Abstract
The papers discusses the development of online banking, along with the advantages and disadvantage that entails online bank transactions. On the one hand, online banking offers a number of advantages such as the ability to make financial transactions virtually anywhere while on the other hand, the continuous development of the Internet gives rise to privacy and security issues of online banking.
Background
Information technology, particularly the internet is becoming an important foundation of the future of financial services industry. Indeed almost all financial services and financial transactions can be done online. The quick development of online financial services is made possible by the internet. Banks all over the world are exploiting the net in order to give better services to their clients. Online banking is the flagship banking development that currently affects how customers and banks do business transactions and will continue to hold a prominent position in the banking sector in the future.
Online banking traces its history to 1970s when banks offered PC-based online banking with propriety dial-up services. Banks such as Chemical (through Pronto), Citibank (Direct Access), Chase (Spectrum), Bank One (Applause), and others offered their customers, for a monthly fee, basic home PC banking which included balance lookup, fund transfers, personal budgeting and bill payment (Banks, 2001). Home banking was targeted towards upscale households (Guttman, 2002). Home PC banking was heavily invested on and marketed by these banks, but it remained unpopular among consumers because of high user fees and burdensome technical platforms. In the mid-1980s software companies such as Meca and Intuit/Quicken introduced third-party packages designed to link customers and banks. This was met with eagerness from local banks which signed up with one of these software companies and allowed customers to use the platform in order to access account information, transfer funds and pay bills. Intuit’s bill paying platform was reasonably successful. Customers could authorize the payment of funds to a given merchant, the Quicken package would receive the customer approval and determine, via the Intuit Services Corporation (ISC), if the merchant was part of the Federal Reserve’s Automated Clearing House (ACH). If it was, ISC would effect an electronic payment through the ACH and, if not, would mail a check to the merchant. In the mid-1990s AOL partnered with Intuit in order to give customers access to Intuit’s home banking services. Though Intuit and others improved the home banking process, the overall market for such services remained very limited until the arrival of the Internet (Banks, 2001).
In order to investigate further the impacts, usages, advantages, and disadvantages of online banking, the researcher conducted a survey. The researcher was able to gather responses from 34 respondents. Of the 34 respondents, 7 (20.59%) were below 19 of age, 13 (38.24%) were aged 19-35, 10 (29.41%) were aged 36-55, 3 (8.82%) were aged 56-64 and 1 (2.94%) was aged above 64.
Of all the 34 respondents 8 (23.52%) are in high school, 8 (23.52%) are studying in college (or have already earned their bachelor’s degree), 11 (32.35%) are taking their post-secondary degree (or have already earned their post-secondary degree), 6 (17.65.4%) are taking their master’s degree (or have earned their master’s degree) and 1 (2.94) was with PhD degree.
Supporting the view that Internet has a big part in the birth, development and usage of online banking services, majority of the respondents have a very convenient access to the internet (28 respondents or 82.35%). 4 respondents (11.76%) stated that they have convenient access to the internet while 2 (5.88%) stated that they have slightly convenient access to the internet.
The respondents were also active Internet users with 14 (41.18%) using the net for 1 to 3 hours each day. Seven (20.59%) respondents stated that they use the internet for 4-5 hours daily while 9 (26.47%) said that they use the net for 6-8 hours. There were 4 (11.76%) respondents who said that they use the internet for more than 8 hours.
Advantages of Online Banking
Online baking offers benefits for banks, customers and the economy as a whole. From the bank point of view one benefit is better brand image. Online banking allows banks to be more responsive to the needs of their customers. Banks that offer online banking are perceived as leaders in technology implementation. In terms of financial benefits, online banking offers an opportunity for banks to maximize their profits by decreasing transaction cost. According to a study conducted in 2002, bank transaction in the United States cost .07 as compared to 54 cents for telephone banking, 27 cents for ATM (Automated Teller Machine) banking and 1.5 cents for Internet banking (Pyun et al, 2002). There are other benefits that banks can reap from online banking. The benefits that banks can have from online banking can permeate the entire organization, from sales and marketing to customer service, back office support and operations. Some of the benefits are discussed below:
· Customer Satisfaction and Retention – banks become empowered to satisfy the needs of their customers and provide extra services and features to retain them.
· Cross-selling opportunities – integrated products allow for opportunities to data mine and market products and services to specific customer who need them in real time. Through online banking, banks can determine when customer log on to the internet banking system, and what products and services appeal to them most. Through the captured information, banks can devise strategies to fit the specific needs and wants of their customers.
· Focusing on the most profitable customer base – data mining allows banks to identify their most profitable customer base and allows them to target the appropriate products and services directly to them in real time.
