INDEX

Sr. No. chapter Page

No.
1.

1
Chapter:1 Introduction of E-banking
Introduction:
The fast advancing global information infrastructure (including information
technology and computer networks such as the Internet and telecommunications
systems) enable the development of electronic commerce at a global level. The
nearly universal connectivity which the Internet offers has made it an invaluable
business tool. These developments have created a new type of economy, which many
call the digital economy. This fast emerging economy is bringing with it rapidly
changing technologies, increasing knowledge intensity in all areas of business, and
creating virtual supply chains and new forms of businesses and service delivery
channels such as e-banking.
As a direct consequence of the emergence of the digital economy, the balance of
power seems to be shifting to the customers. Customers are increasingly demanding
more value, with goods customised to their exact needs, at less cost, and as quickly
as possible. To meet these demands, businesses need to develop innovative ways of
creating value which often require different enterprise architectures, different IT
infrastructures and different way of thinking about doing business. This
transformation of business from an old company to a new agile electronic
corporation is not easy and requires a lot of innovative thinking, planning and
investment. This book will cover many of these issues in e-banking context.
This chapter is an introduction to the themes covered in the book. It sets the
background, defines the context and provides a basis for the material covered in the
subsequent chapters.

E-banking definition
E-Banking is defined as the automated delivery of new and traditional banking
products and services directly to customers through electronic, interactive
communication channels. E-Banking includes the systems that enable financial
institutions, individuals or businesses, to access accounts, transact business, or
obtain information on financial products and services through a public or private
network, including the Internet. Customers access E-Banking services using an
intelligent electronic device, such as a personal computer (PC), personal digital
assistant (PDA), automated teller machine (ATM), Kiosk, or Touch Tone telephone.
E-Banking involves the handling of an account or a savings book, etc

What Is E-Banking
In its very basic form, e-banking can mean the provision of information about a bank
and its services via a home page on the World Wide Web (WWW). More
sophisticated e-banking services provide customer access to accounts, the ability to
move their money between different accounts, and making payments or applying for
loans via e-Channels. The term e-banking will be used in this book to describe the
latter type of provision of services by an organization to its customers. Such
customers may be either an individual or another business.
To understand the electronic distribution of goods and services, the work of Rayport
and Sviokla (1994; 1995) is a good starting point. They highlight the differences

2
between the physical market place and the virtual market place, which they describe
as an information-defined arena. In the context of e-banking, electronic delivery of
services means a customer conducting transactions using online electronic channels
such as the Internet.
Many banks and other organizations are eager to use this channel to deliver their
services because of its relatively lower delivery cost, higher sales and potential for
offering greater convenience for customers. But this medium offers many more
benefits, which will be discussed in the next section. A large number of
organizations from within and outside the financial sector are currently offering e-
banking which include delivering services using Wireless Application Protocol
(WAP) phones and Interactive Television (iTV).
Many people see the development of e-Banking as a revolutionary development, but,
broadly speaking, e-banking could be seen as another step in banking evolution. Just
like ATMs, it gives consumers another medium for conducting their banking. The
fears that this channel will completely replace existing channels may not be realistic,
and experience so far shows that the future is a mixture of clicks (e-banking) and
mortar (branches). Although start up costs for an internet banking channel can be
high, it can quickly become profitable once a critical mass is achieved.

Evolution of E-Banking
There have been significant developments in the e-financial services sector in the
past 30 years. According to Devlin (1995), until the early 1970s functional
demarcation was predominant with many regulatory restrictions imposed. One main
consequence of this was limited competition both domestically and internationally.
As a result there was heavy reliance on traditional branch based delivery of financial
services and little pressure for change. This changed gradually with deregulation of
the industry during 1980s and 1990s, whilst during this time, the increasingly
important role of information and communication technologies brought stiffer
competition and pressure for a faster pace of change.
The Internet is a relatively new channel for delivering banking services. Its early
form online banking services, requiring a PC, modem and software provided by
the financial services vendors, were first introduced in the early 1980s. However, it
failed to get widespread acceptance and most initiatives of this kind were
discontinued. With the rapid growth of other types of electronic services since mid
1990s, banks renewed their interest in electronic modes of delivery using the
Internet. The bursting of the Internet bubble in early 2001 caused speculation that
the opportunities for Internet services firms had vanished. The dot.com companies
and Internet players struggled for survival during that time but e-commerce
recovered from that shock quickly and most of its branches including e-banking have
been steadily, and in some cases dramatically, growing in most parts of the world.
One survey conducted by the TechWeb News in 2005 (TechWeb News, 2005) found
e-banking to be the fastest growing commercial activity on the Internet. In its survey
of Internet users, it found that 13 million Americans carry out some banking activity
online on a typical day, a 58 percent jump from late 2002. The spread of online

3
banking has coincided with the spread of high-speed broadband connections and the
increasing maturation of the Internet user population. Another factor in e-banking
growth is that banks have discovered the benefits of e-banking and have become
keener to offer it as an option to customers.

Why is E-Banking Important

Understanding e-banking is important for several stakeholders, not least of which is
management of banking related organizations, since it helps them to derive benefits
from it. The Internet as a channel for services delivery is fundamentally different
from other channels such as branch networks, telephone banking or Automated
Teller Machines (ATMs). Therefore, it brings up unique types of challenges and
requires innovative solutions.
Many banks and other organizations have already implemented or are planning to
implement e-banking because of the numerous potential benefits associated with it.
Some of these major benefits are briefly described below.

Attracting high value customers

E-banking often attracts high profit customers with higher than average income and
education levels, which helps to increase the size of revenue streams. For a retail
bank, e-banking customers are therefore of particular interest, and such customers
are likely to have a higher demand for banking products. Most of them are using
online channels regularly for a variety of purposes, and for some there is no need for
regular personal contacts with the banks branch network, which is an expensive
channel for banks to run (Berger & Gensler, 2007). Some research suggests that
adding the Internet delivery channel to an existing portfolio of service delivery
channels results in nontrivial increases in bank profitability (Young, 2007).
These extra revenues mainly come from increases in noninterest income from
service charges on deposit/current accounts. These customers also tend to be of high
income earners with greater profit potential.

Enhanced Image
E-banking helps to enhance the image of the organization as a customer focused
innovative organization. This was especially true in early days when only the most
innovative organizations were implementing this channel. Despite its common
availability today, an attractive banking website with a large portfolio of innovative
products still enhances a banks image. This image also helps in becoming effective
at e-marketing and attracting young/professional customer base.

Popular services covered under E-Banking

The popular services covered under E-banking include :-

1. Automated Teller Machines,

2. Credit Cards,
3. Debit Cards,
4. Smart Cards,
5. Electronic Funds Transfer (EFT) System,
6. Cheques Truncation Payment System,
7. Mobile Banking,
4
 8. Internet Banking,
9. Telephone Banking, etc.

Features of E-Banking
All the key features of electronic Banking are:-

1. balance and transaction history search

2. transaction history export
3. eStatements and Statement Preferences
4. order new statements
5. Mobile banking
6. transfers
7. pay bills with BPAY
8. receive bills online with BPAY View
9. Pay Anyone payments
10. Multi Payments
11. Foreign currency calculator
12. International and RTGS payments
13. Open or apply for selected accounts
14. Daily Limits Packages for BPAY, Pay Anyone and Multi Payments
15. SMS banking services
16. extra online security with the BOQ Security Token.

Advantages of E-Banking
The main advantages of E-banking are :-

1. The operating cost per unit services is lower for the banks.
2. It offers convenience to customers as they are not required to go to the bank's
premises.
3. There is very low incidence of errors.
4. The customer can obtain funds at any time from ATM machines.
5. The credit cards and debit cards enables the Customers to obtain discounts
from retail outlets.
6. The customer can easily transfer the funds from one place to another place
electronically.

Disadvantages of Internet Banking

The disadvantages of online banking include the following:

1. Understanding the usage of internet banking might be difficult for a beginner

at the first go. Though there are some sites which offer a demo on how to
access online accounts, but not all banks offer this facility. So, a person who
is new, might face some difficulty.
2. You cannot have access to online banking if you dont have an internet
connection; thus without the availability of internet access, it may not be
useful.

5
 3. Security of transactions is a big issue. Your account information might get
hacked by unauthorized people over the internet.
4. Password security is a must. After receiving your password, do change it
and memorize it otherwise your account may be misused by someone who
gets to know your password inadvertently.
5. You cannot use it, in case, the banks server is down.
6. Another issue is that sometimes it becomes difficult to note whether your
transaction was successful or not. It may be due to the loss of net connectivity
in between, or due to a slow connection, or the banks server is down.
E-Banking summary
This chapter introduced the main theme, e-banking, covered in the book. It has
set the background, defined e-banking, and briefly discussed its evolution and
importance to the banking industry and customers worldwide.
E-banking is fast becoming a norm in the developed world, and is being
implemented by many banks in developing economies around the globe. The
main reason behind this success is the numerous benefits it can provide, both to
the banks and to customers of financial services. For banks, it can provide a cost
effective way of conducting business and enriching relationship with customers
by offering superior services, and innovative products which may be customized
to individual needs. For customers it can provide a greater choice in terms of the
channels they can use to conduct their business, and convenience in terms of
when and where they can use e-banking.

Chapter:2 Forms of E-Banking

Introduction
Making payments for goods and services in cash or non-cash forms as well as
depositing money in financial institutions and managing these resources are an
inherent constituent of economic life. Banks serve as important intermediators. In
recent years, with the development of technologies and techniques, options for
communication with banks are expanding for clients. New services are originating
such as home banking, phone banking, internet banking and others.

Clients use modern communication media for remote communication with the
bank: a modem, telephone, computer or payment card. A characteristic feature of
these services is the clients uninterrupted round-the clock account access, i.e.,
independent of banking business hours and the ability to execute local and
international payments directly from the comfort of the home or office. This

6
reduces cash handling and transport costs, lowers the risk of theft or accepting
counterfeit bank notes, increases speed and enhances the comfort of making
payments.

Electronic communication means are particularly coming to the forefront. These

are more convenient, faster, and often cheaper for clients. Banking experience
shows it is suitable to use combinations of several communication means,
depending on individual segments, clients, and types of operations, products and
situations. Electronic banking is a service that specifically uses electronic
communication forms. Electronic banking can be divided on the basis of the
instruments used: telephone connection, personal computers, means of payment
[bank cards] and self-service zones.

Various forms of E-Banking:

Electronic Banking Using a Telephone Connection:
Telephone banking and the first banking services using classic telephone lines for
communication date back to the turn of the sixties and seventies of the last century.
These services grew very rapidly and at the close of the 20th century mobile
phones also started to be used in banking with the development of information and
communication technologies. In this period banks quickly responded to the
dawning of a new era in using mobile telephones world-wide and began
communicating with their clients by SMS messages, with GSM banking later
becoming a natural component of electronic banking. Each financial institution
offers this under a different name, but the essential product remains the same. A
mobile phone can be used to communicate with a so-called telephone banker or an
automated telephone system, just as well as a fixed line. However, opportunities
for mobile phone usage in communication with a bank are much greater. Mobile
phone use represents a direct communication channel that spread on a massive
scale through which clients have immediate access to typing a bank operation,
ordering services or working with accounts. Electronic banking using a telephone
connection can be divided into phone banking (ATS, client advisor) and mobile
banking (SMS banking, GSM SIM Toolkit and WAP).

Phone banking:
Phone banking is the provision of banking services using a classic telephone line.
A bank client can obtain the necessary information on dialing a telephone number
specified in advance. Before the requested banking service information is
provided, the clients identity is determined using contractually agreed terms.
Using this banking service enables bank clients to obtain information concerning
active and passive banking products, but a client can also actively use the bank
payment system and request, for example, a payment order or a collection order,
open or cancel a term deposit or a current account. In this case a fax connected to
the telephone serves as an output communication channel. The client advisor or
so-called telephone banker is a bank employee capable of providing any
information about products and services and, following verification that he is
speaking with an authorized person, can also perform any passive or active
operation. He can provide advice to the client and offer further banking products.
One advantage of this service is that it requires no additional technical equipment
apart from a telephone. As a rule bank telephone center (call center) operators

7
work 24 hours a day nonstop and it is thus possible to use their services from any
place at any time.

A client advisor is a bank employee; the bank pays his salary thus increasing its
costs and fees for this service. Banks therefore sometimes establish automated
telephone systems.

Automated Telephone System

The technical means necessary to use this system are the same as for
communication with a client advisor. A telephone is required, which must have
tone dialing1 or be equipped with an accessory adaptor (tone dialer). An automated
telephone system works on the basis of a menu through which clients can move
around using buttons on the telephone. The service menu tree is usually designed
to be simple so that a choice does not take too long. More extensive information
is sent to the client by fax either to a telephone number agreed in advance or to a
number requested by the client. Cost efficiency is the advantage. Some banks offer
this service to clients free-of-charge because costs are negligible and comfort is
significant. One disadvantage is that problems can sometimes arise when the client
cannot choose a menu item that corresponds with his wishes or the computer
responds to an instruction in a way that differs from what the client wanted. It is
then appropriate to connect to an automated telephone system with a telephone
banker who can resolve the problem. Secure communication for this system can
be arranged in two elementary ways:

1. END-TO-END security the whole communication chain is secured by a verbal

code. This is very secure but also expensive and only used in public administration
and the army,

2.Using so-called access rights at the start the client must document his
authorization to communicate with the bank.

A clients personal number (e.g. account number) and PIN as a numerical

password are often used for passive operations. Here, however, the risk of misuse
is relatively great because everyone who gets to know the personal number and
password will be able to enter the system. The following methods are safer:

When an account is open the client selects several keywords. An operator stores
them in the information system. During client authorization in the course of the
next call the system generates a request for specific letters from these words. The
operator rewrites them into the information system terminal which then confirms
or rejects the clients authorization. Hence not even the operator ever sees the
whole keywords. One exception to this is when the account is initially open.

using a so-called authorization code on the principle of a tear-off notebook.

Each authorization code is used for one day only and then becomes invalid.

Electronic key a special device similar to a calculator. The banks information

system gives the client a random number, the client types it into his key and the

8
key answers with the authorization code. The authorization code is activated by
the system and the system either confirms or rejects the authorization. The key
itself is protected against misuse by a PIN which the client can change at will. No
password or answer is repeated twice.

A two-level system of protection is often used. During entry a client types his
personal number and a password. If he wants to perform an active operation he
must enter a nonrecurring password. When the client signs a contract on using
telephone banking services he receives a set of several passwords, whereby for
every active operation with an account he uses one, by which he authorizes the
given operation. Once used the password cannot be used repeatedly. Changing the
numerical password after some time further increases safety. When an incorrect
password is repeatedly entered the system blocks access to the given user.

