Literature Review of E-Banking

Literature Review of E-BankingCHAPTER 2.LITERATURE checkThis chapter is the literature review the purpose of this chapter is to investigate prehistoric publications by variant authors. This exit include textbooks, articles and online publications that could enligh goed the readers much(prenominal) than on the ara of tilling and mesh credential meacertain(p)s, the standard and policy apply for net patoising gage in the United Kingdom and more importantly, the synergistic impact of online banking and reading protective covering in the UK banking area.Since the invention of study applied science and the profit, people of different aegir be using it to improve the serve efficiently and impressively. In the sell banking sector, close of the backinges make up moved majority of their physical actualizeion processes to online transaction process. A good example of this, I own an account with the HSBC bank for over 4years now and I sack up non remember the l ast period I went into my branch to transact business. Most of my bill turn disclosement and transposes argon make by means of my online banking.)Irrespective of this, Lassar et al. (2005) alike affirmed that pecuniary institutions should be dissipate to forecast and figure out how such technology will be applied by customers.Banks and Financial institutions rely upon mostly on entropy Technology for their e rattlingday activities thereof the In headation acquired by financial governing is not dod only by the organisation and their employees but in addition by their customers and stake holders and donationners. The users who rely on these services anticipate invari open possibility of direct attack to organizational randomness (McAn completelyy, et al 2000). interpretation..Your root word is good but you be not using well incorporated sendences and para graphing. We need to talk rough this asapDEFINITION OF E BANKING.The developing tendency of e banking tr ansaction has squargonly signalled issues on discipline auspices mea certain(a) that are to be noted and stringently taken care of. To bulge this credential managed, it moldiness be a combined travail and human relationship amidst the customers and the financial institutions. (Re-structure the above paragraph) In general, e-banking is defined as the machine-driven deli truly of vernal and traditional banking products and services instanter to customers through electronic, synergetic communication take. E-banking includes the formations that enable financial institution customers, individuals or businesses, to devil accounts, transact business, or obtain information on financial products and services through a public or private nedeucerk, including the Internet which is an integral part of e-banking. (FFIEC handbook, 2006). This new development as drastically changed the phase of net income business in the United Kingdom and it is a welcome phenomenon.WHAT IS INTERN ET BANKING.For rather some years now, net banking levels ache been executed to be more fficient approach through which the banking proceedings are make without having o lend your role of abode or your place of work. Some of the customers run through been ecognised to morsel to meshing banking as a leave of frustrations with conventional tandard of operation and practices. Anand, (2008) give tongue to further that while some ustomers want human interaction in transaction, some of them turned to the internet acilities for security reasons. The reason is that the customer are effrontery assurance that heir transactions are safe and secured and most of these transactions are made via the nternet explorer interface. In its write up in 2009 (what report?.This is not Harvard standard of referencing), he s instigate online bankinghas risen. 25% of all the people who responded as regards to the most preferred route to bank.Mobile bankinghas not started at all. yet 1% of the p eople make transaction via mobile. The figure on a lower floor shows how they standOnline banking 25%Branches 21%ATM 17%Mail 9%Telephone 4%Mobile 1%Un make loven 23%CommentCan you repre displace this figures or percentage with a pie chart/graph or something more comprehensive?He went ahead and said more people visit the bank branch than using the online banking . The term internet banking offer then be referred to as the use of internet as a secluded way of doing banking services. These services comprise the conventional shipway such as account opening or monetary resource transfer to different accounts and new banking services like payments online that is customers permission to receive and pay bills on their website.Having understood the signifi mountaint importance of IT and e banking and amount of risks and threats pretend in driving the business process, therefore there is need for reproducible continuation of security in business, which brings about the understanding of I nformation security. It is a continuous process. Information security, is the process of protecting information and information dodging from unauthorised gate, use, disclo sealed, disruption, modification, destruction or bombardment, it involves confidentiality, integrity and availability of various information irrespective of the form the information takes. E.g. electronic, print, pen verbal or in any other(a)wise forms. (ISACA and CISA Review Manual, 2006).CommentYou are not given your headings titles figures e.g. 2.0, 2.1, 2.2 etcYou did not give your tables title and figures either.An Overview Of Online Banking Environment in UKAn change magnitude competitions among the financial institutions nominate forced many of the competitors to offer similar prices on deposits and loans, the effort for gaining competitive advantage were shifted towards no priced-factors (Akinci et.al 2004). customers and financial institutes fetch noted the modern revolution in UK retail banki ng. The con adaptation from traditional banking to internet banking has been effective (kolodinsky and Hogarth, 2001). Although some researchers soak up bated that online banking has not lived up to expectation e.g Sarel and Marmorstein (2003) and Wang et al. (2003), a lots of studies still say that internet banking is still the most wealthiest and paying means to transact business(Mos,1998Sheshunoff, 2000).Online banking has come to stay no doubt about that and financial institutions are ready to move on with it. Luxman (1999) for example predicted that in the nearest future that the importance of internet banking will be mat up most especially in the remote areas where some bans devour closed their branches Going by the survey carried out for alliance and Leicester by (VOBS survey, 2004), 2,395 UK adults were interviewed, more that half of them now bank online. 