· Shifting costs – through online banking, banks can concentrate on other channels to operate more efficiently.
· Competing on a more level playing field – through online banking, a small bank can compete head to head with larger banks by offering more sophisticated online financial services (Winter, 2001).
On the point of view of the customers’ the main benefit of online banking is significant saving of time by the automation of banking services processing and introduction of an easy maintenance tools of managing customer’s money. The main advantages of online banking for business customers include the following:
· Lesser cost of online banking services
· Customers are allowed to transact with the banks 24 hours daily providing comfort and greater access to services
· Customers enjoy quick and continuous access to information – this is particularly beneficial for companies as they will have easier access to information, allowing them to check on multiple accounts at the click of a button
· Online banking allows better cash management which is enabled by online banking facilities that speed up cash cycle and increases efficiency of business processes as large varieties of cash management instruments are available on internet sites
Private customers demand slightly different benefits from online banking. These include:
· Reduced cost in terms of the cost of availing and using the various banking products and services
· Convenience which means the ability to complete banking transactions while at home, in the office or elsewhere
· Funds management which means that customers can download their history of different accounts and analyze them using their computers
When asked whether they prefer online banking over conventional banking, majority of the respondents said yes (25 or 73.53%) while 9 (26.47%) said no. the advantages of online banking have more weight for those that said yes while for those that said no, the disadvantages particularly security and privacy issues have more weight.
The respondents were asked which service they think is the most useful with online banking. 15 respondents aid that the most useful service with online banking is bills payment while 7 stated money transfer. There are 6 respondents who stated account information access.
Technological System of Online-Banking
There are many design and technical issues that a bank must consider in its decision to offer online banking services. First are issues relating to the online banking website. The bank needs to ensure that the website is designed in such a way that navigation will be easy and that the website is not over-commercialized. The bank can also make use of trademarks, logos and animated graphics to make the website more interesting and informative. However, banks are advised to be simple with their designs as putting too much designs and animations may give different impressions and images of the bank. The designs must be in accordance to the image that the bank wants to exude. Many banks include banking-related information such as stock quotes, investment summaries or online brokerages on their web sites. Others include a range of helpful non-financial information, such as news and weather, sports, and entertainment, or links to various community web sites. One of the first issues a bank must face when considering online services is the selection of an Internet Protocol (IP) address and Domain Name System (DNS) Server. In the Internet world, each web server computer has a unique IP address, and consumers use easy-to-remember domain names to find most commonly used web sites. The now-familiar .com domain serves most commercial businesses on the Internet. A number of options are now available for web site hosting. Some banks run their online operations on a computer server located at their own offices, while others call on highly specialized data centers to provide this important infrastructure. Outsourcing is often the preferred option for smaller banks, because it is faster, simpler and does not require the institution to invest in infrastructure or specialized personnel. Outsourcing can also provide a more suitable solution for the dynamic, database-driven activities common to most online banking transactions (Hamlet & Strube, 2000).
Another important part of the online banking system is protection. There are different types of protection that banks use. Generally, banks use firewalls and other associated controls. A firewall is a hardware and software placed between two networks. The intent is for all network traffic, regardless of the direction of flow, to pass through this firewall. The firewall then can check all traffic to make sure it is authorized and prevent unwanted traffic from entering the system. The firewall also can check the traffic to determine whether it contains any unauthorized attachments, such as viruses. Firewalls need to be efficient to catch any traffic that is unauthorized in order to prevent potential harm to the institution. Network isolation is a function of firewalls. A domain name server converts publicly known addresses into internal addresses that are not publicly known. This is sometimes referred to as a “bastion host”. The feature prevents intruders from gaining access to internal names and addresses on the bank’s internal network. Firewalls also act as a screen for addresses. Firewalls function as filters that sort out messages that come from inappropriate addresses. Firewalls also act as applications screen. By acting as an application screen firewalls prevent inappropriate instructions from entering the system or an unauthorized access to the administrator level of the server. Lastly, a firewall can be used to inspect message flow. Through this function inappropriate responses are filtered. There are also other controls that can work with firewalls in order to strengthen the online banking security system. These controls include logical access controls and physical security. A logical access control includes a user identification and password. Physical security is used to protect a bank’s data communications networks and internal accounting systems.
Cryptography is a security technique used by banks to protect online transactions. Encryption generally deals with privacy, trust and verification issues. There are two different kinds of encryption that are being used. One purpose is to keep information private. The other is to verify the identity of parties in a transaction. Both kinds of encryption are typically used together to both protect messages and validate the parties involved, Each is governed by industry standards, Vendors provide the encryption technology as software products or as part of specific hardware devices. These two basic types of encryption are symmetric and asymmetric. Symmetric, also known as secret key cryptography, requires both the sender and receiver to have the same key. The sender encrypts the message and the receiver decrypts the message using the same key. The advantages of secret key cryptography are that it is secure, widely used and fast. Asymmetric, also known as public/private key cryptography employs two keys. In order to secure the message the sender performs the encryption using the recipient’s public key. However, the receiver can only read the information using their private key. Some of the advantages of public key cryptography over private key cryptography are that it simplifies key administration.
