implementing the application of online banking security system in india by comparing existing...

7/31/2019 Implementing the Application of Online Banking Security System in India by Comparing Existing Advanced Features in Online Banking Security in UK Based Ba

1/41

Implementing the application of Online banking security

system in India by comparing existing advanced features

in Online Banking security in UK based Banks.

Sharad Ganjihal


2/41

CONTENTS

ACKNOWLEDGEMENT ..............................................................................................................5

ABSTRACT ...................................................................................................................................6

CHAPTER I ....................................................................................................................................7

1. Introduction .................................................................................................................................7

1.1. Background ..........................................................................................................................7

1.2. Aim .......................................................................................................................................8

1.3. Objectives .............................................................................................................................8

1.4. Research Questions ..............................................................................................................8

1.5. Report ...................................................................................................................................8

CHAPTER II .................................................................................................................................10

2. Literature Review ......................................................................................................................10

2.1. Banking ..............................................................................................................................10

2.1.1. Evolution of Banking Security System in the United Kingdom ................................10

2.1.2. Evolution of Indian Banking System .........................................................................11

2.2. The Evolution of Online Banking .....................................................................................11

2.3. Types of Internet Banking frauds ......................................................................................11

2.4. Comparative study of Internet banking fraud in India with context to United Kingdom 12

2.5. Phishing .........................................................................................................................12

2.5.1. Spear Phishing ...........................................................................................................13

2.6. Malware ............................................................................................................................13

2.7. Money Mule .......................................................................................................................13

Image 1: Money Mule ...............................................................................................................13

Table 2: Year wise Online Banking Fraud, Phishing Incidents & Mule .................................14

Image 3: Hacking Brand by Industry Sector ............................................................................14

2.8. Security System for Internet Banking service in United Kingdom and India ..................14

2.9. Chapter Summary ..............................................................................................................15

CHAPTER III ................................................................................................................................16

3. Research methodology ..............................................................................................................16

3.1. Introduction ........................................................................................................................16

3.2. Types of Research methodologies .....................................................................................16

3.3. Qualitative and Quantitative Research ..............................................................................16

3.4. Research Strategy and Design ...........................................................................................17


3/41

3.4.1. Experiments ................................................................................................................17

3.5. Case Studies .......................................................................................................................17

3.6. Observations ......................................................................................................................18

3.7. Data Collection methods ....................................................................................................18

3.8. Aim ....................................................................................................................................18

3.8.1. Objective 1 ..................................................................................................................19

3.8.2. Objective 2 ..................................................................................................................19

3.9. Merits of Secondary data ...................................................................................................20

3.9.1. Limitations of Secondary data ....................................................................................20

3.10. Chapter Summary ............................................................................................................20

CHAPTER IV ...............................................................................................................................21

4. Research Findings .....................................................................................................................21

4.1. Case Study .........................................................................................................................21

4.2.5. Cast Study 5 ................................................................................................................22

4.3. SPSS Application ...............................................................................................................23

Figure 1: United Kingdom Online Banking Fraud Vs Percentage Change Year wise ..........23

Figure 2: United Kingdom Internet Banking Fraud Vs Phishing Incidents & Muel ...............25

Figure 3: India Online Banking Fraud Vs Percentage Change Year wise .............................25

Figure 3: Internet Banking Fraud Uk Vs India ........................................................................25

SPSS ..........................................................................................................................................26

Table 4: Online Banking Fraud United Kingdom Vs India .....................................................26

Paired Samples Statistics ..........................................................................................................26

Graph 4: Types of Internet Banking Fraud by Percentage .......................................................28

Table 5: Different types of security system with cost & security levels .................................28

CHAPTER V .................................................................................................................................30

7. Critical Evaluation ....................................................................................................................30

Reflection ..................................................................................................................................30

Influencing factors ....................................................................................................................31

Learning ....................................................................................................................................31

CHAPTER VI ...............................................................................................................................33

5. Conclusion .................................................................................................................................33

6. Recommendations .....................................................................................................................34

6.1. Low cost better security .....................................................................................................34

6.1.1. Preventive measures should be initiated by banks for phishing mails in India .........34


4/41

6.2. Verified by visa .................................................................................................................34

6.3. Non-financial systems .......................................................................................................35

6.4. Biometrics in e-Banking ....................................................................................................36

Figure 1: Customer Centric Fraud Management allows for a differentiated customer

experience................................................................................................................................. 37

References .....................................................................................................................................37


5/41

ACKNOWLEDGEMENT

This dissertation work is carried out by me under the supervision of Prof.Nasa Sherin who

extended her support in every possible throughout my research study. I take this opportunity to

offer my deepest gratitude and foremost appreciation to her. I also would like to thank my

award director SCIT Dr. Pat Costello who encouraged and motivated me during my course of

study.

I also would like to extend my sincere thanks to all my colleagues, friends and family members

who stood by me during this research period.

Finally, I am thankful to Almighty for his blessings on me who made this thesis work possible

without much difficulty.


6/41

ABSTRACT

In todays techno-savy World, computers plays an important role as it makes things in human

life simple, productive and more convenient hence the usage of Internet has become vivid.