SMS Banking:
SMS banking uses short text messages sent through the clients mobile phone.
SMS text messages can be used for both passive and active operations similarly as
with classic telephone banking. A client can automatically receive information
about his account balance: an SMS is sent to the client immediately after a certain
operation is performed, or on request: a client sends the bank a correctly formatted
message which processes it and answers the clients request by SMS. Information
sent on request mostly concerns current interest rates or currency exchange rates.
Providing these is simple for the bank because this is publicly accessible
information that needs no protection. A client however can request information
about the balance in his account, which is not public information and must be
protected when it is provided. Passwords are used for this purpose or technologies
based on the principle of an electronic key. A client however is required to know
the code of every transaction including constant and variable symbols. The whole
message containing data separated by # symbols sometimes has up to fifty
characters. Users can easily make mistakes. This is frequently a limiting factor for
clients, reducing the comfort factor in this service.

GSM SIM Toolkit:

The GSM SIM Toolkit service can only be used from a mobile phone supporting
this technology. GSM SIM Toolkit is a software interface that enables arbitrary
changes to the mobile phone menu. Operators supporting this technology can use
it to personalize mobile phone menus. This means that only functions activated
and paid for will appear on the user menu. This technology dates back to 1998.
Among the first companies to use it in banking applications based on the GSM
SIM Toolkit standard were Radio Mobil and Expandia Bank in the Czech
Republic. Most mobile phones now on the market support for the GSM SIM
Toolkit. To use this service the client needs to be using services of an operator
supporting this standard in its network, be a client of a bank that offers handling
of accounts through the GSM SIM Toolkit, have a mobile phone supporting GSM
SIM Toolkit technology and use a special SIM card for banking services. After
buying a special SIM card and activating it at the pertinent bank branch the client
can begin using this service. The mobile phone menu will be widened to include
the Banking Services item, through which it is possible to carry out active or
passive banking operations. The precise structure differs from one financial
institution to another. Security is what is important here. To access banking
services it is necessary to know BPUK (PUK for banking applications) and BPIN.

9
 BPUK is assigned to a client by the bank when the application is activated and
recorded on the mobile phones SIM card. BPIN is used for every access to
protected items in the banking application. When a client makes three unsuccessful
attempts to type the BPIN, access to the banking application and its items is
blocked, it is necessary to know the BPUK to unblock it. When the client fails ten
times to type the right BPUK the SIM card can no longer be used for banking
services. The main advantage of this service is its simplicity. A client just follows
instructions on the mobile phone display.

WAP (Wireless Application Protocol)

WAP is often compared to web pages, although this is a simplification. Unlike
pages appearing on a computer monitor, WAP presents its output on a small
mobile phone display, therefore concentrating on text information. It is a form of
gateway to various services prepared by a mobile network operator or another
firm. One condition for using the service is that the client must have a mobile
phone supporting WAP technology. Security is again provided by an electronic
key. WAP banking has not caught on very well so far, some banks however
continue to offer it despite the relatively low number of users.

Electronic Banking using Personal Computers: Electronic

Banking using Personal Computers Along with significant growth in the usage of
mobile phones in banking practice, personal computers have also come to the fore,
which to an even greater extent facilitate and modernize banking service provision.
In an information society this communication instrument plays an irreplaceable role
and is indispensable for the present day banking sphere. The area of electronic
banking realized through personal computers can be divided into home banking,
internet banking and mail-banking.

Home Banking:
Home banking is a service that enables a bank client to handle his accounts from a
computer from a place selected in advance, at home or in the office. The main
features of home banking systems are the high level of security, comfort, simplicity
of use, openness of the system, wide communication possibilities, networking,
definition of users and their rights, automated data transmission and the option to
define a combined signature specimen.
A home banking system usually consists of two parts: a bank computer program and
a program in the clients computer. The bank program works as a communication
server. It receives calls from clients, verifies their identity, receives data from them,
authenticates digital signatures, generates digital receipts and sends data to clients.
A home banking computer system is a multi-user application, meaning that several
of the clients employees can work with it, in particular:
a) Administrator can define new employees, change rights,

10
b) Sender ensures communication with the bank and transmission of prepared data,
c) Accountant can type payment orders and orders for collection,
b) Viewer can browse through statements and announcements received. This
system is open and can be expanded in the future without great cost.

Internet Banking:
Internet banking can be used from the home or the office, as well as an internet caf,
although the latter is not recommended for security reasons. In order to handle his
account a user just needs an internet browser (such as MS Explorer or Netscape
Navigator). A client cannot avoid visiting the bank though, because he must first ask
for an identification code. After opening the banks web site the client simply selects
internet banking and, further to proper identification, can perform passive or active
operations. Good internet banking should provide a maximum of services. No less
important are the graphic interface, clarity, simplicity, and unambiguity of usage.
The intelligibility of texts determines simplicity and speed of understanding of the
meaning of menu items, data fields, and general text information displayed to the
client.
Safety for concrete applications is assured by client authentication, verification of
data and data protection by encryption. Client identification is done using passwords
or codes. The client chooses some of these and the bank assigns others. It is
recommended to choose a password made up of various types of characters, which
can be a combination of numbers, lower case and capital letters, and special symbols.
Banks usually protect large volume transactions with additional security means, such
as an encryption (authentication) calculator, or a token, which generates
nonrecurring random passwords, which a client types on confirming an order. The
token itself is protected by certain security features. Work with it is only enabled
after the client types a four-digit PIN code, whereby the user can change the PIN at
any time. In the event of three failed attempts to type the correct PIN the token blocks
itself. After 60 seconds of inactivity a token automatically switches itself off and
once switched back on, it again requests the PIN.
When a client generates several (for example 10) authentication codes in succession
and types none of them into the client system, the key becomes desynchronized. This
protection serves to prevent use of the key for other purposes. A cheaper and, based
on its dimensions, more practical alternative to a token is a grid card. This is a card
with a mesh drawn on it with fields with random generated characters. The user
authorizes an active operation by typing the right code from the field of the card the
operator requests from him.

Mail Banking:
Mail banking is another electronic banking service that makes it possible to
communicate with the bank by electronic mail or e-mail. The most frequently used
service is sending account statements at agreed periodicity to the clients mailbox.
E-mail is not used for more complex operations.

Payment Instruments and Self-Service Zones: Apart from

those already mentioned, there are other more or less widely known forms of

11
electronic banking, including a payment card, an electronic wallet and a self-service
zone.
A payment card is currently one of the most widely used payment instruments
designated for authorized holders through which they can perform non-cash
payments or cash withdrawals from an extensive network of automated teller
machines. An electronic wallet represents a chip card similar to a payment card that
contains a record of a financial sum that is available to its owner. A self-service zone
is a fully automated alternative work place of a bank with terminals and devices that
clients can use to get various bank services. It enables active and passive operations
offered by the bank to be made without the presence of a bank employee. Devices
are constructed for very easy use with simple intuitive controls (user friendly).
Equipment includes modern security systems outside and inside a self-service zone.
A payment card in combination with a password is used to access a self-service zone.
It is also possible to use other authentication devices, such as an electronic key, but
also a fingerprint. Self-service zones are available 24 hours a day, 7 days a week.
In expert circles it is sometimes possible to encounter another form of electronic
banking: fax-banking. A fax is however mostly used as an addition to other forms,
such as telephone banking, when a client agrees with the bank that all output would
be sent to him by fax.

BENEFITS/CONCERNS OF E-BANKING
BENEFITS OF E-BANKING:

For Banks:
Price- In the long run a bank can save on money by not paying for tellers or for managing branches.
Plus, it's cheaper to make transactions over the Internet.
Customer Base- The Internet allows banks to reach a whole new market- and a well off one too, because
there are no geographic boundaries with the Internet. The Internet also provides a level playing field
for small banks who want to add to their customer base.
Efficiency- Banks can become more efficient than they already are by providing Internet access for
their customers. The Internet provides the bank with an almost paper less system.
Customer Service and Satisfaction- Banking on the Internet not only allow the customer to have a full
range of services available to them but it also allows them some services not offered at any of the
branches. The person does not have to go to a branch where that service may or may not be offer. A
person can print of information, forms, and applications via the Internet and be able to search for
information efficiently instead of waiting in line and asking a teller. With more better and faster options
a bank will surly be able to create better customer relations and satisfaction.
Image- A bank seems more state of the art to a customer if they offer Internet access. A person may
not want to use Internet banking but having the service available gives a person the feeling that their
bank is on the cutting image.

For Customers:
Bill Pay: Bill Pay is a service offered through Internet banking that allows the customer to set up bill
payments to just about anyone. Customer can select the person or company whom he wants to make a

12
payment and Bill Pay will withdraw the money from his account and send the payee a paper check or
an electronic payment
Other Important Facilities: E- banking gives customer the control over nearly every aspect of managing
his bank accounts. Besides the Customers can, Buy and Sell Securities, Check Stock Market
Information, Check Currency Rates, Check Balances, See which checks are cleared, Transfer Money,
View Transaction History and avoid going to an actual bank. The best benefit is that Internet banking
is free. At many banks the customer doesn't have to maintain a required minimum balance. The second
big benefit is better interest rates for the customer.

COMPUTERISATION OF BANKS INDIA - ISSUES &

EVENTS:
In the Eighteenth and Nineteenth Centuries the Industrial revolution brought profound changes in the
life style of man. Many activities that were hitherto performed by man employing his hands and his
finger skill came to be carried at great speed and efficiency by machines. Man continued to carry out
only those functions that needed his thinking process to be involved.
The Industrial Revolution on account of mass production of goods and services brought large
commercial and business organizations, transcending national boundaries that employed several
thousands of persons for performing routine, repetitive clerical tasks, relating to record keeping,
maintaining accounts, attending/answering correspondence, preparing vouchers, invoices, bills and
multiple of such other functions. This created white-collar employment for educated persons by leaps
and bounds.
Clerical task is defined as a routine and repetitive performance involving, adding, subtracting,
multiplying, dividing numbers, and duplicating data/information from one source to another. The tools
employed are "a pen, ink and paper", the knowledge of arithmetic tables, the basic knowledge of a
language and minimum acquaintance with rules & procedures of the organisation that are followed day
in day out and relevant to the job of the particular employee. Two plus two is four. It is always four.
Should we need an educated worker to compute this task again and again? A business needed human
agents to attend to production, marketing, finance etc. depicting high-level tasks. But more and more
people were employed for performing low level tasks.
However as time went on the internal chorus of record keeping multiplied geometrically as commerce
and industry grew in size and volume. The civil services of the Government and service-based
organizations came in the fore-front to inherit this overload of white-collar employment. To quote a
concrete example a major nationalised bank in India, which employed merely 3000 workers in the
Fifties (around the time I entered its service in 1957), came to engage over 70,000 employees towards
the end of the century, i.e. year 1996-97,when I retired from service from that bank.
The Government of India and the States including government owned bodies employed as many as
100 lakh junior employees at the clerical and subordinate level. Such employees by virtue of their
strength of numbers organise themselves into powerful trade unions, and aggressively utilise the
bargaining power without reference to the input benefit the organization is deriving from them and the
productivity they are providing.
In this world of human beings necessity is the mother of inventions. After 15 years of educational
studies, an individual should not be employed for routine repetitive tasks. This makes him dull and feel
the work monotonous without job satisfaction. He turns back and diverts his loyalty to an informal
group i.e. the trade union. He feels happy once in a month on pay day, but on other days his work
leaves him nothing to rejoice. There are neither opportunities nor challenges to bring in his innovative
or creative genius. As years passes the clerical employment results in the individual losing efficiency
and productivity to progressively depict a trend of progress in reverse.
The advent of mechanical calculating devices and later electronic computing in the West heralded a
new age, that dispensed with this white collar and white-elephant employment progressively. This
evolved in the west three decades before, but the advent of this evolution in India is only now taking
place.
To quote again a concrete example- the statistics of two banking institutions in India, the largest and
the next large in size can be fruitfully compared. These are the State Bank of India, that was until
recently employing 2.3 Lakh workers, for a turn over of Rs.36,000 Crores (Deposit 25000 + Advances
11000 Crores - latest).
ICICI bank has at present less than 1000 branches and around 10000 employees. It has a turnover of
Rs.23000 Crores (Deposits 16 + Advances 7 thousand Crores). The bank started functioning from the
year 1997 and has gained the No.2 position in status in India after SBI in volume of business turnover

13
within 5 years of its operation. It will be interesting to know that CMD of ICICI Bank draws annual
emoluments of Rs.150 Lakhs, while CMD of SBI around Rs.4 to 5 Lacs. ICICI is a new age high-tech
and fully computerized bank, while SBI retained its manual operations in totality up to 1993 and
maintained the work force of that time up to 2001, though it is partially computerized starting from the
year 1993.
The Per employee turnover for ICICI bank is Rs.2.3 Crores, that for SBI is Rs.1.56 Lakhs. The gap
accounts for the difference between manual operations and high-tech banking.
If we project the future in respect of State owned banks, which employ presently nearly 10 Lakh
employees, computerization is destined to bring about rapid changes. By about the year 2010 the
present turnover of commercial banks in India may double or even treble to around Rs.30 to 40 Lakh
Crores, but these Banks will have no need of 75 percent (today 25 percent of the work force is
subordinate staff, 50 percent is clerical staff and 25 percent is the officers) of the existing workforce
by 2010. Only in very few hinterland rural pockets there may be a possibility of a need of the present
structure of workforce. The objective of the recently administered VRS is to prepare for this reality of
the first decade of the New Millennium, where banking will be more tech based and less people based.
Computerization brings transparency, improves customer care and customer-service tremendously and
reduces substantially scope for corruption or extending undue favour to particular constituents and
uneven service to others.

CHALLENGES FACED IN COMPUTERISATION:

Computerization is expensive and needs huge investment in hardware and software and subsequent
maintenance. The National Stock Exchange, India's No.1 user in computerized service has spent
Rs.180 Crores to enable investors and brokers across the country to trade securities online. The rate of
obsolescence in respect of both hardware and software is considerable. New and better products are
emerging in the market, whose use would enable a rival organization to throw a challenge.
Computer crimes are committed widely in the West. India is no less potentially exposed to this risk,
when turnover under Internet banking increases. It is easier to enforce security of information and
accountability of performers in a manual system. But it needs elaborate steps to incorporate these
features in the electronic system.
The structure of legal system is so far based on manual record keeping. It has to provide for electronic
data to be accepted legally as evidence and in contracts.
Indian banking has accepted computerization since 1993, more out of sheer compulsion and necessity
to cope up increasing overload and incompatibility of the manual system to sustain further growth. The
following pages you are presented a series of articles discussing the various facets of this momentous
event and its far-reaching effects anticipated to unfold in the coming decade.

