Month: March 2018

Queries On Mobile Banking Services That Taunt Customers

Posted on by blogger

Financial institutions are exploring avenues to find ideal ways and means to render good services to customers, and to earn their confidence in the bargain. In their effort to offer good services, banks have started offering mobile banking services that work to the advantage of the customers. With the aid of banking software companies, financial institutions are rolling out mobile solutions to cater to the demands of customers. Though mobile solutions have attracted the attention of customers, there are queries about mobile banking services that taunt and haunt customers. What are the queries that deserve proper answers?

Why apply for this facility?

In the first place, a customer wants to know as to why he should apply for this facility. Mobile banking has made things easy for banks and customers, and with this banking facility, a customer can carry out banking transactions from any part of the world, and at any time that suits the convenience of the customer. By applying for this facility, a customer can make good use of the anytime anywhere banking mode, and save his valuable time in the process.

What are the requests to be made?

Another query that demands a suitable answer is the query about requests that can be made by a customer, with respect to the mobile services rendered by a financial institution. A customer can make use of this mobile banking facility to check his account balance, to glean details regarding the check status, and about details of the transactions among other types of services.

What is the specialty?

Financial institutions seek the services of Banking software companies to introduce mobile solutions that work to the advantage of customers. These solutions are so special, where the solutions offer a wealth of benefits in the process. With the help of mobile phones, customers can gain access to their account, and conduct several transactions without having to invest more time and energy to accomplish such tasks. Whether it is the need to glean details on recent transactions, or the need to access card statements, this facility makes it easy and comfortable for a customer to gather the needed details.

Though mobile banking services have gained popularity amid customers, queries concerning this facility taunt and haunt some of the customers who look for suitable answers to these queries.

Future Of Online Banking Authentication

Posted on by blogger

Banking on Internet and mobile is gaining popularity

The Pew Internet & American Life Project Tracking survey of December 2010 said that nearly 60% of all Americans who used the Internet did some banking over it. In the United Kingdom, the number of bank accounts registered for Internet banking grew sharply from 28 million in 2006 to 45 million in 2010. With over 100 million, a Chinese bank has the largest number of Internet banking users in the world.

Cut to mobile banking. A research firm estimated that about 110 million people worldwide used mobile banking and related services in 2010. It also indicated that the geographies of Asia Pacific, Middle East and Africa would be the most important markets for financial services using the mobile device. Another one forecasts a stupendous 660% growth in mobile banking and payment services between 2009 and 2014.

A number of factors, including lower cost of connectivity, greater Internet and mobile Internet penetration, affordability of devices and the arrival of the smartphone have gone into popularizing online (Internet and mobile) banking around the world.

However, security threats continue to loom

While these figures are impressive, these could have been higher, had it not been for the security threats surrounding online banking such as phishing, pharming, hacking, keystroke logging, Man-in-the-middle, Trojan horses and several other modes of attack that discourage adoption. The fact remains that despite advancement in security technology, fraudsters still manage to breach banks defenses from time to time. Consider these numbers: every month, around 18,000 phishing attacks take place around the world; 3% of Internet users from the EU27 group of countries lost money to online fraud last year; and there are at least 2,500 varieties of e-banking malware. Nearly 80% of U.S. banks think that malware on their customers PC is a top security risk. Indeed this seems justified because U.S. consumers lost over US$ 2 billion and 1.3 million PCs to malware in 2010.
A compilation of the security threats to mobile and online banking in 2011 ranked malware distribution through social networks, attacks targeted at specific organizations and theft of financial information using malware, at the top.

While fear of fraud has kept a number of customers all over the world from using Internet or mobile banking, at the same time, it has made banking institutions more cautious with their security policies. While there are many threats as described above, a very strong authentication mechanism for customers and transactions will address most fraud related issues. In addition to employing authentication techniques some banks also resort to other measures such as limiting the number of online banking operations that a customer can perform each day, capping the value of individual transactions, or applying additional layers of user authentication in the case of high value or exceptional transactions. On the face of it, banks apply such restrictions to protect their customers. There is also an element of self-interest in it as the banks would like to limit their own risk as well in the event of a transaction being initiated by someone who is not authorized to do so.

