1.

INTRODUCTION TO INTERNET BANKING

Internet banking is the easiest way to carry out banking
transactions in today's hectic schedule. Internet banking is used widely
by masses, and has numerous benefits to offer. Nowadays, all banks
provide online banking facility to their customers as an added
advantage. Gone are the days, when one had to transact with a bank
which was only in his local limits. Online banking has opened the
doors for all customers, to operate beyond boundaries. Nowadays,
people are so busy in their work lives, that they don't even have time
to go to the bank for conducting their banking transactions. Internet
banking enable people to carry out most of their banking transactions
using a safe website, which is operated by their respective banks. It
provides many features and functions to their customers, and enables
them to view their account balance, transfer money from their account
to another account (be it in their respective bank or any other bank),
view

their

account

summary,

etc.

In this procedure, many financial transactions can be carried out by

simply utilizing a computer with an Internet connection. The
necessary things that a person needs for using online banking are, an
active bank account with balance in it for transactions, debit or a credit
card number, customer's user ID, bank account number, the Internet
banking PIN number, and a PC with access to the web. People using
Internet banking are certainly benefited by the online services their
respective banks are providing them with. The primary reason why it
is so famous and mostly used is that, customers are allowed to bank at
non-working hours.

1.2. HISTORY OF INTERNET BANKING

The finance services, associated with Internet, are being promoted due
to the widespread use of Internet. Internet banking, that is also known
as online banking, is one of the emerging services The concept of
Internet banking has been simultaneously evolving with the
development of the world wide web. Programmers working on banking
data bases came up with ideas for online banking transactions, some
time during the 1980s. The creative process of development of these
services were probably sparked off after many companies started the
concept of online shopping. The online shopping promoted the use of
credit cards through Internet. Many banking organizations had already
started creating data ware housing facilities to ease their working
staffs. The development of these databases were widely used during
the

development

of

ATM's.

Sometime in 1980s, banking and finance organizations in Europe and

United States started suggestive researches and programming
experiments on the concept of 'home banking'. Initially in the 80's
when computers and Internet were not so well-developed, 'home
banking' basically made use of fax machines and telephones to
facilitate their customers. The widespread of Internet and programming
facilities created further opportunities for development of home
banking.
In 1983, the Nottingham Building Society, commonly abbreviated and
referred to as the NBS, launched the first Internet banking service in
United Kingdom. This service formed the basis for most of the Internet
2

banking facilities that followed. This facility was not very welldeveloped and restricted the number of transactions and functions that
account holders could execute. The facility introduced by Nottingham
Building Society is said to have been derived from a system known as
Prestel, that is deployed by the postal service department of United
Kingdom.
The first online banking service in United States was introduced, in
October 1994. The service was developed by Stanford Federal Credit
Union, which is a financial institution. The online banking services are
becoming more and more prevalent due to the well-developed systems.
Though there are pros and cons of electronic cash, it has become a
revolution that is enhancing the banking sector.
With the popularity of the Internet increasing steadily, most
of the industries are finding new and interesting ways to make use of
this new and equally interesting medium so as to keep up with the
constantly changing preferences of clients all over. Nowadays, you
can do almost anything over the Internet - from shopping for groceries
to making a free call to a friend in New Zealand through your
computer! Yes, the Internet has seemingly endless possibilities and the
banking industry in turn has decided that it won't be left behind the
rest of the pack.
While most of us have heard about online banking services,
more than a majority of us have probably not even tried it out yet. It
could possibly be because we are more comfortable working with real
people; paper and money instead of its virtual counterpart, as
performing transactions over the Internet can be very impersonal.
Whatever may be the reason; there are a number of advantages and
disadvantages to online banking services. This article will outline the
3

good side as well as the bad side to online banking so that you can
either feel that online banking is a safe way to manage your finances,
or you could possibly be justified in your fears.

1.3. TYPES OF INTERNET BANKING

Informational (Websites)
This has been identified as the first level of internet banking .
Typically the bank has the marketinginformation about the banks
products and services on a standaloneserver. The risk is very low as
informational systems typically have no path between the server
and the banks internal network.Informational Internet banking simply
means the bank provides

basic information about its products and services, much like abr
ochure. This is meant for marketing purposes only, and there is
noconnection to the bank's main computer systems. This level of Inter
net banking can be offered by the bank or outsourced. While the risk
to a bank is rather low, the server or Web site may be susceptible to

adjustment. To prevent unauthorized alterations to the bank's server or

web site, appropriate controls therefore must be in place.
Communicative/Simple transactional (Websites)
This type of internet banking allows some interaction
between

the

bank's

system

the

customer.

The interaction is limited to e-mail, account inquiry, loan application

or

static

file

updates

(name

and

address). It does not permit any funds transfers. Communicativeonline

banking allows for some communication between the patron and
bank.

However, this is typically limited to fundamental interactions

such as account inquiries, new account updates, loan or mortgage

applications,

contact

information

updates

and

balances.

Communicative online banking may connect with the bank's main

computer systems. The risk is higher with this configuration than with
informational systems since these servers may have a path to the
bank's internal networks. To prevent, monitor, and alert management
of any illegal attempt to access the bank's internal networks and
computer systems, appropriate controls required to be in place. In this
environment, virus controls also become much more critical.
Advanced Transactional (Websites)
This level of internetbanking allows bank customers to electron
ically transfer fundsto/from their accounts, pay bills and conduct other
bankingtransaction online. The most popular online banking type,trans
actional Internet banking offers all of the benefits of atraditional brickand-mortar institution. This includes full controlover your accounts deposits, withdrawals, transfers, updates and online payments.
Increased security measures now make Internet banking safe, secure
and convenient, especially in the case of mobile online banking. This
6

is the highest risk architecture and must have the strongest controls,
since a path normally exists between the server and the bank's or
outsourcer's internal networ
Merits
First let's start off with the merits of online banking. First and
foremost, online banking is very, very, very convenient. It will allow
you to pay your bills and make transactions anytime during the day
and the week. The bank will never close because you can access it
through your laptop or computer. So, no matter in which country you
are anywhere in the world, you can go online and handle your
finances.
Secondly, online banking is very fast, effective and efficient. Over the
Internet, you can make transactions that are typically executed and
performed at a much faster pace than at ATM's. These services also
give you the option of handling several different bank accounts from
one site itself. Most online banking sites are compatible with programs
like Microsoft Money and Quicken, which makes management of
assets more effective.
Paying Bills Online: Online banking provides people the
facility of paying bills online from their checking account,
money market account or credit card account or from their
home equity line of credit. In order to avail this facility,
people would have to set up payees or pay to accounts for
which they would need a copy of their bills. Recurring
payments can be made without delay, by making use of the
7

