Who is Guarding the Doors: Review of Authentication in E-Banking

Who is Guarding the Doors: Review of Authentication in E-Banking

Manish Gupta (State University of New York Buffalo, USA), Pradeep Kumar KB (Pradeep Kumar KBSRM University, India) and H. R. Rao (State University of New York Buffalo, USA)
DOI: 10.4018/978-1-61350-498-7.ch015
OnDemand PDF Download:
No Current Special Offers


Internet banking has become the preferred channel for conducting banking activities across globe and amongst all social demographics. Only a few other technological adoptions can compare with the recent trend of use of Internet banking facilities. Given the cost advantages and benefits it has to offer, it is widely touted as a win-win strategy for both banks and customers. However, with the growth in E-banking services and reliance on a public channel–Internet–to conduct business, it has been challenging for banks to ensure integrity and confidentiality of highly sensitive information. This chapter presents an overview of authentication issues and challenges in the online banking area with analysis on some of the better approaches. The chapter compares different authentication methods and discusses ensuing issues. The chapter will be invaluable for managers and professionals in understanding the current authentication landscape.
Chapter Preview

Authentication: Background

Authentication is a process where one has to prove his identity. The authentication can be provided in general using a user name and a password as a primary term and may be enhanced with other methods to strengthen the authentication process. Reliable customer authentication is imperative for financial institutions engaging in electronic banking (Gupta et al,, 2004). In today’s online financial services environment, authentication is the bedrock of information security. Simple password authentication is the prevailing paradigm, but its weaknesses are all too evident in today’s context (Gupta et al, 2008). The authorization is a term which is provided to identify whether the identified person is authorized to enjoy the service. This is verified based on the records that are maintained in the database and it should match the identification provided by the person. Authorization is like the boarding pass that is used to board airplanes. The access control is another term where the authorized user is provided with the limit in the accessing of the service. The service provider has the full rights to grant or denied the access level to the user. In general, means controlling the full access of the user (control, 2010). There are many different methods are used to provide a secure authentication.

Complete Chapter List

Search this Book: