Professional Documents
Culture Documents
• Data Entry
Processing presumes data entry. A bank customer operates an ATM
facility to make a withdrawal.
•Data Validation
This validation is made by the 'Error Detection' and 'Error
Correction' procedures.
•Banking framework
Application environment of the computerized Banking system.
• Processing and Revalidation
The processing of data occurs almost instantaneously in case of
Online Transaction Processing (OLTP) provided a valid data has
been fed to the system.
•Storage
Processed actions, as described above, result into financial
transaction data i.e. withdrawal of money by a particular customer,
are stored in transaction database of computerized personal banking
system.
•Information
The stored data is processed making use of the Query facility to
produce desired information.
•Reporting
Reports can be prepared on the basis of the required information
content according to the decision usefulness of the report.
•Operating procedure
A well-conceived and designed operating procedure blended with
suitable operating environment of the enterprise is necessary to work
with the computerized Banking system.
SECURITY SYSTEM
• 1.CCTV (Videos): To monitor and record activity of any suspicious
behaviour
• 2.Alarm system: To signal authorities in the instance of threat.
• 3.Perimeter protection: Secures doors and windows
• 4.Interior protection: Electronic sensors, controls and equipment
• 5.User-identification codes: Every employee has an ID code to enter or exit
the building.
• 6.Cloud computing: Can help financial institutions improve performance in
a number of ways.
• 7.Firewall and Routers: Implemented system firewalls forming a barrier
between the bank’s internal systems and the Internet.
• 8.Access online transaction: assess specific attributes
• 9.Adopt strong authentication standard: Don’t use weak or simple
username and passwords .
• 10.Extended Validation Secure Socket Layer (SSL) digital certificates: Is a
protocol designed to provide security and data integrity.
• 11.Secure Seal (SS): Anti-fraud technology
• 12.Biometric device: e.g.: Fingerprinting device
• 13.One-time password (OTP): can be implemented using a hash-chain
• 14.Digital Code Lock: For every door or locker cluster. Give alert sound
when any mismatch occurs.
• 15.Secured application or virtualization: Virtual operating system on host
system.
• 16.Secure transaction signing: Transaction details and unlock code on
mobile(SMS).
• 17.Chip Authentication Program (CAP): is a new protocol based on the older
EMV standard.
• 18.RSA SecurID: the 6 to 8-digit response of the SecurID tokens is computed
over the PIN using AES algorithm.
• 19.Multi-Factor Authentication: The incorporation of Multi-Factor Authentication
into the NetTeller online banking product creates the ability for First Security
Bank .
ACCESS CONTROL
• Generally secured.
• 24 hours access.
• Business online.
• Email alerts .
• Balance alerts.
• Deposit/Withdrawal alerts.
• Negative balance alerts
• Bill pay reminders and confirmations
• Secure message alerts.
• Priority online notifications.
• Online investment.
• Insurance.
• Loans.
• Online banking application.
AUTOMATED TAILER MACHINE NETWORK
2. PIN capturing
- attach cameras to ATM to capture user’s pin
• How the threats work:
1. Skimming devices
- place at card reader slot
- to read the data at black line behind bank card
• Firewall Policy
- Documentations
- Connections between machine
- Regular Testing
- Logs
-Intrusion Detection system
- Contingency Planning
• Server Security Policy
- Documentations
- Connections between server
- Power backup
- Logs
- Contingency Planning
• Remote Access Tool Policy