facility of being able to set up pay to accounts, on

completing a simple formality. One can schedule bill
payments up to one year in advance. It helps people keep
their bill payment history in an electronic format, thus
eliminating the need for paperwork. Some companies also
dispatch bills directly to the customer's online banking
service. However, not all companies offer e-bills. The
customer can thus receive, view and pay e-bills or electronic
versions of their paper bills.
Electronic Funds Transfer: Online banking allows the
facility of electronic transfer of funds between a number of
accounts maintained with the same bank. Generally, people
can transfer money from their checking or their savings
account to the following: credit cards, line of credit and
investment account. People can also transfer money from
their personal account to the personal account of others,
assuming that the accounts are maintained with the same
bank. Customers can also opt to transfer funds from their
personal account, maintained with a bank, to the accounts
maintained in other financial institutions. Withdrawals and
deposits are thus facilitated by electronic fund transfers.
Other Facilities: One can access one's account from
anywhere in the world and view the current balance in the
linked accounts. The system of linked accounts allows the
bank to transfer funds from the customers savings account to
cover the overdrawn checking and credit card account.
Viewing the balances in linked accounts helps a person keep
8

a check on spending habits. Stopping payments on checks,

re-ordering checks, requesting copies of paid checks, savings
and checking account statements are some of the other
facilities.
Demerits
Just like with anything else, there are disadvantages too! The
biggest problem is that most people lack trust. How many times
have you performed transactions online and wondered whether you
did the right thing? Of course, you can overcome any uneasiness
by printing the transaction receipt. This receipt will conform
whether or not your transaction has gone through successfully.
Online banking can be difficult to learn for a beginner and a site
could take time to start up. Some sites ask for photo identification,
which

can

be

very

inconvenient.

However, most online banking sites provide tutorials for online

banking. Some sites provide live online customer support to
provide solutions for any problems. The number of cases of
banking frauds is considerably low so you don't have to worry
about the safety of your money. Clearly, the whole concept of
online banking has its fair share of advantages as well as
disadvantages. For some people, online banking simplifies life,
while for the others it is intimidating and complex. Taking into
consideration these perceptions, most banks have now started
offering online banking services and a viable option to their clients.

Some people prefer talking personally to a person in case of a

problem. They prefer the 'personal touch' aspect of customer
service. If you are this kind of a person, then you'll probably never
feel comfortable with Internet banking. On the other hand, if
unlimited access to your bank accounts and convenience is highest
on your list of banking priorities, then nothing can beat online
banking. What with the security of the FDIC standing like a
fortress behind them, it is very clear that online banking is here to
stay.
Although the merits clearly outnumber the demerits of Internet
banking, some people may prefer banking theo;d fashioned way
due

to

the

following

reasons:

Safety Concerns: Phishing, the presence of malicious software,

key logger issues and security concerns due to weak wireless
security networks deter people from opting for Internet banking.
Meant for Tech Savvy People: People belonging to the older
generation may not be tech savvy and may find it difficult to use
online banking. Online banking is a wonderful facility that can
save us time and make our life simpler. However, one must take
adequate measures to protect oneself from getting cyber scammed.

2. INTERNET BANKING VS TRADITIONAL

BANKING
Internet banking is very similar to traditional banking. In fact, if
you do much of your banking online and use features like bill pay, etc.
10

- you are already familiar with how the majority of internet banking
works.
The main difference is that there is not a local branch you can
walk into. If you don't regularly require special face-to-face services
from a banker, you probably will not care.
It may feel scary to give up that brick-and-mortar bank that you
know is right down the street if you need it, but you'd probably be
surprised at how easy banking with an internet bank is. I had not idea
until I tried it myself.
With an internet bank, you can avoid many of the fees that a
traditional bank charges. (They don't have the cost of maintaining all
of those secure branches!) If you are setting up simple business bank
account, it makes sense to avoid as many fees as possible, especially if
you are already paying bank fees on your personal account.
Many services that you might think could only be handled in a
branch can actually be dealt with over the internet, by mail or by fax.
You may even find the entire process easier and less time consuming
than physically going into your bank. Times are changing, which
actually makes internet banking more feasible and easier to use for the
average customer.
Many internet banks let you use a variety of ATMs free of
charge (they reimburse you for fees charged by other bank, usually up
to a certain amount). You may find that the selection of ATMs offered
by internet banks are even more convenient to you than with a local
bank. Once you start comparing internet banking services and fees to
11

those of your local branches, you find that an internet bank is the right
choice for you.

3. HISTORY OF OBC
Oriental Bank of Commerce (BSE 500315, NSE:
ORIENT BANK) is an India based bank established in Lahore (then a
city of British India, and currently in Pakistan), is one of the public
sector banks in India.
12

Oriental Bank of Commerce made a beginning under its

Founding Father, Late Rai Bahadur Lala Sohan Lal, the first Chairman
of the Bank. Within four years of coming into existence, the Bank had
to face partition. Branches in the newly formed Pakistan had to be
closed down and the Registered Office had to be shifted from Lahore
to Amritsar. Late lala Karam Chand Thapar, the then Chairman of the
Bank, in a unique gesture honored the commitments made to the
depositors from Pakistan and paid every rupee to its departing
customers.
The Bank has witnessed many ups and downs since its
establishment. The period of 1970-76 is said to be the most
challenging phase in the history of the Bank. At one time profit
plummeted to Rs.175, that prompted the owner of the bank, the
Thapar House, to sell / close the bank. Then employees and leaders of
the Bank came forward to rescue the Bank. The owners were moved
and had to change their decision of selling the bank and in turn they
decided to improve the position of the bank with the active
cooperation and support of all the employees. Their efforts bore fruits
and performance of the bank improved significantly. This was the
turning point in the history of the bank.
The bank was nationalized on 15 April 1980. At that time
total working of the bank was Rs.483 crores having 19th position
among the 20 nationalised banks. Within a decade the bank turned into
one of the most efficient and best performing banks of India.
The bank has progressed on several fronts crossing the
Business Mix mark of Rs 2 lacs crores as on 31 March 2010 making it
the seventh largest Public Sector Bank in India, achievement of 100%
CBS, reorienting of lending strategy through Large & Mid Corporates
and establishment of new wings viz., Rural Development and Retail &
13

Priority Sector. The Bank has to its utmost credit lowest staff cost with
highest productivity in the Indian banking industry.