Encryption may be used to both secure the message and authenticate the sender. The normal approach is to use the asymmetric and symmetric encryption technologies in tandem. Symmetric encryption is typically used for encrypting large volumes of information and asymmetric encryption is for authentication.
Problems and Disadvantages of Online Banking
Although online banking will benefit the banks as well as their customers, both parties will also face different disadvantages. For example, according to Bonette (2001) there are at least seven risks that banks face through online banking. These are:
1. Strategic risk – this refers to the business risk associated with the decision to go online. Before introducing a internet banking product, management should consider whether the product and technology are consistent with tangible business objectives in the bank’s strategic plan. The bank also should consider whether adequate expertise and resources are available to identify, monitor, and control risk in the internet banking business.
2. Operational risk – includes some of the popular concerns such as online frauds, system abuse, or system failure. The cost of maintaining these systems can be high, for knowledgeable personnel are needed to cope with the potential problems involving security, availability/accessibility, or system integrity, all problems which could expose banks to unrecoverable losses.
3. Credit risk – this can be faced by banks using online loan applicants as frauds or other problems could arise through remote access.
4. Liquidity risk – this is associated with online deposits, which by definition are more volatile. Internet banking can increase deposit volatility from customers who maintain accounts solely on the basis of rate or terms. Asset/liability and loan portfolio management systems should be appropriate for products offered through internet banking. Increased monitoring of liquidity and changes in deposits and loans may be warranted depending on the volume and nature of Internet account activities.
5. Legal and compliance risk – these include defining jurisdictions with cross-border internet access complicated the law. Compliance risk is the risk to earnings or capital arising from violations of, or non-conformance with laws, rules, regulation, prescribed practices, or ethical standards. Compliance risk also arises in situations where the laws or rules governing certain bank products or activities of the bank’s clients may be ambiguous or untested. Compliance risk exposes the institution to fines, civil money penalties, payment of damages, and the voiding of contracts.
6. Reputation risk – customers may be unforgiving if a web system goes down and experiences security problems which will affect the reputation of the bank. Reputation risk is the existing and prospective impact on earnings and capital arising from negative public opinion. This affects the institution’s ability to establish new relationships or services or continue servicing existing relationships. This risk exposes the institution to litigation, financial loss, or a decline in its customer base.
7. Systemic risk – which increases if there are industry-wide security problems or even of a general loss of confidence develops in internet banking as a whole (cited in Gup, 2003).
8. Transaction risk – is the current and prospective risks to earnings and capital arising from fraud, error and the inability to deliver products or services, maintain a competitive position, and manage information. Transaction risk is evident in each product and service offered and encompasses product development and delivery, transaction processing, systems development, complexity of products and services, and the internal control environment. A high level of transaction risk may arise with internet banking products, particularly if those lines of business are not adequately planned, implemented, and monitored.
Aside from the risks discussed above, banks are also threatened by different online attacks. These attacks can include:
· Sniffers – or network monitors, this software can be used to capture keystrokes from a particular computer. This software of capable of capturing online IDs and passwords.
· Guessing passwords – this involves the use of a software to test all possible password combination to gain access.
· Brute force – this technique is used to dial every number on a known bank telephone exchange. The objective is to find a modem connected to the network. This could then be used as a point of attack.
· Social engineering – this technique may involve an attacker making a call to the helpdesk of a bank and impersonating an authorized user in order to gain information especially IDs and passwords.
· Trojan horse – this involves the embedding of codes into a system in order for the attacker to access the system or the network.
· Hi-jacking – this involves the interception of transmission in order for the attacker to gain information. Internet traffic is particularly vulnerable to this threat.
There are also different problems that customers face when making banking transactions online. There are three types of internet banking fraud that are commonly perpetrated against online banking customers. These are identity theft, friendly fraud and internal fraud. Among the three common kind s of online banking fraud, identity theft gets the most attention from the media and is of highest concern to consumers. Identity theft can be extremely difficult for its victims. It can take months or even years to correct the damage it can cause. If the thief has acquired enough information to satisfactorily answer the questions asked by the financial institution, he or she will be able to use the information to commit fraud. Friendly fraud is fraud committed by a trusted relative or friend. Friendly fraud is also known as “civil fraud” or “family fraud”. This refers to fraud committed using information that belongs to a trusted friend or family member. As much as financial institutions, independent organizations and the media communicate to consumers that they should not share confident data, many people do share their information with close friends and family. The number of identity theft cases perpetrated by a customer’s friend or family member is rising. Internal fraud is fraud perpetrated by a financial institution employee. This type of fraud is not new but the proliferation of online banking has added another avenue for frauds to commit their crimes. If a financial institution allows employees access to customer data, and that data is the same information needed to gain online access to customer accounts, an employee can easily commit fraud.
