E-Banking Security Issues – Is There a Solution in Biometrics?
Journal of Internet Banking and Commerce
An open access Internet journal (http://www.arraydev.com/commerce/jibc/) Journal of Internet Banking and Commerce, August 2011, vol. 16, no.2 (http://www.arraydev.com/commerce/jibc/)
E-Banking Security Issues – Is There A Solution in Biometrics?
Amtul Fatima Scholar, Jawaharlal University of Technological studies, A.P., India Postal Address: Tallakunta, Chandrayangutta x-road, Hyderabad -500 005,A.P., India Email: brackishsea@gmail.com
ABSTRACT The providers of Internet banking services must be more responsive towards security requirements. While there is no doubt that Internet banking transaction should have layered protection against security threats, the providers should approach security considerations as part of their service offerings. Biometric based authentication and identification systems are the new solutions to address the issues of security and privacy. Using biometrics for identification restrict individuals from access to physical spaces and electronic services An effective authentication method should have customer acceptance, reliable performance, scalability to accommodate growth, and interoperability with existing systems and future plans. In this study, the security threats in Internet banking, its solutions in biometrics and its acceptance in the consumer market are studied using descriptive and exploratory research. The methods of descriptive research are used to obtain information concerning the major security issues in e-Banking. The research had been completed on the basis of secondary data (online databases, scientific journals, surveys, news). Keywords: Biometrics, e-banking, electronic banking, e-security, secure transactions, security threats, Identity thefts © Amtul Fatima, 2011
JIBC August 2011, Vol. 16, No.2 INTRODUCTION
-2–
Banking organisations have been delivering services to consumers and businesses remotely for years. Electronic funds transfer, including small
An open access Internet journal (http://www.arraydev.com/commerce/jibc/) Journal of Internet Banking and Commerce, August 2011, vol. 16, no.2 (http://www.arraydev.com/commerce/jibc/)
E-Banking Security Issues – Is There A Solution in Biometrics?
Amtul Fatima Scholar, Jawaharlal University of Technological studies, A.P., India Postal Address: Tallakunta, Chandrayangutta x-road, Hyderabad -500 005,A.P., India Email: brackishsea@gmail.com
ABSTRACT The providers of Internet banking services must be more responsive towards security requirements. While there is no doubt that Internet banking transaction should have layered protection against security threats, the providers should approach security considerations as part of their service offerings. Biometric based authentication and identification systems are the new solutions to address the issues of security and privacy. Using biometrics for identification restrict individuals from access to physical spaces and electronic services An effective authentication method should have customer acceptance, reliable performance, scalability to accommodate growth, and interoperability with existing systems and future plans. In this study, the security threats in Internet banking, its solutions in biometrics and its acceptance in the consumer market are studied using descriptive and exploratory research. The methods of descriptive research are used to obtain information concerning the major security issues in e-Banking. The research had been completed on the basis of secondary data (online databases, scientific journals, surveys, news). Keywords: Biometrics, e-banking, electronic banking, e-security, secure transactions, security threats, Identity thefts © Amtul Fatima, 2011
JIBC August 2011, Vol. 16, No.2 INTRODUCTION
-2–
Banking organisations have been delivering services to consumers and businesses remotely for years. Electronic funds transfer, including small