Online banking system has become the most important channel in banking system. Internet

banking provides several benefits to banking customers such as account summary, bill

payments, funds transfer. Basically, internet banking allows customers to transact online

without visiting the branch. Online banking system has also its flaws such as online banking

frauds. The prime objective of this research study is to understand and analyse the online

banking frauds in India with a comparative study in United Kingdom and also to evaluate the

preventive measures adopted in United Kingdom that are to be implemented in India. The

researcher had adopted both qualitative and quantitative research method. The researcher in this

research study the author had applied secondary data method to carry out the research findings.

The author in this dissertation studied the various trends of online banking fraud based on the

secondary data and tried to assess several advanced security system implemented in United

Kingdom in order to minimise fraud. On the other hand, the researcher also assessed the

secondary data related to online banking fraud in India which is upturn trend however; in India

few security measures had been implemented as compared to western nations.

In this research the author analysed the UK and India fraud trend and what are the measures

implemented in United Kingdom to prevent Internet Banking fraud and simultaneously studied

about the security system implemented in India and further researcher suggested additional and

new type of security system to be implemented in India such as Two level password, One time

password, Card reader device, Image authentication, USB tokens, Authentication malware

detection and detect authentication framework.


7/41


8/41

1.2. Aim

To examine the growth of online banking fraud and implement all preventive measures in India

which are already implemented in United Kingdom.

1.3. Objectives

1. Study all types of Online Banking Fraud

2. Conduct a comparative study on the internet banking fraud in the Indian banking

system in context with United Kingdom

3. Analyse the preventive measures already implemented in United Kingdom

4. Advise suitable fraud preventive measures in India

5. Analyse the total impact after implementing the recommended preventive measures in

India

6. Finally to suggest recommendations based on the findings of the research work.

1.4. Research Questions

1. Is it possible to we implement the secured systems in the Indian Banking System

By comparing with all the security systems followed in United Kingdom. In preventing online

fraud or Card not present fraud?

2. What are the technologies and application strategies implemented in banking sector of

UK, which needs to implement the advanced features of Online banking in Indian banking

sector and get the approval from the Reserve Bank of India for both government and non-

government banking corporations?

3. How can we measure and evaluate the outcomes from online banking applications- that

can enable the Indian Banking Sector to provide accurate and most secured online services to

the end-users?

1.5. Report


9/41

In this research, author target to assess and analyse all the security systems and measures

adopted in the UK and will try to evaluate how far the same may be implemented in banking

sector in India.


10/41

CHAPTER II

2. Literature Review

The concept of internet banking facility is very new to the world; its replaced direct interaction

with the bank by the huge percentage by (Huajun, 2005). All the banking and personal

transactions through online will takes place at the finger tips at home even at any time. In the

late 1970s online banking functions usage came into existence.

In the present fast growing online banking usage and increasing fraud, has become one of the

biggest threat to the banking industry. The banking sectors striving very hard in preventing

online banking fraud, they are investing more and more money on the research and

development in the prevention in fraud.

2.1. Banking

According to (Sunesra, 2000) the Bank of Venice is said as the first regular bank to start in the

history of banking system and which was established in the year 1157 later on followed by the

other banks. In the year 1401 Bank of Barcelona, in the year 1407 Bank of Genoa in Italy

and in the year 1609 Bank of Amsterdam.

2.1.1. Evolution of Banking Security System in the United Kingdom

According to Brause, Langsdorf & Hepp (2009) after thoroughly examining Internet banking

security system in United Kingdom as well as to analysing the measures adopted to prevent

online fraud in the early stages Bank of England issued regulation for all the banking sector to

adopt artificial Intelligence i.e. Data mining techniques, after the implementation of artificial

intelligence they are able to control fraud later banking sector come up with new techniques

know as Neural network to detect fraud by (Berry, 2000).

In United Kingdom, Natwest bank which is one of the major bank offers the facility of Card-

reader. The bank has started issuing Token or Card reader, any customer who wants to initiate

the funds transfer for the first time need to insert the debit card in the card reader machine and

enter the pin it will validate online and will generate one unique number, that needs to be


11/41

entered online to initiate one time funds transfer or for the first time transfer. At the same time

few other bank started phone security system only in United Kingdom.

In this research author studied internet banking security taken in United Kingdom and advising

best security system needs to be implemented in India, which they are lacking in preventing

fraud in India. One of the important when we login for any United Kingdom Banking system

checks second level authentication password that means for single user id we need to enter two

different passwords. But whereas in India we need to remember only one password that is for

Indian Banking system they set only single level authentication only.

2.1.2. Evolution of Indian Banking System

According to the (Leeladhar, 2007) the original system of banking were present in India many

centuries ago. In 4th century BC it referred to creditors and lending in Kautilya Arthashastra,

for example it said if anyone became bankrupt, debts owed to the state had priority over other

creditors. More there is another reference to Interest on commodities loaned it referred as

Prayog Pratyadanam they used to say this should be added to the state revenue. So, this

shows lending and interest is not new to India.