The current state of online banking authentication

Having mentioned earlier that authentication of customers and transactions forms the foundation in preventing of online banking fraud; let us look at the current state of online banking authentication models. At present, authentication of online banking users is done using any or a combination of the following methods:

User Id and password: This is the most popular and common method, which involves asking users to enter their User Id and password. As additional security, users may be required to ensure that their passwords are strong, change them routinely after a fixed number of days, or may be assigned a different one for transaction authorization.

Two-factor authentication: This method verifies users identity based on something that they know (user name and password) and something else that they have. For example, a bank might provide a token (physical or virtual) to customers, who, besides entering their password, must enter a random number generated by the token to authenticate themselves each time they conduct a transaction like a payment, for example. Alternatively, the bank might send a One Time Password (OTP) to the customers registered mobile device each time they initiate that transaction. In addition, the bank might subject customers to further scrutiny in case they are performing high value transactions or indulging in any activity that arouses suspicion. Some banks also verify the IP address of the device using which a customer performs a transaction, and should that change, resort to further querying and other forms of additional authentication.

The extent of authentication varies across banks, and depends on its security infrastructure as well as its risk tolerance guided by its risk policies. No doubt, two- factor authentication is more effective at preventing impersonation, but, as the recent breach of RSAs tokens showed, it is not 100% foolproof in fact, a study of banking fraud-related challenges in Latin America showed than almost a third of token users didnt quite trust them. This is the reason why banks take the additional precaution of restricting transactions inspite of implementing such security arrangements. That apart, tools of two-factor authentication have other limitations token are expensive to produce, distribute and administer, and OTPs sent via SMS could take time to reach.

Alternate models of authentication

The recent advancements in emerging technologies could enable new modes of more secure authentication without impacting customer experience. These advancements leverage the inherent capabilities of smartphones to introduce a third factor of identity verification. In three-factor authentication, in addition to furnishing their regular password and an OTP that appears on their token or mobile phone, users will be asked to present something that they possess, which would irrefutably prove their identity. This third factor could be captured using either an application that is installed on the customers smartphones or an inbuilt feature or capability of the device.

Some examples of the third factor are fingerprint, retinal image and voice. Assume for a moment that a customer is trying to transfer a very large sum of money via mobile banking. In the new model of authentication, after the customer submits his two passwords, an application that is loaded on his mobile will prompt him to provide a third factor, say his fingerprint. The customer places his finger on the smartphone screen, following which the application scans the impression and transmits it to the bank, where it is matched against the fingerprint image in their records.

There are other possibilities of biometric authentication as well, such as capturing words spoken by the customer via his phone and matching them against a previously authenticated sample of voice that exists in the banks records, or asking him to take a photograph or retinal scan with his smartphones camera and send it to the bank for approval and authorization.

It is also possible for banks to conduct three-factor authentication of customers who dont own a smartphone, by providing them a device, which can be plugged into their devices which is capable of capturing and transmitting the biometric information.

Key success factors for adoption of newer models of authentication

Currently, the new models of online authentication are in various stages of evolution, and are yet to be commercialized. Once their technology is perfected, these methods can quickly become mainstream security procedure. The following factors play a critical role in creating a favorable environment for the new authentication models to thrive and grow as mainstream models :

Infrastructure: Capture and verification of fingerprint, voice or any other biometric information requires special infrastructure to be set up and integrated. On the capture and verification, support is available from both Government and external agencies, which can capture and store customers biometric samples as well as provide applications to help the banks verify the information.

Advancements in storage technology: Over the years, data storage technology has progressed leaps and bounds that the cost of storage has drastically reduced; the cost per GB of data in 2010 was 1/10th of that in 2000. This combined with increased efficiencies in algorithms of data storage of information such as biometrics has helped banks to attain a position where they could leverage economies of scale with respect to data storage in order to keep the costs of maintaining massive volumes of biometric information manageable. Emergence of the Cloud will only accelerate the ability of banks to adopt this trend faster without having to worry about scalability or performance or security of such data.

