They are many solutions for E-Banking Security Holes: Digital Security of softwa

Question

They are many solutions for E-Banking Security Holes:

Digital Security of software systems in Banks is very important to protect sensitive bank information, employee’s identity and customer’s privacy, also to avoid many legal problems. Strong security solutions are very important especially with the presence of online banking, banking software and workflow systems. The extensive usage of software systems in banks without strong security could lead to many legal problems. Normal security systems and policies do not stop internal or external hacking, and do not provide a legal way to proof any made transaction.

Online banking accounts are frequently targeted by cybercriminals. Security issues remain a major concern for customers and corporations alike. As a result, banks need to implement adequate security measures to protect themselves and their customer base.

Saudi Arabian Monetary Agency (SAMA) suggested the following solutions that aim to increase the level of security for online banking:

1-Identity Authentication

Banks should use appropriate measures in order to authenticate the identity of customers. It is important for any bank to check that each online transaction or access request is legitimate to ensure the safety of online banking. Banks therefore have to use reliable methods for verifying the identity and authorisation of new and existing customers. Showing the customers what has been done to secure them, makes them feel the system is secure and that there money are protected.

2-Segregation of Duties

Banks should promote adequate segregation of duties within e-banking systems, databases and application, which is critical for their security and soundness. Therefore, Banks are required to set up sophisticated internal control designed specially to reduce fraud risk in operational processes and systems and to ensure that transactions and equipment are properly authorised, recorded and safeguarded.

The classification of duties should cover authorization, custody, record keeping and reconciliation.

3-Protect Data Integrity

Data integrity of transactions, records and information are essential for any bank to be protected. If the bank did not give special attention to that, it may face financial losses as well as legal and reputational risk. In addition, banks should arrange and represent proper organisational, procedural and technical methods, which ensure that the integrity of financial and transactional data is maintained. Financial data recording should be stored securely, retrievable for inquiry or reporting, safeguarded against improper alteration, and mostly reflect the actual values involved.

4-Regular Update and Audit

Feasible updates of the online banking system would reassurance that the authentication platform is stay one step ahead of hackers and decrease there chances to stole the data and also minimize the security holes. Banks should ensure that the internal control system is adapted to e-banking services and that clear audit trails are maintained. Added to that, internal controls should be independently auditable by external agencies. Audit trail should:

Give adequate proof to show the transaction stream, from start to finish, and any accompanying control/procedural execution.

Be sufficient to fulfill the rules of the courts under which they could be used.

5-Preserve the Confidentiality

The advent of online banking introduces extra security challenges for banks since it increases the exposure that information transmitted over the public network or stored in databases may be accessible by unauthorised or inappropriate parties. Also, expand the use of service providers may uncover essential data of banks to other parties. So, the key data of the banks must remain private. Any abuse could result in exposing the bank to high impact reputation and legal risk. The protection of confidentiality should be commensurate with the impact of the risk of unauthorised exposure:

Confidentiality should be maintained by use of access controls and encryption.

Cryptographic techniques should be based on recognized algorithms that have not been disputed in their strength or use.

Access should only be permitted based on the “need to know” principle.

________________________________________________________________________________

out of 5 solution , what do you think would be the best solution to this problem (  E-Banking Security Holes ) ?

why you select this one ?

what are the possible impacts ?

Explanation / Answer

Among the five solutions I think the best option is Regular update and audit. The reason why I choose this one is any system can be hacked after a certain amount of time. Even though we introduce a new technique after some time in will be hacked. So we have to update the online banking system with feasible updates so that it will be hard to hack. Audit Trails also will increase the security of the transaction.

The possible impact of introduction of new features to E-Banking may cause some inconvenience to the users in the beginning but overall it is a secured process.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.