2.2. The Evolution of Online Banking

The internet banking came into existence in the early 1990s. The first bank to calculate and

experiment of implementing internet banking system by Brick-and-Mortar Banks, the main

intention of introducing internet banking was to reduce or minimise the operating cost. Brick-

and-Mortar was one of the traditional banks in that decade. Beattie (2011) believed the victory

story of this bank attracted many more banking system to invest in internet banking along with

better-quality and new features. As per Sanibel (2011) internet bank features developed so that

all the facilities available online. It made every possible option available online.

2.3. Types of Internet Banking frauds

Phishing Emails

Spear Phishing


12/41


13/41

Phishing is a type of online banking fraud, where fraudster will send email to different

unknown customer with a website link, which is dupe URL looks similar as banking website, in

that email fraudster will ask the account holder to update the details. When the customer click

on the link provided in the email, it will open the webpage that looks same as banking web site

when the customer enter the details, the banking details will access by the fraudster.

2.5.1. Spear Phishing

Which aims to target small groups of people or individual persons. this type of spear phishing

often use duplicate or fake id, especially from social networking websites.

2.6. Malware

Malware term is used to the malicious software. This type of software is also called as

computer virus, which will be installed without the knowledge of the computer user. This

software will save the entire key pressed in the computer will be saved and virus creator will be

accessed.

2.7. Money Mule

Money mule is the criminal offence this is usually located abroad. Overseas manipulating

money by money laundering, they target the innocent people they normally make-believe are

genuine recruiter

Image 1: Money Mule

Source: http://www.banksafeonline.org.uk/moneymule_explained.html
http://www.banksafeonline.org.uk/moneymule_explained.htmlhttp://www.banksafeonline.org.uk/moneymule_explained.html


14/41


15/41

Secure Log on by Two Level AuthenticationYes No

Disable Account wrong password entry for 3

times Yes No

De-activation (User Id not used for 6 months)Yes No

Fraud Detection System not so securedNo Yes

Telephone Masking (Additional telephone

security) Yes No

Card Reader device Yes No

2.9. Chapter Summary

In this chapter, the researcher had highlighted about the evolution of banking system in India

and United Kingdom. According to the research, the first commercial bank in India was set up

in the year 1806 in the name of Bank of Calcutta later on in 1843 Bank of Madras was initiated

followed by other banks such as State Bank of India. The banking sector in India had

progressed rapidly and witnessed a rapid change after nationalisation of banks and deregulation

of bank system in the early 1980s. Later on, in 1990s with the introduction of computers and

Worldwide many banks has come up with Internet banking system as an alternative banking

channel to offer their services to its customers which paved the way to commit online banking

frauds by sending phishing mails, hacking customers personal information by installing

malware software in addition to stealing information by creating fake ids in social networking

sites such as Facebook, Orkut and Twitter. Of late, many banks had identified that they are

incurring huge losses in the form of online banking frauds came forward to prevent them by

taking certain measures such as educating the customers on phishing mails and also initiatedthe process of providing of two-level authentication, one time password, card reader devices,

USB tokens, authentication of malware detection and detect authentication framework by

Dinkla (2008).


16/41

CHAPTER III

3. Research methodology

3.1. Introduction

This section discusses several research methods adopted and followed to examine the growth of

online banking fraud and implement all preventive measures in India which are already

implemented in United Kingdom. According to Hewson and Yule (2002) explains the various

concepts related to research methodologies, strategy, and approach as well as research design.

It also deals with several research theories and data collection methods as well as outline why

these methods were apt for this thesis work by (Kumar, 2000). The prime intention is to

conclude the most suitable methodology and the method of data collection keeping in view

various considerations such as inadequate sources and with a limited time frame by Thompson

(2008).

3.2. Types of Research methodologies

The choosing a particular research method is primarily based on the aim and objectives of the

research. Research methodologies may be boardly categorized.

1. Descriptive

2. Correlational

3. Explanatory

4. Exploratory

3.3. Qualitative and Quantitative Research

Bryman defined qualitative research as approach to the study of the social world which seeds

to describe and analyze the culture and behaviour of human and their groups from the point of

view of those being studied Colwell (2006). The main focus of the Qualitative research

method is to collect, analyse and understand the information by probing and studying people

and their behaviour. The motive of qualitative research is to evaluate the existing theory. The


17/41

Qualitative research method is often treated as subjective as well as it is the evaluation of what

is deemed to be a compelled reality.

On the other hand Quantitative research involves study of statistical information. The motive of

quantitative research is to establish link between definite variables. According to Jha (2008)

Quantitative research is illustrated as the collection of numerical data and as exhibiting a view

of the relationship between theories and research as deductive, and it ends up with objective

result. After thorough investigation and analysis including reviewing case studies and various

statistical data which are treated as qualitative methods of approach in which the primary

motive is to gather data and there by drawing conclusions to the research problem. Therefore,

in this research work both quantitative and qualitative research method is adopted by the author

to develop research findings.

3.4. Research Strategy and Design

Research methodologies include research methods and strategies followed to explore findings

for the thesis aim and objectives. Developing a distinct research strategy always has a

remarkable benefit that will allows the author to assume and familiarise the fore most suitable

research methods to understand the phenomenon in question (Colwell, 2006). Relied upon

thesis objective, in the research strategy there are so many different types of experiment,

investigations, interpretations will be carried along with questionnaires and case studies

(Maginn, Tonts, and Thompson, 2008).