61 percent now used it more than the previous couple of years. However, visiting the baking hall is genuinely oftt imes popular with respondents preferring to go to banking and deal face to face with the banking staff for activities like paying cheques 73 percent, 20 percent withdraw bills over the counter and 20 percent will lodge on one complaints or the other.Mike Warriner (2008).said in a recent report from Forrester maintaind that only 31% of British adults bank online despite 75% regularly shopping online to quote Benjamin Ensor, principal analyst at Forrester Research, By international standards, the U.K. is an online banking laggard. He then goes on to say that The U.K. withal has a relatively large number of quitters, with about two one thousand million people saying that they used to use online banking but have given up.WHAT IS WRONG WITH UK INTERNET BANKINGAccording to a survey carried out by Darrell R. (2009) Medium size organizations all over the earth are very much concerned about cyber threats. The number of incidents reported really justifies their doubts. At the close of mid 2009, McAfee smashed a new malware as they did in 2008 which could cause a lot of havoc in the internet world..Irrespective of this discovery most organizations still cut their IT security budget instead of increasing it. A threat up budget down, McAfee called it security paradox.Ron C. (2009) reports that most companies in the UK are lagging behind the rest of the world in information security management practices, according to a new study from PriceWaterhouseCoopers.7,000 security professionals all over the world was surveyed, mainly in large companies consisting of 455 in the U.K. The survey found out that British organisation emerges to be less(prenominal) prepared to fight the risks that tackle them in their information systems.The table down the stairs shows that U.K. lags in quite a a couple of(prenominal) key areas of information security. Organisations have smaller amount CISOs in place only 37% have a clear idea of where their info is stored. Then, nearly half (49% ) do not complete the number of security incidents they experienced in the preliminary year.INTERNET TRANSACTIONTransactions online help customers with the competence to conduct transactions via the website of the institution by introducing banking transactions or buying products and services. There are lots of transactions customers can engaged in on the internet which can be a small as basic retail account balance to a very big business funds transfer. Internet banking services, such as the ones carried out through some other means are categorised based on the type of customers they support. The side by side(p) table shows some of the common retail and wholesale internet banking services offered by financial institutions. (FFIEC, 2006)Since transactional websites representatively enable the electronic exchange of confidential. guest information and the transfer of funds, services through online banking makes the financial institutions to be insecure to higher risk than basic .ADVANTAGES OF ONLINE BANKING.ConvenienceAccording to (Gerlach, 2000), internet banking services permit customers dispense their habitual banking transaction without visiting the bank building or meeting any banks staff. No need to wait until 8 or 9 in the morning in front you can get firmness to your bank account request or details Customers can handle their transactions anywhere they like as long as they are committed to the internet or where there is availability of internet. However, since most banks offers 24 hours online banking services 7 days a week, internet banking can release you to view and work with your account no matter what time or day it is. Thus, they can make payments, check balance, transfer money etc at the comfort zone of their homes or offices. Hence online banking has broken the limitations of the conventional way of banking thus adds customers swiftness and convenience.Time Saving and Money.When you visit banks, you will discover that most banks branch es are always engaged with one activity and customers have to wait for a long time before attended to. This is a waste of time and energy. Luckily, some banking transactions can be handled at home or in office or anywhere that is well-provided for the customers. In other words, customers do not need to wait for a long time in a long queue or go to their respective banks branch to carry out their banking business. Online banking therefore helps can help customers to hold up time and cost of travelling.Ease and EfficiencyAs long as they adhere to the simple measuring sticks to be followed by login in their information and clicking the right button, customers can able to check their accounts and pick out what their balance is, transfer funds and also carry out other valuable transactions. The timely check can help customers overdraft charges and also to cheat if the transactions they made was successful and completed. Hence, banking online helps customers to manage their account more good and conveniently.On Time Gain and Update InformationOnline banking systems also provide the customers a timely updates about both their animated and new products and services, banking word and other vital information that the customers need to know or be updated with. Therefore customers can benefit some relative information at the appropriate time for them to make quick and right decisions.Profitabilityfewer banking building will be maintained as a go away of online banking and fewer employers will be involved