RECOMMENDATIONS OF COMMITTEE ON
TECHNOLOGY UPGRADATION
The Reserve Bank continued to be involved in shaping the technology vision of the
banking system. Following the recommendations of the Committee on Financial
Sector Reforms, (which is popularly known as the second Narasimham committee),
a Committee on Technology Up gradation was set up by the RBI for the Banking
Sector in 1994. This committee has representation from banks, Government,
technical institutions and the RBI. Among other things, this committee looked into
issues relating to
Encryption of Public Switching Telephone Network (PSTN) lines
Admission of electronic files as evidence
Record keeping
Modalities for a satellite based WAN for banks and financial institutions with the
necessary security systems by banks and other financial institutions, to ultimately
develop a sound and an efficient payments system

14
Methods by which technological up gradation in banks and financial institutions
could be effected and in the context study the feasibility of establishment of
standards, designing payments system backbone and standards relating to security
levels, messages and smart cards.
The Committee realized the urgent need for training, research and development
activities in the Banking Technology area. Banks and Financial Institutions started
setting up Technology based training centers and colleges. However, a need was felt
for an apex level Institute which could be a Think-tank and Brain Trust for Banking
Technology.
The committee recommended a variety of payment applications which can be
implemented with appropriate technology up gradation and development of a
reliable communication network. The committee also suggested setting up of an
Information Technology Institute for the purpose of Research and Development as
well as Consultancy in the application of technology to the Banking and Financial
sector of the country. As recommended by the Committee, IDRBT was established
by RBI in 1996 as an autonomous centre for Development and Research in Banking
Technology at Hyderabad.

Chapter:3 Introduction of E-Payment

Introduction electronic payment:
Todays societies have recognized information and knowledge as invaluable
resources which are very essential element for better living conditions... The
agricultural age, the period when majority of workers were farmers, and 18th
centurys industrial age, the period when work processes were simplified through
mechanization and automation, had to pass before the advent of the present 20th
centurys 'information age'. The information age began in the 1960s when majority
of people are involved in the creation, distribution, and application of information.
The developed countries came through the two preceding ages to reach the
information age.
During second generation of computers, the internet became a reality to share the
data/information among organizations; information has become a production asset
or an input like natural resources, labor, capital, and entrepreneurship. It is unique
from other resources in the sense that it can be used, reused, processed, shared, and
exchanged without losing value.
The astonishing growth and sophistication of information and communication
technology (ICT) is changing societies' ways of life in various parts of the world.

15
One of the leading areas where this is manifested is the way business is conducted.
The growth of the internet and World Wide Web (www) has made electronic
commerce (e-commerce) possible. E-commerce in its simplest sense is trading
electronically. It offers consumers and merchants convenience and speed. The
success and growth of e-commerce, however, depends on efficient electronic
payment (e-payment) system. The slogan no e-payment, no e-commerce witnesses
the importance of e-payment for e-commerce. E-payment, the transfer of value
electronically, in turn depends on secure ICT infrastructure, efficient legal and
regulatory regime, and widespread awareness among the public and business.

History of e-payment:
In 1918, electric money was born when Federal Reserve Banks first moved currency
via telegraph. However it wasnt until the automated clearinghouse (ACH) was setup
by the US Federal Reserve in 1972 that electronic currency became widespread. This
provided the US Treasury and commercial banks with an electronic alternative to
processing cheques.
In 1939, a serial inventor by the name Luther George Simjian created the Bankmatic
automatic teller machine. He filed 20 patents and asked the company now known as
Citicorp to test the device. After six months the bank had reported that there was no
demand for such a product. However in 1968, Don Wetzel, Tom Barnes (mechanical
engineer) and George Chastin (electrical engineer) conceptualized what is now
known as the modern ATM. In 1969, the first prototype of the modern ATM was
made and patents were then issued in 1973. The first working ATM was installed
into the Chemical Bank based in New York City.
The first ATMs were offline machines, meaning that the money was not
automatically withdrawn from users accounts. Therefore only exclusive customers
with good credit history were able to use ATMs. Today, almost everyone has access
to these devices and there were over 4,03,000 ATMs28 in the US alone. These ATMs
now perform over 1.1 billion transactions per month or 26,000 transactions a minute.
Charge cards date back to as early as 1914 when Western Union provided metal
cards, allowing deferred payment privileges to preferred customers. These cards
were colloquially known as metal money. By 1924, General Petroleum
Corporation was allowing customers to use metal money to buy petrol/diesel.
In the late 1930s, American Telephone and Telegraph (AT&T) introduced the Bell
System Card and before long, railroads and airlines had introduced similar cards.
In 1950, Diners Club issued the first plastic money charge card and in 1951 it
issued the first credit card to 200 customers who could use it at 27 different
restaurants in New York. Bank of America issued the BankAmericard (now Visa)
the first bank credit card - later in 1958. This was first promoted to traveling
salesmen. By the early 1960s, more companies offered credit cards, advertising them
as a time-saving device rather than a form of credit. But it wasnt until the
establishment of standards for the magnetic strip in 1970 that the credit card become
part of the information age. This saw companies such as American Express and
MasterCard became huge successes overnight, which prompted moves by US
government. To begin regulation of the credit card industry by banning practices
such as the mass mailing of active cards to those who had not requested them.

16
 In 1983, RSA encryption algorithm was invented by Ronald Rivest, Adi Shamir
and Len Adelman, (hence the name RSA) at Massachusetts Institute of Technologys
(MIT) Laboratory for Computer Science. The breakthrough was that it allowed for
encryption in a multi-user environment, that is, no active participation was necessary
between the sender and the receiver of data at the other end.

Electronic money:
The roots of electronic money can be found in the increased use of computers. In
1860, the Western Union introduced the electronic fund transfer (EFT) and this
marked the beginning of electronic money. Semi-Automatic Business Research
Environment (SABRE) was jointly created by IBM and American Airlines. In 1964,
a fully operational airline reservation system, with a real time transaction processing
system, was set up by SABRE. The telephone lines were connected to the terminals
fitted at the airport and reservations were done on the basis of credit, for the first
time in history. In 1970, all branches of the banks in Europe were linked using
mainframes mainly from IBM. France witnessed the use of electronic money, with
the introduction of the Mintel services. The French Mintel terminals were given free
of cost to everybody so that they could use these terminals for online shopping.
In late 1990s, the technologies related to electronic money like electronic cheques
and embedded smart cards used the public key cryptography for transferring money.
With the advent of e-mail, the transactions of electronic money started increasing.
People started sending their credit card details via e-mail to buy goods. Later, the
customers started having an online account to avoid transaction fees.
Nowadays, the use of electronic money is possible due to cryptography and digital
signatures. Public key encryption and decryption together are called public key
cryptography. The public key encryption involves two keys, viz. public key and
private key to authenticate the identity of an entity, electronically. As the name
suggests, the public key is published and the private key is kept secret. Data is
encrypted with the public key and the same data is decrypted with the corresponding
private key. Digital signatures are used when you are encrypting some important
information that is to be kept confidential. Digital signatures involve the use of hash
tables that encrypt a hash using the private key and decrypt the hash using the private
key. Electronic money has surely changed the business and banking techniques.
Electronic money has enabled anytime and anywhere banking facility. Due to advent
in information technology and IT infrastructural development, Indian banks started
offering e-payment in India.

E-payment in India:

17
The vehicle for carrying e-payment is internet. Due to ICT initiative from Indian
Government the usage of internet has increased since last 10 years. As shown in
figure 3.4, number of internet users reached 81,000,000 in 2010. The Internet
Penetration (% Population) was 8.5% is less compared world Internet Penetration of
28.7% as on 2010.

Internet Penetration in India from 1998-2010

12,000

10,000

8,000

6,000

4,000

2,000

0
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2009 2010

Users Population

Figure 3.4: Graph showing Internet users in India (1998-2010)

Hence the e-commerce adoption in India is also low as it directly involves internet
users adoptability to current IT environment due to its slow data transfer and their
apprehension about lack of security in data transmission.
Indias share of online commerce is projected to grow from 1.3 percent of Asia-
Pacific in 2006 to 3.3 percent by 2011. The projected value of the market is $4.1
billion and $5.6 billion in 2011.
According to IAMAI, a trade association that presents the online content and
advertising, e-commerce and mobile content and advertising industry, Indian
citizens use Internet for a number of activities including e-mail and IM - 98%, job
search 51%, e-banking 32%, bill payment -18%, stock trading 15%, and
matrimonial search 15%. E-banking is catching up in India.
According to RBI report 2010 the payment industry is set to see significant alteration
in its value chain with the introduction of online payment. The online payment
market which has grown in importance in recent years as a result of boom in the e-
commerce market has resulted in the shift of customers from paper based payment
mediums to online payment mediums.
The consumer preferences are shifting towards transparency and flexibility as they
are looking for better, more proactive solutions around life events. The payment
system under retail electronic banking system has steadily increased from 2007-2010
that is evident from Electronic fund transfer under NEFT, as more bank customers
opted for online services due adoption of latest ICT. The credit/debit card spending
has also increased in the 2007-2010 period. Most of the bank customers used debit
card for their financial transactions instead of visiting branch for transactions.

18
Table 3.3: Indian banks payment system (Annual turnover) - Retail
Electronic Clearing (RBI report 2010)
2007-08 2008-09 2009-10 2007-08 2008-09 2009-10
1. ECS DR 1,27,120 1,60,055 1,50,214 48,937 66,976 69,819
2.ECS CR 78,365 88,394 98,550 7,82,222 97,487 1,17,833
3. EFT/ 13,315 32,161 66,357 1,40,326 2,51,956 4,11,088
NEFT

4. Credit 2,28,208 2,59,561 2,34,209 57,985 65,356 62,950

Cards

5. Debit 88,306 1,27,654 1,70,170 12,521 18,547 26,566

Cards
Total Retail
Electronic
Clearing 2,18,800 2,80,610 3,15,121 9,71,485 4,16,419 5,98,740
Cards

Indian payment industry has witnessed sea change since the introduction of online
payment as more and more consumers are shifting from traditional method of
making payment i.e. paper based to the new payment methods like online bill
payment and card based payment methods. The most preferred payment instrument
for online payment in India is credit cards. 31According to VISA, in 2008, 57% of
internet users from India had shopped online, mainly on Airline tickets, Travel
accommodation and online travel agents. According to ABC payments, the financial
transactions from online banking in India are expected to outpace credit card
transactions in the forthcoming years.
Hence it is advisable to have payment gateways which offer one common platform
with one point contact for all banking transactions. The list of very popular payment
gateways in India are as follows:
CCAvenue
Paisapay
Transecute
Ebs.in
Direcpay
ABC payments
HDFC/ICICI/Axis
Payseal ICICI
Eazy2pay
PayGate India
Epayments.in

Brief review of current e-payment schemes:

19
In general, an e-payment system must exhibit integrity, authorization,
confidentiality, and anonymity for security requirements32. Additionally, there are
some other important characteristics such as interoperability, scalability, etc.
Specific systems are designed to meet specific requirements, and how these
characteristics are balanced poses a challenge to future development.
Payment systems can be classified in a variety of ways according to their
characteristics such as the exchange model (cash-like, cheque-like or hybrid), central
authority contact (online or offline), or hardware requirements (specific or general),
etc.

Types of e-payment:
Over last 10 years IT adoption steadily increased in banking sector due to customers
demand for faster banking transactions. This led to different approach in offering e-
payment. These e-payments methods evolved are internet banking, ATM, Tele-
Banking, e-cash, e-wallet, credit/debit card and smart card.
Internet banking
Internet banking allows us to handle many banking transactions via personal
computer (PC)/mobile/smart phones. For instance, one can use these devices to
access account, check balance, request transfers between accounts, and pay bills
electronically.
Internet banking system and method in which a personal computer is connected by
a network service provider directly to a host computer system of a bank such that
customer service requests can be processed automatically without need for
intervention by customer service representatives. The system is capable of
distinguishing between those customer service requests which are capable of
automated fulfillment and those requests which require handling by a customer
service representative. The system is integrated with the host computer system of
the bank so that the remote banking customer can access other automated services
of the bank. The method includes the steps of inputting a customer banking request
from among a menu of banking requests at a remote personnel computer;
transmitting the banking requests to a host computer over a network; receiving the
request at the host computer; identifying the type of customer banking request
received; automatic logging of the service request, comparing the received request
to a stored table of request types, each of the request types having an attribute to
indicate whether the request type is capable of being fulfilled by a customer service
representative or by an automated system; and, depending upon the attribute,
directing the request either to a queue for handling by a customer service
representative or to a queue for processing by an automated system.

Automated teller machines (ATM)

An unattended electronic machine in a public place, connected to a data system and
related equipment and activated by a bank customer to obtain cash withdrawals and
other banking services. Also called automatic teller machine/cash machine/ money
machine.
20
 An automated teller machine or automatic teller machine (ATM) is an electronic
computerized telecommunications device that allows a financial institution's
customers to directly use a secure method of communication to access their bank
accounts, order or make cash withdrawals (or cash advances using a credit card) and
check their account balances without the need for a human bank teller. Many ATMs
also allow people to deposit cash or cheques, transfer money between their bank
accounts, top up their mobile phones' pre-paid accounts or even purchase postage
stamps.
On most modern ATMs, the customer identifies him or herself by inserting a plastic
card with a magnetic stripe or a plastic smartcard with a chip that contains his or her
account number. The customer is allowed to transact by entering a passcode, often
referred to as a PIN (Personal Identification Number) of four or more digits. Upon
successful entry of the PIN, the customer may perform a transaction.
If the number is entered incorrectly several times in a row (usually three attempts
per card insertion), some ATMs will attempt retain the card as a security precaution
to prevent an unauthorized user from discovering the PIN by guesswork. Captured
cards are often destroyed if the ATM does not belong to the card issuing bank, as
non-customer's identities cannot be reliably confirmed. The Indian market has
approximately more than 43651 ATMs as on May 2010.
Tele-banking/Phone banking
Undertaking a host of banking related services including financial transactions from
the convenience of customers chosen place anywhere across the globe and any time
of day/night has now been made possible by introducing on-line Tele banking
services. By dialing the given Tele-banking number through a landline or a mobile
from anywhere, the customer can access his account and by following the user-
friendly menu, entire banking can be done through Interactive Voice Response
(IVR) system. With sufficient numbers of hunting lines made available, customer
call will hardly fail. The system is usually bi-lingual and has following facilities
offered
Automatic balance voice out for the default account.
Balance inquiry and transaction inquiry in all
Inquiry of all term deposit account
Statement of account by Fax, e-mail or ordinary mail.
Cheque book request Stop payment which is on-line and instantaneous
Transfer of funds with CBS which is automatic and instantaneous
Utility Bill Payments
Renewal of term deposit which is automatic and instantaneous
Voice out of last five transactions.
Digital TV Banking- Using the standard digital reception equipment (set top box
and remote control); users can access their bank account. Abbey National and HSBC
services are available via Digital TV providers. One of its main selling points is that
no account details are transmitted via the World Wide Web;
Text Phone Banking - HSBC have introduced this service to allow customers with
text phones to check their balance, pay bills and transfer money.

