Liezel S.

Denson
Banking

Global Finance Electronic

4-FM1 Sat. 3-6 pm 414

Prof. Marie Joy Rosales

Assignment #2
Different safety measures in online transaction
1. PCI Compliance
One of the first steps to take is to make sure your payment system is Payment Card Industry
(PCI) compliant. The Payment Card Industry Security Standards Council was formed in 2006 to
regulate major payment brands and help merchants keep their customers financial data safe.
Its their prerogative to maximize information security by implementing 12 security
requirements.
Whether your business is large or small, this is important because it ensures that you meet at
least the minimum security requirements for processing customer transactions. The PCI council
works with merchants to provide education about online safety and will take necessary steps to
maximize your websites safety. The specific requirements you need to meet depends on many
factors, including the size of your business. Its their job to analyze your online transaction
system, check for vulnerabilities, and fix them. The compliance team creates reports and sends
them to the card brands and banks that your business is associated with.
2. Data Encryption
Another way to enhance security is to utilize encryption technology to make sure private
financial information remains private. This technology confirms that the websites your business
uses for transactions are part of valid organizations and have legitimate operators. It minimizes
the risk of sensitive information viewed by the wrong parties. It also greatly reduces the chances
of hackers cracking passwords. The combination of these features creates an added layer of
protection for customers throughout the transaction process. Data encryption is more important
than ever, especially with Wi-Fi networks and identity theft problems.
3. Safe Login Screen
When customers sign in to access their accounts, its critical the login system is as secure as
possible. Otherwise, you can make it dangerously easy for hackers to infiltrate and gain access to
sensitive information. In the event that a customer forgets his password, he should be required
to enter a user name or email address to retrieve it. The system will then send him an email
where he can temporarily log in or create a new password. Following this type of safety protocol
is relatively simple but can prevent many security threats.
4. Updated Operating Systems
Its also smart to stay current with all security updates that are available for your businesss
network of computers. Because hackers are constantly coming up with new techniques, its
critical to stay one step ahead. If you havent done so already, you should sign up for automatic
updates for your entire network. This will prevent you from forgetting to download any important
safeguards that could jeopardize your online payment security. Besides keeping transactions

safe, this should significantly reduce the chances of acquiring a virus that can negatively impact
business operations.
5. Security Assessment
Finally, a thorough assessment of your payment system from a company like Security
Metrics should tie up any loose ends. This company is somewhat similar to the analysis that the
PCI will perform but is a bit more exhaustive in their approach. One feature they offer involves
implementing ethical hacking, in which penetration test analysts inspect your network much like
a hacker would. They do this manually and look for flaws that could potentially be exploited.
Afterward, they will go over their findings and provide consultation to heighten security.
Additional features include discovering where unencrypted data is leaking, network
configuration, wireless security, and external/internal network security. If you wish to learn more
about safety precautions, they can even provide you with security awareness training.
Keeping your customers payment information safe and confidential should be taken seriously.
Following these guidelines will reduce the likelihood of security breaches and keep your daily
financial transactions running smoothly. Potential customers should feel more comfortable doing
business with you and youre more likely to have repeat customers. This can ultimately give you
an advantage over competitors who dont put as much effort into online security.
Enumerate different kinds of Crimes & Law to avoid.
Types of Cyber Crimes
When any crime is committed over the Internet it is referred to as a cyber crime. There are many
types of cyber crimes and the most common ones are explained below:
Hacking: This is a type of crime wherein a persons computer is broken into so that his personal
or sensitive information can be accessed. In the United States, hacking is classified as a felony
and punishable as such. This is different from ethical hacking, which many organizations use to
check their Internet security protection. In hacking, the criminal uses a variety of software to
enter a persons computer and the person may not be aware that his computer is being accessed
from a remote location.
Theft: This crime occurs when a person violates copyrights and downloads music, movies, games
and software. There are even peer sharing websites which encourage software piracy and many
of these websites are now being targeted by the FBI. Today, the justice system is addressing this
cyber crime and there are laws that prevent people from illegal downloading.
Cyber Stalking: This is a kind of online harassment wherein the victim is subjected to a barrage
of online messages and emails. Typically, these stalkers know their victims and instead of
resorting to offline stalking, they use the Internet to stalk. However, if they notice that cyber
stalking is not having the desired effect, they begin offline stalking along with cyber stalking to
make the victims lives more miserable.
Identity Theft: This has become a major problem with people using the Internet for cash
transactions and banking services. In this cyber crime, a criminal accesses data about a persons
bank account, credit cards, Social Security, debit card and other sensitive information to siphon
money or to buy things online in the victims name. It can result in major financial losses for the
victim and even spoil the victims credit history.

Malicious Software: These are Internet-based software or programs that are used to disrupt a
network. The software is used to gain access to a system to steal sensitive information or data or
causing damage to software present in the system.
Child soliciting and Abuse: This is also a type of cyber crime wherein criminals solicit minors via
chat rooms for the purpose of child pornography. The FBI has been spending a lot of time
monitoring chat rooms frequented by children with the hopes of reducing and preventing child
abuse and soliciting.

