BANKING TECHNOLOGY | Contributed Content, Singapore
Jean-Jacques Foglino

Threats and challenges for online banking security


Online Banking offers users the convenience of managing one's finances anytime, anywhere. However, any online transaction can be vulnerable to security threats.

The current state of online banking
Some financial institutions today still employ simple security mechanisms that consist of a username and password combination for login and money transfers. These are easily breached by the increasingly sophisticated methods fraudsters use and have resulted in users having their account details compromised.

That being said, regulators and institutions are moving or planning to move away from simple passwords or single factor authentication and towards more advanced security solutions, such as Two Factor Authentication (2FA) with One-Time Passwords (OTP). OTP systems provide a mechanism for logging onto a network or service by using a unique password that cannot be reused for each transaction. This increases protection for online bank account management, corporate network access and other systems containing sensitive data.

The current threat landscape
Online banking is becoming increasingly popular# as it brings convenience, simplicity and speed to consumers. Common techniques deployed by fraudsters today to obtain login credentials for users’ online banking accounts include phishing, pharming, keylogging, man-in-the-middle and man-in-the-browser attacks.

Regardless of the method employed, fraud is a global phenomenon that is constantly evolving in order to exploit security gaps. It also possesses a migratory nature, targeting countries which have less sophisticated security infrastructure. To prevent and deter fraud, banks must be ahead of the curve through regular upgrading of its infrastructure.

Challenges for online banking security
However, implementing security measures for online banking is a task that’s easier said than done. Securing an online banking channel has many aspects to it and each needs to be addressed individually. A key challenge faced by banks when upgrading their security infrastructure is identifying which technologies to adopt and which parts of their infrastructure to change or upgrade.

Apart from having to provide a robust and secure channel for online banking, banks need to decide on a solution that not only suits their needs, but also balances security, cost and convenience for their customers.

The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Asian Banking & Finance. The author was not remunerated for this article.

Do you know more about this story? Contact us anonymously through this link.

Click here to learn about advertising, content sponsorship, events & rountables, custom media solutions, whitepaper writing, sales leads or eDM opportunities with us.

To get a media kit and information on advertising or sponsoring click here.

Jean-Jacques Foglino

Jean-Jacques Foglino

Jean-Jacques is Gemalto’s Asia Vice President of Business Development for the ebanking and ecommerce business lines. He is  responsible for setting-up and implementing a strategic plan to address banks and emerchants with an end-to-end solution that secures access to their remote services for ASPAC and Australia.

Contact Information