there is a much lower over head with online banks. The saving they get as a result of this process allows them to give greater interest rates on savings account and lower lending rates and service charge. make up EffectiveInternet banking cost less, this is because there are only few buildings to maintain and salaries paid to employees will be reduced as well. Since they have more to safe now and this allows them to increase their interest rate on savings accoun t and lower lending rate and charges Easier To Catch two-faced Activities Since you have the opportunity of viewing your account details at anytime, it is easier to know if any double-tongued activities have gone through your account before much damage is done. Once you log into your account, you will see presently whether there is anything wrong when you check your deposits and debits. If you do not make any transaction and you see any strange details in your account, you will see it write away and make necessary alarm to the financial institution While the internet offers miscellaneous advantages and opportunities, it also presents various security risks. Having this in mind, banks take wide measures to protect the information transmitted and graceful when banking online. This comprises ensuring confidential data sent over the internet cannot be accessed on modified by unauthorised third party. But banks dont normally have influence of the systems used by the customers. The cho ice is entirely up to them. more over a system connected that is a pc connected to the internet for example will usually be used for a number of other applications as well. The systems used by the online banking customers are therefore exposed to risks beyond the banks control. For this reason, the bankers cannot be liable for them. Berlin, (2007).Some Dangers Faced When using the Internet. Berlin, (2007) Third party gaining access to information transmitted or get information under false pretences, this can be done with the aid of the following Virus and warms course of studymes that are sent over the internet that can damage your pc when they replicate.Trojans programmes that intercepts passwords that is not known to users that compromise computer security.Phishing utilize a fake name, website or address for dishonorable purposes.Pharming Users existence redirected to fraudulent serverRoot kits An unauthorized administrative level access without the real administrator notic ing through a malicious parcel. Their feature is almost as Trojans.Hacking Having access to a PC via the internet when not authorised.Banks now have some numbers of measures in place that gives effective justification against attacks when information are processed by the bankers server or when information is sent over the internet.SOME SECURITY RULES WERE ALSO GIVEN chemical formula 1 Install security software including an up to date scanner.Additional security software has to be installed. your normal operating system standard tools only cannot solve some security problems. F your security is not adequately in place, you run the risk of unauthorised persons gaining access to your data.e.g never save you PINs and TANs on your PC. A firewall can protect you from such attack incur 2 Protect sensitive data when sending it over open network.Data sent over the internet whitethorn be intercepted or viewed by an unauthorised third party when the network is not secured. Banks have now ta ken some measure to ensure that data sent via the internet is encrypted before transmission.Rule 3 Be sure you know who you are dealing with.Not everyone on the internet are not who they claim they are. Check the URL you are in and make sure that your banks internet address is correctly spelled. Hackers impersonate someone in a position of trust to get the information they needed. This is called PHISHING. It is another technique to distract confidential order. This works by redirecting you to their own rogue server.Rule 4 Be careful with sensitive data and access mediaYour access code and media must(prenominal)inessiness be protected e.g. (PINs, chips) from unauthorised use. Do not save sensitive data such as Passwords PINs, access code, credit tantalize numbers on your hard drive especially if the PC is not been used by you alone. This could allow third party to view your data.Rule 5 Choose a secure password.A combination of velocity case and lower case letters , numbers and symbols is a veritable(prenominal) example of a good password usually of six to eight characters. It will be difficult for anyone to gibe your password.Rule 6 Only use a programme from a trustworthy sourceDont transfer from the internet any programme into your hard drive unless you are sure of the source and that its reliable.Rule 7 Use up-to-date programme versionUse your preferred internet browser and PC operating system version that is up-to-date.Rule 8 Run security checks on your PCTake a few moment to run a in-person security checks before using your PC to bank online. Make sure the entire security feature that protects your computer are on.Rule 9 The security setting on your internet browser must be activated.Use Block ActiveX constraint and let Java applet to run afterward confirmation. Do not make use of browser auto-completion function which is able to save your user name and passwords you enter and suggest matches.Rule 10 Do not make your current account access ible for fraudulent financial transaction.Any offers that is asking you to make your current account available for payment and other financial transaction for unknown firms and individual must be suspicious especially if they are located not at bottom your countrySOME ONLINE BANKING SCURITIES AVAILABLEInternet protective coverInternet security refers to the methods used in protecting data and information in a computer from unauthorized persons. It is a serious issue in the world wide today. People who use internet should be using the internet should be well conscious of the trouble aroused as a result of it. A familiar methods used by people to justify information in internet are encryption of the data Encryption of data deals with packaging up the