Site icon LAWYERS GYAN

INTERNET BANKING SECURITY THREATS

INTERNET BANKING SECURITY

“Financial institutions must be able to deliver an easy to navigate, a seamless digital platform that goes far beyond a miniaturized online banking offering”

-Jim Marous[1]

Introduction

E-banking or internet Banking is an umbrella term which includes a process where the customer can perform bank transactions through electronic devices without actually visiting the bank. It includes a Financial software program which allows the customer to perform transactions electronically. Internet Banking is proved to be useful for payment of phone and electricity bills, credit card bills, online shopping etc . However it is important for a customer to not share any confidential information to avoid e-banking frauds.

Concept of EFT (Electronic Fund Transfer)

In Electronic Fund Transfers, electronic technology is used to make transactions in place of cheques. The process of Electronic Fund Transfer can be conducted with the help of devices such as cards or codes through which the customer can access his/her account. ATM and PINs[2] can be used for this purpose.

EFT is one of the branches of e-commerce.

These kinds of transfers are done without intervention therefore this process can be also termed as Virtual banking[3]. EFT was launched by the Reserve Bank of India in 1995 to adopt a modern system of fund transfer. It also helps to speed up the transfers between the banks. There are generally three kinds of transactions which can be performed through EFT :

The IT Act 2000, enacts provision for transactions done by the means of electronic communication. Apart from this, legal recognization has also given to electronic record, documents and electronic signature under IPC[4], Indian Evidence Act 1872[5], the Reserve Bank act 1934 and the Bankers evidence Act 1891. Under Section 46 of IT Act 2000, an application can be filed claiming breach of security procedures by the bank. Such banks must pay adequate damages and compensation on breach of security procedures.[6]

Security Threats related to Internet Banking

Spyware is a software which collects the customer’s personal information without the consent of the user. It allows the third person to change the settings of the user’s computer.

In this, the fraudsters use the hoax emails to fish for personal details of the user. In general, fraudsters claim to be from a financial institution. They generally try to get sensitive information such as credit or debit card numbers, customer registration number etc. In Umashankar Shivasubramaniam vs ICICI Bank [7], the Court held the bank liable since it was unable to prevent unauthorized access to the user’s account. User, in this case, gave his bank details to a hoax mail received from the bank from an email I’d cutomercare@icicobank.com.

Computer Viruses is a software which enters into memory or disk space. With email virus,  all email contacts of user can be intruded.

Through this method, fraudster passes normal authentication to access a user’s computer or device. Through this, the fraudster can access the account of the user.

In this, the server is flooded which led to a crash in server. It makes it impossible for an authorized user to access it.

Legal Provisions for Internet Banking

Section 43 and 66 of the Information and Technology Act 2000 dealt with the offences related to the computer before the Amendment Act of 2008. However, after the Amendment Act of 2008, several provisions were established to deal with computer-related offences. Causing damage to the computer is punishable under section 43 of the said act. Banks are also liable under section 43A in case of failure to protect user’s data. Apart from this other computer-related offences are mentioned under Section 66 of the IT act. Breach of Privacy and confidentiality is punishable under section 72 of the said act. In 2009, the IT act 2000 was amended which makes ‘offence committed outside India’ as punishable.[8]

Under Section 172, electronic documents can be presented before the court of law. Section 29A defines the word ‘electronic record’. Section 463 deals with false electronic record with intent to cause damage.

Apart from this, under Section 12 of Prevention of Money Laundering Act 2002, every financial institution is required to keep the track of transactions of more than ten lakhs taking place in a month. Such a record should be maintained for 10 years.

Conclusion

Internet Banking is the safe and the fastest means to access bank account at any place and at any time. The role of the EFT system is remarkable in the e-banking industry. However, with the advent of a system of Electronic Fund Transfer, many e-banking threats are created by a fraudster to obtain any illegal benefit. Users should take care of their ATM and debit cards. Keeping and comparing receipts of all types of EFT transactions is essential. Better technology should be adopted by the Banks to provide better service.

Sources:

[1] Internationally recognized Financial strategist

[2] Personal Identification number

[3] KC Shekhar and Lekshmy Shekhar Banking theory and practice 23, (19th Ed. 2009)

[4] Section 172, 173 and 175.

[5] Section 65A and 65B

[6] Section 43A of the IT act 2000

[7] 2010

[8] Section 1(2) and Section 75 of the IT Act 2000

This blog is written by Riddhi Chadha, Fairfield Institute of Management & Technology.

Visit our Instagram page @lawyergyan at this link.

For more BLOG/ NEWs, CLICK HERE.

Please Subscribe for more updates.

Get Lawyers Gyan in your Email & Join 10000+ Lawyers!!

WhatsApp Group Join Now
Telegram Group Join Now
Instagram Group Join Now
Exit mobile version