets worth Rs 4,000 for Adlabs theatre, Mumbai. On April 21, the credit card was again used for online shopping worth Rs 3,083 through a US-based website.


Malhotra received the customary SMS alert about this transaction. He immediately contacted the bank and submitted details of the illegal transactions. The bank replied that it was a “phishing” attack. The bank then blocked his credit card and issued a new one, assuring him that his account would be protected properly.

But again on June 2, Rs 95,000 was transferred from his savings account. A stunned Malhotra filed a complaint with the Kothrud police on June 3.
The case was transferred to Shivajinagar police station since his account was with the Shivajinagar branch of ICICI Bank. “When I went to the bank with the police, a senior officer from the Operations Department said that money was transferred from my savings account through phone banking,” said Malhotra.

“The officer said that my mobile number was changed from the system. The fraudster replaced it with an Airtel mobile number from Punjab and then transferred money to Kakadia’s account through 19 phone banking transactions of Rs 5,000 each in just two minutes,” he added. “The money was further transferred to a private business firm’s account in Mumbai and withdrawn by the fraudster using cheques,” he added.

Malhotra said that he had given his mobile phone number to ICICI Bank only for receiving SMS alerts on account details. “I never used the net banking and phone banking facility. I don’t even remember the passwords required for these facilities. So there was no chance of me submitting the passwords to any phishing mail or person. I believe the fraud could have been avoided if ICICI Bank had not failed to keep vigilance on its internal security system,” he said.
Malhotra communicated with K V Kamath, the MD and CEO of the bank, requesting him to investigate the case and repay his money. After a 30-day internal investigation, ICICI Bank replied that it was not at fault and would not compensate for the loss. So Malhotra lodged a First Information Report (FIR) with the police on July 12. On Tuesday, the bank replied that his case would be re-investigated.

When contacted, ICICI Bank Head (Corporate Communications) Charudutta Deshpande said, “ICICI Bank has a fool-proof security system. But we don’t doubt the genuineness of our customers. Proper investigations will be done.”

Police Sub-Inspector Ghorpade said, “We have dispatched a team to Mumbai for investigations. But there is not much progress because the bank has not yet given us complete information about the suspects.” “We have not yet booked the ICICI bank officials. But we would be interrogating bank officials if required,” he said.

Pune police Cyber Committee Coordinator Sudam Choure said, “There have been cases in the past where secret information was leaked from banks. Usually, the bank employees on contract basis or courier companies were involved in the frauds. There is need for the banks to increase their internal security system.”