1 / 11

E-BANKING

E-BANKING. Project Status Report By Mahesh Narayan ( mahesh_narayan@yahoo.com ) Pritam Potnis ( pritampotnis@hotmail.com ). E-Banking ??. The security of an Internet banking model must be addressed at three levels. The first concern is the security of customer

luisa
Download Presentation

E-BANKING

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E-BANKING Project Status Report By Mahesh Narayan (mahesh_narayan@yahoo.com) Pritam Potnis (pritampotnis@hotmail.com)

  2. E-Banking ?? • The security of an Internet banking model must be addressed at three levels. • The first concern is the security of customer Information as it is sent from the customer's PC to the Web server. • The second area concerns the security of the environment in which the Internet banking server and customer information database reside. • Finally, security measures must be in place to prevent unauthorized users from attempting to log into the online banking section of the Web site.

  3. E BANKING Role of Team Members in the Project • Pritam Potnis & Mahesh Narayan • Research • Web search • Writing • Project Status

  4. Project Statement Banking Online is a growing area. Online money is a new e-commerce area. • Investigate how secure the online banking actually is. • Target specific financial institutions, write to them formally. • Ask them how much fraud is being caused online from their online (internet) banking activities being hacked. • Ask also for the fraud rates of the credit cards they offer. • Ask how much of that fraud is internet based fraud (i.e..,people using stolen card numbers over the internet). • What steps are each institutions taking to ensure security to their customers?

  5. Project Statement (contd…) • What are the limitations and liabilities to the customer who conducts their banking online with each banking institution? • Do they have procedures in place should a customer identify his account as being broken into? What are they? • Ask what steps are being taken to prevent their banking servers from obtaining mobile code and dynamic virus attacks (for example Black Orifice 2000). • Point out to them that Norton Antivirus and similar signature based anti virus programs will detect these types of attacks, and this is not acceptable response. • Detail and summarize your findings.

  6. Letter sent to the Bank MAHESH NARAYAN PRITAM POTNIS SYRACUSE UNIVERSITY 121 LINK HALL SYRACUSE, USA 13210  To, The Chief Technology Officer Bank Name Bank Address Dear Sir/Madam, We are students of Syracuse University and are enrolled for the Graduate Degree Program in Computer Engineering at the L.C. Smith College of Engineering. As part of our graduate program requirements, we have enrolled for a 3- credit course CSE 691, titled Internet Security Principles. Our coursework (project) requires us to collect information about security in Internet banking and a host of questions related to them. As one of the leading edge banking institutions providing Internet solutions for customers’ banking needs, we are aware that you have a vast spectrum of knowledge and experience in issues relating to Internet banking security and are well equipped in providing viable solutions to these issues.

  7. Letter sent to the Bank We therefore solicit your expertise and help in our effort to compile facts and figures based study of e-banking security for our coursework. We are required to do research on what kind of vulnerabilities are banking institutions like yours exposed to while offering Internet banking solutions, and what is the technology they employ to combat such problems and make e-banking a vulnerability free zone. Attached to this letter are a series of questions addressing our area of study that will help us gain better insight in our quest for facts relating to the issue. We understand the sensitivity of the topic and would like to assure you that the questions are solely for the purpose of our coursework. We also assure you that our effort is directed only towards an academic purpose and nothing more. Please do let us know if divulging any kind of information on this topic would contravene your banking policy. We are also presenting information about our course, and ourselves in case you need to verify them. Course: Internet Security Principles (CSE691), Fall 2001 Department of Electrical Engineering and Computer Science Syracuse University Project Participants: Course Instructor Mahesh Narayan (SUID# 64456 5838) Dr. Leonard Popyack, Cell : 315 884 6651 Syracuse University Pritam Potnis (SUID# 559147980) Cell: 315-525-2842 Cell: 315 373 8864 Department Chair: Dr. Carlos Hartmann, Syracuse University Tel: 315-443 5807 Please feel free to contact either us , the instructor, or the Department chair if you have any questions or concerns. Thanks a lot for your time and co-operation Regards Mahesh Narayan Pritam Potnis

  8. Letter sent to the Banking Institutions List of Questions • How much fraud is being caused on online (internet) banking activities due to resources being hacked? • What are the fraud rates of the credit cards your institution offers? • How much of the fraud is Internet based fraud (i.e., people using stolen card numbers over the internet). • What steps is your institution taking to ensure security to their customers? • What are the limitations and liabilities to the customer who conducts his/her banking online with your banking institution? • Does your institution have any procedures in place should a customer identify his account has been broken into? What are they? • What steps are being taken to prevent the banking servers from obtaining mobile code and dynamic virus attacks (for example Black Orifice 2000).

  9. List of Tasks …. • The letters were posted to the following banking institutions • HSBC Bank • American Express • Chase Manhattan • A through research is being done to actually understand what technologies are usually used when an E-Banking website is designed and developed. • Research is also on to find answers too the same questions asked to the banks by studying materials through web search.

  10. Attention Areas  • The Banking Institutions have not yet responded to the letters. • Action Taken • A follow up will be done in the coming week by regular land mail, to ensure that we have the answers to the questions we have put up to the banking institutions. • We are also trying to personally get in touch with the CTO’s of the respective Banking Institutions to request them to reply to the letter we have already sent them

  11. Goals for Final Presentation • Overview on what E-Banking is all about. • List of technologies usually used by Banking Institution Websites. • Detailed Analysis of the threats usually faced by Banking Institution Websites. • List of Answers provided by the Banking Institutions. • List the Answers to the same questions we have got through the web search. • Critically Analyze the answers provided by the banks and the answers that we have got through the web search. • Advice to a potential customer whether it’s a safe bet to bank online or not.

More Related