Laws
Hacking, Piracy, and Cyber Terrorism
Hacking is one of the most well-known types of computer crime. In this context, the term refers
to the unauthorized access of anothers computer system. These intrusions are often conducted
in order to launch malicious programs known as viruses, worms, and Trojan Horses that can shut
down or destroy an entire computer network. Hacking is also carried out as a way to take credit
card numbers, internet passwords, and other personal information. By accessing commercial
databases, hackers are able to steal these types of items from millions of internet users all at
once.
Internet piracy is another common offense. Piracy involves the dissemination of copyrighted
material without permission of the owner. Beginning in the early 1990s, music sharing websites
became extremely popular, many of them operating in violation of the law. Movies, video games,
e-books, and software are now pirated over the internet as well. Estimates by the entertainment
industry put the annual cost of internet piracy in the billions of dollars, although there is evidence
the scope of the economic impact has been overstated by the industry in an effort to persuade
Congress to pass further regulations.
Cyber terrorism is a relatively new phenomenon. These crimes involve politically-motivated
attacks to targets such as government websites or commercial networks. Such attacks are
designed to be large in scale, and to produce fear and panic among the victim population. With
financial markets now trading over the internet and so many other transactions taking place
online, the danger of cyber terrorism has received a great deal of attention. However, actual
instances of this type of crime are rare.
Identity Theft and Other Frauds
The problem of identity theft existed prior to the development of the internet. Nevertheless,
these crimes often involve the use of a computer, as offenders trick online shoppers and other
web users into disclosing social security numbers, bank account and credit card information,
home addresses, and more. A common scheme is known as email phishing. It is accomplished
by sending victims an email containing a link to a website that the victims use regularly. The
email asks victims to update their account information on the website, but when victims click on
the link within the email, they are taken to a copycat website that secretly captures the
information they enter.

Online Stalking, Bullying, and Sex Crimes

Some of the most serious computer crimes have nothing to do with making money, achieving
political objectives, or showing off a hackers skills. Instead, they are designed to cause
emotional trauma to the victim. Social media websites provide offenders with the ability to
publish hurtful or embarrassing material as a way of inflicting harm on others. Once photographs
or other items are posted and circulated online, they can be impossible for the victim to remove.
The fallout from these kinds of activities is especially devastating for school age children, who
tend to be more sensitive to social harassment.
A number of sexual offenses are also committed using computers. The trafficking of child
pornography is one example. Federal and state authorities prosecute these cases vigorously,
with convicted offenders often being sentenced to decades of incarceration. Law enforcement
also devotes substantial resources to catching online predators who attempt to solicit underage
victims for purposes of sex. These criminals are often discovered frequenting internet chat
rooms, where they pose as young people in order to lure minor victims into romantic
encounters.
Different types of risks of e-banking.
Operational risk
Operational risk arises from the potential for loss due to significant deficiencies in system
reliability or integrity. Security considerations are paramount, as banks may be subject to
external or internal attacks on their systems or products. Operational risk can also arise from
customer misuse, and from inadequately designed or implemented electronic banking and
electronic money systems. Many of the specific possible manifestations of these risks apply to
both electronic banking and electronic money.
Reputational risk
Reputational risk is the risk of significant negative public opinion that results in a critical loss of
funding or customers. Reputational risk may involve actions that create a lasting negative public
image of overall bank operations, such that the banks ability to establish and maintain customer
relationships is significantly impaired. Reputational risk may also arise if actions by the bank
cause a major loss of public confidence in the banks ability to perform functions critical to its
continued operation. Reputational risk can arise in response to actions a bank itself takes, or in
response to actions of third parties. Increased reputational risk can be a direct corollary of
heightened risk exposure, or problems, in other risk categories, particularly operational risk.
Legal risk
Legal risk arises from violations of, or non-conformance with laws, rules, regulations, or
prescribed practices, or when the legal rights and obligations of parties to a transaction are not
well established. Given the relatively new nature of much retail electronic banking and electronic
money activities, rights and obligations of parties to such transactions are, in some cases,
uncertain. For example, application of some consumer protection rules to electronic banking and
electronic money activities in some countries may not be clear. In addition, legal risk may arise
from uncertainty about the validity of some agreements formed via electronic media.
Other risks

Traditional banking risks such as credit risk, liquidity risk, interest rate risk, and market risk may
also arise from electronic banking and electronic money activities, though their practical
consequences may be of a different magnitude for banks and supervisors than operational,
reputational, and legal risks. This may be particularly true for banks that engage in a variety of
banking activities, as compared to banks or bank subsidiaries that specialize in electronic
banking and electronic money activities.
Credit risk is the risk that a counterparty will not settle an obligation for full value, either when
due or at any time thereafter. Banks engaging in electronic banking activities may extend credit
via non-traditional channels, and expand their market beyond traditional geographic boundaries.
Inadequate procedures to determine the creditworthiness of borrowers applying for credit via
remote banking procedures could heighten credit risk for banks. Banks engaged in electronic bill
payment programs may face credit risk if a third party intermediary fails to carry out its
obligations with respect to payment. Banks that purchase electronic money from an issuer in
order to resell it to customers are also exposed to credit risk in the event the issuer defaults on
its obligations to redeem the electronic money.
Liquidity risk is the risk arising from a banks inability to meet its obligations when they come
due, without incurring unacceptable losses, although the bank may ultimately be able to meet its
obligations. Liquidity risk may be significant for banks that specialize in electronic money
activities if they are unable to ensure that funds are adequate to cover redemption and
settlement demands at any particular time. In addition, failure to meet redemption demands in a
timely manner could result in legal action against the institution, and lead to reputational
damage.
Interest rate risk refers to the exposure of a banks financial condition to adverse movements in
interest rates. Banks specializing in the provision of electronic money may face significant
interest rate risk to the extent adverse movements in interest rates decrease the value of assets
relative to electronic money liabilities outstanding.
Market risk is the risk of losses in on- and off-balance sheet positions arising from movements in
market prices, including foreign exchange rates. Banks accepting foreign currencies in payment
for electronic money are subject to this type of risk.