The investment increasing rapidly as it is enabling business to reach more customers quickly than competitors. It also enables to serve more customers in more efficient manner than before.
All those competitive advantages are directly complementing revenue and bottom line. Nowadays other than technology service providers, financial industries are putting remarkable investment in technology. During the initial years, international automation was a priority. Now they are investing more to extend more convenient experience in customer service such as online banking, debit/credit cards, internet banking. Today, it is evident that e-commerce will control the business.
Electronic currency through the card industry has given the first phase of experience of e-commerce to our customers. But that has reached a limit as it is yet to be chargeable through internet. That remains still the key factor for true e-commerce succession. Fortunately regulator has responded to customers' demands. Bangladesh Bank is about to launch the gateway to facilitate currency use in the internet.
It is needless to mention that e-commerce will bring enormous opportunities to merchants and financial institutions. We have a huge untouched population which is yet to be directly connected with financial institution. The cost of service delivery is competitive because of density. The local culture is still open to receive promotion. However, all opportunities come with some challenges.
Starting from 24/7 customer service to critical back-office integration, all services are expected to be up and running with zero downtime. On the top of that customer preference will be changing time to time. Customer relationship management will be more complex and dynamic. Challenges of reducing transactional and operation costs will also come into play.
It will bring challenge for regulator also. Bangladesh bank started some e-banking service and facing part of challenges. The challenges includes the balance between convenience and security, designing products that offer a balance between competitive pricing and functionality, keeping abreast with dynamism of customer needs and innovation and lack of proper legislative framework to support the growth of e-banking.
In addition to those there are some other factors, for example, some customers still like human face and their unwillingness to change.
Those are the challenges that can be managed by the long operational experience of the financial industry. But a serious challenge which is totally new to the industry is “Information Technology Security”. Lack of trained people, lack of management awareness and inadequate infrastructure are making this the most critical issue ahead.
According to the Symantec Internet Security Threat Report July-December 2007 Bank Accounts and Credit Cards are the major targets of Cyber attack:
Considering the challenge and impact on the business, we need to take this issue into serious consideration. We have to mitigate it with management willingness, trained people, best process, regular practice and making it as part of regular business.
Current concern regarding security of information transfer in e-banking is on the session layer protocols and the flaws in end-to-end computing. A secure end-to-end transaction requires a secure protocol and robust technological infrastructure to communicate over un-trusted channels and a recognised cipher at both end-points for ensuring multi-phased authentication method. The solution addresses the use of secure protocols and authentication method because trusted channels do not really exist in most of the environment, especially since the business is dealing with linking to the average consumers.
From the customer perspective it is important to know the nature of attack may affect them.
They can be affected through social engineering which is a technique of convincing people for gathering confidential information.
Malware (viruses, worms, Trojan) is the computer program written in order to harm computers or servers. These malwares can steal sensitive information of users such as PIN number, password etc.
With Phishing cyber criminals motivate users to enter their confidential information on fake web site.
Then there is simple Trojans which is limited to a handful of e-banking applications. It usually steals username, password, one time password, session information, URL and sends it back to attacker.
Generic Trojans is in the wild since 2007, but still in development phase. It may attack any e-banking or any web application.
There is no alternative to arrange user awareness program on regular basis.
The solutions to the security issues require the use of software-based systems or hardware-based
systems or a hybrid of the two. These software-based solutions involve the use of encryption algorithms, private and public keys, and digital signatures to form software packets known as 'Secure Electronic Transaction' used by MasterCard and Pretty Good Privacy. Hardware-based solutions such as the Smartcard and the MicroChip provide better protection for the confidentiality of personal information.
In order for e-banking to grow, the security and the privacy aspects need to be improved.
No comments:
Post a Comment