21
E-cheque
An E-cheque is the electronic version or representation of paper cheque. The
information and legal framework on the E-cheque is the same as that of the paper
cheque. It can now be used in place of paper cheque to do any and all remote
transactions.
An E-cheque work the same way a cheque does, the cheque writer "writes" the E-
cheque using one of many types of electronic devices and "gives" the E-cheque to
the payee electronically. The payee "deposits" the Electronic Cheque, receives
credit, and the payee's bank "clears" the E-cheque to the paying bank. The paying
bank validates the E-cheque and then "charges" the cheque writer's account for the
check.

E-cash
The twenty-first century, payments by electronic or digital cash, which allow
consumers to pay for goods and services by transmitting a code from one computer
to another? These code function much like the serial numbers on "real money." They
are unique, and represent a specific amount of actual cash. Unlike credit-card
transactions, electronic-cash transactions are anonymous. E-cash works just like
paper cash. Once it is withdrawn from an account it does not leave a trail of digital
image. E-cash by its nature is portable and therefore more convenient for mobile
commerce (mobile internet phones and personal digital assistants (PDA).
Consumers deposit money into a special account or a bank. The bank issues
numerals for specific amounts. The money is withdrawn from the consumer's
account in the form of a certificate and transferred into the vendor's account for
purchases. Like paper money, it can be reused as long as there's money in the bank
to back it up. Rather than send a check, a buyer can send electronic cash over the
internet in encoded email. This convenience has made electronic pay systems like
Pay Pal extremely popular with online auction sites where individuals carryout the
transactions. A person can even send e-cash to a child at college or to a family
member or friend who lives across town or on the other side of the world.
Electronic cash is not always protected in the case of theft or fraud like credit cards.
In a recent case, a dealer who knew how to get around the system scammed several
Yahoo! auction participants who used Pay Pal.
E-wallet
An E-wallet (also known as a digital-wallet) allows users to make electronic
commerce transactions quickly and securely.
An E-wallet functions much like a physical wallet. The E-wallet was first conceived
as a method of storing various forms of electronic money (e-cash), but with little
popularity of such e-cash services, the E-wallet has evolved into a service that
provides internet users with a convenient way to store and use online shopping
information.
A client side E-wallet requires minimal setup and is relatively easy to use. The setup
requires installation software and the pertinent user information. At the
purchase/check-out page of an e-commerce site, the E-wallet software has the ability
22
to automatically enter the user information in the online form. By default, most E-
wallets prompt when the software recognizes a form in which it can fill out, if you
chose to automatically fill out the form, you will be prompted for a password. This
keeps unauthorized users from accessing personal information stored on a particular
computer.

Credit card
A credit card is a small plastic card issued to users as a system of payment. It allows
its holder to buy goods and services based on the holder's promise to pay for these
goods and services. The issuer of the card grants a line of credit to the consumer (or
the user) from which the user can borrow money for payment to a merchant or as a
cash advance to the user. Usage of the term "credit card" to imply a credit card
account is a metonym.
A credit card is different from a charge card: a charge card requires the balance to
be paid in full each month. In contrast, credit cards allow the consumers a continuing
balance of debt, subject to interest being charged. Most credit cards are issued by
banks or credit unions, and are the shape and size specified by the ISO/IEC 7810
standard as ID-1. This is defined as 85.60 53.98 mm (3.370 2.125 in) (33/8
21/8 in) in size. shows a sample credit card.

Credit cards are issued after an account has been approved by the credit provider,
after which cardholders can use it to make purchases at merchants accepting that
card.
When a purchase is made, the credit card user agrees to pay the card issuer. The
cardholder indicates consent to pay by signing a receipt with a record of the card
details and indicating the amount to be paid or by entering a personal identification
number (PIN). Also, many merchants now accept verbal authorizations via
telephone and electronic authorization using the internet, known as a
'Card/Cardholder Not Present' (CNP) transaction.
Credit card transaction processing systems:
There are two main types of credit card payment processing systems. They are
merchant account processing and third party credit card transaction processing. The
credit card transaction process is different in both systems. Merchant account credit

23
card transaction processing is a type of credit card transaction processing where the
money is directly processed by the merchant account providing bank.
Client enters the necessary information using a secure form on the web site.
This information is encrypted using Secured Socket layer (SSL) encrypted
technology.
The encrypted data is passed to the credit card transaction processing gateway
The data is decrypted using an SSL certificate by the gateway
The credit card transaction processing gateway verifies the correctness of the
information provided. The information is re-encrypted using SSL technology
and passed on to the credit card transaction processing bank.
The bank transfers the money from the clients credit card to merchant
account.
Third party credit card transaction processing is another type of credit card
transaction processing. Here the money is transferred through a third party credit
card transaction processing company to the bank. This is used when it is difficult to
acquire a merchant account due to the banks strict guidelines and credit card
transaction processing policies.
Client enters the necessary information using a secure form on the web site.
This information is encrypted using SSL-encryption technology
The encrypted data is passed to the third party credit card transaction
processing company
The third party credit card transaction processing transfers the data to the
banks gateway
The credit card transaction processing gateway verifies the information and
passed it to the bank
The bank transfers the money from the clients credit card to the third merchant
credit card transaction processing company
The third party credit card transaction processing company transfers the
money to third party merchant account
Payouts are then made by bank transfer, cheques, PayPal, etc. The credit card
transaction processing systems have different transaction fees. Third party
credit card transaction processing does not have any monthly (or membership)
fees, but a higher credit card transaction fee only.

Smart cards
A smart card is a plastic card about the size of a credit card, with an embedded
microchip that can be loaded with data, used for telephone calling, electronic cash
payments, and other applications, and then periodically refreshed for additional
use. A sample smart card is shown.

24
 Transactions using smart card are:
Dial a connection on a mobile telephone and be charged on a per-call basis
Establish user identity when logging on to an internet access provider or
to an online bank
Pay for parking at parking or to get on subways, trains, or buses
Provide hospitals or doctors personal data without filling out a form
For small purchases at electronic stores on the Web
The smart cards are popular in Europe region with over a billion users. Compaq and
Hewlett-Packard are reportedly working on keyboards that include smart card slots
that can be read like bank credit cards. The hardware for making the cards and the
devices that can read them is currently made principally by Bull, Gemplus, and
Schlumberger.
A smart card contains more information than a magnetic strip card and it can be
programmed for different applications. Some cards can contain programming and
data to support multiple applications and some can be updated to add new
applications after they are issued. Smart cards can be designed to be inserted into a
slot and read by a special reader or to be read at a distance, such as at a toll booth.
Cards can be disposable (as at a tradeshow) or reloadable (for most applications).
An industry standard interface between programming and PC hardware in a smart
card has been defined by the PC/SC Working Group, representing Microsoft, IBM,
Bull, Schlumberger, and other interested companies. Another standard is called
Open Card. There are two leading smart card operating systems: Java Card and
MULTOS.

25
Chapter:4 Introduction of E-Frauds
Introduction:
In India, the banking fraud is not so alarming compared to US and European banking
sector, still it poses formidable challenge to Indian banking industry. Its effect can
be felt from the fact that in the year 2004 number of cyber crime(IT act 2000
category) were 347 in India which rose to 481 in 2005 showing an increase of 38.5%
while I.P.C. category crime stood at 302 in 2005 including 186 cases of cyber fraud
and 68 cases cyber forgery. Thus the increasing in frauds in India is matter of
concern and such frauds should be dealt with firmly. Otherwise e-banking may
become a mere tool in the banking services.
In the present day global scenario, the banking system has acquired new dimensions.
The banking system has entered into competitive markets in areas covering resource
mobilization, human resource development, customer services and credit
management. Due to these ever expanding banking services, the bank frauds have
increased in last 5 years.

Frauds in India
In 2009, the Internet fraud has resulted in a loss of ` 6.6 Crores to Indian Banks from
233 reported cases. The number of credit card frauds33 rose from 2994 case
involving ` 532 lakhs to 12959 case involving ` 3654 lakhs in 2008. It is steadily
increasing According to Orissa government statistics, over 13,000 credit card fraud
cases were reported in India between April and December 2009. The loss of revenue
stood at approximately ` 36.5 crore in 2008. A loss of ` 1147 lakhs in such
transactions belonged to ICICI Bank which reported over 8280 cases. According to
RBI, 2008 report, the number of fraud cases reported was 2658 in 2005, 2568 in
2006 and 2933 in 2007 in public sector banks in India. The table 3.1 shows the
number of frauds and amount involved in banks in India from 2004 to 2009.

Frauds tables are pending

Indias banking system has several outstanding achievements to its credit, the most
striking of which is its reach. In fact, Indian banks are now spread out into the
remotest areas of our country. Indian banking, which was operating in a highly
comfortable and protected environment till the beginning of 1990s, has been pushed
into the intense competition. A sound banking system should possess three basic
characteristics to protect depositor's interest and public faith.
These are:
Fraud free culture,
Time tested best practice code, and
In house immediate grievance remedial system
All these conditions are missing or extremely weak in India. Section 5(b) of the
Banking Regulation Act, 1949 defines banking as "Banking is the accepting deposits
of money for the purpose of lending or investment from the public, repayable on
demand or otherwise and withdrawal by cheque, draft, order or otherwise." But if

26
the money has fraudulently been drawn from the bank the latter is under strict
obligation to pay the depositor. The bank therefore has to ensure at all times that the
money of the depositors is not drawn fraudulently. Time has come when the security
aspects of the banks have to be dealt with on priority basis. The banking system in
our country has been taking care of all segments of our socio-economic set up.
A bank fraud is a deliberate act of omission or commission by any person carried
out in the course of banking transactions or in the books of accounts, resulting in
wrongful gain to any person for a temporary period or otherwise, with or without
any monetary loss to the bank.
Frauds in U.S.A
In U.S.A, during January 1, 2008 December 31, 2008, the internet crime complaint
center (IC3) website received 275,284 complaint submissions. This is a (33.1%)
increase when compared to 2007 when 206,884 complaints were received. These
filings were complaints primarily related to fraudulent and non-fraudulent issues on
the internet.

Top ten IC3 complaints categories

Going by the statistics released in 2009, the Internet Crime Complaint Center (IC3)
of the US Federal Bureau of Investigation (FBI) reported losses from internet fraud
in 2009 witnessed more than twofold increase over 2008 from $264.6 million to
$559.7 million.
From 2001 to 2007, the FBI34 sought an increase of more than 1,100 agents for
criminal investigations apart from national security. This shows the severity in the
financial frauds during 8 years. Credit card fraud is the number one problem in e-
commerce. With about 93 percent of all consumer internet purchases made with
credit cards, credit card frauds are on the rise. In fact, a Gartner survey of 100 web
retailers found Internet credit-card fraud to be much more common than offline
fraud, making it the "No. 1 problem" in ecommerce.
Internet frauds that victimize the merchants are becoming shrewder, wiser and more
sophisticated35. In fact, gone are the days when credit-card thieves have to break

27
into web servers to steal card numbers. All they have to do is to download software
on the internet to generate a supply of credit card numbers associated with a
particular bank.
The federal Fair Credit Billing Act limits consumer liability for all incidents of
credit card fraud to only $50 of any unauthorized charges. Thus, online merchants
often stand to lose the most from online fraud. Beyond the expenses of charge-backs
and bank fees (which are higher than those paid by their traditional retail
counterparts), companies that gain reputations as vulnerable to online fraud often
lose customer confidence and business.
The CSI/FBI Computer Crime and Security Survey36 for 2000 indicated that 44
percent of all companies interviewed revealed that they failed to report incidents,
while 20 percent notified their legal counsel, and only 25 percent went to law
enforcement agencies. More than half stated that they wanted to avoid negative
publicity or would prefer to handle the situation themselves.
In 2008, due to credit card fraud the average dollar loss per complaint was $223.00
as compared to $1000.00 computer fraud average dollar loss per complaint. Internet
frauds have increased to 33 per cent in 2008 causing $265 million loss to the victims.
India takes the fifth position, according to a 2008 internet fraud report. US top the
list with 275,284 reports (92.4 percent), followed by Canada with 1.77 percent,
Britain (0.95 percent), Australia (0.57 percent) and India 0.36 percent.
Phishing is the criminally fraudulent process of attempting to acquire sensitive
information such as usernames, passwords and credit card details, by masquerading
as a trustworthy entity in an electronic communication37 and the United States is
the world leader here according to wordpress.com site38 (2006).While phishing is
not the only way to commit internet fraud it is rather disturbing to see India at 8 %
phishing attack.
The study by software vendor trustees found that each bank was subject to about 832
phishing attacks each year, but only one out of every 2.7 phishing URLs reached
their intended targets. The rest were blocked using email-based phishing filters or
anti-spam systems or the websites were taken down before they could cause any
damage.
This meant that an average of 12.5 out of every million customers from any given
bank visited a phishing website on receiving a phishing email every year and 4700
handed over their login information.
Financial institutions are subjected to an average of 16 phishing attacks per week,
costing them between $2.4 and $9.4 million in losses each year. Figure 3.8 shows
the phishing sites by country of host in 2010.

28
shows the phishing sites by country of host in 2010.

Top countries hosting phishing website in

2010
The Netherlands
South Korea Italy 3%
3%China 3%
Russia 3%
3%
France
4%
United Kingdom
6%
Canada
6% United States
62 %
Germany
7%

Payments industry association Apacs reports that the number of phishing attacks,
where e-mails which try to persuade unsuspecting victims to provide confidential
bank information and personal details. And money mule advertisements, where
fraudsters looking to recruit someone to transfer money from one country to another
on their behalf, both continue to rise.
Apacs said the number of phishing websites set up in the first half of 2008 increased
by 180% and the number of money mule advertisements rose by 33% over 2007.
According to report from Avira antivirus vendor in 2010, Paypal got into the focus
of the phishers attempts to steal account information again three quarter of all
phishing attempts attacked PayPal accounts (75%). Ebay accounts seem to be less
attractive; the amount of phishing attacks is down to a quarter (2.76%).

Definition of fraud
Fraud is defined as "any behavior by which one person intends to gain a dishonest
advantage over another". In other words , fraud is an act or omission which is
intended to cause wrongful gain to one person and wrongful loss to the other, either
by way of concealment of facts or otherwise. Fraud is defined under section 421 of
the Indian Penal Code and under section 17 of the Indian Contract Act.
Thus essential elements of frauds are:
There must be a representation and assertion
It must relate to a fact
It must be with the knowledge that it is false or without belief in its truth
It must induce another to act upon the assertion in question or to do or not to
do certain act.

