CYBER SECURITY IN BANKING SECTOR
|
Introduction:
Advancements in technology often pave a new path of operation for an individual, a business, a society and the nation as a whole. With extensive invasion of internet, smart phones and digital arena into our social lives, it is but natural to adapt to it. Digitalization being the policy focus of the current government thus further promoting a faceless, paperless and cashless economy, internet banking has naturally picked up pace. Matching the march with it our digitally empowered society is tapping the knowledge economy, with just appropriate clicks online to perform most of its transactions. A McKinsey report stated that 7% of the total 200 million bank account holders in India transact online, which is around 14 million people.
Internet banking has seen a growing spurt in recent years, as customers are no longer bound by geographical boundaries and can access their accounts in any branch of any bank from any place at any time. Things like scheduling online payments, transferring funds instantaneously, and tracking of transactions have become easier with a simple click of a button.
In 2020, when the entire world was practically “locked-down”, and confined inside the walls of their homes, internet banking saw a major surge. 2020 witnessed a rise of 46% in internet banking as compared to the earlier year.
While the benefits of internet banking make a good number, one cannot ignore that with the same comes its own share of problems. Cyber security in banking sector is becoming a growing area of concern. Higher digitization and remote operations lead to increased vulnerabilities and open up opportunities for cybercriminals, exposing banks to breaches or hacking. Around 3 Lakh cyber security incidents were reported in the year 2020.
Breach of security in the backend infrastructure calls for a much robust mechanism both for the banks and their online users.
Cyber Security Issues That Need User Awareness:
1. Identity Theft: Identity theft means someone else using your personal & financial data without your approval with the motive of conducting a concealed fraud. Generally user identity is the customer Id number with a secured password.
Solution: Never disclose your password to anyone. Do not keep an easy-to-predict password and keep changing your password frequently. Do not reveal your personal details or account details to any queries from the bank in online format too. Do not reply to any email that asks you for your password or PIN details. Do not use public PCs in cyber cafés or any other public domain PCs. Do not leave your laptop/PC unattended. Log off and close the browser instantly when you are done with online transactions.
2. Spoofing: Cybercriminals float a site similar to that of your bank. They imitate the bank’s original website with another website that looks and functions the same. When customers enter their login data there, that data is captured by the cybercriminals.
Solution: Never click on the link in the email. Always type the bank site URL in the address bar. Verify the domain name displayed again and again. A slight spelling change or an extra letter in the spoofed URL may go unnoticed.
3. Spyware / Ransomware: Spyware or Ransomware is a kind of Trojan Malware that is secretly installed on your computer when you visit certain unsecured sites or they come as attachments or links in emails from unknown senders. After installation the software detects when a person accesses online banking sites and records the username and password to transmit to the cybercriminals. 75% of cyber security breaches in 2019(before covid-19) were because of spyware/malware.
Solution: Avoid clicking on unverified links. Avoid opening attachments from unknown senders. Always ensure that the site on which you are making online purchases is a secured site (URL begins with https://) Detect Trojans that appear on your PC in the form of viruses, spyware or malware through Antivirus Software, anti Spyware, and Adware.
4. Online Shopping: Always ensure that the site on which you are making online purchases is a secured site (URL begins with https://)
5. PIN Protection: In case of ATM cards and credit cards, do not share your PIN with others. Check your monthly bank statements for any unusual activity. Report to the bank immediately in case your debit or credit card is lost.
How Banks Like Jankalyan Sahkari Bank Ltd Can Combat Cyber Security Breaches:
1. Cyber Security Assessment: A continuous threat and assessment to bridge the gaps between fraud risks and their reporting. Deploy robust authentication and authorization system while deciding on the scope of services that need secured access.
2. Control On Third-Party Services: Third party service providers are common in banking sector. They are an intermediary link between bank and customer for certain services. However, bank needs to plan, structure and control and sometimes restrict their access to the system, services and infrastructure.
3. Advanced Technology Solutions: Endpoint security system and other crucial systems to be augmented with artificial intelligence (AI) for cybersecurity. Threat intelligence to be applied at different levels.
4. Cybersecurity Trainings For Employees: Conducting regular training programmes on identifying and resolving cyber threats at every level and developing cybersecurity culture continually.
5. Application Security: Protect applications after deployment by monitoring, resolving, and enhancing security with antivirus programmes, firewalls, and encryption for the system.
6. Data Security: Tools to protect confidential, private, and sensitive information or from misuse, unauthorized access, damage and disruption.
7. Infrastructure Security: Protect and review network, network communications, data centres, various IT platforms and devices connected to them.
8. Access Management: Define and manage the roles and access privileges of various network users.
9. Regulation Compliance: Complying with the RBI guidelines on the cybersecurity framework