original information into an unintelligible form that can be decoded using a certain technique. This is called cipher text. engagement of passwords -Passwords are used to avoid illegal entry of data so that the entire system is protec ted. Creation of passwords must be in a way that the other people do not simply guess it.MethodsThere are some several methods that helps in internet security. They are listed belowFirewallsThis is software that filters unlawful access in a network. It must have a correct configuration and has to be combined with legate firewall for a protected system.Taking Backup of Data backup of the data from the system should be taken regularly. If the computer unexpectedly crashes down or the operating system failed to boot due to virus attack, by fetching the backup data will reduce the penalty.Preventing Virus Attack Viruses can affect computer, Trojan horse, worms etc as a result of some give files downloaded from the internet. They are programs that are installed by itself and run at any time the host programs run and cause malicious attack.Baleful LinksThose who use the internet can avoid their system from getting affected by the virus by avoiding needless links and emails.Links may le ad to download files suddenly. These cause a problem to the security of the computer and therefore must be avoided.File SharingBoth original and pirated files are linked when files are shared on the internet thereby reduces the speed of the computer. This must be prevented.RoutersSome connections are prevented by certain routers from outside from the computer. NAT (Network destination Translation) is software that does this function and its of low cost and smallest amount complexity.Preventing Spy-Ware Internet securities are threatened by several software. Without the permission of the user some software runs along with other application.Insider threat undercover work sill a challengeThreats detection from inside has always been a problem, but most investments in information security still tend to focus on keeping out viruses and intruders. The possible danger of a rascal employee can regularly be discounted, mistreated or just take the risk of doing business.A new survey conduc ted among 600 office workers in Canary Wharf, London and Wall Street, rude(a) York, revealed that many employees have no qualms about mishandling information. One-third of them said they would take away data to help a friend find a job, and 41% admitted they had already taken data, just in case they needed it in some future employment. Ron C. (2009) The study, which was commissioned by security company Cyber-Ark software package Inc., found that customers and their contact details were the favourite files to steal, followed by plans, proposals and product information.CUSTOMERS steadUnderstanding of the impact of technology based transaction system on customers perceptions and behaviour is essential. (Moutinho et al. 2000).If banks are willing to integrate new technology into their existing relationship buildng activities Asher (1999) argued that cooperate customers seems to be willing to use internet as a key medium in banks dealings. He said the present suggest that coperate c lints have shown a preference for online banking, due to the perception of being more cost effevtiv thah conventional channels Financial institutions use this technology in service delivery may often compromise bank business relation. (Keltner 1995) in terms of higher degree of convinience and accessability. (Devlin 1995) Therfore customers perception is very high in the delivery of the electronic banking. According to Nexhmi et al.(2003). Customers participate typically is the process of enabling customers to make their services, products. It can be diversified between the types of services offered, even the services providers within the same market place for intance. Meuter et al.(2000) points out that self service technologies are increasing the way in which customers interact with their providers in the creation of service outcomes and are a typical example of a market place transaction that require no personal interactionFINANCIAL INSTITUTION AD MANAGERS ATTITUDE AND draw clos eInternet banking was still in a very young stage and its entire benefits has been realised.(Nath et. al 2001). In this case, managers of financial institutions attitude towards the perceptions of electronic channels were of significant importance.(Akinci et .al( 2004). Mols (2001) state that management support and future orientation were the two most important factors which driving the introduction and expectation of the new e-channel In another study, Mols (2000) grouped the bank managers according to their attitude towards internet banking The sceptics the nervous, the positively charged and the reluctant groups. In Scotland, Moutinho et.al (2002) emphasized he scotish bank managers efficiency and sweetening of customer services as to perceive advantages of internet banking. Faster easier and more reliable service to customer and the improment of the competitive position were highlighted. (Aladwani ,2001). Based on the UK evidence,Li 2001 claimed that the integrated banking m odel, around which traditional banks have built their strategies in the past were showing sign of fragmentation In this sense, he sumerised four acclivitous internet model in the UK. The first was based on pass judgment internet banking as a new delivery channel that was integrated with existing model. The second model is called e-banking, was based on multibanking in which the internet was the integrative component. The third model consisted of creating baby e-banks with their own e cross off name and product range. The last model was seen as entirely a new business model without a physical network.Laws, Directives, Regulations and StandardsShon Harris all in One Certified Information System Security Professional trial Guide, Fourth Edition, 2008Different laws, directives, regulations and standards were enacted for different reasons which include data resistance, software copyright, data privacy, computer misuse as well as controls on cryptography.wellness and safety, prevent