INTERNET BANKING

Internet banking (or E-banking) means any user with a personal computer and a
browser can get connected to his bank -s website to perform any of the virtual banking
functions. In internet banking system the bank has a centralized database that is web-
enabled. All the services that the bank has permitted on the internet are displayed in
menu. Any service can be selected and further interaction is dictated by the nature of
service. The traditional branch model of bank is now giving place to an alternative
delivery channels with ATM network. Once the branch offices of bank are
interconnected through terrestrial or satellite links, there would be no physical identity
for any branch. It would a borderless entity permitting anytime, anywhere and anyhow
banking.  
  The network which connects the various locations and gives connectivity to the central
office within the organization is called intranet. These networks are limited to
organizations for which they are set up. SWIFT is a live example of intranet application.

 Internet banking in Pakistan

The Reserve Bank of India constituted a working group on Internet Banking. The
group divided the internet banking products in India into 3 types based on the levels of
access granted. They are: 

i) Information Only System:  General purpose information like interest rates, branch
location, bank products and their features, loan and deposit calculations are provided in
the banks website. There exist facilities for downloading various types of application
forms. The communication is normally done through e-mail. There is no interaction
between the customer and bank's application system. No identification of the customer
is done. In this system, there is no possibility of any unauthorized person getting into
production systems of the bank through internet. 

ii) Electronic Information Transfer System:   The system provides customer- specific
information in the form of account balances, transaction details, and statement of
accounts. The information is still largely of the 'read only'  format. Identification and
authentication of the customer is through password. The information is fetched from the
bank's application system either in batch mode or off-line. The application systems
cannot directly access through the internet. 

iii) Fully Electronic Transactional System:  This system allows bi-directional

capabilities. Transactions can be submitted by the customer for online update. This
system requires high degree of security and control. In this environment, web server
and application systems are linked over secure infrastructure. It comprises  technology
covering computerization, networking and security, inter-bank payment gateway and
legal infrastructure. 
 Automated Teller Machine (ATM): ATM is designed to perform the most important
function of bank. It is operated by plastic card with its special features. The plastic card
is replacing cheque, personal attendance of the customer, banking hours restrictions
and paper based verification. There are debit cards. ATMs used as spring board for
Electronic Fund Transfer. ATM itself can provide information about customers account
and also receive instructions from customers - ATM cardholders. An ATM is an
Electronic Fund Transfer terminal capable of handling cash deposits, transfer between
accounts, balance enquiries, cash withdrawals and pay bills. It may be on-line or 0ff-
line. The on-line ATN enables the customer to avail banking facilities from anywhere. In
off-line the facilities are confined to that particular ATM assigned. Any customer
possessing ATM card issued by the Shared  Payment Network System can go to any
ATM linked to Shared Payment Networks and perform his transactions. 

Credit Cards/Debit Cards:  The Credit Card holder is empowered to spend wherever

and whenever he wants with his Credit Card within the limits fixed by his bank. Credit
Card is a post paid card.  Debit Card, on the other hand, is a prepaid card with some
stored value. Every time a person uses this card, the Internet Banking house gets
money transferred to its account from the bank of the buyer. The buyers account is
debited with the exact amount of purchases. An individual has to open an account with
the issuing bank which gives debit card with a Personal Identification Number (PIN).
When he makes a purchase, he enters his PIN on shops PIN pad. When the card is
slurped through the electronic terminal, it dials the acquiring bank system - either
Master Card or VISA that validates the PIN and finds out from the issuing bank whether
to accept or decline the transactions. The customer can never overspend because the
system rejects any transaction which exceeds the balance in his account. The bank
never faces a default because the amount spent is debited immediately from the
customers account. 

Smart Card: Banks are adding chips to their current magnetic stripe cards to enhance 
security and offer new service, called Smart Cards. Smart Cards allow  thousands  of
times of information storable on magnetic stripe cards. In addition, these cards are
highly secure, more reliable and perform multiple functions. They hold a large amount of
personal information, from medical and health history to personal banking and personal
preferences. 

 You can avail the following services through E-Banking.

