Business case for preventing certain types of attacks
There a number of attacks which require large investments which may not be justifiable given the customer base of some banks?
In fact, there are many banks that are willing to compensate for the fraud losses of the customers as that is more cost effective to putting up a solution to prevent the same.
Security policy
The security policy needs to be continuously monitored and updated as a result of newer security threats. Which means that the bank has to continuously evaluate the risks, the cost of technology solutions and even upgradations. It gets all the more challenging due to a variety of technological solutions available in the market, each addressing individual problems but none offering a one-stop solution.
Customer education
A number of online banking users are naïve to the types of threats they face online and the precautions that they must take. Therefore, customer education becomes a key element to prevent the manifestation of a number of risks into frauds. The banks have to decide which is the best medium for the communication, message for the communication, frequency of communication and so on and so forth.
Online banking usage also depends a great deal on the customer-targeted communication from the banks to alleviate such fears. It is much easier for the experienced eyes of an internet-savvy user to detect potential phishing attempts when compared with a customer who has recently migrated from old school of banking to more recent modes.
Studies have also shown that first time users or users who have started adopting online banking do not continue to use them if they are struck by a fraud or attempts of fraud as their confidence on such a channel is drastically reduced and fall back on the traditional modes of banking.
A lot has to be communicated to customers. The onus of ‘real online-enablement’ of banking customers is usually left to the printed matter. The existing delivery channels (like ATMs, kiosks, online banking, POS) should be used to push this information to the customers in innovative ways.
Wherever technological controls are not feasible, procedural controls should be implemented to check frauds. As indicated before, solutions like exchange of personalised digital images between customer and bank website ahead of password entry prevents phishing. One time password through SMS, virtual keyboard, software version of two factor solutions are other strategies that banks can adopt to ensure better security in online banking.
It is therefore upon regulatory bodies to enforce online security norms, thereby rewarding initiative and innovation from the banking and IT communities.
The author is global head of sales, Finacle
Subscribe to:
Post Comments (Atom)
1 comment:
Hello Thanks for good information .Really i got total information about the blog.Find your Bank Important Things To Remember About Personalized Bank Checks With Pictures. When you decide to open a personal checking account, you will get the opportunity to pay using bank or personal checks.Find your bank
Post a Comment