3.1. WHERE OBC WAS?

In early 1990s more than 7000 branches were using

traditional

manual procedures.
These manual procedures were inherited from the Imperial Bank.

14

 Traditional procedures were evolved over decades

Very few changes were brought in those procedures as per the need
of time.
In that time, mainframe or mini computers were used
for MIS, RECONCILLATION & FUND SETTLEMENTPROCES
S, or we can say that for backhand operations purpose.
Changes brought in Information Technology by OBC: In the next decade internet facility was provided for individuals
All OBC branches were connected and ATMS were launch
2001 - KMPG appointed consultant for preparing IT Plan for the Bank.
Later on Core banking proposed by the IT consultancy company.
2002 All branches computerized but on decentralized systems, there
the initiative of core banking took place
2008- more than 6500 branches (95% of business) on Core Banking
Solution (CBS)
Internet Banking facility for Corporate customers were also launched in
early 2008
15

 More Interfaces developed with e-Commerce & other sitesthrough

alternate channels like ATM & Online Banking
All Foreign Offices were brought on Centralized Solution
Large network is playing the role of backbone for connectivity

across

the country
Multiple Service Providers are providing the links BSNL,MTNL,
Reliance, Tata & reliance which are making thesystem errorless and
provide high speed.
Multiple Technologies to support the networking
Leased lines, Dial-up, CDMA & VSAT

3.2. COMPANY PROFILE

Registered Address
Harsha Bhawan,
E-Block, Connaught Place
16

infrastructure

New Delhi
Delhi
110001
Tel: 011-23417121
Fax: 011-23739768
Email: mbd@obc.co.in
Website: http://www.obcindia.co.in
Group: Public Sector
Registrars
M C S Ltd. Sri Venkatesh Bhawan
No. W-40,
Okhala Industrial Area Phase -II
Tel: 011-41406149, 41406150, 41406151, 41406152
Fax: 011-41709881
Email: admin@mcsdel.com
Website: http://www.mcsdel.com

Management - Oriental Bank Of Commerce

Name
S L Bansal

Designation
Chairman and Managing

V Kannan
B Srinivas
S S Shishodia
K S Sreenivasan
Abha Chaturvedi

director
Executive Director
Director
Director
Director
Director
17

S C Sinha
Sreya Guha
K H Pandey
C P Singh
T Valliappan
P Santhanakrishnan

Executive Director
Director
Director
Director
Director
Director

3.3. FACILITIES OFFERED

The following services are being offered through Oriental

Banks iBanking Services, Free of Cost:Services offered through Oriental Banks iBanking
1.Accounts Related Operations
I.
II.
III.

Online Balance Inquiry

View transactions
Statement of Account For a given period, range
of Cheque nos & Amount

IV.

Cheque Status Inquiry

18

V.
VI.

Clearing Instruments Inquiry

Stop Payment of Cheques

2. Fund Transfer Operations

I.
II.

Funds Transfer to own accounts

Funds Transfer to other accounts within CBS
Branches of OBC

III.

3rd Party Funds Transfer to other Banks accounts

Min. Amount : Rs. 100/- per transaction

Max.Amount : : Rs. 3,00,000/- per transaction
Per day Maximum: Rs.5,00,000/3. Payments
External Payments viz. IRCTC (For Railway Reservation) and
Sharekhan.com for Funds Transfer Facility for Shares purchases.
Bank Charges Rs.11/- per ticket (including Service Tax)
4. Mails
I.

Customers can send mails for clarifications/queries

on Internet Banking.

II.

Relationship Manager at IBC, Secunderabad gives

reply to the queries / requests raised by the
customers, within 12hours.

5. Activity:
Customer can view various financial and non-financial activities
performed by him during a period of time.
19

6. Customize
You can customize your various information like
I.
II.
III.

Change your passwords

Add Nick names to your accounts
Select primary accounts in case you have many
accounts

IV.

Change your various preferences like Date Format,

Amount Format, Add email id, Change your
Salutation etc.

4. INTERNET BANKING SECURITY MODELS

Online banking systems require efficient security models
capable of identifying users and authorizing transactions, thus
mitigating fraud. However, current models are focused on fraud
identification instead of fraud prevention, which means that actions
are taken only after a fraud occurs instead of performing a series of
preventive procedures. Analyzing the security devices implemented by
the ten largest banks in Brazil it is observed that several security layers
and methods are concurrently adopted (Figure 1). Virtual keyboards
are clearly one of the most used models, being adopted in 8 different
banks. However, banking trojans continue to successfully operate,
directing security to reactive fraud identification rather than
prevention.
20

Figure : Internet Banking Security Models

In this analysis, SSL (Secure Sockets Layer) was not considered

because it is adopted in all online banking systems. Moreover, SSL
only provides security from the network layer downwards but is not
capable of guaranteeing protection against attacks based on the
application layer, where data is captured or modified before
encryption. Basically, banking systems need to accurately identify the
user and authorize his access to banking transactions. The
identification schemes are based on two main factors: unique secret
information previously shared by the user and the bank (such as
passwords) and unique characteristics of the device which is being
used to access the service (device fingerprinting).However, if any of
the media through which these informations are collected (including
the user's device) is compromised, the security system is compromised
as a whole because it would allow an adversary to insert and capture
information at a point of the system. It is important to understand how

21

banking systems employ security mechanisms and why they do not

efficiently mitigate system subversion and consequent frauds.