Device proliferation: The adoption of the new authentication methods is directly linked to smartphone penetration. For this reason, these techniques would have been unworkable a few years ago; however, with smartphone usage expected to cross 1.7 billion by 2014, and annual sales growing in the region of 75 to 80 percent, the stage is set to welcome sophisticated forms of authentication in the next 3 to 5 years.

Business case: Analysts predict that the spending by banks on anti-fraud solutions will grow at about 30% over the next few years. This is clearly indicative of the industrys concern about the growing sophistication of fraud techniques, which continue to breach security systems, even as theyve become stronger. While this is a clear trigger for the adoption of better authentication solutions such as those built on three factors banks may not invest in them unless they find that the investment more than pays for itself by way of reduction in fraud.

That being said, factors such as technology advancement, reduction in data storage cost, and the availability of a support ecosystem of external partners are favourable to bringing down the cost of implementation, and will thereby strengthen the business case for adoption of the new security models.

In many countries, two-factor authentication is already mandatory for performing online financial transactions, and it is quite possible that this will progress to three factors in future, thus giving the necessary impetus to newer methods.While the above factors are not directly led by consumer behavior, higher customer adoption of online banking could also force banks to look into sophisticated models of authentication. Many banks across the world are now offering more than just banking transactions on their online banking portals, extending the scope of services to wealth management, transaction behavior-led product sales, virtual banking, customer networking etc. If these strategies start to pay dividends then they could also result in higher adoption of online banking, thus forcing banks to adopt the
new models of authentication.

This is an ongoing journey

Signs are ripe that sooner or later, the above mentioned factors will converge to a tipping point when the current methods of authentication will make way for more sophisticated ones. However, this is not the end of the road. While multi-factor authentication looks like a foolproof solution under current circumstances, it is also true that even this will not stop an attacker forever, but merely slow him/her down. The implementation of security technology is neither a one-time effort, nor a guarantee of lifetime protection. What looks like a cutting-edge solution today will be standard fare tomorrow and out of date a few years thereafter. But for now, the future of online banking authentication appears headed in the direction discussed in this paper.

Offshore Banking

Posted on by blogger

Offshore banking has always been associated with an organized crime and underground economy, via money laundering and tax evasion. However, in terms of legality, the offshore banking does not prevent the assets from being the subject to a personal income tax in interest. There is a lot of offshore banking companies that you will find today’s market and they are all offering services that are beneficial to you as a business owner. There are some persons who meet with the complex requirements. In most countries, the personal income tax makes no distinction between the interest earned in the local banks and those who are earning abroad.

Although some of the offshore banks have decided on not reporting income tax to other tax authorities, and they have no legal obligation in doing it because they are under the protection of the bank secrecy. This also does not make non-declaration of the income by tax-payer or evasion of tax on that legal income. All those who are outside the country can freely secure their money on the offshore bank without worrying of other legal matters. In 2001, there have been a lot of calls asking for regulation on the international finance, particularly concerning the offshore banks and tax havens.

An offshore bank is somewhat a bank that is located outside your country of the depositor’s residence this is typically in a place of low tax jurisdiction that provides legal and financial advantages. These advantages also include: strong privacy, no or low taxation, easy access on deposits and protection against the local financial, and political instability. Anyone is free to make their own offshore banking anywhere they want. Since this is legal, the depositors have no other obligations in their country to make their offshore banking successful. A lot of people including the business owners are considering the offshore banking because they feel more secure in this type of banking.

You can do offshore banking regardless of the location for as long as you understand their regulations. When it comes to privacy, you can have your very own privacy in offshore banking. The bank also understands the needs of their depositors that are why they made the regulation of keeping all their depositors personal information strictly in private. The bank has no right in giving your personal information to anyone. Before you make your offshore banking, you need to make sure that you first check if this bank is accredited and respected AA credit rated by the international bank. This is the only way you can ensure that your investment or assets are protected and secured.

If you want to protect your savings, you can always consider offshore banking. It is easy, just find an accredited offshore bank and make your deposit. It is very important that you also find a bank that has a low taxation, so you can save more of your savings. This is the reason why many people is now considering offshore banking because of the high taxation in their country. With offshore banking, you can guarantee that your savings is secured and safe.