CYBER CRIMES AND SECURITY ISSUES IN BANKING

SECTOR

Abstract: The banking industry has enjoyed the ride of emerging technology to undergo
significant changes. Banks are among the biggest beneficiaries of the IT revolution and have
largely adopted information technology solutions for rendering the banking services to their
customers. The rapid growth in online transactions mounting on technologies like NEFT
(national electronic fund transfer), RTGS (real time gross settlement system), ECS (electric
clearing service) and mobile transactions is a glimpse of deep-rooted technologies, new forms of
worldwide crimes known as “CYBER CRIMES” has evolved in the scene. However, criminals
take their way in the digitalized world. They commit criminal activities through phishing,
hacking, and stealing of personal data. Thus, government institute and companies become under
security threat for their secret data that can hamper the daily life of the entire population in the
country. More importantly terrorist organization conduct their financial and information
transaction through using internet. In this circumstance, the existing acts and initiatives against
cybercrimes are very limited to combat the threat.

This paper focuses on the technical aspect of various types of cybercrimes concerning the
banking and financial sector and their related impacts. Additionally, it identifies the threat vector
supporting these cybercrimes and development measures to aid in the combating the resulting
cyber-attacks so that can be better prevented in the future for enhanced security.

KEYWORD: E-banking, cybercrimes, IT ACT 2OOO,

INTRODUCTION
The world is fast moving online with 55% of total world population now connected to the web
according to digital in 2018. A remarkable instance of this phenomena has been experienced in
notable increase in the past three years i.e. 34.8% (342millions internet users) of the Indian
population online in 2016, 35% (481 million internet users) in 2017 and 35.5%(500 million
users) in 2018.
 Today activities performed over the internet are not just limited to technology freaks
for technology users, rather every second individual is enjoying the easy internet availability and
accessibility foe day-to-day purpose like banking, ecommerce, education, entertainment and
many more. On one hand technology has created advantage for banks and financial institutions
but on the other hand, there have been risks but can also exacerbate others risks like credit risks
and market risks. Given the increase reliance of customer on electronic delivery channels to
conduct transactions, any security related issues have potential to undermine public confidence
in the use of e-banking channels and lead to reputation risks to the banks, inadequately
technology implementation can also induce strategic risk in terms of strategic decisions making
based on inaccurate data/information.

Banking sector witnessed expansion of its services and strives to provide better
customer facility through technology but cybercrimes results in huge monetary loss which are
incurred not only by the customer but also the banks also which affect economy of nation.

OBJECTIVE OF THE STUDY:

1. To study the reason behind the cybercrimes in banking sector.

2. To analyze the customer awareness

3. To recognize level of awareness about cyber-crimes among the responds.

4. To know the factors effecting e-banking based on cyber-crimes.

Scope of the study:

The scope of the study is to analyze about the persons affected due to cyber-crimes while
using their net banking and it will be help full for the bank to rectify the errors in future period of
time.

NEED FOR THE STUDY

There is a need to identify study and analyze the loopholes existing in the banking sector in order
to curb the fraudulent activities and to be able to take corrective actions, there by enhancing the
security measures of the sector.
LITERACY REVIEW:
Cybercrime according to Douglas and Loader (2000) can be defined computer
mediated activities conducted through global electronic networks which are either illegal or
considered illicit by certain parties. In the banking sector, the cybercrimes which are committed
using online technologies to illegally remove or transfer money to different account are tagged as
banking frauds (Wall, 2001). The cybercrimes according to Wall (2001) can be categorized into
four major categories i.e. cyber-deceptions, cyber-pornography, cyber-violence and cyber-
trespass. The banking frauds are sub-categorized in cyber-deception which can be defines as an
immoral activities including stealing, credit card fraud, and intellectual property violations
(Anderson et al., 2012). There are number of frauds or cybercrimes witnessed in the banking
sector, like ATM frauds, Cyber Money Laundering and Credit Card Frauds. However, in general
all the frauds are executed with the ultimate goal of gaining access to user s bank account, steal
funds and transfer it to some other bank account. In some cases the cyber criminals uses the
banking credentials like PIN, password, certificates, etc. to access accounts and steal meager
amount of money; whereas in other cases they may want to steal all the money and transfer the
funds into mule accounts. Sometimes, the intention of cybercriminals is to just harm the image of
the bank and therefore, they block the bank servers so that the clients are unable to access their
accounts (Claessens et al., 2002; Hutchinson & Warren, 2003). As a lot of vulnerabilities exist in
the defense system of banking sector, thus there is a need to investigate the ways to increase
awareness about the measures that can be undertaken to combat cybercrimes in the banking
sector. However, not many studies in the past have been conducted in this area which would
suggest ways to mitigate the risks and combat such crimes (Florêncio & Herley, 2011;
McCullagh & Caelli, 2005). In order to understand the fraud system in banking sector we will
have to understand and describe the attackers and defenders in this environment. The next
section therefore describes the different actors which are involved in cybercrimes.

RESEARCH METHODOLOGY:

Primary data: The primary data is collected by using quantitative methods and questionnaire
is a research instrument consisting of a series of questions and other prompt for the purpose of
gathering information from respondents.
Secondary data: The data is collected from many sources like websites, journals and articles
that are related to subject matter.

CYBER CRIME IN BANKING SECTOR

Cyber Crime can be simply stated as crimes that involve the use of computer and a network as a
medium, source, instrument, target, or place of a crime. With the growing aspect of e-commerce
and e-transactions, the economic crime has drifted towards the digital world. Cybercrimes are
increasing globally and India too has been witnessing a sharp increase in cybercrimes related
cases in the recent years.

Cyber Crimes can be broadly classified into categories such as cyber terrorism, Cyber-bullying,
Computer Vandalism, Software Piracy, Identity Theft, Online Thefts and Frauds, Email Spam
and Phishing and many more. However, from the aspect of financial cybercrimes committed
electronically, the following categories are predominant:

 Hacking. : It is a technique to gain illegal access to a computer or network in order to

steal, corrupt, or illegitimately view data

 Phishing: It is a technique to obtain confidential information such as usernames,

passwords, and debit/credit card details, by impersonating as a trustworthy entity in an
electronic communication and replay the same details for malicious reasons.

 Voice phishing: It is the criminal practice of using social engineering over the telephone
system to gain access to private personal and financial information from the public for
the purpose of financial reward.

 E-mail Spoofing: It is a technique of hiding an e-mail’s actual origin by forged the e-

mail header to appear to originate from one legitimate source instead of the actual
originating source.

 Spamming: Unwanted and unsolicited e-mails usually sent in bulk in an attempt to force
the message on people who would not otherwise choose to receive it are referred to as
Spam E-mails.
  Denial of Service: This attack is characterized by an explicit attempt by attackers to
prevent legitimate users of a service from using that service by "flooding" a network to
disallow legitimate network traffic, disrupt connections between two machines to
prohibit access to a service or prevent a particular individual from accessing a service.

 Advanced Persistent Threat: It is characterized as a set of complex, hidden and ongoing

computer hacking processes, often targeting a specific entity to break into a network by
avoiding detection to gather sensitive information over a Significant period of time. The
attacker usually uses some type of social engineering, to gain access to the targeted
network through legitimate means. Successful advanced persistent threat campaigns can
result in costly data breaches.

 Atm skimming and point of scale crimes: It is a technique of compromising the ATM
machine or POS systems by installing a skimming device atop the machine keypad to
appear as a genuine keypad or a device made to be affixed to the card reader to look like
a part of the machine. Additionally, malware that steals credit card data directly can also
be installed on these devices. Successful

DATA ANALYSIS AND INTERPRETATIONS

Gender:

Frequency percent
Male 27 27.0
Female 73 73.0

Total 100 100.0

Interpretation:

The above table shows that the gender of respondents were out of 100
respondents 27% are male and 73% are female. It shows that most of the respondents are female
in our survey.
 Age:

Frequency percent
18-25 69 69.0

26-35 31 31.0

Total 100 100.0

Interpretation:

The above table shows about the age of the respondents were out of 100 respondents
69.0% are from the age group of 18-25, 31.0% are from age group of 26-35. It shows that most
of the respondents are from the age group of 18-25 in our survey.

Educational qualification:

Frequency Percent
Under graduation 34 33.7
Post-graduation 65 65.3
Professional 1 1.0
Total 100 100.0
Interpretation:

The above table shows about the educational qualification of the respondents
were out of 100 respondents 33.7% have completed their UG, 65.3% have completed their PG
and 1.0% have completed their professional courses. It shows that most of the respondents have
completed their post-graduation in our survey.