4.1. CURRENTLY ADOPTED SECURITY

MODELS
The models currently adopted in online banking systems are
based on several security layers, consisting on diverse parallel
solutions and mechanisms which aim at protecting the banking
application and the user's data, providing identification, authentication
and authorization.
Digital Certificates:
Digital certificates are used to authenticate both the users
and the banking system itself. This kind of authentication
depends on the existence of a Public Key Infrastructure
(PKI) and a Certificate Authority (CA), which represents a
trusted third-party who signs the certificates attesting their
22

validity. In Brazil, banking systems use A1 and A3

certificates issued and signed by ICP-Brasil.
One-Time Password Tokens:
One-Time Password devices are commonly used as a second
authentication factor, which may be requested in specific or
random situations. This kind of devices render captured
authentication data useless for future attacks through the use
of dynamically changing passwords which can be used only
once.
One-Time Password Cards:
One-Time Password Cards constitute a less expensive
method for generating dynamic passwords, also providing a
second authentication factor. However, in some banking
systems, passwords generated by OTP cards are reused a
number of times before being discarded, rendering this
system vulnerable to short term replay attacks.
Browser Protection:
In this model, the system is secured at the Internet browser
level, which is used to access the banking system. The user
and his browser are protected against known malware by
monitoring the memory area allocated by the browser in
order to detect such malware and hinder credential theft and
capturing of sensitive information.
Virtual Keyboards:
23

Virtual keyboards were developed to thwart the efficient use

of key loggers (which capture information typed into the
device). These devices are usually based on Java and
software based cryptography, allowing portability between
different devices. Currently they are being replaced by other
more efficient methods which require less processing power
and slower transmission rates.
Device Registering:
This method restricts access to the banking system top
reviously

known

and

registered

devices.

Hardware

fingerprinting techniques are used in conjunction with user

identification through secret credentials.

Short Message Service (SMS):

This method has been applied in some banking systems to
notify users about transactions requiring their authorization.
It provides a second authentication channel for transactions
that fit certain characteristics by sending to the user a set of
characters which have to informed in order to authorize and
process the transaction through the online banking system
Device Identification:
Device identification is usually applied together with device
registering but it is also used as a stand-alone solution in
online banking systems that aim at facilitating user access.
This identification model is based on physical characteristics

24

of the user's device through which it is possible to identify

its origin and history information.
Positive Identification:
Positive identification is a model where the user is required
to input some secret information only known to him in order
to identify himself. It is applied as a second authentication
method.
Pass-Phrase:
It is a security model based on information held by the user.
It is usually used as a second authentication method in
transaction that involve money movement.

Transaction Monitoring:
Even though this method is not thoroughly analyzed in the
present work, it is currently applied in all online banking
systems, each of the musing different techniques. Artificial
intelligence, transaction history analysis and other methods
that identify fraud patterns in previously processed
transactions are among the various approaches to transaction
monitoring.

25

4.2. ATTACK MODELLING AND TYPICAL

SCENARIOS
The attack tree model for common attacks against online
banking systems is presented in Figure . This model represents the
main components of banking systems authorization and authentication
mechanisms and efficient attacks against them. The attacks exploit
vulnerabilities inherent in the people (engineering social and phishing)
then to gain control of device (malware) and credential theft legitimate
user (fake Web pages and malware). Attack Tree model The attacks
description in this section are based on current trends observed in
malware specifically focused on banking. It has been observed that
such attacks are efficient against the authorization and authentication
schemes currently adopted in online banking systems. Each attack is
present along with a description of the security mechanisms they
target.
CREDENTIAL THEFT
26

This kind of attack is the simplest and most commonly

performed against banking systems. Itbasically consists in obtaining
the necessary credentials and user data in order to access thesystem as
a legitimate user, providing information normally known only to
legitimate users.

DEVICE CONTROL
The device control attack is presented in Figure and its
objective is to obtain full control of the user's device instead of only
stealing data used in the authentication process. The user'sdevice itself
is then used by the attacker to access the banking service and perform
frauds. Thisattack is more complex than credential theft (Figure) and
tracing its origin is much moredifficult because the attacker never
directly accesses the online banking service.
27

The attacker publishes specially crafted malware or counterfeit

web pages. Exploiting vulnerabilities in applications such as browsers
or applying social engineering the attacker manages to install malware
in the device through which the honest user access online banking
services.
The malware then captures the information necessary
for accessing the service.
After the malicious artefact obtains the information necessary
for accessing the Internet banking system through the legitimate user's
device, it downloads a list of transactions to be performed previously
stored by the attacker in a remoterepository.
Having obtained the necessary data, the malware automatically
accesses the online banking system as a legitimate user through the
user's device and performs the transactions specified by the attacker.6.
While the malware remains active, it suppresses information
about the transactions it performed from the banking system's
interface, preventing the user room detecting the attacks.

28

5. ADVANTAGES OF INTERNET BANKING

In recent time internet banking has spread rapidly all over the
globe.

All

Banks are making

greater use of

internet banking

facilities to provide better service and to excel in competition. The

spread of internet banking has also greatly benefited the ordinary
customer in general and corporate world in particular. The following
points summarize benefits of Internet Banking.
5.1 ADVANTAGES TO THE CUSTOMER
Internet banking does offer many benefits for both banks and
theircustomers. So the banks are doing what they can to enco
urage customers to try it.
An internet banking account is simple to open and use , just
byentering a few answers to the questions in a form while sit
tingcomfortably in home or office. To access the account, va
rioussecurity measures are established such as usernames an
dpasswords. To complete the set up of the account, one just
prints, signs and sends in the form.
Internet banking costs less.