 Bill payment service    You can facilitate payment of electricity and telephone bills,
mobile phone, credit card and insurance premium bills as each bank has tie-ups with
various utility companies, service providers and insurance companies, across the
country. To pay your bills, all you need to do is complete a simple one-time registration
for each biller. You can also set up standing instructions online to pay your recurring
bills, automatically. Generally, the bank does not charge customers for online bill
payment.
 Fund transfer  You can transfer any amount from one account to another of the same
or any another bank. Customers can send money anywhere in India. Once you login to
your account, you need to mention the payees's account number, his bank and the
branch. The transfer will take place in a day or so, whereas in a traditional method, it
takes about three working days. ICICI Bank says that online bill payment service and
fund transfer facility have been their most popular online services.
 Credit card customers    With Internet banking, customers can not only pay their
credit card bills online but also get a loan on their cards. If you lose your credit card, you
can report lost card online. 

 Railway pass  This is something that would interest all the aam janta. Indian Railways
has tied up with ICICI bank and you can now make your railway pass for local trains
online. The pass will be delivered to you at your doorstep. But the facility is limited to
Mumbai, Thane, Nashik, Surat and Pune.  

 Investing through Internet banking   You can now open an FD online through funds
transfer.Now investors with interlinked demat account and bank account can easily
trade in the stock market and the amount will be automatically debited from their
respective bank accounts and the shares will be credited in their demat account.
Moreover, some banks even give you the facility to purchase mutual funds directly from
the online banking system.   Nowadays, most leading banks offer both online banking
and demat account. However if you have your demat account with independent share
brokers, then you need to sign a special form, which will link your two accounts.

 Recharging your prepaid phoneNow  just top-up your prepaid mobile cards by
logging in to Internet banking. By just selecting your operator's name, entering your
mobile number and the amount for recharge, your phone is again back in action within
few minutes.

 Shopping    With a range of all kind of products, you can shop online and the payment
is also made conveniently through your account. You can also buy railway and air
tickets through Internet banking. 

  Advantage of Internet banking As per the Internet and Mobile Association of

India's report on online banking 2006, "There are many advantages of online banking. It
is convenient, it isn't bound by operational timings, there are no geographical barriers
and the services can be offered at a miniscule cost."   Through Internet banking, you
can check your transactions at any time of the day, and as many times as you want to.
Where in a traditional method, you get quarterly statements from the bank.  If the fund
transfer has to be made outstation, where the bank does not have a branch, the bank
would demand outstation charges. Whereas with the help of online banking, it will be
absolutely free for you.   

Security Precautions  Customers should never share personal information like PIN

numbers, passwords etc with anyone, including employees of the bank. It is important
that documents that contain confidential information are safeguarded. PIN or password
mailers should not be stored, the PIN and/or passwords should be changed immediately
and memorised before destroying the mailers. Customers are advised not to provide
sensitive account-related information over unsecured e-mails or over the phone. Take
simple precautions like changing the ATM PIN and online login and transaction
passwords on a regular basis. Also ensure that the logged in session is properly signed
out.    

INTERNET BANKING FRAUDS

Imporatant Notes:
"We're all now digital bankers, whether you wanted to be or not,” says Donna Turner,
chief operations officer at Early Warning, the parent company of Zelle. “What we see
right now is this perfect storm for the bad guys to really focus and dive in."
Online banking scammers may target older people for several reasons, says Brian
Krebs, a journalist who runs the respected cybercrime website KrebsOnSecurity. After
decades of work, older adults are more likely to have higher incomes and greater
assets. They are often perceived, fairly or not, to be less tech savvy and more inclined
to answer the phone.
Isolation can also be a factor, particularly amid the pandemic, notes Amy Nofziger,
director of fraud victim support at AARP. “When people are in crisis — and who's not in
crisis or at an elevated emotional level right now with COVID — they actually want to
connect and speak with somebody,” she says.

