The electronic banking system has provided conveniences for bank customer regarding to banking access and digital payment services for E-business. Along with convenience provided for different group of customers, the risk and threats associated with electronic banking grows with technology advancement.
Recent research on electronic banking security has been focused on the development and services available to customers through electronic banking Apps or Website. With emerging E-commerce business, electronic banking has been important component that support the E-business structure. This review will concentrate on risks and threats to electronic banking system that would limit its development and security measurements available in order to protect customers against different risks and threats from cyber vandalism.
Structure of electronic banking
Growing information technology has provided conveniences to consumers, according to Bonneau et al (2012), the electronic banking services have made developments in way of serving customers. With technology advancement, what traditionally has been done through bank tailor, now can be done online, from anywhere, at anytime. The electronic banking services have gain popularity quickly because of the easy access and convenience to use. The first electronic banking system invented to facilitate banking activities as the Automated Teller Machine (ATM), later telephone banking system was introduced (Claessens et al, 2002). Technology advancement has provided different alternatives to customers, where all users now need is a devices that have access to the Internet, and all transactions could been done electronically. This has made consumers’ banking activities faster and easier than ever, where consumers may have to make a trip to the bank a mile away before, one phone call or click on the Internet can save the trip now. Consumers appreciated such invention for the elimination of the time constraints, as of most of bank branches have the same operation hour as other business does (Bonneau et al, 2012).
The electronic banking systems built upon Internet infrastructure, where the communication occurred and information transmitted back and forth between customer and information database at the Banks (Claessens et al, 2002). With information transmitting through Internet, proper security procedures is crucial to protect information leakage and any type of crime that use the electronic banking systems as its platform. With the access provided from numerous consumer and tremendous amount of transactions that incurred on daily basis, the electronic banking system itself posed a huge threat.
As the operation relies on machinery and one simple mistake can resulted in damages that beyond imagination. With this fact, Fatima (2011) suggested a legal framework that would guide electronic services on the mode of operation and guarantee smooth transactions between all parties. Also researchers have made suggestions on alert systems build within electronic banking systems, that errors would be automatically detected and fraudulent acts would be warned (Yap and Bak, 2010). The warning systems acted as a second layer of protection, where for the purposes of averting the situation as a mechanism to curb fraud, an alternative alert should be sent to reduce the chance of an earlier fraud (Yap and Bak, 2010). For instance when one makes an error in trying to transact the system discovers the error, and makes follow-up instruction to the initiator for amendment.
Risk and cyber crimes threats
As electronic banking system is an important component of current emerging E-business market. With significant growth in the E-business market, risks also grow. Cyber crime is one of the major concerns regarding to E-commerce, and it include phishing, e-Bank theft, credit card fraud, spams and others (Krathcman, et al, 2008). As most E-business utilized electronic banking as its payment method, the threat to electronic banking system does not just came from stolen of privacy information and steal money from bank clients but also from economic loss of E-business companies. The adoption and usage of electronic banking systems relies on the trust of customers, where the nature of trust between users and the bank is also held by committers of fraud. And in the case of fraudulent acts, it is also difficult to distinguish the transaction from all other transaction in the erroneous data.
To protect electronic banking systems and prevent certain risks can be costly, where banks in practice try to have a minimal level of security alleviating most of risk but maximum the level of convenience (Claessens et al, 2002). The choice bank made does not only draw from economic consideration, but also from the ease of use factors. Where most of Internet security protocols included procedures of authentication and authorization in order to protect the integrity of the data and system as a whole (Alfread et al, 1996). However, the process of authentication and authorization can be complex and inconveniences, where some of the online banking require customer to authenticate not only through user name and password, but also with security questions, SMS code and others. The increasing complexity of authentication and authorization would most likely reduce customer’s interest in the electronic banking system of the specific bank (Mohammadi and Abedi, 2008). Therefore, it is crucial for the electronic banking system to find a way that would provide convenience services to customer and have sufficient security protection at the same time.