Because

there

are

fewer

buildings to maintain, and less involvement by salaried

employees, there is a much lower overhead with online
banks. These savings allow them to offer higher interest
rates on savings accounts and lower lending rates and
service charges. Even traditional brick and mortar banks
offer better deals such as free bill paying services to
encourage their customers to do their banking online.
Comparing internet banks to get the best deal is easy. In a
shorttime, one can visit several online banks to compare wha
29

t theyoffer, savings and checking account deals as well as

their interest rates. Other things one can easily research are
what credit cards are available, credit card interest rates, loan
terms and the banks own rating with the FDIC.
Bouncing a cheque (accidentally) should be a thing of the pa
stbecause one can monitor the account online any time, day
ornight. One can track the balance daily, see what cheques h
avecleared and when and know when automatic deposits and
payment sare made. This is all possible by simply going
online to the banks website and logging into ones account.
One

can

keep his/her

account balanced using

personalcomputerand monthly statement. The bank account i

nformation can bedownloaded

into

software

programs;

making is easy to reconcile the account with just a few

mouse clicks. The convenience of the data capture online
makes it much easier to budget and track where
themoney goes. The internet bank account even allows one t
o viewcopies of the cheques one has written each month.
With the ability to view the account at anytime, it is easier to
catch fraudulent activity in the account before much damage
isdone.Assoon as one logs into the account, one will quickly
see whetherthere is anything amiss when one checks on the d
eposits anddebits. If anyone writes a cheque or withdraws fu
nds from theaccount, one will see it right away. This lets
one to get started on correcting the problem immediately
rather

than

having

to

wait

to

receive a clue that it

is happening as would be the case with a traditional bank

30

 Internet Banking offers a great deal of convenience than one

could get from a conventional bank. One is bound by
'banker's

hour's

and

physical

presence

is

not

required. Time is not wasted when one has work to do

because one can do the banking without leaving the office.
No matter where one is or what time it is, one can easily
saving.
Convenience. Unlike any normal physical bank, online
banking sites never close. They're available 24 hours a day,
seven days a week,365 days a year and they're only just a
mouse click away.
If one is out of station or even out of the country on a tour or
on an official trip, and suddenly a money problem arises, all
one has to do is log on to the internet and transfer funds from
one account to another and take care of personal needs and
business 24/7.
Transaction speed
transactions

and

Online banking initiates speedy

they are

very cost effective

and are

generally quicker than the transactions conducted at the

ATMs or at the bank.
Efficiency.Free to access, manage and control all the bankac
counts, including Individual Retirement Accounts, CDs, eve
nsecurities, from one secure site, the individuals can efficient
ly manage their money.
Effectiveness
Managing themoney, the money, investment, bank accounts
without even going to the bank, getting emails and wireless
alerts

on
31

various

transactions, getting the statements online, making

bill

payments on-line and transferring funds, all for free, has

made the banking highly effective. General consumers have
been

significantly

affected

in

positive

mannerby internet banking. Many of the ordinary tasks have

now been fullyautomated

resulting

in

greater

ease

and comfort.
Customers account is extremely accessible with an online
account.
Customer can withdraw money at any time through ATMs
that are now widely available throughout the country.
Besides withdrawing cash customers can also have mini
banks statements, balance inquiry at these ATMs.
Through Internet Banking, customer can operate his account
while sitting in his office or home. There is no need to go to
the bank in person for such matter.
Internet banking has also greatly helped in payment of utility
bill. Now there is no need to stand in long queues outside
banks for this purpose.
All services that are usually available from the local bank
can be found on a single website.
The growth of credit card usage also owes greatly to internet
banking. Now a customer can shop worldwide without any
need of carrying paper money with him.
Banks are available 24 hours a day, seven days a week
and they are only a mouse click away.

32

5.2 ADVANTAGES TO THE BANK

Banking industry has also received numerous benefits due to
growth of internet banking infrastructure. These are highlighted
below:
The growth of internet banking has greatly helped the banks
incontrolling their overheads and operating cost.
Many repetitive and tedious tasks have now been fully
automatedresulting in greater efficiency, better time usage
and enhanced control.
The

rise

of internet

banking

has made

banks

more competitive. It has also led to expansion of the banking

industry, opening of new avenues for banking operations.
Internet banking has greatly helped the banking industry to
reduce paper work, thus helping them to move the paper less
environment.
Internet

banking

has

also

helped

bank

in

proper

documentation of their records and transactions.

The reach and delivery capabilities of computer networks,
such as the Internet, are far better than any branch network.
Banks have quickly leveraged the capabilities of the Internet
and Web 2.0 technologies and adopted the online banking
model.
Every

mainstream

bank now offers a host of banking

services and products to an ever

increasing

base

of

customers. Through online banking, banks have been able to

reach out to millions of customers not in their geographical
area of operations and offer more products and a relatively
33

better, convenient and flexible banking experience than that

prevalent

in

traditional,

fixed-location branches.

The benefits can be studied in the following broad

categories:
More Customers
Through online banking, better service levelsand strategic
marketing initiatives, banks are able to reach out to more
customers than possible through traditional banking through
physical location branches.
Online Only Products and Services
Leveragability and amenability of new technologies, tools
and widespread broadband Internet acceptance, has made it
possible for banks to offer a whole host of online only
products and services to customers, such as CDs, e-bank
statements, financial calculators, and personal finance
newsfeeds.
Broader Customer Base
Banking

online

has

afforded

customersuser-

friendly features of Websites, robust security technologies,pr

ivacy

protection

measures,

and

mainstream

Internet

acceptance.Banks can reach out to a broader customer base

beyond the geographical confines of their locations or
base operations.
Attractive Rates and Incentives Better management practices, consolidated operations and
streamlined savings from managing and delivering online
banking services allow banks to offer attractive rates and
other incentives to customers.
34

 Cost Savings
Banks save a significant amount of operational capital from
not having to open brick and mortar branches in new
locations and far-flung areas. These savings are passed onto
the consumer in the form of reduced or no fees for inter-bank
and even intra-bank money transfers, no fees for online
payment of utilities' bills, and cash-back options on frequent
use of online-applied bank credit cards. There are sound
reasons why internet banking is growing. The economic
advantages have encouraged banks to provide an increasing
range of easy to use services via the internet.

6. POTENTIAL COUNTER MEASURES

Due to the inherent complexity and flexibility of the presented
attacks it seems unlikely that a single centralized security solution
would successfully solve the security issues on which they are based,
effectively mitigating those attacks. The main problem relies on the
weakest link in the security chain, generally the user (or his access
device), and its role in the whole authentication and authorization
35

process. In most cases, the security of the authentication and

authorization process in online banking systems is based on secret
information supposedly known only by legitimate users and the bank,
depending on the user for maintaining the secrecy of such information.
However, as it was described in the previous sections, an attacker can
easily obtain this secret information through the use of social
engineering techniques and malware, compromising the system as a
whole. In face of these issues, new authentication and identification
models should be as independent from the user or the security of his
device as possible, relying on more than one source for authentication
and identification data .A identification and authentication model
potentially resilient to the attacks presented

should be based on

independent secure channels for authentication/authorization data and

transaction data. In this model, security is guaranteed even if an
attacker

compromises

one

of

the

channels.