Bank frauds: concept and dimensions

Banks are the engines that drive the operations in the financial sector, which is vital
for the economy of the country. After Independence, the banks have passed through

29
three stages. With the nationalization of banks in India in 1969, they also have
emerged as engines for social change They have moved from the character based
lending to ideology based lending to today competitiveness based lending in the
context of India's economic liberalization policies and the process of linking with
the global economy.
While the operations of the bank have become increasingly significant banking
frauds in banks are also increasing and fraudsters are becoming more and more
sophisticated and ingenious. In a bid to keep pace with the changing times, the
banking sector has diversified its business manifold. And the old philosophy of class
banking has been replaced by mass banking. The challenge in management of social
responsibility with economic viability has increased.
The variations in the definitions of e-fraud are attributable to a number of factors
such as the differing contexts in which e-fraud has been found to occur: for example,
the definition given by the USA Department of Justice (DOJ 2001) is consumer
oriented. The perceived importance and role of the Internet / technology is other
source of variation. In considering the underlying dimensions, domain and outcome
differences as well as the differences in how the involvement of technology in the
electronic crime is defined, numerous different definitions result. These variations
are accommodated within the broad definition put forward by Graham (2001). Using
the Grahams (2001) definition as a basis, the figure 3.9 provides a diagrammatic
representation of the e-fraud as the intersection of E-crime and Fraud.
Region diagrams pending..

Losses sustained by banks as a result of frauds exceed the losses due to robbery,
dacoity, burglary and theft-all put together. Unauthorized credit facilities are
extended for illegal gratification such as credit allowed against pledge of goods,
hypothecation of goods against bills or against book debts. Common modus operandi
are, pledging of spurious goods, projecting as high value goods, hypothecating goods
to more than one bank, fraudulent removal of goods with the knowledge and
connivance with negligent bank staff, pledging of goods belonging to a third party.
An analysis made of cases brings out broadly the under mentioned four major
elements responsible for the commission of frauds in banks. Active involvement of
the staff-both supervisor and clerical either independent of external elements or in
connivance with outsiders. Failure on the part of the bank staff to follow exactly laid
down instructions and guidelines. External elements cause to continue indefinitely
frauds on banks by forgeries or manipulations of cheques, drafts and other
instruments. There has been a growing collusion between business, top banks
executives, civil servants and politicians in power to defraud the banks, by getting
the rules bent, regulations flouted and banking norms thrown to the winds.

E-fraud model
Perpetrator
The perpetrator or attacker in any e-fraud event will be either internal or external
to the organization. Where the target entity is an individual, then presumably all
perpetrators will be external, although this highlights the need to be quite careful

30
when defining what is implied by entity, and hence the use of the term entity, rather
than organization. Presumably an entity could be a family, thus allowing a
perpetrator to be considered internal where they have a close relationship with the
family (or are part of the family) and / or intimately aware of the systems in use by
family members.

Mode of Attack
Modes of attack are the mechanism used to commit fraud. Two broad types are
technical and non-technical modes. Non-technical methods include identity
deception (simple case of lying) and social engineering (Alexander 1996). Technical
modes of attack are numerous and contribute towards the e portion of the term. At
times, closely related to the target system. Examples of modes of attack include data
modification in systems, IP spoofing and use of malicious code. Special attention
should be paid to identity fraud, as it may be either technical or non-technical.

Target System
The target system element represents the system through which the fraud will be
perpetrated. The target system includes a number of interconnected systems, some
of which may not be owned or controlled by the target entity. Systems that are
wholly contained within the entity will presumably be attacked by a different type
of perpetrator, using different modes of attack than those that would be used against
inter-organizational systems (IOS) that are only partially controlled by the
organizations. The inclusion of IOS and e-business systems must improve the
prospects of a better understanding of the risk exposure that the systems on which
entities rely represent.

Target Entity
The separation of the target entity from the target system allows the characteristics
of the entitys context to be considered without the compounding influence of the
systems and distinguishes weaknesses of the technology from the entity
characteristics. Entities can be divided into two classes: individuals and
organizations. These class share many features (such as lack of awareness) but
organizational features such as the existence control systems such as corporate
governance, teams of fraud specialists, as well as prevention and detection
procedures suggest that these two target groups need to be considered separately.

Impact
Impact is the result of an e-fraud incident, and may include either financial losses
or nonfinancial losses. Financial losses include the cost of rectifying the situation
(such as consultants coming in to fix the security holes) or actual losses from assets
stolen or damaged. Non-financial losses include loss of reputation, loss of
competitive advantage and personal distress and loss of wellbeing. Impact is
considered separately from target entity as a single incident of e-fraud may have a
broad impact across more than just the target entity or entities. This distinction
accommodates for any flow on affects where the impact can be an interim result of
another crime such as identity theft.

Implications of the E-fraud Model

31
E-fraud needs to be well understood to in order to properly quantify and mitigate the
risk exposure. There is a need to see dimensions, the breath and depth of e-fraud.
The model presented should assist practitioners to gain a wider view of how
organizations and individuals can be affected by e-fraud. A key point that arises out
of the study of dimensions of e-fraud was the prevalence of discussion of identity-
related frauds implicitly and explicitly. Firstly, much of the literature identified
identity fraud as a category of e-fraud or e-crime explicitly. In many cases identity
related crimes were implicit in nature, for example, many white-collar crimes were
committed through the use of borrowed or stolen identities and passwords (DOJ
2001a, Graycar & Smith 2002). It would seem that identity fraud and e-fraud are
intimately linked. Another implication for the e-fraud model is that in the future this
model may help facilitate a better collection of more detailed data and by using a
richer data set across the various dimensions identified in the model.

Types of fraud
Electronic Fraud
Identity Fraud
Spy ware and Ad ware
Debit/Credit Card Fraud
Electronic fraud
This refers to email scams from fraudsters to obtain banking and personal
information and here is how it works: The person receives an email appearing to be
from NBK Company or another legitimate company in or out of a country.
The email may claim a number of different things such as:
There is a problem with your account
Ask you to enter a contest to win a prize
Ask you to subscribe to a service that will provide you with prizes and etc.
You are then asked to provide your personal and financial information by
completing an online form.
The form requests a variety of information such as:
Your credit card numbers
Your account number
Your passport or Civil ID numbers and so forth
Once you provide this information the fraudsters will have the necessary
information on you to conduct a fraud. Here is an example of an email fraud as
shown in figure 3.11
Picture are pending.

Numerous definitions of e-fraud have been advanced in the e-crimes

literature. Graham (2001) defines e-fraud as a fraudulent behavior
connected with computerization by which someone intends to gain
dishonest advantage. In this definition e-fraud equates to, and

32
supersedes, the term computer fraud. Some definitions specify e-fraud in
relation to electronic commerce or the Internet such as Smith (2001) in
which e-fraud is seen as any dishonest activity that involves the Internet
as the target or means of obtaining some financial reward. The USA
Department of Justice also defines e-fraud in relation to the Internet.
A fraud scheme that uses one or more components of the Internet - such
as chat rooms, e-mail, message boards, or web sites - to present fraudulent
solicitations to prospective victims, to conduct fraudulent transactions, or
to transmit the proceeds of fraud to financial institutions or to other
connected with the scheme.
Alternatively, some studies40 define such crimes as Internet fraud,
Identity fraud
Identity fraud is where a dishonest person will gather personal details in order to
conduct a fraud which will financially hurt the user. These fraudsters can obtain user
personal information in a number of ways, via telephone scams or on the internet.
The following can be used to assume customer identity:
Date of birth
Address
Personal ID number or other identification numbers
Mobile phone number
Banking information

Spyware and Adware

Spyware is a type of software that secretly collects user personal and information
while on the Internet.
Adware is a type of spyware used to track visitors' habits and interests on the
Internet. Adware can monitor the types of sites user visit, the articles read or the
types banners user click on and so forth. Many times this information is sold to
a third party for the purpose of marketing.

Wire fraud
Wire transfer networks such as the international, interbank fund transfer system
are tempting as targets as a transfer, once made, is difficult or impossible to
reverse. As these networks are used by banks to settle accounts with each other,
rapid or overnight wire transfer of large amounts of money are commonplace;
while banks have put checks and balances in place, there is the risk that insiders
may attempt to use fraudulent or forged documents which claim to request a bank
depositor's money be wired to another bank, often an offshore account in some
distant foreign country.

Theft of identity
Dishonest bank personnel have been known to disclose depositors' personal
information for use in theft of identity frauds. The perpetrators then use the

33
information to obtain identity cards and credit cards using the victim's name and
personal information.

Credit card fraud

Credit card and debit card fraud is a crime where credit or debit cards are
reproduced by criminals. This type of crime is known as 'skimming'.
Credit or debit card fraud can also occur when user card is lost or stolen and used
by fraudster to purchase goods or remove cash from ATMs or other locations.
Credit card fraud is a multi-billion-currency a year loss for banks and the
government. With the progression of computers and e-commerce, hackers are
able to exploit more information more easily without ever having to leave their
homes. Now, entire departments of organizations in the criminal justice system
are being dedicated to preventing and finding cyber-crimes.
There are many ways that scammers can actually get user information. This
can be as simple as mass sending an e-mail impersonating a bank and linking to
a look-alike website luring you to enter your financial information there, or they
can be as complicated as stealing information off the real bank website through
complicated computer viruses. Financial institution look-alike websites can be
found all over the internet, and can be very convincing. This method generally
isnt very involved, as it is quite easy to design or find a website that remotely
looks like bank institutions. This method has also been around the longest and
has motivated financial websites to secure their websites more. The look-alike
websites are coded to look and act likes the normal website, with one difference:
The information submitted to the site goes to the hackers databases rather than
the banks.
Another method of obtaining financial information is ATM skimming.
Popular recently, this method involves putting a mechanism on the ATMs card
slot that reads that magnetic strip. If placed correctly, these machines can be very
effective, because the user still is able to go through with their transaction on the
ATM. The device has a small magnetic reader called an MSR, and a small
memory card that records all cards inserted. Magnetic strips have two important
strings of information on them, called Track 1 and Track 2. Although only one is
needed for a bank transaction, both tracks are usually paired and exploited
together. The more informative Track 1 contains account number, expiration
date, card verification value (CVV2) code, and name of account holder. This, of
course, is all the information needed to steal money from the account holder. The
data dumped from the memory cards, are called dumps.
Knowing store owners or other knowledgeable people, these dumps can be
exploited. In most cases, dumps are sold without PIN numbers, and only
depending on the bank, only $500 can be stolen from the account. However, with
a PIN number, the account could be completely emptied at the disposal of the
hacker. Of course, greater payouts mean greater effort and risk involved.
Retrieving PIN numbers is more involved and requires more advanced
technology to retrieve. Dumps are the most complicated form of stolen financial
information to cash out, as they require access to a bank wire that only retailers
would have. This gets into money laundering and other ways to put on the facade
that the money is being earned legitimately.

34
 There is another method that involves using a money transfer service
from legitimate money Transfer Company to transfer the money from the stolen
account to a separate account. The obstacle hackers have to overcome is the fact
that legitimate company operators check the identity of the bank account to the
person executing the transaction. This can be overcome by knowing operators or
possibly working with them. Operators that are involved with illegal sending of
money are known as drops, and share the profit with the hacker.
Finally, a more efficient and brute-force method is to steal online
retailers customer databases. Obviously, this is a gold mine of information for a
hacker. In some cases, little effort is required to hack into insecure databases from
smaller retailers and can result in massive payouts for the hacker with little effort.
The data collected from this method usually can sell on the black market for a
higher price, as the data is almost guaranteed to be accurate, and depending on
the vendor, quality data can be sold for a varying price on the black market.
In most cases, the hackers that exploit this financial information
do not use it directly for financial gain. Instead, they sell the information. Hackers
sell three basic things: dumps (track 1 and track 2 off the magnetic strips),
CVVs (all information needed to buy something online), and fullz (a cvv
plus social security number, mothers maiden name, date of birth, and PIN
number). CVVs are usually the cheapest, ranging from $1.50 to $5 a piece,
depending on the age of the information and the type of card (VISA, Mastercard,
American Express, Discover). Fullz usually sell for $8-$15 dollars, and finally
dumps can sell for up to $100 depending on the seller. Like anything, discounts
are given for buying in greater quantities.
One may be wondering how these exchanges are made. It has been described that
the illegal credit card market is like the illegal drug market. The system works in
a hierarchical way, prices vary, and there are scammers. Obviously, hackers can
use the streets to sell ill-gotten information, through a chat-system called Internet
Relay Chat, IRC. IRC is an extremely simple protocol of chat that has been
around since the time the internet was invented, and by nature is extremely hard
to monitor and track. The only time during which third parties such as the police
can monitor chats through IRC, are when the actual exchange is occurring. After
the exchange, there is absolutely no record of the chat. There are IRC servers
entirely dedicated to illegal credit card distribution, though contain no evidence
to prosecute with. Also, every user usually is behind what is called a proxy. A
proxy is a server that the user connects to and then uses to connect to the illegal
server to avoid being traced. Properly run proxies are extremely hard to trace to
the origin, and offer an extra layer of protection. Once connected to the server,
users join what are called channels and find literally advertisements from
vendors. Buyers find sellers, send them a message, and the exchange is executed.
Other forms of communication are personal instant messengers such as Yahoo
Messenger and regular e-mail.
Of course, hackers simply cant pay for the illegal data with
conventional methods of internet payment. Hackers commonly use services such
as EGOLD, Liberty Reserve, and other forms of electronic metal. Emetal
accounts are bank accounts that are 100% backed by gold, silver, platinum, and
other precious metals, and they are 100% untraceable and anonymous. Payments

35
 are made from one e-metal account to another, and nothing can be traced. Other
forms of payment can include services such as Western Union and MoneyGram,
and are used for larger purchases usually.

Booster cheques
A booster cheque is a fraudulent or bad cheque used to make a payment to a credit
card account in order to "bust out" or raise the amount of available credit on
otherwise-legitimate credit cards. The amount of the cheque is credited to the card
account by the bank as soon as the payment is made, even though the cheque has not
yet cleared. Before the bad cheque is discovered, the perpetrator goes on a spending
spree or obtains cash advances until the newly-"raised" available limit on the card is
reached. The original cheque then bounces, but by then it is already too late.

Stolen payment cards

Often, the first indication that a victim's wallet has been stolen is a 'phone call from
a credit card issuer asking if the person has gone on a spending spree; the simplest
form of this theft involves stealing the card itself and charging a number of high-
ticket items to it in the first few minutes or hours before it is reported as stolen.
A variant of this is to copy just the credit card numbers (instead of drawing attention
by stealing the card itself in order to use the numbers in online frauds.