Al-Smadi, (2012) argues that in the event that one hacks into an account and withdraw a huge chunk of money as witnessed in the world of technology today, it raises a lot of issue on the burden of liability. The chances are that someone can hack a bank and withdraw money; the common provision of the law is that the bank or the company due to its inability to pay its debts will have to go through insolvency process. What then is the concern how secure is this security system as its lack of adequate security not only places the economy under threat but also affects its users. The safety of the electronic banking and the integrity of the system should inspire customers’ confidence. Therefore, this necessitates regulation that considers all these factors and adopts appropriate means that inspires hope and confidence in fastest growing sector of electronic banking system. It is essential to the success of electronic baking that they develop and operate insecure manner; this concern is contributed by the high access to computer technology
Perception of electronic banking security
With the rise in incidences of hacking account, credit card fraud and cyber vandlism, it has raised more concerns on the adequacy of the security protection on electronic banking system. According to Bonneau et al, (2012), the vulnerability of the electronic banking systems has hiked with technology advancements in the recent years. Hackers have developed many ways, which enabled them to break into banking systems. For regular customers who does not necessarily understand Internet infrastructure, their understanding towards electronic banking system completely built on the trust towards the actual bank. Rod et al, (2009) argues that one of the ways to build trust in the system from regular consumer is through the authorization and verification process that users need to pass before access to the electronic banking system. Consequently, Nasri, (2011) asserts that biometrics technique as security system can be implemented as well as software based system technique that analyses the user’s physical location and their historical record of online business. Those Security measurements designed to confirm the details of genuine users of the account and compare to the record of the specific electronic service that used to access to the system before accessing account (Claessens et al, 2002). It also served as double protection, where it established not only to authenticate the log in users but also where and what used to gain authorization.
With technology advancement, traditional security measure was not enough to protect regular customer from fraudulent act and cyber crimes, there is a need for a verification of parties accessing bank information to confirm whether they are real account owners. As more and more people make electronic transfer through online banking, the concerns regarding to on the reserve requirements of banks, deposit insurance and the consumer protection also arises. The definition of cyber crime are still vague with no specific legal framework determine the protection on digital assets and ways to protect them, with technology advancement, there are more choices for electronic banking systems regarding to the ways on how services are provided and how to protect the banking system.
Internet infrastructure and available security protection
Most credit card and online payment would go through secure systems on the Internet. The secure systems adopt encryption and decoding process to ensure the confidentiality of clients. In the payment process, a public key and a private key were used to encrypt and decrypt data and message generated during the transaction, system created a digital signature to guarantee the authenticity between the sender and the receiver in the transaction. The use of pubic key and private key encryption with digital signature has enabled the protection of the transaction and phishing during the transaction process (Nasri, 2011). The system uniquely identifies the sender of the message then the receiver decrypts the encrypted message with sender’s public key, the identification process has authenticate both sender and receiver in the transaction. This ensures that the message was actually from the appropriate person. Besides, the digital signature ensures that the original information was not interfered (Nasri, 2011).
The newly emerged block chain technology has provided a new opportunity on electronic banking, where this opportunity could be utilized by technology conglomerates in a fast fashion, where technology companies like Amazon and Google could provided banking services through block chain technology (Bloomberg, 2018). As the block chain technology was able to protect private information and used a decentralized information transmission model that limited possibilities for phishing and other types of fraudulent acts. Current Scholar researched showed confidence in the Block chain technology and the adoption, some business also eager to apply the technology in its business. NASDAQ have announced its NASDAQ Private Market platform will adopt a Block chain digital-ledger technology to manage equities in the platform for its client (Orcutt, 2015). U.S. Federal Reserve System (2015) also made announcement on its plan to adopt Block chain as a payment system in its system as well, which they call a “digital value transfer vehicle” to process interbank payments in the U.S. banking system. With U.S. Federal Reserve’s initiatives on use Block chain technology in the finance services industry and in digital payment services, more attention will be draw to Block chain technology and its application.
Security of electronic banking plays a significant role in building trusting environment. To enhance the use of electronic banking, the overall security strategy is extremely important, the information integrity must be protected through various security measures. Technology advancement posed threats and challenges on current electronic banking systems, this has required continuous updates on security mechanism of the electronic banking systems in order to protect the integrity of banking information.