3.4.1. Experiments

Experiments carried out in any firm have better understanding in developing stable

associations. These experiments assist to consider a variable and permit controlling another.

According to (Denzin and Giardina , 2006) by monitoring different situations directs to hand

pick one or more different variables which will be applied for testing with the help of

hypothesis, by controlling circumstances will be achieved by applying experiments. For this

research study adopting the experimental research strategy doesnt benefit as it doesnt have

command over the behavioral incidents.

3.5. Case Studies


18/41

The case study method discovers the theories related to the entire business. In case study

method the author gathers the information from past or current incidents happened in specific

area of study. An empirical or experimental investigation of a certain incident within the

framework of the real world can be measured as case study research strategy (Colwell, 2006).

3.6. Observations

Observation research strategy is applied in the research work by the usage of printed or

recorded information. The adoption of observation technique helps to document the behaviour

of the respondents without referring to reports. The information gathered is distinct and

reactive whereas in other methods it is non-reactive. According to (Saunders, 2006) research

methodology is very important in the study and it is very clear how to achieve final or the

definite goal of the research. It gives clear picture as to how to collect the data and analyse the

same to achieve the research aims and objectives.

3.7. Data Collection methods

Data collection and analysis is the process of researching the data. The data collection methods

may be grouped as Primary data and Secondary data.

Primary data is the data obtained from the prime sources, its also termed as the information

obtained first hand by Denzin and Giardina (2006). This data may be collected in various

methods such as survey and questionnaire method and also in the form of interviews and group

discussions. On the other hand, Secondary data may be briefly explained as the information

obtained from the existing resources such as books, journals, articles, magazines and online

websites. For the purpose of this research study, the author had chosen to explore secondary

data as the availability of data resources related to secondary data is higher. To examine the

growth of online banking fraud and implement all preventive measures in India which were

already implemented in United Kingdom.

3.8. Aim


19/41

The main aim of this research study is to collect as much as information related to the online

banking fraud as well as to explore the relevant preventive measures to be implemented in

India which are already adopted in United Kingdom. For this purpose, the author had

implemented both quantitative and qualitative research method by examining the data in the

form of books, journals, articles and reports published by United Kingdom Fraud Report, Inter

Fraud Report, World Cyber fraud Report, Reserve Bank of India, Indian forensic fraud Report

and other general reports from United Kingdom and India as well as by studying various case

studies related to Online banking fraud both in United Kingdom and India.

3.8.1. Objective 1

The prime objective in this research study is to explore and analyse several types of online

banking fraud. For this purpose, the researcher had gathered information from various

secondary data resources such as books, journals, articles for data related to both countries

United Kingdom and India. Further the data gathered was evaluated with quantitative data

collection method with the help of statistical techniques. Information was gathered from

documentaries of written articles, journals, reports based on market, World bank, British

bankers association, Reserve bank of India and books related to Online banking fraud to have a

better understanding of the research proposal.

3.8.2. Objective 2

One more primary objective of this dissertation is to investigate and examine the online

banking system in both India and United Kingdom. The research carry out a comparative study

of online banking system related to both the economies India and United Kingdom by

evaluating the statistical data of online banking fraud from the periodic reports published by

Reserve bank of India and Indian forensic Fraud Report and United Kingdom Cyber Fraud

Report, Facts and Figures Report and Internet Fraud Report. According to (Carr, 2009) and

(Zeinab & Sheikha, 2010) it is clearly evident that the author had adopted inductive strategy

method. The writer in this research study had collated secondary data and carried out thorough

analysis to understand and analyse the suitable preventive measures that were already

implemented in United Kingdom and which are feasible to be adopted in India. Finally, the

researcher would analyse secondary data mentioned in the form of Literature review, case


20/41

studies and statistical data conduct research findings to suggest precautionary measures to

avoid Online banking frauds in India.

3.9. Merits of Secondary data

Cost-effective

Time saving

Better understanding of the research problem

Easy accessibility to data

3.9.1. Limitations of Secondary data

Accuracy of secondary data collection is not known.

Secondary data collected for research may be outdated.

3.10. Chapter Summary

In this dissertation, the author elucidates in detail about the aim and objectives of the research,

its plan, approach along with research strategies adopted to achieve the goals of the research.

The researcher highlights the various data collection methods and deals with both the

Qualitative and Quantitative data methods applied in this research study. In this research study,

the author had conducted the research study based on Secondary data due to lack of availability

of primary data, restricted time frame and tight deadlines.


21/41

CHAPTER IV

4. Research Findings

Two way method approach followed A) Case study method B) By analysing and comparing the

trend wise report for United Kingdom and for India with the help of SPSS application. This

application will give theoretical aspect of correlation. In this research author collected

secondary data related to internet banking fraud for United Kingdom and for India.

4.1. Case Study

Online Banking Fraud in United Kingdom

According to ZDnet UKs special report on Online Banking Security revealed that there was

24.9 million reduction in online banking fraud for the year 2011, compared with last year

2010. This was because of the increased security awareness from the customer along with the

banks using fraud detection software, this have headed towards fall also supported by UK

Cards Association (UKCA). In spite of total amount of online fraud decreased, but still increase

in the number of phishing websites, as per report 2007 from UKCA 7,224. However in the year

2011 phishing websites increased to 37,198.

