Index

Sr no 1 2 3 4 5 6 7 8 9 Particulars Introduction Meaning Banking security architecture Encryptions: Advantages and disadvantages prevention Usage in our daily life Securities used by banks Bibliography Page nos. 3 4 5-6 7 8 9 11 12 13

Acknowledgement
Ill like to thank my proff. Vinay Bhat for giving me this wonderful project. It was a great learning experience. The project has made me aware of my surroundings and has helped me broaden my horizon.

Introduction
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. This can be done by simply using the latest technology available near us. It is important to keep your hard-earned money safe. Whether you are concerned about online banking security or the traditional banking security threats, you'll find help here. In this report we'll cover tips for safe online banking, ways to avoid identity theft, and more. Banks are the safest place to keep your cash. Nevertheless, bank failures happen from time to time. This report discusses bank failures in general and what you should expect if your bank goes under. The IT sector has become one of the most significant growth catalysts for the Indian economy. This IT sector helps in fueling the economic growth of India., guaranties that the costs of repairing do not absorb all the defenders resources. We can train people and provide them with tools, in this way they will be able to protect confidential data. The issue of IT system security and data protection is broad indeed. It is identified, though, with the continuous modification and adaptation of solutions and security management to the realities of the operating environment.

MEANING:
In the complex area of banking operations, Microsoft sees a recurring strategic theme for technology modernization. Leading banks are ensuring that every back office technology project considers the impact on what we call the 3 Cs of Cost, Control, and the Customer. Although they seem to be very different drivers, all three in fact tie operational performance and efficiency back to the customer and the quality of the relationship. Security Architecture can be defined as the design that describe how the security controls are positioned, and how they relate to the overall information technology architecture. These controls serve the purpose to maintain the system's quality attributes, among them are confidentiality, integrity, availability, accountability and assurance. Online Banking uses 128-bit digital certificate from VeriSign for encryption of the Secure Sockets Layer (SSL) session. SSL is the industry standard for encrypted communication and ensures that customer's interaction with the Bank over the Internet is secure. Banks need a flexible architectural model for the growth of banking services one that enhances interoperability and reduces integration costs. This makes it easier to choose and integrate commercially available products of different vendors.

Banking security architecture

Chip & PIN has now been running for about 5 years. Personal identification numbers (PINs) are security features. Often referred to as PIN numbers .PINs are important in keeping your money and your information safe. Picking a good PIN number and remembering it is easy if you use a few tricks. Chip & PIN, based on the EMV (EuroPay, MasterCard, Visa) standard, is deployed throughout most of Europe. Customer inserts contact-smartcard at point of sale, and enters their PIN UK was an early adopter: rollout in 20032005; mandatory in 2006 Chip & PIN changed many things, although not quite what people expected. While ATM's have added some convenience to our lives, a few risks have also popped up. ATM's give criminals another opportunity to get at your money, and you should take steps to reduce your risk. Most of us can stay out of trouble with simple common sense, but you should periodically review some proven tactics.

Login precautions
Online Banking brings you a lot of convenience. Ensure you don't ever have to regret it by following these simple, easy-to-keep tips. First-time passwords are automatically generated by the system and printed on to password mailers so that no one in the Bank is ever aware of the passwords. Two levels of passwords are provided. Transaction password is used for confirming financial transactions. The system enforces change of password upon logging in the first time. The Online Banking facility is locked if wrong passwords are entered for 3 consecutive times. Online Banking enforces use of minimum 8 character password, which should include alphabets (AZ,a-z) as well as numbers (0-9). Special characters like #$@% are also accepted as part of the password. Avoid using shared computers when accessing Barclays Online Banking. Avoid logging into Barclays Online Banking or using critical passwords at internet cafes, libraries, and other public sites to
5

avoid the risk of information being copied and re-entered after you leave. Change your passwords regularly. Contact you service provider immediately if you suspect your Online Banking password has been compromised. Use a password on your computer to prevent unauthorized individuals from accessing your information. Disable the 'AutoComplete' function on your browser. Always remember to Log-off from Online Banking and close your browser when you have finished.

We can also use 3 tier or 2 tier distributed architecture for transferring data online or in net banking.3 tier distributed data security can be used in banking architecture to provide safe and secure transfer of data. A distributed database is a technical architecture where all the data stored is not connected to one CPU but is distributed across a network of two or more computers. For example, customer information and related processing may occur within the branch to which that customer belongs. The CPU and related data can be connected using the Internet or a private network such as a local area network.

This log in id and password can be used to make a secure log in to any net banking web sites. Now a days every bank is using secure page where hacking can be controlled or minimized. To access a financial institution's online banking facility, a customer having personal Internet access must register with the institution for the service, and set up some password (under various names) for customer verification. The password for online banking is normally not the same as for telephone banking. Financial institutions now routinely allocate customer numbers (also under various names), whether or not customers intend to access their online banking facility. Customer numbers are normally not the same as account numbers, because a number of accounts can be linked to the one
6

customer number. The customer will link to the customer number any of those accounts which the customer controls, which may be cheque, savings, loan, credit card and other accounts. To access online banking, the customer would go to the financial institution's website, and enter the online banking facility using the customer number and password. Some financial institutions have set up additional security steps for access, but there is no consistency to the approach adopted. Security of a customer's financial information is very important, without which online banking could not operate. Financial institutions have set up various security processes to reduce the risk of unauthorised online access to a customer's records, but there is no consistency to the various approaches adopted.

Encryptions
Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Advanced security through database encryption is required across many different sectors and is increasingly needed to comply with regulatory mandates. The public sector, for example, uses database encryption to protect citizen privacy and national security. Initiated originally in the United States, many governments now have to meet policies requiring Federal Information Processing Standard (FIPS) validated key storage. For the financial services industry, it is not just a matter of protecting privacy but also complying with regulations such as the Payment Card Industry Data Security Standard (PCI DSS). This creates policies that not only define what data needs to be encrypted and how, but also places some strong requirements on keys and key management. In fact, Requirement 3 of PCI version 1.2 (that is, to protect stored cardholder data) seems to be one of the more difficult aspects with which to comply. One approach that can help companies address the encryption challenges associated with regulation is the "defense in depth" principle, which advocates many layers to strong securityranging from physical security and access controls, to rights assignment and network security (including firewalls and, crucially, encryption of data both at rest and in transit). Strong security is all about reducing the attack surface available to hackers and malicious users. If one method of attack is deemed too difficult, they will attempt to move on and exploit another weakness.
7

Advantages
Information security is extremely easy to utilize. For protection of less sensitive material users can simply password protect files. For the more sensitive material users can install biometric scanners, firewalls, or detection systems. As technology increases so will the crimes associated with it. Making the use of information security very worthwhile. It keeps vital private information out of the wrong hands. For the government it keeps top secret information and cabalities out of terrorist and enemy nation's hands. Information security protects users valuable information both while in use and while it is being stored. it can increase the confidentiality of the document. It prevents different types of data leakage and increase the reliability of the information.

Disadvantages

Technology is always changing so users must always purchase upgraded information security.
8

Since technology is always changing nothing will ever be completely secure. If a user misses one single area that should be protected the whole system could be compromised. It can be extremely complicated and users might not totally understand what they are dealing with. It can slow down productivity if a user is constantly having to enter passwords.

Prevention

Install anti-spyware and antivirus software. Spyware is hidden programs that run on your computer. They monitor what you are doing online without you realizing it. It can lead to identity theft. Anti-spyware helps prevent spyware from being used. Also install antivirus software to prevent your computer from being infected with a virus.

Turn on your firewall. This helps prevent hackers from getting information such as passwords to bank accounts and other information they could use to steal funds or steal your identity. Monitor the websites your children go to. Put your computer in a location where you can keep on eye on what they are doing online. Use software that blocks children from going to inappropriate websites. Set rules and limits for internet use. Talk with your children about online predators. Teach children not to engage in online chats with adults and never to give out their address to someone they meet online. Warn them never to meet someone in person they met online. Tell children to talk to you about anything that happens inappropriate to them online.
9

Go to the FBI website to learn about internet scams. They keep the public informed about current scams that maybe circulating online. They also have information on how to avoid online identity theft and investment fraud. Use secured websites when purchasing items online and giving credit card numbers. Be wary of solicitations for donations. Check out charities before giving money. Report suspected internet crimes. The Federal Bureau of Investigations runs The Internet Crime Complaint Center where internet crimes can be reported. In addition you can contact your local law enforcement agency to report internet crime and they will refer you to the appropriate agency to take your report

Architecture:

10

Usage in day 2 day life:

Information technology has highly affected our lives. Its used massively in our day to day life. Computer technology has made our lives much easier and convenient.
11

For example, our banking needs. Years ago, people had to manually achieve important data of their customers, now you just use the computer to find this data. In just one click, instantly find the customer name, date of birth, address, email address, phone numbers and so on. As customers of these banks, which also can easily get a quick look at their account balances through logging into the bank's website, plus many people are able to borrow using the computer. Due to the birth of computer technology, we now have credit cards or what others call plastic money, which are very useful especially when you have no cash on hand or when ordered a product over the Internet. It's amazing how computer technology has changed both the way we live. Today, buying products such as mobile phones, bags, household utensils and clothing, or even paying bills can be made effortlessly in the comfort of your own home. With the computer use a lot of students, especially those with disabilities or serious illnesses can register unfortunate to different schools through home schooling. Students are still able to take their examination paper or check out their qualifications for use of the computer. computer technology has helped many businesses to better serve the community. But computers have not only helped us in the business industry but also has an effect on our communication systems. Long before the birth of computers, writing letters were the main source of communication, which would be a nuisance particularly to those who live in distant places, plus the phones are pretty expensive for most people prefer to write to their loved ones. Now we have email and live chat or even voice messages. Contact with each other is now a piece of cake.

12

Security to fit every need

Checkpoint's Banking Division offers a full line of high-quality banking security equipment including physical, transaction, electronic and service solutions. Their security products and services include:

Physical security products, vaults, safes, night depositories Transaction security products, drive-in windows, drawers, remote D.I. Electronic security products, alarms, CCTV, access control UL-certified central station monitoring Knowledgeable, consultative security sales service team State-of-the-art customizable public view monitor systems SafeGARD automated safe deposit box system Security entry portals ATMs Flexible, nationwide project management of security installs Custom-tailored security systems NICET-certified CCTV/burglary/fire design services Dedicated technical support Experienced service organization for all security products

13

Bibliography
http://wiki.answers.com/Q/The_uses_of_computer_and_information_techn ology_in_daily_life#ixzz1ydW10rRV http://www.google.co.in/#hl=en&sclient=psy-ab&q=advantages%20of %20information%20technology%20security&oq=advantages%20of %20information%20technology%20se&aq=1K&aqi=g-K3gbK1&aql=&gs_l=serp.11.1.0i30l3j0i8i30.0.0.1.415.0.0.0.0.0.0.0.0..0.0...0. 0.w4r5NP42ohs&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&fp=6b112fb1 837e7265&biw=1600&bih=786&pf=p&pdl=300 http://www.guidance-consulting.com/articles/106-benefits-of-availabilityconsulting.html http://anton-capria.blogspot.in/2009/02/information-security-advantagesand.html http://www.ehow.com/how_2086433_prevent-internet-crime.html http://www.nyc-architecture.com/LM/LM056.htm case study http://secappdev.org/handouts/2012/Steven%20Murdoch/Banking %20Security%20Architecture.pdf
https://freedom-to-tinker.com/blog/gem/software-security-case-study/

14