Duplication or skimming of card information

This takes a number of forms, ranging from a dishonest merchant copying clients'
credit card numbers for later misuse (or a thief using carbon copies from old
mechanical card imprint machines to steal the info) to the use of tampered credit or
debit card readers to copy the magnetic stripe from a payment card while a hidden
camera captures the numbers on the face of the card.
Some thieves have clandestinely added equipment to publicly accessible automatic
teller machines; a fraudulent card stripe reader would capture the contents of the
magnetic stripe while a hidden camera would sneak a peek at the user's PIN. The
fraudulent equipment would then be removed and the data used to produce duplicate
cards that could then be used to make ATM withdrawals from the victims' accounts.

Impersonation and theft of identity

Theft of identity has become an increasing problem; the scam operates by obtaining
information about a victim, then using the information to apply for identity cards,
accounts and credit in that person's name. Often little more than name, parents' name,
date and place of birth are sufficient to obtain a birth certificate; each document
obtained then is used as identification in order to obtain more identity documents.
Government-issued standard identification numbers such as PAN numbers are also
valuable to the identity thief.
Unfortunately for the banks, identity thieves have been known to take out loans and
disappear with the cash, quite content to see the wrong persons blamed when the
debts go bad.

36
Money laundering
The term "money laundering" dates back to the days of Al Capone Money laundering
has since been used to describe any scheme by which the true origin of funds is
hidden or concealed. The operations work in various forms. One variant involved
buying securities (stocks and bonds) for cash; the securities were then placed for safe
deposit in one bank and a claim on those assets used as collateral for a loan at another
bank. The borrower would then default on the loan. The securities, however, would
still be worth their full amount. The transaction served only to disguise the original
source of the funds. The Finance ministers of G-20, including India has decided to
take counter measures against tax heavens particularly non-cooperative ones, to
prevent money laundering and terror financing through cyber crimes from 2010.

Difficulties in tracking bank frauds:

Hi-tech crime
The information technology is changing very fast. The normal investigator does not
have the proper background and knowledge .special investigators have to be created
to carry out the investigations. The FBI of USA have a cell, even in latest scenario
there has been cells operating in the Karnataka/ Maharashtra/Punjab police
departments to counter cyber crimes. CBI also has created special team for fighting
cyber crimes.

International crime
A computer crime may be committed in one country and the result can be in another
country. There has been lot of jurisdictional problem a though the Interpol does help
but it too has certain limitations. The different treaties and conventions have created
obstructions in relation to tracking of cyber criminals hiding or operation in other
nations.

No-scene crime
The computer satellite computer link can be placed or located anywhere. The usual
crime scene is the cyber space. The terminal may be anywhere and the criminal need
not indicate the place. The only evidence a criminal leaves behind is the loss to the
crime.

Faceless crime
The major advantage criminal has in instituting a computer crime is that there is no
personal exposure, no written documents, no signatures, no fingerprints or voice
recognition. The criminal is truly and in strict sense faceless. There are certain spy
softwares which is utilized to find out passwords and other vital entry information
to a computer system. The entry is gained through a spam or bulk mail. The Reserve
Bank of India has come up with different proposals to make the way easier; they
have enacted electronic fund transfer act and regulations from time to time.
The enacted laws of India from 2000 to till now are not at all adequate to counter
cyber crimes. 41In the past nine years, 307 cases have been registered in Bangalores
specially set up cyber crime police station. Of them 80 per cent relate to hacking and
misuse of bank accounts. The police have filed charge sheets in 60 cases. So far no

37
one has been convicted. The Indian Penal code, evidence act, and criminal procedure
code had no clue about computers when they were codified. It is highly required to
frame and enact laws which would deal with those subjects which are new to the
country specially cyber law; Intellectual property right etc. Though IT act 2000 was
the first step towards combating cyber crimes and encouraged e-commerce in India,
the act was not implemented properly. Hence IT Act 2000 was again revised in 2010
with more stringent laws to counter ever increasing cyber frauds in India.

38
Chapter:5 An Overview of E-Banking
Introduction
Internet Banking lets you handle many banking transactions via your personal
computer. For instance, you may use your computer to view your account balance,
request transfers between accounts, and pay bills electronically. Internet banking
system and method in which a personal computer is connected by a network service
provider directly to a host computer system of a bank such that customer service
requests can be processed automatically without need for intervention by customer
service representatives. The system is capable of distinguishing between those
customer service requests which are capable of automated fulfillment and those
requests which require handling by a customer service representative. The system is
integrated with the host computer system of the bank so that the remote banking
customer can access other automated services of the bank. The method of the
invention includes the steps of inputting a customer banking request from among a
menu of banking requests at a remote personnel computer; transmitting the banking
requests to a host computer over a network; receiving the request at the host
computer; identifying the type of customer banking request received; automatic
logging of the service request, comparing the received request to a stored table of
request types, each of the request types having an attribute to indicate whether the
request type is capable of being fulfilled by a customer service representative or by
an automated system; and, depending upon the attribute, directing the request either
to a queue for handling by a customer service representative or to a queue for
processing by an automated system..

Models for electronic services delivery

E-commerce is about buying and selling information, products and services via
computer networks such as the Internet and Electronic Data Interchange (EDI).
Ebanking is one form of e-commerce. The term commerce is viewed rather narrowly
by some as transactions conducted between business partners. However, for the
purpose of this book, a broad scope definition by Kalakota and Whinston (1997) will
be used. They define e-commerce from the following perspectives:
Communications: e-commerce is the delivery of information, products/
services, or payments over telephone lines, computer networks, or any other
electronic means.
Business process: e-commerce is the application of technology towards the
automation of business transactions and workflow. Service: e-commerce is
a tool that addresses the desire of firms, consumers, and management to cut
service costs while improving the quality of goods and increasing the speed
of service delivery.
Online: e-commerce provides the capability of buying and selling products
and information on the Internet and other electronic channels such as EDI.
For firms e-commerce brings:
Different and arguably lower barriers to entry; Opportunities for significant
cost reduction;
The capacity to rapidly re-engineer business processes;

39
 Greater opportunities to sell across borders.
Each and all of these potential benefits provides for increased competition and the
ability to wrest market leadership from established players. For consumers the
potential benefits are:
More choice;
Better value for money obtained through greater competition;
More information;
Better tools to manage and compare information;
Faster service.
The revolutionary growth of network technologies and especially the Internet has
enabled us to conduct business electronically at a global level. For this reason, most
of the literature in this field refers to technological issues and is mostly application
driven. There is a significant stress on the technical infrastructure that supports e-
commerce applications such as networks, multimedia contents, messaging and
payments. E-commerce allows new products to be created and/or for existing
products to be customised in innovative ways. In the long term, competitive
advantage may only be achieved by providing innovative services, or services that
are uniquely bundled using web capabilities. Banks should look beyond their own
industry in benchmarking other facets of operations and examine other
technologically advanced industries for innovative ideas. Successful Web-based
companies, such as eBay and Priceline.com, have established profitable business
models that may include features that banks could adapt, such as mortgage
applications and transactional processes (Southerd, 2004).
Such changes may redefine organizations missions and the manners in which they
operate.
E-commerce also allows suppliers to gather personalised data on
customers. Building customers profiles, as well as data collection on certain groups
of people can be used as a source of information for customising existing products
or designing new ones (Wind, 2001).
Mass customisation enables manufacturers to create a specific product for each
customer, based on his or her exact needs. For example, Motorola gathers customer
needs for a pager or cellular phone, transmits them electronically to the
manufacturing plant where they are manufactured, according to the customers
specification, i.e. colours, features, and then sends the product to the customer within
a day (Turban et al., 2000). Similarly, Dell Computers and Levi use this approach.
Using online tools, customers can design or configure products for themselves. For
example, customers can configure a PC to their exact needs (in case of Dell) or
design their T-shirts, furniture, cars and even a Swatch watch.
In the service sector, e-commerce is playing a major role and has changed
organizations as varied as the travel industry and the banking industry. This covers
some of the sectors, which have considerably changed as a result of the emergence
of e-commerce, and helps our understanding of e-banking from these different
perspectives.

40
Travel and tourism sector
The Internet is an ideal place to plan, explore and arrange almost any trip. People
can make potential savings by buying on the Internet, eliminating travel agents and
buying directly from the providers. Websites like CheapFlights.com and lastminute.
com allow customers to buy flexible fares on the Internet, where they can also make
use of last minute deals. E-services are provided by all major airlines: American
Airlines, Air Portugal and others conduct online auctions in which passengers can
bid for tickets.

Broker Based services

Brokers usually work for a commission, acting as intermediaries between buyers and
sellers of services. The buyers can be an individual or a company. Some of the most
notable services are travel agencies, insurance agencies, and stock market
brokerages. The agents role in an e-commerce environment is changing, and
increasingly they will need to put more emphasis on providing value added services,
such as:
Assisting in comparison shopping from multiple sources;
Providing total quality solutions by combining services from several vendors;
and
Providing certifications and third party control and evaluation systems.

The Job market

Thousands of employment agencies operate on the Internet, with companies
advertising on their home pages. There are sites where one can assess market
wages rate by entering skills sets. Similarly, it is possible to seek employment
anywhere in the world as jobs are advertised on the Internet. Many recruitment
agencies such as www.hays.com use the Internet as their main communication
channel, both with employers and job-seekers.

The Property Market

One of the booming uses of the Internet is that of buying or renting property,
through websites such as Yahoo, loot.com or Yourmove.com. Properties can be
viewed on screen, sorted and organised according to customer criteria, and
previewed. In short, e-commerce is creating fundamental changes in the ways
business operate, their functions, and the way they compete. Engaging in e-
commerce requires rethinking the very nature of the buyer/seller relationship. It
requires the fundamental transformation of business, because all or most human
interactions and paper-based processes within the value chain will need to be
changed.

From E-Commerce To E-Banking

In its very basic form, e-banking can mean the provision of information about a
bank and its services via a home page on the World Wide Web (WWW). A more
sophisticated Internet based service provides the customer with access to their
accounts, the ability to move money between different accounts, make payment
or apply for loans and other financial products. The term e-banking will be used

41
in this book to describe the all types of provision of financial services by an
organization to its customers. Such
customers may be an individual or another business. To understand the electronic
distribution of goods and services, the work of Rayport and Sviokla (1994, 1995)
is a good starting point. They highlight the differences between the physical
market place and the virtual market place, which they describe as an information-
defined arena. In the context of e-banking, electronic delivery of services means
a customer conducting his transactions from a remote location (e.g. home) rather
that visiting a local branch.
In the mid eighties, online banking arrived. In its early form online banking
services requiring a computer, modem and software provided by the financial
services vendors. Generally, these services failed to get widespread acceptance
due to high call costs and unfriendly system interfaces, and were discontinued by
most providers.
With the arrival and widespread adoption of The World Wide Web, banks
renewed their interest in this area and started developing a web presence. The
goal was for a banks website to provide many, if not all, of the services offered
at a branch. This may include transactions as well as information, advice,
administration, and even cross-selling. However, the interactive nature of the
Web not only allows banks to enhance these core services, but also enables banks
to communicate more effectively and expand customer relationships. When
combined with the improving analytical capabilities of data mining and related
technologies, the potential for enriching the relationship with customers is
unlimited. The most common services in current e-banking offerings are
described in Table 3.1.
Most banks and other financial institutions in the developed world have
established an Internet presence with various objectives. Some banks are there
because their competitors have done it. Others prefer a wait and see practice.
Some are using it as a banking channel being part of their distribution /delivery
management.
E-banking largely came into being as a result of technological developments in
the field of computing and communications but there have been a number of other
factors or challenges which played an important part in its development.
According to Jayawardhena and Foley (2000) the challenges for banks are
fourfold. First, they need to satisfy customer requirements that are complex and
ever changing. Second, they need to deal with increased competition from old as
well as new entrants coming into the market. Third, they need to address the
pressures on the supply chain to deliver their services quickly. Finally, they must
continually develop new and innovative services to differentiate themselves from
the competition, as having a large branch network is no longer seen as a main
source of competitive advantage. E-banking is seen by many banks as a key tool
to address these challenges.
Other reasons for the adoption of e-banking by banks may include achieving
competitive advantage (at least in short term), creating new distribution channels,
improving image, and reducing costs. These issues are discussed in the previous
chapter.

42
 Types of e-banking Description
Account Access Access online to all of ones account information (usually checking,
savings, and money market), which is either updated in real time or on
a daily bath basis.
Balance Transfer Transfer funds between accounts.
Bill Payment Pay any designated bill based on instructions one proves including
whether to pay automatically or manually each month.
Bill Presentment View billing statements as presented electronically, which allows
interactive capabilities such as sorting, drill-down details, or
advertising, in addition to on-click payments.
Mortgage/Credit Search, apply, and receive approval online for various types of loans
Card/ Misc. Lending and then review your statements using online bill presentment.
Business Banking Services In addition to all of the basic payment and account access services,
merchant can manage their electronic lock box for received payment,
accounts receivable posing, as well as initiative payment via networks.
Customer Service & While the Web will eventually enable live communication, it is most
Administration optimally designed to facilitate interaction with information so that
customers can more easily service themselves. In the process,
customers receive as good, if not better, service while the bank saves
money with each additional transaction as it realises the scale
economies of its largely fixed online investment. Advanced e-Mail
systems with automated replies and intelligent routing are also helping
to improve the online customer service experience.
Cross-selling Just as visitors to a branch are being offered new products by tellers
and simple signage, so can Web bank customers. In most cases today,
banks perform this function online with standard, broadly targeted text
offers or by just making their product literature available online. In the
future, banks will be able to harness the true power of the Internet by
providing targeted offers to Web customers based on a combination of
their
indicated interests and financial situation. Not only will banks be able
to sell banks products, but non-financial products as well.
Personalised Content and As one visits the Web branch, one is instantly recognised and content
Tools displayed is oriented toward ones interests including weather,
investment, and hobbies. More importantly, by using the Web, bank
customers could use online financial planning tools to better manage
their finances.
Accounts Aggregation Accounts aggregation enables a consumer to be presented with all his
or her account details (current account, saving account, mortgage
account etc.) on a single page.

Electronic Funds Transfer
For access to external (to their first choice bank) financial data
consumers to provide their account passwords to the aggregator
(usually a bank). The aggregator uses the passwords to access
automatically the consumers accounts. The information is then
provided to the consumer on a consolidated basis on a single page so
the customer has a full view of his/her financial portfolio. In most cases
funds can be transferred from one account to another.
Electronic Funds Transfer (EFT) is a system of transferring money
from one bank account directly to another without any paper money
changing hands. One of the most widely-used EFT programs is Direct
Deposit, in which payroll is deposited straight into an employees bank
account. This system may also be used for debit transfers, such as
mortgage payments.