4.2. Preventive Measures

Online banking losses have been under control with a close relationship between the banks or

financial institutions with the security vendors. They came to common agreement to build or

develop best security software, with the help of real-time and dynamic updates.

4.2.1. Case Study 1

In case of e-Banking scenario August 1995, Lloyds Tsb bank witnessed a problem with

breaking into the system one of the biggest fraud 10 million pounds of computer fraud was the

first type of fraud hit by the hacker into the system. The fraudsters transferred huge amount of

money equivalent to millions of pounds to different accounts across the world.


22/41

4.2.2. Case Study 2

In August 2000, London police were able to catch hold of 3 people involved in the defraud

internet banking. As per BBC report fraudster were able to access or stole thousands of internet

banking information related to the savings account and loan account.

4.2.3. Case Study 3

In the year 2010 one of the leading company in United Kingdom, raised an alarm for fraud

amount for 1,10,000. In the month of April fraudsters hacked all the firms banking

information related to payroll accounts through online banking, fraudster initiated to approve

two batches of payments one for the amount of 45,000 and second for 67,000. After few

days bank informed the company about the authorisation received to transfer funds through

online request under the payroll system.

4.2.4. Case Study 4

ICICI Bank and Sify for online allocation of retail banking products and services.

In recent times, usage of Internet banking has become the most important aspect in banking

system. ICICI bank which is popularly known as Indias largest private sector bank has

implemented online banking system which became the popular alternative channel of banking

system in India. ICICI bank and Satyam infoway Limited which is widely known as SIFY

initiated a new dot com company for the online allocation of retail banking products and

services on the World wide web. The Online banking system promotes efficient customer

satisfaction and facilitaties accessibility of various banking products and services such as

deposit accounts, bill payments, credit cards, loans and so on to the customer, cost-effective,

aids in maintaining long-term relationships with customers.

4.2.5. Cast Study 5

E-mail fraud


23/41


24/41

United Kingdom Online Banking Fraud Vs %age Change

Year wise

0

5

10

15

20

25

2004 2005 2006 2007 2008

Year

Amointin

Millions

-500.00%

0.00%

500.00%

1000.00%

1500.00%

%age

Online Banking fraud Losses (in millions)

%age in Fraud Comperad with Previous Year


25/41

Figure 2: United Kingdom Internet Banking Fraud Vs Phishing Incidents & Muel

Internet Banking Fraud Vs Phishing Incidents & Muel

0

5

10

15

20

25

2004 2005 2006 2007 2008

Year

Amountin

Millions

0

5000

10000

15000

20000

25000

Number

Online Banking fraud Losses (in millions) Year Muel Recruitment Offers

Figure 3: India Online Banking Fraud Vs Percentage Change Year wise

India Online Banking Fraud Vs %age Change Year wise

0.00

500.00

1,000.00

1,500.00

2,000.00

2,500.00

2004 2005 2006 2007 2008

Ye ar

AmointinMillions

0

0.2

0.4

0.6

0.8

11.2

1.4

1.6

%age

Online Banking fraud Losses (in millions)%age in Fraud Comperad with Previous Year

Figure 3: Internet Banking Fraud Uk Vs India


26/41


27/41

Paired Samples Correlations

N Correlation Sig.

Pair 1 Fraud (United

Kingdom / India)

Online Banking Fraud

10 .836 .047

Paired Samples Test

Paired Differences

T df

Sig. (2-

tailed)Mean

Std.

Deviatio

n

Std.

Error

Mean

95% Confidence

Interval of the

Difference

Lower Upper

Pair

1

Fraud(United

Kingdom /

India) -

Online Banking

Fraud

10.00

000

7.16641 4.13876 -5.74644 13.74644 1.762 4 .186

T(10) = 1.762

P = 0.186

R = 0.836

In the SPSS analysis representation, if the value of r=0 then there is not linear relationship

between two variables X and Y. If the r value is close to -1, there is negative linear relationship

and if the value of r is +1, there is a perfect linear relationship between two variables X and Y.

Note:- In our analysis with SPSS r value is 0.836 which is near to +1. Therefore we can

conclude that there is positive linear relationship between Internet Banking Fraud for United

Kingdom and India.

So, H1 : Pt 0 { There is a linear relationship Online Banking Fraud for UK & India}

In the SPSS analysis representation, if the value of T falls between -1.960 to +1.960, then

null hypothesis is accepted. In case of the value of T falls beyond the -1.960 to +1.960, then

null hypothesis is rejected.


28/41

In this study the value of T = 1.762, which falls between -1.960 to +1.960. So it is clearly

evident that null hypothesis is accepted.

Graph 4: Types of Internet Banking Fraud by Percentage

Types of Internet Banking Fraud Percentage

48%

28%

14%

10%

Phishing mails Counterfeit Websites Cyber Case Fraud Email Fraud

From the graph above phishing fraud stands at the top by 48 persent, followed by counterfeit

websites by 28 persent. So, all the banks and financial institution concentrated on prevention on

phishing mail fraud and counterfeit websites as, combining both stands at 76 percentage. Cyber

case fraud stands at 14 persent and least by email fraud at 10 present.

Table 5: Different types of security system with cost & security levels


29/41

OfferStrongAuthentication

ItseasytoManage

ItseasytoImplem

ent

ImplementsUser-to-Site

Authentication

OffersMulti-LayerPro

tection

1.Cheapest5.MostE

xpensive

1.LeastSecured.5.Be

stSecured

DifferentlevelofSecuritySystem

Single Password 1 1Two level Password 1 2

One Time Password

(OPTs)4 3

Coordination Cards 2 2

Card Reader (Device

Authentication)3 4

Image Authentication 1 1

Change Questions 1 1

USB Tokens 3 3

Digital Certificates 4 3

Authentication +Malware Detection

3 5

Detect ID Authentication

Framework4 5


30/41

CHAPTER V

7. Critical Evaluation

Reflection

The research work on implementing the application of Online banking security system in India

by comparing existing advanced features in online banking security in UK based bankswas

carried out by me since the online fraud rate is very alarming in todays world, hence it is

significant to have an awareness on the online fraud prevention techniques both from the

customer as well as banks perspective. The prime motive behind to select this research title as

it provides me good knowledge and awareness regarding the existing advanced features in

online banking security system in several banks in United Kingdom as well as to evaluate and

understand how the same may be executed in Indian banking system to enhance security

system online in order to reduce online banking fraud rate which is beneficial both to the

customer as well as to the bank. Putting efforts and allocating time to gather data from various

secondary data sources on the research subject is rather disturbing as well as hectic at times

because in the beginning of the research topic, no one can foresee whether the research title is

interesting or not. Time management is an additional key factor that has inspired me to

conclude the aim and objectives of the dissertation work. During the complete study of the

research process, I have gained knowledge and experience on several aspects such as

conducting research work demands aptness, strong determination, stretched time lines

moreover availability and accessability of data sources to assess findings and draw

conclusions.Once the research subject is finalised by me, I studied and referred several books

related to the research title as well as defined aim and objectives of the research work as well as

conducted investigations thoroughly to understand the further scope of the research subject.

In the beginning of the research work, I found the research topic to be complex as I was not

sure as to how to carry out the same, I was not confident to complete the project work in a

systematic manner as this mode of study was very new to me, later on after referring various

books on the research title repeatedly I found the thesis work to be very interesting as well as I

started gaining knowledge on the subject and within few days I was confident that I could

finish the dissertation within the specified timelines.


31/41


32/41

methods such as the banks should start educating its customers to combat phishing schemes

moreover banks and other financial institutions should send emails to the customers about

identity theft and how to overcome it additionally, implementation of two-level password

which provides authentication that is more secured and economical.


33/41

CHAPTER VI

5. Conclusion

The banking system in India is one of the major segments promoting to the growth of Indian

economy. The first commercial bank in India was set up in the year 1806 in the name of Bank

of Calcutta later on in 1843 Bank of Madras was initiated followed by other banks such as State

Bank of India. The banking sector in India had progressed rapidly and witnessed a rapid change

after nationalisation of banks and deregulation of bank system in the early 1980s. Later on, in

1990s with the introduction of computers and Worldwide many banks has come up with

Internet banking system as an alternative banking channel to offer their services to its

customers which resulted in the introduction of Internet banking system in India which served

as both the medium of delivery of banking services as well as strategic tool for business

development. The concept of online banking system has become popular within a short period

of time as it is very simple and convenient to use plus cost-effective both to the bank as well as

to the customer. Of late, due to the advanced techniques in the Information technology and

decline of moral values in mankind, online banking fraud has come to limelight. Online

banking fraud is a fraud or theft committed online with a motive to transfer money from a bank

account illegally by stealing customers personal information in the form of phishing mails.

According to the researcher, the various kinds of internet banking frauds are Phishing email

fraud, counterfeit websites, cyber caf security and spear phishing frauds by (Samuel &

McQuade, 2008). Online banking frauds are much prevalent in United Kingdom also.

According to the report published by Reserve bank of India in the year 2010 total online

banking frauds in India resulted to 3,100 million rupees as compared to 2,284 million rupees

whereas in United Kingdom the online banking fraud amounted to 440 million pounds in 2010

and 610 million pounds in the year 2009 respectively.

The author in this research study had adopted both quantitative and qualitative research

approach to achieve the aim and objectives of the research study. In this dissertation work, the

author had conducted the research study based on Secondary data due to lack of availability of

primary data, restricted time frame and tight deadlines. After analysing the review of literature

and research findings it may be observed that the trend of online banking fraud is decreasing

steadily year on year in United Kingdom whereas it is vice-versa in India. Therefore, it is

suggested to examine and understand the preventive measures followed in United Kingdom to


34/41

avoid online banking fraud such as one-time password, card reader, USB token, authentication

malware detection and detect identity authentication framework to be primarily implemented in

India to reduce the losses related to Online banking fraud (James, Aquilina & Cameron, 2008).

