Internet Banking in India: How secure Is It?

These days the life of technology is incredibly fast paced and every aspect of a professional is controlled at the click of a button. Today, the way to do business has become practically virtual with web meetings & the way to socialize has also gone virtual with people meeting their friends over social media tools like facebook & twitter.

 

One of the aspects of technology is online banking with banks exchanging money with customers & retailers with communication that happens only on the Internet. Banks prefer their customers to raise requests for cheque books, money transfer, opening of FD/RD through internet banking. With every second professional owning a credit card, retail giants like flipkart, ebay and travel companies like expedia and yatra.com wow customers with their delicious online shopping offers. Today, advertising on web is very much a part of every corporate marketing plan as their customers are very much present on web.

While this scenario boosts the economy and revenue for banks, it is time to pause and think how secure the web is for the end-customers and for corporates and banks at large. It requires a moment of introspection to analyize the landscape of vulnerabilities surrounding internet banking that a customer may be exposed to by doing an online money transaction.

One of the most common vulnerabilities of internet banking is phishing where a customer is convinced by the attacker to give away his online credentials to a third party vendor under the disguise of the bank. This is known as credential harvesting and is causing a lot of damange to customers and to the goodwill & reputation of banks. While banks are already trying to forwarn customers, there is no solution on how customer data can be further protected from getting attacked by this vulnerabilty.

We also witness a lot of cases where corporations and customers are tricked by cloned voice/email banking systems. The attackers clone these systems so that they sound the same as the official systems. Cloned bank websites and emails are also sent to customers misguiding them with the purpose of using their Internet credentials.

 India as a nation is majestically moving towards becoming a powerful nation where industrialization is rapidly growing on all counts and people need to stay connected every single second and at every place. Today, Wireless networking is available in every public domain right from cafes, malls to airports. Users automatically connect to the first access point available and if it poses not connectivity issue, no questions asked. This is one of the most vulnerable domains where huge number of systems can be attacked and all the traffic on this route will be vulnerable to be modified by the attacker.

It is evidently clear that restricting common forms of e-banking fraud is not sufficient to protect against the attackers. If Banks and corporations consider that current precautions taken reduce their risk sufficiently for a lower cost, they may think that this is sufficient and not want to deploy a technically superior system. However, vulnerabilities that will arise in future with growth of superior technology require due consideration.