Security of Alternative Delivery Channels in Banking: Issues and Countermeasures

Internet/Web Banking

A customer links to the Internet from his PC. The Internet connection is made through a public Web server. When the customer brings up the desired bank’s Web page, he goes through the front-end interface to the bank’s Web server, which in turn interfaces with the legacy systems to pull data out for the customer’s request. Pulling legacy data is the most difficult part of Web banking. While connection to a Direct Dial Access (DDA) system is fairly straightforward, doing wire transfer transactions or loan applications requires much more sophisticated functionality. A separate e-mail server may be used for customer service requests and other e-mail correspondence. There are also other middleware products that provide security to ensure that the customer’s account information is secured, as well as products that convert information into an HTML format. In addition, many of the Internet banking vendors provide consulting services to assist the banks with Web site design and overall architecture. Some systems store financial information and records on client PCs, but use the Internet connections to transmit information from the bank to the customer’s PC. For example, the Internet version of Intuit’s BankNOW runs offline at the client and connects to the bank via the Internet only to transmit account and transaction information (Walsh, 1999). Although the banking industry has a large capital invested in ATMs, banks are failing to get the desired results (Colonia-Willner, 2004). E-banking services allow customers to remotely, via Internet, manage their bank accounts and transactions (Weir, Anderson, & Jack, 2006). Nowadays, banks provide a complete range of financial services through their Internet banking channels because they are more cost-effective than other customer-contact channels (Gopalakrisnan, Wischnevsky, & Dmanpour, 2003; Polatoglu & Ekin, 2001). Internet-based channels typically require lesser staff and fewer physical branch requirements (Cheng, Lam, & Yeung, 2006). Yakhlef (2001) indicates that the average transaction cost at a full-service bank is $1.08, whereas on the Internet the cost is 13 cents or less.