The

separate

authentication/authorization channel is to be chosen in such a way that

the user has little or no influence on its security, being based on
devices which the user does not control or administer, and not on the
user's internet access device (used for transactions) which may be
easily compromised by remote attackers .Taking into consideration
that any device associated or dependent on a compromised
environment (such as compromised network or host) is also
considered compromised, a potentially secure authentication and
identification model for online banking systems should fit the
following requisites:
The authentication data channel is independent from the
transaction data channel.
The identification model is independent from user provided
information.
36

Perform mutual authentication, where both the user and the

service provider must prove their identities.
Verify and confirm all the information obtained from the user in
order to detect patterns and irregularities which may indicate a fraud.
Maintain

history

database

for

each user

containing

information which form a user transaction profile associated with

reputation and trust models used to detect fraud and malicious
tendencies. A authentication and identification model with these
characteristics would be secure against the attacks presented in
section.
SOLUTIONS:
Here are some simple tips to prevent you from falling into the
trap of cyber criminals. Remember, a simple ignorance or oversight
can make a huge dentin your hard- earned savings.
I.

Securing your account:

Avoid online banking on unsecured wifi systems and
operate only from PCs at home. Never reveal password to
anyone. Do not even write it on a piece of paper on diary.
Just memorise it. It should be alphanumeric and change it
frequently. Never reply to queries from bank online about
account or personal details. The personal information
should not be kept in a public computer or in emails.

II.

Phishing:

A person's personal details are obtained by fraudsters posing as

bankers, who float a site similar to that of the person's bank.
They are asked to provide all personal information about
themselves and their account to the bank on the pretext of database
upgradation. The number and password are then used to carry out
transactions

on

their

behalf
37

without

their knowledge.

Phishing involves using a form of spam to fraudulentlygain access to p

eople's online banking details. As well as targeting online bankingcust
omers, phishing emails may target online auction sites or other
online payment facilities. Typically, a phishing email will ask an
online banking customer to follow a link in order to update personal
bank account details. If the link is followed, the victim downloads a
program which captures his or her banking login details and sends
them to a third party.

7. MISUSE OF INTERNET BANKING

7.1

INTERNET LOTTERY FRAUD

MP Cyber police has investigated several case of cheating

through Internet lottery offer which is commonly known as Nigerian
419 scam. In this kind of cheating the culprits used to send bulk
emails, bulk SMS to millions of users using software, stating that the
receiver has won lottery worth thousands of pounds or dollars which
38

comes out to be crores of Indian rupees, in a lucky draw. They used to

create fake lottery winning certificate using logo and text from
original website, which seems to be original at a glance. This kind of
sending bulk emails or SMS is an act of commonly known as
PHISHING attack. Those who are lured by such offer often tempted to
contact them. The culprits then ask the target to fill a form and thus
receives all the personal information of the target and asks him to
deposit token money in various names to earn the lottery prize. The
target who is hoping to earn huge amount of money finds these
charges to be minimal. The culprit asks the target to deposit money in
the name yellow tag, custom clearance UN anti terrorism certificate,
RBI charges or any other name they feel it to suitable to convince the
target. The culprits ask the target to deposit in various bank accounts
and once the money is deposited by the target it is withdrawn same
day by the suspect.
After losing lacs of amount people come to know that they are
being cheated. In this kind of cheating the contact number are usually
taken in the fake names or in the other Indian guys name, account are
being opened in the fake names or acquired on the basis of
commission by fooling the account holders.
Mp cyber police has investigated the case of Internet lottery
fraud and arrested Nigerian national Gods power from Meharauli
Delhi with the suspected mobile used for communication, one laptop,
printer and box used for black dollar scam.
Mp cyber police has investigated the case of Internet lottery
fraud Crime no 07/09 420,468,34 IPC and crime no 05/10 420,468,34
aIPC and arrested Nigerian national Idiogbe Joseph from Mumbai
with the suspected mobile used for communication, laptop, fake
Income tax certificate and seals.
39

Apart from the above MPCP is investigating two more such

cases in which suspects are being monitored and efforts are being
made to arrest them.

7.2 INTERNET BANKING FRAUD

Kotak mahindra bank and Poonam Gulati reported to IGP MP
Cyber Police that an amount worth Rs 17 lacs has been illegally
transferred to account in the name of Gourav Shukla from account of
Poonam Gulati through internet banking and susequently withdrawn
from various ATMs. The matter came to light when Mrs Poonam
Gulati read her bank account statement in the month of July that
amount worth Rs 17 lac had been transferred through internet banking
to some new account which she didn't know. She enquired at the bank

40

and asked when she didn't asked for internet banking then how it can
be activated and transfers could be made.
On preliminary enquiry MP Cyber police found that it was an
act of cheating forgery and fraud against the bank and not the
customers as the customer never asked for the activation of Internet
banking, Hence a FIR was lodged in the name of Kotak mahindra
Bank.
As per complaint a fake account was opened in the name
Gourav Shukla. For the purpose of cheating the suspect approached
the bank and submitted forged document to add mobile in the account
of Poonam Gulati. The bank official matched only PAN number but
didn't match the photocopies with the original. After getting registered
the mobile number in the account of Poonam Gulati the suspect
requested to add Internet banking in the account of Poonam gulati.
After getting Internet banking activated the suspect made request
forgot password through Internet banking. He could obtain the same
partial on internet window and partial on registered mobile. The
suspect after getting the internet banking password transferred Rs 17
lacs , one lac each per day from the account of Poonam Gulati to
account of Gourav Shukla. He withdrew money at the rate of One lac
per day from the various ATMs of State Bank of India wearing helmet.