Phishing: Don't get hooked

The first defense against banking scams is knowing that a reputable bank will not
contact you out of the blue and ask for your Social Security number, online account
password or other personal information. It won't ask for money. Anyone that does is
almost certainly phishing.
This type of scam isn't new, but “scammers have gotten really, really sophisticated” at it,
says Kathy Stokes, director of fraud prevention programs at AARP.
These scams start with an email or text that appears to come from a real financial
institution, down to an authentic-looking logo. These spoofed communications carry
urgent but phony warnings about problems with an account or transaction.
You might be directed to call a supposed customer service line (where you'll be pressed
for personal information like a Social Security number), or to click on a link that takes
you to a fake banking website. That could be a trap to infect your device with malware
that allows crooks to track your keystrokes and capture account credentials.
Signs of phishing can include misspellings and poor grammar; email or web addresses
that resemble but don't quite match the real domain (look for a switched letter or extra
punctuation mark); or generic greetings like “Dear Valued Customer."
But even these clues can be tricky, Stokes says: Some fraudsters purposely put them in
emails to “weed out people that would be more aware” from clicking through or calling
the bogus help line.
"It's akin to a marketing strategy. Get people who are sufficiently fraud-savvy to opt out
by ignoring the lure,” she says. “Those who remain are the ones that will be easier to
deceive.”
"Vishing,” or voice phishing by phone, has also gotten “orders of magnitude more
sophisticated” and harder to detect, says Krebs.
For example, scammers may come armed with information about you, gleaned from
social media or a prior data breach (a kind of targeted attack called "spear phishing").
They'll mention personal details like your birth date, where you work or the last four
digits of your Social Security number to make their claim to be from your bank more
convincing.

Know whom you're talking to

If you get a call like that, hang up immediately. Similarly, don't reply to an email or text
that seems at all suspicious, and don't call a phone number listed in one.
Nor should you necessarily trust a number found via Google search, chat room or social
media. For the same reason, don't ask Alexa on a smart speaker to connect you either,
experts caution.
"Just about every major company is being targeted by the bad guys,” Krebs says. “They
spam all these forums and you end up calling scammers for help."
To find out if there's an actual issue with your account, contact the bank via a channel
you know to be legitimate, like the customer service number printed on your bank
statement or the back of a debit card.
GETTY IMAGES
Here are some other ways to bank online safely and avoid scams:
Choose a unique account password. Don't use the same or similar passwords across
multiple websites. That's “far and away the biggest source of cybercrime today. It's just
epidemic,” says Krebs
Use two-factor authentication. With this extra layer of protection, you get a one-time
code (via text or email) whenever you log into your online account. It's an additional way
for the bank to confirm your identity and keep crooks out of your account. But beware: A
scammer who has obtained your password through a hack or other means might try to
persuade you to get a two-factor code and read it back to them — thus giving them
access. “This is really, really common,” Krebs say.
Make sure you're on your bank's genuine website — especially if you got there via
search, which scammers can game to usher you to a phony site. Check that the web
address contains your bank's true domain, with no extra or substituted characters.
Make sure you're using your bank's official app. Download it from a trusted source,
like an official app store or your bank's website, and keep it updated. The FBI warns that
rogue actors create lookalike apps that mimic those of major financial institutions in a
bid to get your log-in credentials.
Read the security and privacy sections of your bank's site. Get to know about alerts
and other protections the bank makes available for online customers, Turner
recommends
Only bank using secure Wi-Fi, like your private home network. Public Wi-Fi is more
susceptible to hacking.
Regularly review your bank statements and activity, and report anything that looks
questionable to the bank, immediately.
AARP’s Fraud Watch Network can help you spot and avoid scams. Sign up for
free Watchdog Alerts, review our scam-tracking map, or call our toll-free fraud
helpline at 877-908-3360 if you or a loved one suspect you’ve been a victim.

INTERNET BANKING FRAUDS

Internet Banking Fraud is a fraud or theft committed using online technology to  illegally
remove money from a bank account and/or transfer money to an account in a different
bank. Internet Banking Fraud is a form of identity theft and is usually made possible
through techniques such as phishing.  Now internet banking is widely used to  check
account details, make purchases, pay bills, transfer funds, print statements etc.
Generally, the user identity is the customer identity number and password is provided to
seure transactions. But due to some ignorance or silly mistakes you can easily fall into
the trap of  cyber criminals.    Here are some simple tips to prevent you from falling into
the trap of cyber criminals. Remember, a simple ignorance or oversight can make a
huge dent in your hard- earned savings. 

  Securing your account :  Avoid online banking on unsecured wifi systems and
operate only from PCs at home. Never reveal password to anyone. Do not even write it
on a piece of paper on diary. Just memorise it. It should be alphanemeric and change it
frequently.  Never reply to queries from bank online about account or personal details.
The personal information should not be kept in a public computer or in emails.   

