Internet banking is a rapidly proliferating financial transaction method preferred by millions of people and has the potential to even threaten the need for physical existence of a financial institute. But, with its rapid proliferation comes the threat of internet banking fraud and several key elements have been identified as possible contributors to such susceptibility.
These elements can be in the form of,
Technological manipulation Human interventions Institutional errors User errors
In many of the web related ‘internet banking portals’, the authentication process would be a ‘single factor authentication’ which means the user will key-in a ‘user id’ and a ‘password’ that will enable him or her to access their accounts.
As such, many researchers have focused their attention to identify the behaviors of ‘internet banking users’ in maintaining their passwords and user ids. Some of these behaviors will contribute to the increasing vulnerability of the internet banking. Following are some of the well documented behaviors that risk the secrecy of the authentication information.
Sharing of passwords and usernames with another party Sending passwords and usernames via an email Responding to emails which request you to provide passwords and usernames along with other personal details. These may be ‘phishing’ emails and the user will be re-directed to a web site which might look the same as the original web site. As soon as the login information is provided to these sites it will get captured. Accessing the internet bank accounts through public access computers, internet cafes and other computers used by others apart from you. Not logging out from an email or internet banking account after accessing it through a computer. Allowing the operating system of a computer to remember user names and passwords to a specific site. Not keeping the virus scanners and other security measures of a computer up to date. Use of predictable passwords or PIN numbers Using the same password or the PIN number for different sites and at times to enter social networking sites. E.g Facebook, digg, twitter…etc. Shorter passwords without a combination of characters and numerics.
By looking at these elements, it is evident that, unless we as internet banking users adhere to recommended authentication guidelines, there will always be the potential risk of monetary losses. Thus, it is the duty of the authorities to educate the general public regarding the potential risks as well as impose guidelines for both financial institutes as well as for the customers on how they should manage user account information to prevent such acts of fraud.