References: 1. Electronic Banking Risk Management Issues for Bank Supervisors; Electronic Banking Group White Paper; Oct 2000; Retrieved from http://www.bis.org/publ/bcbs76.pdf (Accessed on Dec 2010) 2. Sharma, K.; Singh, AJ, Biometric Security in the E World. Applied Cryptography for Cyber Security and Defense: Information Encryption and Cyphering. Nemati, 2010; pp 289-337. 3. Authentication in an Internet Banking Environment; Federal Financial Institutions Examination Council (FFIEC); Retrieved from http://www.ffiec.gov/ffiecinfobase/resources/retail/ffiauthentication_guidance.pdf (Accessed on Dec 2010) 4. Jain A, Hong L, Pankanti S; Biometrics: Promising frontiers for emerging identification market; Feb 2000; Retrieved from http://citeseerx.ist.psu.edu/viewdoc/summary?doi=?doi=10.1.1.10.5497 (Accessed on Dec 2010) 5. Yang Y.J.; The Security of Electronic Banking. Proc. Nat. I International Systems Security Conference. National Computer Security Center. 1997; pp. 41-52. 6. Fire Alarm Company Burned by e-Banking Fraud; Retrieved from http://krebsonsecurity.com/2010/04/fire-alarm-company-burned-by-e-bankingfraud/ (Accessed on Dec 2010) 7. Arrests made over Internet banking fraud; Internet Business News, Aug 2000; Retrieved from http://www.allbusiness.com/finance/615165-1.html (Accessed on Dec 2010) 8. Internet World Stats - Usage and Population Statistics; Retrieved from http://www.internetworldstats.com/stats3.htm (Accessed on Dec 2010) 9. APWG ; Retrieved from http://www.antiphishing.org/ (Accessed on Dec 2010) 10. Vrancianu M.; Popa LA; Considerations Regarding the Security and Protection of E-Banking Services Consumers’ Interests; The Amfiteatru Economic Journal. Jun 2010; 12(28): pp388-403 11. Jamil ZU; Cyberlaw towards a new philosophy of Regulation; Retrieved from http://jamilandjamil.com/wp-content/uploads/2010/11/cyberlaw_supreme_cou rt_v10edit.pdf (accessed on Dec 2010) 12. Dias D, McKee K; Protecting Branchless Banking Consumers: Policy Objectives and Regulatory Options; CGAP Focus Notes; Sep 2010 Retrieved from http://www.cgap.org/gm/document-1.9.47443/FN_64_Rev.pdf Accessed on Dec 2010 13. Legal Framework for Electronic Banking; Retrieved from http://www.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=28 (Accessed on Dec 2010) 14. Candid Wüeest; Threats to Online Banking; White Paper: Symantec Security Response; Retrieved from http://www.symantec.com/avcenter/reference/threats.to.online.banking.pdf (Accessed on Dec 2010) JIBC August 2011, Vol. 16, No.2 -9– 15. Zin ANM, Yunos Z; How To Make Online Banking Secure; The Star InTech; April 2005. Retrieved from http://www.crimeresearch.org/analytics/online_banking/ (accessed on Jan 2011) 16. Bielski L.; Striving to Create a Safe Haven Online: ID Theft, Worms, Bugs, and Virtual Eavesdropping Banks Cope with Escalating Threat; ABA Banking Journal, May 2003; 95 17. Khan B.; Khan MK.; Alghathbar KS, Biometrics and identity management for homeland security applications in Saudi Arabia; African Journal of Business Management, Nov 2010, Vol. 4(15): pp. 3296-3306. 18. Whelan S.; Biometrics Technology; CGAP IT Innovation Series; Retrieved from http://www.ruralfinance.org/cds_upload/1126265263594_Biometrics_technology .pdf (Accessed on Dec 2010) 19. Ratha NK, Chikkerur S, Connell JH, Bolle RM; Generating Cancelable Fingerprint Templates, IEEE Transaction on Pattern, Analysis and Machine Intelligence, Apr 2007; 29(4), pp. 561-572. 20. Liu S.; Silverman M.; A practical guide to biometric security technology, IT Professional, Jan/Feb 2001; 3(1), pp 27 – 32 21. Spence B.; Biometrics In Physical Access Control Issues, Status and Trends; Retrieved from http://www.edsales.com.au/pdfs/biom_PhysicalAccess%20Control.pdf (Accessed on Jan 2010) 22. Alter S.; The work system method for understanding information systems and information system research Communications of the Association for Information Systems (Volume 9, 2002) 90-104