41

8. INOVATIONS IN INTERNET BANKING

42

NEFT AND RTGS

India has two main electronic funds settlement systems for one to one
transactions: the Real Time Gross Settlement (RTGS) and the
National Electronic Funds Transfer (NEFT) systems. Transactions
which are bulk and repetitive in nature are routed through electronic
clearing service (ECS) which is further of two categories viz ECSCredit (one debit and multiple credits e.g. Salary, Dividends) and
ECS- debit (one credit and multiple debits e.g. bill payments, SIPs
etc.). ECS is currently provided in around 75 centres in India.
8.1. REAL TIME GROSS SETTLEMENT [RTGS]
The acronym 'RTGS' stands for real time gross settlement.
The Reserve Bank of India (India's Central Bank) maintains this
payment network. RTGS system is a funds transfer mechanism where
transfer of money takes place from one bank to another on a 'real time'
and on 'gross' basis. This is the fastest possible money transfer system
through the banking channel. Settlement in 'real time' means payment
transaction is not subjected to any waiting period. The transactions are
settled as soon as they are processed. 'Gross settlement' means the
transaction is settled on one to one basis without bunching with any
other transaction. Considering that money transfer takes place in the
books of the Reserve Bank of India, the payment is taken as final and
irrevocable.
Fees for RTGS vary from bank to bank.RBI has prescribed
upper limit for the fees which can be charged by all banks both for
NEFT and RTGS. Both the remitting and receiving must have core
banking in place to enter into RTGS transactions. Core Banking
enabled banks and branches are assigned an Indian Financial System
43

Code (IFSC) for RTGS and NEFT purposes. This is an eleven digit
alphanumeric code and unique to each branch of bank. The first four
letters indicate the identity of the bank and remaining seven numerals
indicate a single branch. This code is provided on the cheque books,
which are required for transactions along with recipient's account
number.
RTGS is a large value (minimum value of transaction should
be 2,00,000) funds transfer system whereby financial intermediaries
can settle interbank transfers for their own account as well as for their
customers. The system effects final settlement of interbank funds
transfers on a continuous, transaction-by-transaction basis throughout
the processing day. Customers can access the RTGS facility between 9
am to 4:30 pm on weekdays and 9 am to 1:30 pm on Saturdays.
However, the timings that the banks follow may vary depending on
the bank branch. Time Varying Charges has been introduced w.e.f. 1
October 2011 by RBI.
Banks could use balances maintained under the cash reserve
ratio (CRR) and the intra-day liquidity (IDL) to be supplied by the
central bank, for meeting any eventuality arising out of the real time
gross settlement (RTGS). The RBI fixed the IDL limit for banks to
three times their net owned fund (NOF).
The IDL will be charged at 25 per transaction entered into by
the bank on the RTGS platform. The marketable securities
and treasury bills will have to be placed as collateral with a margin of
five per cent. However, the apex bank will also impose severe
penalties if the IDL is not paid back at the end of the day.

44

Service Charge for RTGS

a) Inward transactions Free, no charge to be levied.
b) Outward transactions
For transactions of 2 lakh to 5 lakh - 25 per transactions
plus applicable Time varying Charges ( 1/- to 5/-) total not
exceeding 30 per transaction.
Above 5 lakh - 50 per transaction plus applicable Time
varying Charges ( 1/- to 5/-) total charges not exceeding 55
per transactions.
No time varying charges are applicable for RTGS transactions
settled up to 12:30 hrs.

45

8.2. National electronic fund transfer [NEFT]

The national electronic fund transfer (NEFT) system is a nationwide system that facilitates individuals, firms and corporates to
electronically transfer funds from any bank branch to any
individual, firm or corporate having an account with any other bank
branch in the country. For being part of the NEFT funds transfer
network, a bank branch has to be NEFT-enabled. As at end-January
2011, 74,680 branches / offices of 101 banks in the country (out of
around 82,400 bank branches) are NEFT-enabled. Steps are being
taken to further widen the coverage both in terms of banks and
branches / offices
IFSC or Indian financial system code is required to perform a
transaction using NEFT or RTGS. IFSC code identifies a specific
branch of a bank. IFSC code can be found out on RBI website. These
codes are also known from your bank branch, and it is best to confirm
the IFSC code, before going for any transaction.
Service Charges for NEFT
The structure of charges that can be levied on the customer for
NEFT is given below:
a) Inward transactions at destination bank branches (for credit to
beneficiary accounts)
Free, no charges to be levied from beneficiaries
b) Outward transactions at originating bank branches (charges
for the remitter)
For transactions up to 10 thousand not exceeding 2.5 (+
Service Tax) - For transactions up to 1 lakh not
46

exceeding 5 (+ Service Tax) - For transactions above 1

lakh and up to 2 lakhs not exceeding 15 (+ Service Tax) For transactions above 2 lakhs not exceeding 25 (+
Service Tax)

8.3. COMPARISION BETWEEN RTGS AND NEFT

The key difference between RTGS and NEFT is that while
RTGS is on gross settlement basis, NEFT is on net settlement basis.
Besides, RTGS facilitates real-time ("push") transfer, while NEFT
involves eleven settlements from 9 am to 7 pm on week days and five
settlements from 9 am to 1 pm on Saturdays. Customers can access the
RTGS facility between 9 am to 4:30 pm on week days and 9 am to
1:30 pm on Saturday. Thus if a customer has given instruction to its
bank to transfer money through NEFT to another bank in the morning
hours, money would be transferred the same day, but if the instruction
is given later during the day, money would be transferred next day.
RTGS facility is available in over 72000 branches, while NEFT
is available in little over 75000 branches of 100 banks. RBI has
recently discontinued the EFT (Electronic funds transfer).