Protecting Customers
In 2005, a guidance entitled “Authentication in an internet banking environment” was released by the Federal Financial Institutions of Examination Council (FFIEC). The said guideline presents different strategies for banks in protecting customers and their businesses from online crimes such as online fraud and online identity theft. Authentication is the main strategy for protecting customers against cyber crimes involving financial institutions. There are various technologies and methodologies financial institutions can use to authenticate customers. These methods include the use of customer passwords, personal identification numbers (PINs), digital certificates using public key infrastructure (PKI), physical devices such as smart cards, one-time passwords (OTPs), USB plug-ins or other types of ‘tokens’, transaction profile scripts, biometric identification and others. Some of these instruments are discussed below:
· Shared secrets – this include information elements that are known or shared by both the customer and the authenticating entity. Passwords and PINs are the best known shared secret techniques but some new different types are now being used as well such as questions or queries that require specific customer knowledge to answer and customer-selected images that must be identified or selected from a pool of images (FFIEC, 2005).
· Tokens – these are physical devices and may be part of a multifactor authentication scheme. There are three kinds of tokens that are being used by financial institutions – USB, smart card, and password-generating token. USB tokens are plug directly into a computer’s USB port and therefore does not require installation of any special hardware on the user’s computer. USB tokens are hard to duplicate and are tamper resistant so they are virtually safe to use in storing sensitive data and credentials. A smartcard is the size of a credit card and contain a microprocessor that enables it to store and process data. Inclusion of the microprocessor enables software developers to use more effective authentication schemes. A password-generating token produces a unique pass-code; also known as a one-time password each time it is used. The token ensures that the same OTP is not used consecutively (FFIEC, 2005).
· Biometrics – biometric technologies identify or authenticate the identity of a living person on the basis of a physiological or physical characteristic. Physiological characteristics include fingerprints, iris configuration, and facial structure. The process of introducing people into a biometrics-based system is called “enrollment”. In enrollment, samples of data are taken from one or more physiological or physical characteristics; the samples are converted into a mathematical model, or template and the template is registered into a database on which a software application can perform analysis. Once enrolled, customers interact with the live-scan process of the biometrics technology. The live scan is used to identify and authenticate the customer (FFIEC, 2005).
Comments on the Result of the Survey
The survey was intended to investigate the extent to which online banking has impacted the lives of consumers. Majority of the respondents in the survey across age brackets use online banking at least once a week for services such as bills payment and money transfer. It is clear from the survey that consumers favor online banking but still use traditional banking methods. Online banking is used as a more convenient alternative to traditional banking.
Conclusion
Online banking is definitely here to stay. And as long as the world-wide-web continuous to progress, online banking will also continue to develop. Online banking provides benefits for the bank, its business clients and its private clients. Online banking allows banks to be more responsive to the needs of their customers. Banks that offer online banking are perceived as leaders in technology implementation. In terms of financial benefits, online banking offers an opportunity for banks to maximize their profits by decreasing transaction cost. On the point of view of the customers’ the main benefit of online banking is significant saving of time by the automation of banking services processing and introduction of an easy maintenance tools of managing customer’s money.
References
Authentication is an Internet Banking Environment 2005, Federal Financial Institutions Examination Council, viewed 16 December, 2009 <http://www.ffiec.gov >.
Banks, E 2001, E-finance: The electronic revolution, Wiley & Sons, New York.
Bonnette, C 2001, E-banking overview, presentation to the FDIC Bank Technology Group.
Gup, B E (ed.) 2003, The future of banking, Quorum Books, Westport CT.
Guttman, R 2002, Cybercash: The coming era of electronic money, Palgrave Macmillian, New York.
Hamlet, C & Strube, M 2000, “Community banks go online”, ABA Banking Journal, vol. 92, no. 3, pp. 61+.
Pyun, CS, Les, S & Kiseok, N 2002, “Internet banking in the U.S., Japan and Europe”, Multinational Business Review, vol. 10, no. 2, p. 73.
Winter, M 2001, “Straight talk about internet banking”, ABA Banking Journal, vol. 93, no. 12, pp. 77+.
Credit:ivythesis.typepad.com
0 comments:
Post a Comment