ion of fraudulent activities, personal privacy, public order, intellectual property, environment protection and national security are reasons why the regulations can be utilize in governments and private sectors. The irreverence of these regulations has a severe punishment given over to them which may range from fine to jail term of up to ten years or more depending on the gravity of the crime committed.Examples of the regulations that governs information usage and protection are discussed briefly belowThe Sarbanes-Oxley Act (SOX)The SOX was enacted in 2002 as a result of the corporate scandals and fraud that threatened the saving of United States of America. This is also known as the Public Company history Reform and Investor Protection Act of 2002 that applied to companies that publicly trading on United States market. How organizations must track, manage and report on financial information was provided for in the SOX requirements. Processes and controls must be in place to p rotect data because of the organizations reliance on computer equipment and electronic storage for transacting and archiving data, the section 404 of SOX is directly applied to information technology. Chief Financial Officer (CFO), Chief administrator Officer (CEO) and others can be jailed if the law is violated.The Computer histrion and Abuse ActThis act is the primary U.S federal antihacking statute that was written in 1986 and amended in 1996.Prohibition was made on seven forms of activities and was made federal crimesThe knowing access of computers of the federal government to obtain separate information without dominance or in wasted of authorization..The livelinessional access of computer to obtain information from a financial institution, the federal government, or nay protected computer involved in interstate or foreign communication theory without authorization or through use of excess of authorization.The intentional and unauthorized access of computers of the feder al government, or computers used by or for government when the .access affects the governments use of that computer.The knowing access of a protected computer without authorization or in excess of authorization with the intent to defraud.Knowingly causing the transmission of a program, information, code, or command and, as a result of such conduct, intentionally causing damage without authorization to a protected computer.The knowing trafficking of computer passwords with the intent to defraud.The transmission of communications containing threats to cause damage to a protected computer.The penalty for breaching this act ranges from felonies to misdemeanors with alike(p) small to large fines and jail sentences.Employee Privacy IssuesFor a company to be adequately protected, various employee privacy issues must be considered within the organization. geological formation must understand what it can and cannot monitor as a result of different state with different privacy laws.Organiza tion must state it in its policy that monitoring in any form are done within the organization to prevent being sued by employee for invading their privacy. This is considered the best way in which organization can protect itself. stipend Card Industry Data Security Standard (PCI DSS)The advent of internet and computer technology led to the increase in identity theft and credit card fraud which gives opportunity to millions to be stolen at once.stabilising customer trust in credit card as a safe way of conducting transaction and to curb the problem, a proactive step was taking by the credit card industry. The standard affects any entity that processes, transmits, stores or accepts credit data.The PCI Data Security Standard is made up of 12 main requirements that are broken down into six major categories. They areA Secured Network must be built and maintained. extremity 1 To protect cardholder data, a firewall configuration must be installed and maintained fatality 2 Ensure that sys tems passwords and other security parameters are not in vendors supplied defaults.Data of Cardholder must be protected.Requirement 3 Stored data of cardholder must be protected.Requirement 4 Across open and public networks, cardholder data must be encrypted in transmissionVulnerability Management Program must be maintained.Requirement 5Anti-virus software must be used and updated regularly.Requirement 6 Secured systems and applications must be developed and maintained. recover Control Measures must be strong in its implementation.Requirement 7 Based on Business need-to-know, cardholder data access must be restricted.Requirement 8 Every individual having access to computer must be given a unique ID.Requirement 9 somatic access to cardholder data must be adequately restricted.Monitoring and examination of Networks must be carried out regularlyRequirement 10 All access to network resources and cardholder data must be tracked and monitored.Requirement 11 Security systems and processes must be regularly tested.An Information Security Policy must be developed and maintained.Requirement 12 A policy that addresses information security must be maintainedThe violation of the standard does not lead to jail term but may result in financial penalties or revocation of merchant position within the credit card industry because PCI DSS is a private sector initiative.2.5 Database Security, Compliance and Audit by Charles Le Grand and Dan Sarel. Information Systems Control Journal Vol 5, 2008.Grand and Sarel (2008), states what it takes to adequately protect the database to ensure that compliance is met. It also provides information for auditing purposes. The objectives for ensuring database access control were also exploded by the authors.On the conclusion note of the article the authors said that the simple goal of ensuring database security is to ensure that only authorized individuals have access and all access is monitored. To limit access to only people whose jobs requir e it, access protection must apply to identifying the sensitive data elements the methods for managing user credentials and access rights and the records of who accessed what, when and what they did with it.Insider