47

9. CONCLUSION
Studying the project we came to know that Internet banking is
clearly the way forward for the Oriental Bank Of Commerce. It
provides comfort to customers at the same time it provides cost cutting
to

OBC by eliminating physical documentation. Internet banking

saves time of bank as well as those of customers. Study states that

internet banking provides greater reach to customers. Feedback can be
obtained easily as internet is virtual in nature. Customer loyalty can be
gain. Personal attention can be given by bank to customer also quality
service can be served. Bank should know that No system is perfect,
however a system of such a type will need to be very secure. This is a
system which holds account details and customers wealth. If such a
system was not trusted and not reliable, then SBI would face serious
laws and would lose business. After studying the SWOC analysis, we
came to know various strengths of OBC such as quality customer
service, greater reach, customer loyalty, easy access to information, 24
hours access, easy online applications etc. OBC should put efforts to
multiply the number of strengths. In terms of weakness I come to
know some of the major weaknesses they are lack of awareness of
internet banking among the customers, obsolesce of technology
relatedtosecurity, complicated procedures of availing internet banking
facilities, lack of knowledge among the employees of OBC. OBC
should concentrate on the weaknesses and reduce them to zero. In the
third segment of SWOC analysis of internet banking wedealt with
opportunities like 95 % market of internet market isuntapped, OBCs
path to become first virtual bank. By encashing such opportunities
bank

can

become

the

leader

in

banking

sector of

India.

which are in front of OBC, like sameness in ITinfrastructure within va

48

rious banks, need of various vendor supports for complex technology,

maintaining secured ITinfrastructure, alternative mechanism in case of
failure of present security system. The company can take the
advantage of the reputation it has created in the market for itself and
become

more

competitive.

The recommendations

and suggestions given, if adopted will improve the position of the

company

substantially

and

optimal profitability coupled

with better service and satisfactions for investors may be achieved.

10. Primary Data Analysis

A survey was conducted to determine peoples perception
towards online banking and their expectations on internet banking
49

services. The questionnaire was prepared for the purpose and response
was analyzed. The questions were distributed by hand to the people,
some were queried by telephone while others replied by e-mail. The
questions were concerned with the personal information and
characteristics of the respondent. Questions 1 to 5 test the users usage
and the awareness of computing and internet technologies. Questions
6 to 11deal with banking behaviour of respondent, their usage and
responsiveness to new technology.
Objectives:
To identify the major factor why people opted to bank online.
To understand the intention of users to use internet banking
services.
To study the main reasons/owners that can affect the users
intention for not using internet banking services provided by the
banks.
Findings:
I have research that the internet is becoming increasingly
important channel for the bank to provide banking services to both
individual customers and businessmen.
I found that internet banking would almost certainly become a
major full-fledged distribution channel of banking services and
products in India within the next 3 years.
Evidence suggests that those who are banking with the larger
bank are more likely to adopt internet banking.
I even found that internet banking is going to develop much
faster than most people imagine and with the revolution, new financial
system will evolve in many ways and even more secure than we have
today. It was interesting to analyze what made the people opt for
50

internet banking services provided by the banks.60% of the

respondents were driven by convenience that internet banking offered,
while 12% of them opted for online banking services because its saved
a lot of time and money. Complementing this result was that
another 8% of the population had opted net banking as they found it
was much easier to maintain account through the internet. It was even
noted that respondents access their bank account from their workplace
also

(use

office

PC)

during

free

time

so,

14%

of

the

surveyed population were convinced that internet banking was highly

safe and secure and sometimes even safer than the traditional modes
of banking and remaining 60% respondents found an internet banking
service effective and simple to use. The features considered important
by those who have not yet opened an internet bank account said that
security of the security of the transaction would be a very important
factor, which might lead them to open an account. Other features
considered important would be convenience and having a variety of
features and services.
So, the big question here is, Is Internet banking for you?
Yes, if you need the convenience and speed.
No, if you trust the internet as much as you trust your car
mechanism.

ANNEXURE
10.1. Questionnaire For Customers
Dear Respondent, I am a student of Self Finance Course and doing
Banking and Insurance. This survey is designed to understand bank account
51

holder's satisfaction on internet banking. So, please spare some precious time
of years to make my study complete.
Name of respondent
................................................................................................
Gender
Male { }

Female { }

Age
Below 25 years { }

25-50 years { } Over 50 years { }

Profession
Business { } Employee (job) { } Student { } House wife { }
1.Do you have any Bank Account?
Yes { }

No { }

2.Which method do you use for banking?

Online { }

Offline { }

3. What induced you to begin on-line bank Account?

The brand name of the bank { }
Advertisement { }

Reference by friends { }
Easy and quick { }

4. While opening up the account, were you aware of internet banking

services provided by your bank?
Fully aware { }

had an idea { }

no idea { }

5. What is the most important factor which prompted you to start using
i-banking?
(1: the most Important, 5: the least important)
Convience (24 hours services, anywhere connectivity { }
Easy to maintain my banking transaction activity { }
Low service charge { }

Safe and secure { }

Better rates { }
6. What are your main transactions you would prefer to do by net?
52

Order a cheque book { } Money transfers { }

Credit fixed deposit online { } Request a demand draft { }
Checking of your current balance { } Pay bills { }
Request for stopping payment on a cheque { }
7. In general, how often do you use online banking services?
Never { } Rarely { } Sometimes { } Often { }
Very often { }
8. Do you feel safe in disclosing your details on net?
Yes { }

No { }

9. Are you satisfied with your bank services?

Yes { } No { }
10. How would you rate the internet banking facility provided by your
bank?
Excellent { } Very good { } Good { }
Average { } Poor { }
11. What other services you would like to have through internet
banking?
.................................................................................................................................................
*** Thank you very much for your help. ***

10.2. Questionnaire For Bank

1. Name of the bank:-------------------------------53

2. Does the bank website exist? : Yes { } No { }

3. If yes, please specify web site address:---------------------------4. When did the banks web site become active? (Year) :-------5. Which of the following i-banking products/services are
offered?
Internet Banking Yes { } No { }
6.When did the Bank begin offering Internet Banking?
(Year):----7.How many customers are using this facility? : -------8.Which software is being used for it?: ---------------9. Is the Banks website reviewed internally?
Yes { }

No { }

10. Are security measures in place to secure the banks

website?:
Yes { }

No { }

11. How many customers are still using traditional way of

banking transaction?
25% { }

Below 50% { }

50% & Above { } 75% { } Above 75%

Name :---------------------------------Designation
:---------------------Signature:---------*** Thank you very much for your help. ***

BIBLIOGRAPHY
Primary Data
Customer Survey through Questionnaire Case
54

 Study on ORIENTAL BANK OF COMMERCE

Visiting internet banking services websites
Secondary Data
College Library
Business Aspect SY BMS
Times Of India Dt 24th January 2011
Electronic Banking: The Ultimate Guide to Online Banking

Webliography
www.obcindia.co.in
www.rbi.org
www.timesofindia.com

55