Identity theft is one of the challenges of online banking. Various strategies are proposed to counter these hackers. The plans include prudent management, employee training, regular updates to the security system and many more. However, the bank has to analyze the situation and choose the plan that will best suit it. It has also to in calculate technology into the proposed plan to enable it achieve the best results. The increase in the number and scale of cyber threats over the last decade has prompted an action from the various stakeholders. The online businesses and individuals have lost a lot of money to the scammers. They obtain the customer information which they use to transfer funds from their victims account to theirs. There has been extensive research on the area, however, more study is required to scale the number of cyber frauds occurring. The paper establishes the ways in which the banks can use to counter these threats. It goes further to analyze the benefits and costs of each plan. It gives the recommendations for the suitable plan in the business. It is, therefore, necessary for more research on the topic to counter the cyber threat that constantly results in the loss of money to the concerned stakeholders.
With the increasingly digitalized age, use of electronic commerce has escalated. The World Wide Web is now a valuable tool in satisfying the shopping needs of the customer. People are taking up the initiative of shopping online. This is because of its relative convenience and efficiency. Banks have also embraced trends providing transfer of funds online. They provide facilities by which their customers can use to send and receive money. However, online banking has its share of risks. Identity theft is the common challenge that faces online banking. Often customers are often ripped off their money. The fraudsters gain access into the private information of the customer which they use to steal his money.
Banks have struggled to curb this vice. They have put in place strategies to reduce the number of customers that fall victim of the fraudsters. According to Bayuk, customers and businesses have faced threats from cyber hackers (Bayuk 115). The need to protect customers and businesses has increased because of and increase crime over the last ten years. These breaches in security have eroded the trust of the customers which is an essential component of online banking. The common methods which the banks use to protect the customers include passwords and setting up a firewall.
Passwords and server security are crucial tools but not without their weaknesses. They have been effective in reducing the number of victims to identity theft, but still there are instances of breach of security. A research by Gartner and Entrust (2004) revealed an increasing rate of identity theft and fraud. The threats continue to evolve in nature and sophistication. Organizations continue to suffer financial losses due to the stealing of funds by the hackers. The hackers scout the internet looking for confidential information to use so that they can steal personal identities.
They are constantly looking for credit card numbers, passwords and codes of the customers. They use techniques such as social engineering to obtain the financial information. In the year 2004, there were 9.9 million reported cases of identity thefts in the United States. They in most cases, employ “hooking” and “phishing” to scam the customers. They exploit the ignorance of their victims by setting up traps that resemble the genuine attributes and brand names. The customer in most cases is tricked to use the anchors and links that lead to the fraudsters obtaining the financial information.
The use of spam, telebanking, human elements method and other psychological techniques to rip off their victims. Spam is where they send mail to their victims in the pretext of genuineness. The victims respond believing it is a genuine message. Hackers can also obtain the information through the telephones. Most people are carrying out transactions through the telephone. They are making purchases and paying their bills through the phones. The hackers can access this confidential information if there is no sufficient firewall. They can also use tactics such as kidnapping and blackmailing for the information. Finally, they also employ psychological techniques such as the common waste basket snooping. This method involves searching for customer information in the places they dispose off the waste which they then use to replicate and steal the victim’s money.
Banks have devised strategies to counter them due to the increasing cases of financial losses to the hackers. Customers and online businesses have lost trust in the online banking sector due to the scamming. Trust is an essential component of online banking. The plans and strategies restore this trust and place the sector back on its growth path.
Banks have devised a number of strategies to counter the methods employed to scam their clients. The plans are supposed to protect the clients from the scammers. Massive financial losses have rendered it mandatory to institute these measures. The NatWest bank supposedly cancelled all one million online customers from accessing new direct and standing orders after a series on online attacks (Becker 453). The measures are meant to counter particular threats, however, it may, in addition add to the broad, security of the online banking system.
The first measure is to beefing up its security through constant updates. Lack of security details updates leaves the system susceptible to potential criminals. The details can fall in the hands of the hackers in the course of the bank carrying out their business. Hackers can also mine the data from the system and use them to access the system of the bank over a long period. The bank proposes constant system updates as a solution so that they can protect against this behavior. The passwords and codes of the system should be changed over a prescribed period. Organized gangs are recruiting individuals who get information for them from the banks. The staff in the banks gets the information for them which they use to carry out the crimes. The Financial Services Authority (FSA) crime division warns the companies in the United Kingdom to be alert on both the traditional and emerging forms of fraud.
The prudence of the management of a firm cannot be emphasized enough in the fight against cyber threats. The organization must set up a well defined system of management. Policies and procedures should be instituted to govern the dissemination of sensitive financial data in the company. This will safeguard against accidental or intent access of the information by the criminals. A situation should not arise where confidential information is accessed by parties it not intended. An example is in Cahoot a subsidiary of Abbey which closed down for ten hours in November 2004 to carry out repairs on its system. Apparently other customers could view log in information of the other customers. Therefore, the company management should be well organized and set up prudent policies that will govern the system making it threat proof from the hackers.