The widespread adoption of the internet during late 1990s and early 2000s
promised a revolution in the way consumers worldwide accessed and managed their
finances. Many analysts predicted that e-banks, having the advantage of a low cost
base, would win deposits and loans by offering superior rates. and that many existing
providers of those products would be driven out of the market. In the US, large banks
targeted affluent customers using this medium. For example, in 2000, HSBC and
Merrill Lynch committed to spend $1bn on a joint venture that would combine

43
online premium banking and share dealing. Within a few months, several other
banks had followed suit (Larsen, 2004). But the response was generally
disappointing. Banks found customers reluctant to give up their bricks and mortar
branches, and the take up was much lower than expected.
Low ROI from e-banking initially meant that some traditional retail banks which
used e-banking as just another channel rather than replacing branches or call centres
benefited most. That early experience showed that even the most keen e-banking
customers also wanted the convenience of branches and phone banking. This led to
an argument that e-banking just adds another layer of complexity and unjustifiable
costs. The growth of phishing, where fraudsters use spam e-mails and bogus
websites to encourage people to reveal their account details, together with other
security concerns, were also used to argue against the very existence of e-banking.
Nevertheless, in spite of some scepticism, given the real and promised benefits of
the e-banking it continues to grow rapidly in most parts of the developed world. In
developing countries the picture has been less clear. In China, for example, lower
use of credit cards and a less sophisticated financial infrastructure has resulted in e-
banking being adopted by only a small portion of the population. In other countries
such as Pakistan most of rural bank branches still operate using paper filing system
which means that e-banking is only available in large cities.
Emerging economies may consider adopting the Western e-banking models as e-
banking is maturing in advanced countries. Continued economic and banking reform
is a key requirement so that adapted e-banking models can easily be implemented in
developing countries. This will involve a continuous reforms of legal, commercial,
banking and bureaucratic infrastructures so that the development of new information
and communication technologies, thus e-banking infrastructures can take place.
Banks would find it difficult to properly implement e-banking without a strong ICT
infrastructure. In addition, economic, political and banking reform is vital.
Appropriate levels of regulatory supervision should be introduced to ensure
adequate levels of capital adequacy. Attention must also be directed towards bank
management training in the areas of electronic channels. If efficient e-banking is
generally adopted by emerging markets, the path is likely to open for economic
benefits to accrue both within each country and globally (Simpson & Evans 2003).

Future of E-banking
It is notoriously difficult to predict the future, but some educated guesses can be
made using past and current experiences. In our view, the next developments in e-
banking will involve new products and services that were not feasible in traditional
banking models. This could involve enabling instant payments using mobile devices,
or tools to help people manage their multi-bank financial portfolio, simultaneously.
Internet only banking may also become more viable as the functionality of e-banking
systems grows, and customers adapt to the new ways of conducting their financial
activities. International banking might become a reality for ordinary consumers as
banking payments systems are increasingly harmonised across borders. For
example, in Europe, new measures are being introduced by the European Union to
allow cross-border provision of e-commerce services by providing a single payment
system. Similar initiatives are due to be implemented in other parts of the world.

44
 E-banking has the potential to be a very rich and pleasant experience, and may
provide more opportunities for banks to develop mutually satisfying, tailor made
services to enrich relationship with customers. As technology evolves, the
opportunities to extend the relationship beyond what is possible in the physical
world continue to grow and will only be limited by a banks ability to innovate or
commitment to e-banking.
Some companies such as IBM have expressed their vision of the future of financial
services, complete with biometrics, state-of-the-art branch offices, enterprise risk-
management systems, and advanced customer interaction (Marlin, 2005). The use of
financial decision-aid tools in e-banking is also set to grow. To date, the experiences
of many e-banking users with these tools have proved unsatisfactory:
with many firms do not even offering online advice tools, people often have little
idea of the benefits such tools could bring. Banks need to promote the availability
and use of these, and educate consumers about their benefits (Clarke, et al. 2008).
One good example of a bank offering useful financial management tools is UBS
which in addition to the usual e-banking functions, provides a number of such tools,
for example (UBS, 2008):

UBS Pay: This software allows entry and management of payments

without connecting to the Internet. UBS Pay helps, for example, when
entering payments abroad enabling selection of the most cost-efficient
order type. Payment orders are then sent collectively to UBS via UBS e-
banking in just a fraction of the time it takes to enter them directly online.
With a user-friendly graphical interface, archiving and analysis functions,
all of a users executed payments and beneficiaries details may be
accessed at any time. A number of export options also simplify the
transferring of data to MS Excel and MS Money.
UBS BESR e-list: UBS BESR e-list is ideal for small and medium-sized
enterprises or individuals who just need a simple accounts receivable
system with integrated invoicing functions. It manages the collection of
receivables, within Switzerland using banking payment slips with
reference number (BESR). The new UBS BESR e-list software replaces
the old paper accounts receivable list and makes a long process automatic
and quick.
WebCalculator:You can use the WebCalculator for stock exchange
transactions to figure out quickly and easily the brokerage fees for
transactions you are planning or you have already executed. Depending
on the service package, it is available at a reduced price and includes the
UBS investment advisory service, or may be purchased by professional
investors at a price not including UBS advisory. In both cases your market
orders can be given using UBS e-banking via the Internet or UBS e-
banking using a mobile device.
PayPen: Reads Swiss payment slips easily and quickly. With a quick
brush of the hand payment slip may be imported into the e-banking
system of the bank or payment software in seconds.
GIROMAT 130: With GIROMAT 130 you can process all Swiss
payment slips. It can read orange payment slips with the new or old
dimensions. The special driver software means no tedious
implementation of interfaces and protocols is necessary.

45
 Smart cards are also beginning to make their mark in the e-banking field and are
expected to play greater role in the future. A smart card is a credit card-sized plastic
card with an embedded chip that provides power for multiple uses (I.D card,
SIM cards for mobile phones, credit/debit cards, benefit claim, health cards, etc.). A
smart cards is enhanced by PIN verification and cryptography, and the size and
power of the chip determine its storage and processing capacities (MChirgui &
Channel, 2007).
It is clear that, some of the hardware and software associated with such a vision
are already in use but their feasibility of industry-wide use is still questionable.
Schneider (2005) predicted that in fifty years customers will carry a translucent
plastic bank card displaying a talking head with artificial intelligence. Cash and
checks will have been eliminated in favour of the new electronic currency of
credits, which will be much easier to transfer, maybe using mobile phones. The
early signs are that it is already started to happen. For example, mobile technology,
such as the Bluetooth proximity-based data transmission standard, may work with
banking systems to enable touch points to react intelligently when a customer
approaches. In this case, when a customer carrying a Bluetooth-enabled mobile
device approaches a service desk, the bank employee should be able to have the
customer information ready at hand and in order to suggest other relevant financial
services (Schneider, 2005). Developments in biometric technologies may help to
deal with the most persistent security issues as well as dealing with customers
difficulties in remembering many different login keys.
Finally, Schneider (2005) suggest that all of the infrastructure in the world cannot
succeed without innovation and the willingness to take risks. The ATM is an
example of technologies that consumers would never have requested, but
nonetheless have been keen to embrace.

46
 Chapter:6 E-Banking Technologies
Introduction
E-banking relies heavily on information and communication technologies (ICT) to
achieve its promise of 24 hours availability, low error rates, and quicker delivery of
financial services. When considering e-banking, bank websites usually come to mind
first, but e-banking requires much more than just a good website. It needs back end
applications such as account systems, support applications such as Customer
Relationship Management (CRM systems), communication technologies to link
e-banking to the payment systems such as LINK, and middleware to integrate all
these often different type of systems. This chapter is an overview of most common
technologies in use to support e-banking.
E-banking may be viewed as one branch of e-commerce, so it is useful
to briefly cover the interlink between the two. E-commerce is much more than just
the use of the Internet, or having a website and enabling customers to move their
money around. The Internet may be the most common and well known medium for
e-commerce, but it is not the only one. Electronic Data Interchange (EDI) and similar
systems have been in use since the mid-sixties. In a banking context, ATMs and
credit cards are also classified as e-commerce. These other type of e-commerce
application also need the support of technologies discussed in this chapter.

The Internet
The emergence of the Internet has posed a host of new organizational opportunities
and challenges. Given the Internets potential to revolutionise business operations,
it is important to understand the implications of it on businesses in general. Although
other e-channels such as Interactive Television (iTV) and Wireless Application
Protocol (WAP) technologies are available for services delivery, their use is still
limited in the provision of financial services. Issues related to these technologies are
also very similar to those of the Internet.
The Internet is a massive global network of interconnected packet-switched
computer networks. Hoffman (2002) offers three (mutually consistent) definitions
of the Internet: a network of networks based on the TCP/IP protocols; a community
of people who use and develop those networks; and a collection of resources that
can be reached from those networks.
The Internet has evolved over several decades with its growth accelerating
exponentially during the 1990s. The most exciting commercial developments
however, are occurring on that portion of the Internet known as the World Wide
Web (WWW). The WWW is a distributed hypermedia environment within the
Internet, which was originally developed by the European Particle Physics
Laboratory (CERN). Global hypermedia allows multimedia information to be
located on a network of servers around the world, which are interconnected,
allowing navigation through the information by clicking on hyperlinks. Any
hyperlink (text, icon or image in a document) can point to any document anywhere
on the Internet.

47
 The homepages of the WWW utilise the system of hyperlinks to simplify the task
of navigating among the offerings on the Internet. These attributes enable the
Web to be an efficient channel for advertising, marketing, and even direct
distribution of certain goods and information services. A more recent development
is web 2.0 which may be described as a newer version of web-based applications
(such as wikis, social-networking sites, and blogs) which aim to enhance creativity,
collaboration, and interaction between Internet users. These developments on the
Internet are expanding beyond the utilisation of the Internet as a communication
medium to an important view of the Internet as a new market place.
The Internet influences the future services/products distribution channel structure
in two ways. First, the costs of using it are different from those of other available
distribution channels, and the service output it provides is often different from the
service output provided by traditional distribution channels. Second, the Internet
influences consumers. Many of them invest time and resources into becoming
computer-literate and in getting to know the Internet. Other consumers do not
become computer-literate and do not gain familiarity with the Internet. These two
customer segments are likely to have similar needs. Therefore, the existing
distribution channel also influences changes in overall distribution channel structure.
The old distribution channels gradually give way to the new ones, but do not
necessarily become redundant.
Consumers have benefited from the Internet a great deal.
They have access to greater amounts of dynamic information to support queries for
consumer decision-making. The interactive nature of the Web and the hypertext
environment allow for deep, non-linear searches initiated and controlled by
customers. There is also the potential of wider availability of products and services,
which were previously difficult to find. Increased competition between suppliers is
also likely to result in lower prices for consumers.
Internet technology can make a significant contribution to a companys value
chain. It can improve a companys relationship with vendors and suppliers, its
internal operations and its customer relations, and offers the prospect of reaching an
expanding customer base. The Internet also promises to dramatically lower
communications costs by eliminating obstacles created by geography, time zones,
and locations (Tan & Teo, 2000).
The Internet provides a powerful platform for corporations with home pages to
market and advertise their products and services. It has proved an efficient and cost-
effective way of distributing information almost instantaneously to millions of
potential clients in global markets. Many companies use the Internet to conduct
market and scientific research, as well as to source business-related information to
improve their products and services.
The rise of the Internet has resulted in the formation of virtual organizations,
which have virtually no physical presence in terms of retail outlets but enjoy access
to national and international markets. One well known example of such virtual
organizations is www.amazon.com which is a virtual bookstore supplying books and
other similar products such as music CDs and electronics to customers in many
countries in the world. Some examples of virtual organizations in the financial
services industry are Smile.co.uk, Cahoot.co.uk and Egg.

48
 There is a scope for physical organizations to become virtual, as they can leverage
their core competencies in primary activities. Physical companies often have a great
deal more experience/knowledge of their products and how to sell them than new
Internet traders and they usually also have established brands and a large customer
base. However, Owens and Robertson (2000) contend that it takes longer for
physical organizations to develop an integrated e-commerce structure than it does
for virtual traders to commence trading. This is due to the reduced, simple physical
structure of the virtual organizations. They argue that a structure of similar efficiency
must be adopted by physical organizations for the provision of Internet services.
existing distribution channel also influences changes in overall distribution
channel structure. The old distribution channels gradually give way to the new ones,
but do not necessarily become redundant.
Consumers have benefited from the Internet a great deal. They have access to
greater amounts of dynamic information to support queries for consumer
decisionmaking. The interactive nature of the Web and the hypertext environment
allow for deep, non-linear searches initiated and controlled by customers. There is
also the potential of wider availability of products and services, which were
previously difficult to find. Increased competition between suppliers is also likely to
result in lower prices for consumers.
Internet technology can make a significant contribution to a companys value
chain. It can improve a companys relationship with vendors and suppliers, its
internal operations and its customer relations, and offers the prospect of reaching an
expanding customer base. The Internet also promises to dramatically lower
communications costs by eliminating obstacles created by geography, time zones,
and locations (Tan & Teo, 2000).
The Internet provides a powerful platform for corporations with home pages to
market and advertise their products and services. It has proved an efficient and cost-
effective way of distributing information almost instantaneously to millions of
potential clients in global markets. Many companies use the Internet to conduct
market and scientific research, as well as to source business-related information to
improve their products and services.
The rise of the Internet has resulted in the formation of virtual organizations,
which have virtually no physical presence in terms of retail outlets but enjoy access
to national and international markets. One well known example of such virtual
organizations is www.amazon.com which is a virtual bookstore supplying books and
other similar products such as music CDs and electronics to customers in many
countries in the world. Some examples of virtual organizations in the financial
services industry are Smile.co.uk, Cahoot.co.uk and Egg.
There is a scope for physical organizations to become virtual, as they can leverage
their core competencies in primary activities. Physical companies often have a great
deal more experience/knowledge of their products and how to sell them than new
Internet traders and they usually also have established brands and a large customer
base. However, Owens and Robertson (2000) contend that it takes longer for
physical organizations to develop an integrated e-commerce structure than it does
for virtual traders to commence trading. This is due to the reduced, simple physical
structure of the virtual organizations. They argue that a structure of similar efficiency
must be adopted by physical organizations for the provision of Internet services.
49
Mobile banking technologies
Some banks are making significant investments in mobile systems to deliver a range
of types of business value, from increased efficiency and cost reduction, to improved
operational effectiveness and customer service to provide a competitive advantage.
A factor that has contributed to this development has been the extended availability
and capacity of mobile communications infrastructure around the world. The
number of types of mobile devices has been increasing rapidly and the functionality
available has also improved. The shrinking costs of data transmission and, due to the
intense competition from suppliers, the reduced costs of devices have catalysed the
distribution of mobile technologies and amplified the growth of the worldwide
mobile market. In those countries where traditional telecommunication
infrastructure is not well developed, mobile technologies is transforming
accessibility to the Internet based services.
Mobile banking may be described as the newest channel in electronic banking to
provide a convenient way of performing banking transaction using mobile phones
or other mobile devices. The potential for mobile banking may be far greater than
typical desk-top access, as there are several times more mobile phone users than
online PC users. Increasingly mobile life styles may also fuel the growth of
anywhere, anytime applications.
There are two main types of technologies available for use in mobile Banking:
Wireless Application Protocol (WAP) and Wireless Internet Gateway (WIG).
WAP is an application environment and set of communication protocols for
wireless devices designed to enable manufacturer, vendor, and platform independent
access to the Internet and advanced telephony services. WIG is a Short Message
Service (SMS)-based service, in which a menu of available banking options is
initially downloaded from the bank to the phone device (Brown et al. 2003). This
enables users to browse bank accounts and conduct other banking related tasks.
Mobile banking was offered in the UK by the banks such as The Woolwich during
early 2000s, but it failed to achieve a critical mass of users. The same story has been
repeated in many other counties with mixed results. The main hurdle in development
of mobile banking is low consumer adoption due to a number of factors discussed
below:
Internet connectivity costs: Although connection costs from
mobile phones is steadily declining it is still high enough in many
countries to deter customers from using their mobiles for applications
such as e-banking.
Difficult user interface: Human Computer Interface (HCI)
issues are a key factor in mobile technology acceptance. HCI includes the
use and context of computers, human characteristics, computer systems
and interface architecture, and the development process (Perry, et al,
2001). A general rule is that the easier and more adoptable the interface,
the greater is the user acceptance. HCI issues in mobile working are
different in the mobile working context than in the traditional office
environment. Kristoffersen (1999) identifies three key elements that
define mobile work contexts and explain how they differ from the office
setting:

50
1. Users hands are often used to manipulate physical objects, as opposed
to users in the traditional office setting, whose hands are safely and
ergonomically placed on the keyboard.
2. Users may be involved in tasks (outside the computer) that demand a
high level of visual attention (to avoid danger as well as monitor progress),
as opposed to the traditional office setting where a large degree of visual
attention is usually directed at the computer.
3. Attention span of a mobile device user is much shorter than a desktop
computer user so design of mobile systems interfaces need to be much
simpler with very limited amounts of text. Systems navigation needs to be
very easy too.
4. Methods to ease the burden of input and spread the requirements of
processing output over all the human senses, while still maintaining data
integrity are of importance (York & Pendharkar, 2004)
5. Speech and handwriting recognition are two growing forms of input.
The benefits of speech recognition include minimal user attention input,
direct system entry, remote microphone capabilities, and faster speed of
operation compared to other competing input methods (York & Pendharkar,
2004). These technologies need to be incorporated into mobile devices to
improve the users interface.
Lack of awareness amongst customers: Many banking
customers are not even aware of availability of mobile banking or
associated benefits. As with other technologies, awareness increases with
time and needs considerable promotional efforts.
Limitations in functionality of mobile devices:
Mobile technologies are still dogged by limitations such as limited
battery life, unreliable network connections, volatile access points, risk of
data loss, portability, and location discovery. Even in the developed
world, until recently, wireless communications were very limited with
regards to functionality of devices and speed of communications.
Constraints such as screen size, memory, and storage capabilities as well
as data transfer rates averaging 14.4 Kilo Bytes Per Second (KBPS),
limited the amount of data that could be both displayed and accessed.
These limitations are still one of the biggest barriers to the adoption of
mobile working in many countries.
Accessibility issues: High speed public Internet access is offering
opportunities to get and stay connected in more locations. Today, hotels
that cater to business travellers frequently offer in-room high speed
Internet access. As these high speed access networks ramp up, mobile
applications are growing in popularity (Phifer, 2004). It may take several
years to reach that always connected goal, and connectivity in less
populous areas will lag behind high tech corridors.
Security concerns: Mobile technology still suffers from
questionable security. So it may not be suitable for transfer of highly
confidential financial information. Mobile devices are increasingly
becoming a target for virus writers, hackers, and short message service
(SMS) spammers. According to Tower
Groups research, over 200 mobile phone viruses have been
identified since phones have been able to support PC-like applications such as
email, instant messaging and Web browsing, and the number is doubling every
51
 six months (Blau, 2007). The resulting disruption of service and data theft can
cause many problems for consumers, including lost revenues and customer
dissatisfaction for mobile operators. However, the greatest loss may be absorbed
by banks providing mobile access, as in almost all cases of fraud banks suffers
from the losses. This factor may be making many banks hesitant in providing
mobile banking. To be successful in mobile banking the industry must develop
an ability to effectively contain the malware problems to a level that is at least
on part with that of existing Internet channels.
Organisational changes: To offer mobile banking many
organizations will need to change their business processes, ways in which
information is provided and accessed, working practices and work
relationships, working styles and most important of all, changes in roles,
responsibilities and management structures. It may be a manageable task
in some organizations but a very difficult one in others.
Small number of choices (only a few banksoffer
mobile banking): There are a bewildering number of options
when it comes to providing mobile banking. It is possible to spend
anything from a few thousand to several millions of pounds on any
combination of mobile hardware, software and networks without
realising many real benefits. With falling prices of mobile technology one
may perceive that mobile working is cheap to implement. However, it is
important to remember that technology costs are only a small proportion
of the likely total costs. As a rule of thumb, these costs account for 30%
of a typical mobile project, with the remaining 70% including items such
as training, maintenance, security, management and integration (Flood
date?). This implies that the real cost of mobile working could be much
greater than promised savings (York & Pendharkar, 2004).
Technology overload: The proliferation of personal information
devices such as home computers, mobile phones and digital organizers,
coupled with the rise of new media such as e-mail and the World Wide
Web, have forever altered the way in which information consumers work
and play. These fragmented information channels often result in
inefficient working patterns as users switch from device to device and
between different media (Evans, 2004) which may result in mobile savvy
customers unable to use their devices for day to day tasks such as e-
banking.

To promote adoption, customers need to be made aware of the advantages mobile

banking offers over other channels. Customers should be provided with
opportunities to try out mobile banking or see demonstrations, maybe at branches or
through electronic media, of how this channel operates. This would raise awareness,
and give people a better understanding of mobile banking options. In addition,
services being offered should be widely advertised to the target market, such as
young people who tend to be early adopters of innovative services. Perceptions of
risk, as with many innovations need to be addressed by limiting customers liability
and implementation of latest security technologies. New versions of WAP use
encrypted digital signature to enhance security. The functionality and user interface
of mobile devices is improving all the time whereas the cost of Internet connectivity
in the developed world is decreasing. These developments mean that the prospects
of widespread mobile banking adoption now looks brighter than ever.

52
An example of a mobile phone banking system is reported by Geac(2007).
Named M-pessa, the system is developed by mobile phone operator Safaricom in
Kenya. It was launched to improve the efficiency of Microfinance by using mobile
technology to make financial transactions cheaper, quicker and accessible to much
wider population than currently was the case. M-Pessa is a fully operational service
available to phone users in Kenya. The ideas and systems were adopted from South
Korea and proved to be especially useful for people with no access to banking or
Internet through their computers. Basically, M-pessa is a financial services
application installed on a mobile phone. A new generation SIM card is needed with
M-pessa software embedded. Upgrades to older SIM cards are available free of
charge and works on most mobile phone sets so users dont have to buy a new
handset to access it. Financial services available at present include:
1. Person to person (P2P) transfers
2. Individual to business transfers
3. Cash withdrawals at the registered outlets
4. Receipt or payment of loans
5. Balances in real time and ordering of statements.

All of which are executed by SMS text message. The transfer facility works in a
similar way to PayPal. An area where M-pessa differs from PayPal is that PayPal
requires users to have a bank account or credit card to transfer funds to their PayPal
account and to obtain the funds on withdrawal from the PayPal account. Arguably,
M-pessa could therefore, be better in terms of increased commercial transactions as
people without any account or card such as under 18s could use it to make purchases.
In the case of M-pessa, a customer must have an account with Safaricom in which
to pay cash into initially. The customer then selects the option he/she wants, for
example Send Cash and enters the phone number for the individual or business
that they wish to transfer the funds to. The amount is then entered followed by the
users PIN. A message appears asking for confirmation; by selecting OK an SMS
will be sent to M-pessa. Soon after that the customer will then receive an
SMS from M-pessa confirming that the funds have been sent, and a code for the
recipient to use. The recipient will also receive an SMS stating they have been sent
funds from the names person/business. To withdraw cash the recipient needs to go
to the nearest registered outlet with the code that the funds sender sends directly to
the individual, and identification. The transfer process would take just a few hours
in most cases.
This or a similar system can easily be implemented in advanced countries such as
the UK, US or Australia. The registered outlet could be a post office, a bank, a
mobile phone retailer or a local grocery shop. The main advantage is that no access
to a bank is needed by either party; all that is needed is traditional cash to pay into
the service providers (such as Safaricom) account. by the person wishing to send
the funds. This means that service would be especially useful for people without a
local bank or without a bank account at all. The Mpessa technology is therefore, a
viable alternative to the traditional financial system.
M-pessa provides fairly low cost service in Kenya (18p to $1.24). Benefits for
businesses are that the potential customer base is increased by providing another

53
means of payment and an easy access to funds that for some people currently do not
exist. This has the potential, therefore, to help maintain and increase trade in local
shops - a much needed respite for them from increasing competitive pressures from
supermarkets. Security of such a system could be a problem. The mobile phone itself
could be stolen, potentially allowing the thief to transfer or withdraw funds.
The phone could be hacked into, akin to what is done in desktop environments. In
the case of a stolen phone the built in PIN and authentication provisions of M-pessa
should mean that provided these security details are not held with the phone the thief
should not have the chance to use the phone for fraudulent purposes. Extra security
could come from CCTV at the registered outlets or phone can be blocked by the
network providers. Anti-virus software could also be provided to financial service
users at low cost to counter the threat of hacking and viruses.
Recent trends suggest that, with the arrival of more functionality and user
friendliness in mobile technologies, these technologies might be ready for the
delivery of financial services. Riivaris (2005) research on mobile banking found
that mobile banking is accelerating around Europe and beyond. Laforet and Lis
(2005) research on mobile and Internet banking claimed that younger consumers
were more interested in online and mobile banking than older consumers, and use of
mobile banking amongst this segment is growing fast. To cash in on improved
prospects, at least in the developed world, some banks such as Citibank in the US
have re-introduced the mobile (or wireless device as they call it) banking. This new
service will allow mobile phone or other wireless devices such as BlackBerry users
to enter a six digit pin to access a wide range of financial services.
Experiments are also underway, mainly in Japan, Norway and US, to turn
these mobile devices into payment tools. Often called Contactless Payments it
involves swiping an enabled mobile phone near a point-of-sale terminal to make
payments which could be a bill or purchase of goods. These efforts to develop such
systems often have support from credit card vendors who are looking for new ways
to make payment processes more convenient.
Backend systems
Banking is a complex business and the ICT systems supporting it are becoming
increasingly complex. These backend or so called core systems can be divided in
several sub-categories and this section will cover some of the most common banking
related systems.

Data Warehousing
Information has always been a cornerstone of good business decision making. Its
importance however is growing all the time as the amount of data which can be
collected from customer interaction is increasing at a faster pace than ever. It is
important for businesses to seek ways to access, store, maintain, and utilize the
enormous data efficiently. This data, if collected and processed in the right way, can
provide a meaningful insight into the purchasing behaviour and needs of individual
customers. To do this organizations need modern technological tools such as data
warehousing systems.
Data warehouse technology can be described as collecting data from several
dispersed sources to build a central data storage, so that users can use appropriate
data-analyzing tools to analyze it and convert this data into meaningful aids for
54
decision making. Banking activities highly information intensive, therefore the need
for data warehousing is greater in this industry than most others. Data warehouse
tools can collect daily transaction data both internally and externally, and then
accumulate, categorize, and store data for further analysis.
From an implementation point of view, it is important to carefully evaluate and
plan ahead before implementing data warehouse technology, owing to the large
amount of investment and organizational effort required. The implementation
process needs skilled personal, proper project management, and involvement of
most stakeholders. Information consultants may be used to provide fresh ideas about
the most suitable technologies and sources of information. Outsourcing may be an
attractive option if an organization doesnt have the necessary knowledge and skills
in-house.

E-banking systems as a whole

The banking sector occupies an important position in the global economy. The sector
has been subject to many external and internal forces. Of the external forces,
technological change is likely to have the most far-reaching impact on the sector.
Technology, in particular the Internet, is a key driver of these changes. In this sector
computer systems in general, both backend and front end systems have largely
remained centralised owing to the nature of the business and high security
requirements. This to some extent helped banks to automate key business processes
by integrating their systems (Ayadi, 2006). Systems integration, as discussed above
is essential to delivering the same information across all distribution channels such
as e-banking, phone banking and branch banking.
Despite some successes in e-banking implementation, many technological
problems remain, as some banks still lag behind others mainly due to their inability
to deal with their legacy systems problems. Diniz (1998) present two different
classifications of e-banking systems. These two classifications are based on the level
of interactivity of the site (weak, average, strong) and on the type of opportunities
pursued by the bank (informational, transactional, client relationship). They found
that that the type of technology to be used evolves with the interactivity and
functionality of the Web site of the bank. For example, an informational site is
primarily based on a brochureware model, while an e-banking web site which is
oriented toward the management of client relationships requires more sophisticated
technologies like Customer Relationship Management (CRM). Mizrahi (2000)
proposed another model of e-banking systems evolution in which IS integration
depends on two variables: adequacy of the customer-channel relationship and
capacity of managing information across channels.
Availability of systems and security of data has always been an important issue,
but is arguably even more critical in e-commerce, with 24 hours a day, seven days a
week availability. Any unauthorized access to data or unplanned downtime of
systems can result in a public relations disaster. At the same time, threats from
computer viruses, frauds and terrorism are increasing. This all means that a
considerable IT budget is spent on fraud prevention and disaster recovery systems,
which may include investment in encryption technologies, other security measures
and maintaining two parallel sets of systems to ensure all time availability. The

55
following are becoming an integral part of e-commerce related systems
implementation.

1. Capacity and stress testing should be done regularly, as prediction of demand

for e-commerce systems can be more difficult than for traditional systems;
2. In the area of security, online systems opens up systems to the outside world.
Investments in security related software/hardware will be a major expense;
3. Identity theft and fraud in online environments are one of the major threats to
the existence of e-commerce. Firms need to keep up with new and evolving
sources of threat.

Although many of these risks are unique to e-commerce, the principles of general
good IT risk management apply in most cases.

56
57