Additionally, in western nations such as United Kingdom and United States of America it is

proposed to launch the Biometric authentication process to provide third level security to the

customers account as the consumer need to provide his biometric information while accessing

his account online. The researcher in this study is suggesting to Reserve Bank of India and

other top banking institutions such as SBI, ICICI and HDFC banks to implement this measures

in Indian banking system to reduce online banking frauds to a large extent.

6. Recommendations

6.1. Low cost better security

6.1.1. Preventive measures should be initiated by banks for phishing mails in India

Banks should start educating its customers to combat the phishing schemes

Banks invest in develop software for fraud detection and advise customers to install the

updated software on their system

Simultaneously financial institutions started posting anti-phishing tips on their websites

Additionally, Banking and other financial institutions start sending e-mails to the

customer about identify theft and how to overcome it.

Above all, the top management of banking sector and financial institutions should

believe that educating and enlightening the customers about the various types of online

banking frauds is extremely important as it helps to prevent frauds such as phishing

scams, identity theft, malware and so on by Biegelman (2009).

Implementation Portability Effectiveness Ease of Use-Customer

Easy Yes High Very Easy

6.2. Verified by visa


35/41

The Visa and MasterCard started new security system called Visa [128] and MasterCard [129],

under which all merchant transactions will be verified by the card issuer. This is the middle

verification process followed between the merchant initiating the transaction and the retailer

receives the request order. This was the direction initiative from the card issuer company Visa

and MasterCard to initiate trade under conditions, transaction processed after authentication is

successful.

In this process implementation online users will be redirected to the different web page

designed by the card issuer company for further authentication required to verify the right

customer accessing the online banking facility with another password authorization. This type

have increased more security system for online transactions. All this security system proposed

in the earlier chapter, further all retail transactions will be modified only by the card issuer

system by (Russell & Huston, 2000). All the expenses will be bared by the card issuer

company, as they are responsible for the online transaction related to the card.


Very Easy Highly Very High Moderate

6.3. Non-financial systems

In the present market outside the financial circle, many external sources or private companies

provide best security system in the prevention of online banking fraud in the form of digital

signature. It is also authorised and implemented in many countries, majority of the system may

offer some device which will store a particular key bit string or key signed, more possibility of

combination along with a PIN (Personal Identification Number) this one was very much trusted

between the user follows the procedures and the signing operation. Many financial institution

not supported this kind of security system because user need to be provided with physical

device and more over to implement this security system banks and financial institutions needs

to invest lot of money very expensive.


Bit Difficult Yes Very High Middle


36/41

6.4. Biometrics in e-Banking

The traditional process of security system in e-Banking was developed initially by the usage of

customer Password, Personal Identification Number (PIN), Digital Certificate with the help of

Public Key Infrastructure (PKI), At the same time physical device Smart Cards, One-time-

Passwords (OTP), USB plug-ins were introduced by (Wolfgang, Wolfgang & Cox, 2010). Of

late with the latest technology advancement in the Information technology the top management

of the banking system has proposed to set up biometrics to store the customers personal

information in much secured manner by Reid (2003). In this process biometric information of

the customer will be stored, at the time of authentication it checks with the biometric identity, it

is believed that fraudsters and hackers will not steal the biometric data. This process is still

under investigation, its not at implemented in any of the financial institutions. However,

process designer claimed that to implement will involve huge lot of expenses. This will be the

best security system if approved and highest investment.

Numerous biometric techniques includes

Authentication through fingerprint.

Authentication through face.

Voice Authentication.

Keystroke Authentication.

Handwriting Authentication.

Finger and hand geometry and

Retinal scan.

Implementation Portability Effectiveness Ease of Use-CustomerVery Difficult Yes Extreme High Easy


37/41

It is advisable to the banks and financial institutions in India to contact the www.rsa.com, this

corporate is the premier provider of security, risk and compliance solutions. The organization

involved in high technology implementation and capable of robust consulting services in order

to implement non-financial PIN security system and even the biometric authentication for

online banking services.

Figure 1: Customer Centric Fraud Management allows for a differentiated customer

experience.

Source: Finance Forum (Excellence in Compliance and Document Management)

References

Accertify, M. (2007) Card Not Present Fraud. Card Not Present Fraud a simple primer.

Accertify, inc. London.

Avery, A. (2009) The Evolution of Online Banking [Online]. [Accessed 3 December 2011].

Available at:
http://jib.debii.curtin/http://jib.debii.curtin/http://jib.debii.curtin/


38/41

Beattie, A. (2011) The Evolution of Banking [Online]. [Accessed on 17 December 2011].

Available at:

Berry, M. and Linoff, G. (2000) Data Mining Techniques for Marketing. Prentice Hall:

London, p8.

Biegelman, M.T. (2009). Identity Theft Handbook : Detection, Prevention and Security,

Wiley: New Jersey, USA.

Brause, R. Langsdorf. T. & Hepp, M. (2009) Neural Data Mining for Fraud Detection [Online].

[Accessed on 1 January 2012]. Available at: < www.citeseerx.ist.psu. edu/view doc /download?

doi=10.1.1.58.6047&rep=rep1& type=pdf .>

Calhoun, J. A. (2000) National Crime Prevention Council Statement on 1999 Uniform Crime

Report [Online]. [Accessed on 13 December 2011]. Available at:

Carr, J. (2009). Inside Cyber Warfare,The Complex Domain of Cyberspace, O'Reilly Media

Inc, London, pp9-19.

Cassell, C. Buehrins, A. & Symon, G. (2006). Qualitative Methods in Management

Research, Emerald Group Publishing Ltd: London.

Colwell, R. (2006). MENC Handbook of Research Methodologies, Oxford University Press:

London, pp59-187.

Cornelis, R. (2006). ATM automatic teller machine. Prentice Hall: London, p4-8.

Dinkla, J. (2008) Fraud Detection and Prevention[Online]. [Accessed on 2 December 2011].

Available at:

Cranor, L.F. & Garfinkel, S. (2005). Security and Usability, Fighting Phishing at the User

Interface, O'Reilly Media Inc: London, pp275-280.
http://www.investopedia.com/http://www.highbeam.com/doc/1G1-61942601.htmlhttp://www.investopedia.com/http://www.highbeam.com/doc/1G1-61942601.html


39/41

Denzin, N.K. & Giardina, M.D. (2006). Qualitative Inquiry and the Conservative Challenge,

Left Coast Press, Walnut Creek, California.

Dilley, D. (2008). Essentials of Banking, Wiley: Hoboken, New Jersey, USA.

Economic Times. [Online]. Available at:

Garfinkel, S. & Spafford, G. (2001). Web Security, Privacy & Commerce, Internet-Based

Payment Systems, 2nd ed, O'Reilly Media Inc: London, pp631-639.

Garner, M. Wagner, C. & Kawulich, B. (2009). Teaching Research Methods in the Social

Sciences, Ashgate Publishing Group: London.

Goldmann, P.D. & Kaufman, H. (2009). Anti-Fraud Risk and Control, Wiley: Hoboken, NJ,

USA.

Grossman, R. L. (2008) Data Mining [Online].[Accessed on 10 December 2011].Available at:

Gup, B.E. (2002). Future of Banking, Greenwood Press: Westport, Connecticut, USA.

Guttmann, R. (2003). The Coming Era of Electronic Money, Palgrave Macmillan:

Gordonsville, VA, USA.

Hewson, C. & Yule, P. (2002). Internet Research Methods : A Practical Guide for the Social

and Behavioral Sciences, SAGE Publications Inc: London.

Huajun, X. (2005) Internet Banking Fraud: Why is Online Banking so Popular [Online].

[Accessed on 1 December 2011]. Available at:

Huangshan, P. R. (2010) Developing Model of E-commerce E-Marketing [Online]. [Accessed

on 25 December]. Available at:
http://www.cashlinkglobal.com/2006.htmhttp://www.rgrossman.com/dm.htmhttp://www.spamlaws.com/onlinebanking-fraud.htmlhttp://www.spamlaws.com/onlinebanking-fraud.htmlhttp://www.spamlaws.com/onlinebanking-fraud.htmlhttp://www.academypublisher.com/proc/isip09/papers/isip09p225.pdfhttp://www.cashlinkglobal.com/2006.htmhttp://www.rgrossman.com/dm.htmhttp://www.spamlaws.com/onlinebanking-fraud.htmlhttp://www.spamlaws.com/onlinebanking-fraud.htmlhttp://www.academypublisher.com/proc/isip09/papers/isip09p225.pdf


40/41

James, G. Howard, R. Thomas, R. & Winterfeld, S. (2009). Cyber Fraud Tactics, Techniques

and Procedures,Banking Trojans, Auerbach Publications: London.

James, L. (2005). Phishing Exposed, Syngress Publishing: Rockland, MA, USA, pp189-213.

James, M. Aquilina, E.C. & Cameron, H.M. (2008). Malware forensics : investigating and

analysing malicious code, Syngress Media Incorporated: Manchester.

Jesus, M. (2011). Machine Learning Forensics for Law Enforcement, Security, and

Intelligence,Fraud Detection On the Web, Wireless and in Real Time, Auerbach Publications:

Sussex, pp195-231.

Jha, N.K. (2008). Research Methodology, Global Media: Chandigarh, India.

Kumar, R. (2000). Research Methodology: A Step-By-Step Guide for beginners. Curtin

University of technology. Sage: London.

Littlejohn, D.S. & Cross, M. (2008). Scene of the Cybercrime, Syngress: London.

Luthra, P. (2008) Five Arrested for net banking fraud. IBN Live. Oct 23, 2008.

Maginn, P.J. Tonts, M. & Thompson, S.M. (2008). Studies in Qualitative Methodology.

Volume 10, Emerald Group Publishing Ltd: Bradford, London, pp223-256.

Manion, L. Cohen, L. & Morrison, K. (2001) Research Methods in Education. 4th ed.

Routledge: London.

Nerzan, A. (2009). New Technologies, New Risk? : Innovation and Countering Terrorist

Financing, World Bank Publications: Harndon, Virginia.

Reid, P. (2003). Biometrics for Network Security, Prentice Hall: Birmingham.


41/41

implementing the application of online banking security system in india by comparing existing...

Documents