Another method is customer awareness campaigns. Early detection of the threats can be beneficial in setting a firewall to the vice. The banks can put up warning signs to their customers. The signs contribute to the customer awareness on the issue. The banks put the warning signs on their internet banking sites. Customers have migrated to other forms of banking such as telephone banking that is less susceptible to the fraudsters than banking. More sensitive customers will not easily reveal their information to the fraudsters. They will put in place individual safeguards against them.
Citibank, Halifax and other financial institutions are increasing their safeguards against an increasing onslaught. One of the policies that have helped the financial institutions to weather the storm is through non-serving of online accounts of third parties. The non-servicing of third party accounts helps to protect against transfer of funds outside the country. Money from the fraud deals is often wired to the off sea accounts. Therefore, policies like this will help in curbing the fraud. Some banks honor the debts to its customers who are ripped off while others do not. However, most banks are taking the policy of analyzing the situation before accepting liability to the customer.
Finally, training of the staff of banks can be beneficial in the fight against the vice. It is a straightforward strategy to curb the fraud. It can mitigate the dangers of security breaches. The employees will be trained on the identification of threats and the protocol of reporting it. Employees will safeguard confidential information from falling into the hands of unauthorized persons. They can be trained not reveal remote access protocol to non-employees until authorized by a relevant personnel.
The bank will use one or a mix of the plans available to it. The plans will be implemented according to the circumstances prevailing in the organization. It will also consider other factors such as the financial resources, availability of personnel, technology availability to complement the plan and the easiness of acceptability by the stakeholders. The plans implemented by the organization may not suit the safety guards in the long run. It is, therefore, mandatory to evaluate and revise the plans over time.
The bank will evaluate the plans already available and its present weaknesses. It will consider the needs of the organization and its customers. It through this needs assessment that the management will choose a plan that best satisfies these needs. It will judge the suitability of the six options available to it. It will do a cost benefit analysis on all the available options. The option that results in the most benefits will be implemented in the organization. The company will consider the cost of taking the option. The plan will be designed and then implemented. Continuous improvement in policy and procedure will be used to make sure the plan meets the objectives of the organization and the clients. The plan will be effective and convenient to the bank after a series of improvements are initiated. The improvements will be as a result of emerging issues in the online banking sector.
Technology will enable the bank successfully to implement the plan. Technology continues to improve each day with hackers obtaining most sophisticated technologies. The bank can use information cards in its transactions. They will be used in the internal systems such as the computer networks used in the banks. The use of these cards will be beneficial in protecting the client’s information from unauthorized parties. It uses the interoperable, vendor neutral structure to enable to make changes to facilitate identity based transactions through the information card approach (Hoffman 12).
The bank can also work with other relevant stakeholders in the technology and business community. They will draw technologies that will best suit its needs. The technology will limit the disclosure of information to unwarranted parties. If this information reaches the parties, it will lead to a number of security and privacy risks. The banks will build a trust among their clients if an instance of breach is minimized. It can employ the use of digital identities. The software establishes the distinctiveness of the consumer before allowing him to access the information. This can be through providing verification information before log in or in-person verification at the bank. The client will provide a password and his username for him to verify himself to the online system. The in-person verification is not preferred as client value convenience and efficiency. Therefore, in a bid to obtain the verified digital certificates the use of a password and username is commonly used.
Although, online banking has immense benefits to every stakeholder, it has its reasonable distribute of drawbacks. The first set back is that it is cumbersome due to the logistics involved. Federal regulations require that the banks verify each client’s identity. The task of confirming may render the process cumbersome. The bid to confirm each customer’s identity is due to the security concerns. The systems are susceptible to hacking and identity theft. It is the work of the bank to protect the information of the customer (Choron et al 293).
It has the disadvantage of not accessing the support as that in traditional banking. The transactions are carried out through the phone and internet. If the systems are not designed well, then it could be frustrating to the client who has to wait a long time to carry out the transaction. Accessibility is also another issue. It depends on the availability of the internet for it to be accessed. The client will not be capable of accessing his bank account or carry out any transaction in case the internet connection is poor. Finally, it is more expensive than the traditional banking. The customers have to give some amount for them to access the services.
Identity theft is a threat to the online banking sector. The banks need to be vigilant in the fight against fraud. The banks and customer’s funds are stolen each day. Therefore, to ensure survival it is necessary for the banks to devise strategies to counter hackers. The strategies include employee training, constant updates, prudent management and non-handling of third party accounts policy. It needs to choose a mix of these plans to implement in the business. The plan which yields, the most benefits to the bank will be implemented. Continuous improvement in policy and procedure will be emphasized.