Phishing:  A person's personal details are obtained by fraudsters posing as bankers,

who float a site similar to that of the person's bank. They are asked to provide all
personal information about themselves and their account to the bank on the pretext of
database up gradation. The number and password are then used to carry out
transactions on their behalf without their knowledge. Phishing involves using a form of
spam to fraudulently gain access to people's online banking details. As well as targeting
online banking customers, phishing emails may target online auction sites or other
online payment facilities. Typically, a phishing email will ask an online banking customer
to follow a link in order to update personal bank account details. If the link is followed,
the victim downloads a program which captures his or her banking login details and
sends them to a third party.

Spam: Spam is an electronic 'junk mail' or unwanted messages sent to your email

account or mobile phone. These messages vary, but are essentially commercial and
often annoying in their sheer volume. They may try to persuade you to buy a product or
service, or visit a website where you can make purchases; or they may attempt to trick
you into divulging your bank account or credit card details.

  Nigerian Scam: Nigerian or Frauds 409 or 419 are basically the lottery scam in which
some overseas persons are involved to cheat innocent persons or organizations by
promising to give a good amount of money at nominal fee charges. Their intention is to
steal money in the form of fee against the lottery prize. 

Spyware: Spyware such as Trojan horse is generally considered to be software that is

secretly installed on a computer and takes things from it without the permission or
knowledge of the user. Spyware may take personal information, business information,
bandwidth; or processing capacity and secretly gives it to someone else.   "Trojan
Horse" scheme unfolds when malicious software (malware) embeds to a consumer's
computer without the consumer being aware of it. Trojans often come in links or as
attachments from unknown email senders. After installation the software detects when a
person accesses online banking sites and records the username and password to
transmit to the offender. People using public computers, in places like Internet cafes,
are often susceptible to Trojans like malware or spyware. 

Check sites Url: Always check the URL of your bank's web site. Fraudsters can lure
you to enter your user ID and password at a fake website that resembles your bank. If
you see anything other than the bank's genuine URL, it has to be fake.  Never enter
your user ID or password or such sensitive information without ascertaining that you are
on the right website. Always type the Web address of your bank into the browser
address space. Never click on the link in the email. 

 Fool-proof password: Change your online banking password at regular intervals.

Also, avoid easy-to-guess passwords, like first names, birthdays, kid's or spouse's
name and telephone numbers. Try to have an alpha-numeric password, one that
combines alphabets and numbers.   If you have several bank accounts, never use the
same online banking password for all. Never select the option on browser that stores or
retains user name and password. As it can be easily cracked by cyber criminals. Also,
never paste your password, always type it in. This little amount of `finger exercise' will
go a long way in safety.

Always check 'last logged':  Most banks have a 'last logged in' panel on their
websites. If your bank has it, check the panel whenever you log in. If you notice
irregularities (like you are logging in after two days, but the panel says you logged in
that morning!), report the matter immediately to your bank and change your password 
rightaway. 
   Always log out when you exit the online banking portal. Close the browser to ensure
that your secure session is terminated. Never exit simply by closing the browser.

Keep your system up to date:  Regularly check for security updates for your computer
operating system. Most security updates are aimed at reducing risks to your computer,
these may be data-related or otherwise. Make sure that your operating system and
browser have the latest security patches installed. And, always install these only from
trusted websites.   Install a personal firewall to prevent hackers from gaining
unauthorised access to your computer, especially if you connect to the Internet through
a cable or a DSL modem.

Public access can be injurious:  Don't leave the PC unattended after keying in

information while transacting on the website. Avoid accessing your bank online at cyber
cafes or on a share or public computer. Also, avoid locations that offer online
connections through wireless networks (Wi-Fi), where privacy and security are minimal. 
  Follow Bank instructions: Banks say that appropriate upgradations are carried out
from time to time by their IT departments for risk mitigation. They issue instructions to
the customers to manage their accounts through virtual keyboards by way of which the
characters typed by them are not identified by hackers. SMS alerts are also an
important tool since any transaction carried out on account is reported to the account
holder through an SMS.

Protection:  Learn the ways to protect yourself from online banking fraud schemes.
Detect Trojans that appear on your PC in the form of viruses, spyware or malware
through Antivirus Software, anti Spyware, and  Adware.  Also, learn to keep your cards,
documents and passwords safe, and monitor your accounts to safeguard yourself from
bank fraud committed through identity theft.