Weighted average:
 Particular Strongly Agree Neutral Disagree Strongly Average Weighted
agree disagree average
1 Banking provides financial security and 22 55 19 2 2 20 26.15
confidentiality
2 There is a possibility of hacking the bank website 23 52 17 6 2 20 25.15
3 Credit card account information of online 14 51 22 10 3 20 25.4
banking is secured
4 The delivery of service are as per your 14 38 35 11 2 20 24.8
expectations
5 Service are accurately delivered by the bank at 11 40 38 10 1 20 25.3
the first time
6 The use of ATM'S, smart cards and debit card 14 41 25 14 6 20 24.05
are subject to risk of Monetary loss
7 Insufficient safety measures installed in ATM'S 15 43 22 15 5 20 24.15
8 Most of the Cybercrimes is by the Ex-employees 8 45 21 19 7 20 23.9
9 Most of them come across Cybercrimes during 12 55 20 10 3 20 25.7
their operations with bank
10 Money, credibility and reputation are the most 19 52 17 9 3 20 25.3
common loss due to Cybercrimes in banking
industry
11 Unethical practices have shaken the confidence 21 51 15 9 4 20 25
of the general public in banking industry
12 Customer's ignorance to take precautionary 16 48 26 9 1 20 25.55
steps in online banking has resulted to
fraudulent copying
13 Lack of sufficient monitoring of the suspicious 17 48 23 9 3 20 25.2
activity of the bank officials
14 It is safe about your information when you use 14 48 21 9 8 20 24.6
online banking
15 Lack of technical security provided by banks in 16 51 18 11 4 20 25.05
regards to online banking
16 Do you think the Laws in effect are able to 13 38 29 13 7 20 23.9
control cyber crimes
17 Lack of professional training and greed are 24 46 18 10 2 20 24.05
responsible for high incidence of fraud in
banking industry
18 Bank should emerge legal standard on digital 33 48 13 4 2 20 25.05
signatures, electronic signatures, data
protection, cheque truncation and electronic
fund transfer
19 Ethics should be strictly enforced in banks 33 51 9 5 2 20 25.1
20 Banks are required to updated and ahead with 31 50 11 7 1 20 25.1
latest development in IT Act, 2000
21 Reserve Bank of India should strictly regulate 41 46 5 6 2 20 24.35
and enforce ethics in both public and private
banking sectors.
Interpretation:
The above table shows about the weighted average of level of acceptance of the
respondents were the weight is high with bank provide financial security and confidentiality is
excellent with a weight of 26.15% and this factor can be taken for decision making process of the
study.

Findings:
It is observed that Maximum of the respondents are female in our survey and most of
respondents are from the age group of 20-35, have completed their post-graduation and they are
from urban area. The 61% respondents agreed that Banking provides financial security and
confidentiality, while 52% agree that there is a possibility of hacking the bank websites, Credit
card account information and ATM’S, smart cards debit cards of online banking is not secured
and subjected to risk of monitory loss due to these lack of trust issues have been generated over
banking sector which lead to loss of credibility, reputation of banking sector. The 38% of
respondents accept that the delivery of service is as per their expectations and they says that the
Service are accurately delivered by the bank at the first time. It is observed that 55% of
respondents agree that most of the Cybercrimes is by the Ex-employees and it is observed that
50% believe that Customer's ignorance to take precautionary steps in online banking has resulted
to fraudulent copying and 80% agree that Lack of sufficient monitoring of the suspicious
activity, technical security issues, professional training and greed, which leads to high incidence
of frauds in banking industry .The 48% respondents agree Bank should emerge legal standard on
digital signatures, electronic signatures, data protection, cheque truncation and electronic fund
transfer, and every banking sector should be strictly enforced with Ethics and laws in both public
and private banking sector and should be updated with latest technology in IT Act,2000 .

Recommendations:
1. Banking is the backbone of our economy. The increase number of cybercrimes cases has
resulted in huge losses to our economy.
2. Cyber-attacks should be prevented by ensuring suitable legislation which is implemented
effectively.
3. Both banks and customer should be aware about the risk involved and safeguard measures
and the evolvement of security guidelines on major technology platform.
4. Training and orientation programs must be conducted for the bank employees so that they
can aware fraud prevention measures.
5. Banks should emerge legal standards on e-banking activities and should be updated with the
latest technology.
6. It is imperative to increase the coordination between the stakeholders to tackle cybercrimes
7. Reserve Bank of India should strictly regulate and enforce ethics in both public and private
sector banks.

Conclusion:
The paper gives a brief overview of cybercrime and security issue scenario in the banking sector
an impact of cybercrimes on bank finances. The major cybercrimes which plague the Banking
sector are ATM frauds, Denial of Service, Credit Card frauds, phishing, etc. The rapid growth to
global electronic crime and the complexity of its investigation requires a global presence.
Presently, the measures undertaken the banks are not sufficient and therefore it is imperative to
increase cooperation among the banks across the world for the development of tools and models
which can be applied to counter global banking cybercrimes and other propitious step is
customer should have regular check on banking activities and transaction and should be aware of
the their rights and duties and to further making the implementations of the laws more firm and
stringent to check crime

Reference:

 Mehta S, Singh V (2013) A study of awareness about cyber laws in the

Indian society. International Journal of Computing and Business Research
(IJCBR).

 IAMAI report on online banking 2006

 Mohit G (2012) ETHICS AND CYBER CRIME IN INDIA. International

journal of engineering and management research.
  Murashbekow , O B (2015). Method for cyber crimes fightings improvement
in development countries. Journal of internet bamk and commerce