JOJU SIR practicum content - security issues in online transaction
SECURITY
ISSUES IN ONLINE TRANSACTIONS
The
evolution of e-banking has fundamentally transformed the way banks
traditionally conduct their businesses and the ways consumers perform their
banking activities. Today e-banking has experienced phenomenal growth and has
become one of the main avenues for banks to deliver their products and
services. Electronic banking is defined as the automated delivery of new and
traditional banking products and services directly to customers through
electronic, interactive communication channels. E-banking includes the systems
that enable financial institution customers, individuals or businesses, to
access accounts, transact business, or obtain information on financial products
and services through a public or private network, including the internet.
There
are different types of financial transactions. Some of the important ones are
discussed below.
· Purchases:
most common type of financial transaction. Any item or goods are exchanged for
money. This transaction results in a decrease in the finance of purchaser and
an increase in the benefits of the seller.
· Loan:
slightly more complicated transaction in which lender gives a single large
amount of money to the borrower now in return for many smaller repayments of
the borrower to the lender overtime, usually on fixed schedules.
· Mortgage:
this is a combined loan and purchases in which the lender gives a large amount
of money to a borrower for a specific purpose of purchasing a very expensive
item.
· Internet banking:
internet banking is a business that based entirely on financial transactions
via internet.
· Credit cards:
this is a special combination of a purchase and a loan. the bank or other
financial institution issues credit card to the buyers that allow any number of
loans up to a certain cumulative amount.
· Debit card:
the card contains an electronic record of the purchaser’s account with the
bank.
The delivery channels
through which financial transactions through internet are possible are as
follows:
· Automated teller machine (ATM)
· Internet banking
· Phone banking
· Mobile banking
· TV banking
· Non cash retail payments: debit
cards, credit cards, ECS, NEFT, RTGS
Here
are few best practices that will keep our transactions protected.
1. Check the link before you click it: Pay attention to the links you want to access. To
make sure you are not deceived; simply hover the mouse cursor over the link to see if you are
directed to a legitimate location.
If you
were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates
“hfieo88.net“, then you should
resist the urge of clicking the link. Hyperlinking is a common practice
in phishing attacks and it’s always best to
double check embedded URLs.
To make sure you are about to access the right
online destination, use a
free tool such as Redirect Detective. This tool will allow you to
see the complete path of a redirected link. Alternatively, you can also check
the suspicious links using a reliable URL checker, such as VirusTotal.
2. Check the file before you click it
We
all know malware is everywhere. But how can we make sure a file (or an executable file) we just
downloaded is what it’s pretending to be? Can we tell the difference between a
safe file and a malicious one?
An important step
for everyone is to use a browser which integrates a reputation-based
technology. This technology uses a cloud scoring system to analyze
each application downloaded and where it comes from. As a result of the analysis,
websites that distribute malicious software – not yet detected by existing
defense mechanisms – are more easily blocked.
3. Use
secure websites to run financial transactions
Financial operations and transactions should be
given high scrutiny, as they hold the key for cyber criminals to
cashing out your life’s savings. Here’s how to make sure you visit a secure
website:
a. Look to the left of the web
address and find the “Lock” icon. This indicates that you are visiting an
encrypted and/or a verified website.
b. Make sure the web address starts
with “https://”. The “s” comes from “secure socket layer” and it indicates you
are connected to a website where data, which is sent and received, is
encrypted.
4. Set strong passwords for your accounts: Your passwords should
contain around 20 characters. Don’t forget to combine upper and
lowercase letters, numbers, and symbols. Don’t use the same
password for all your accounts. Make a habit of changing your main passwords
every 30 days. Even if you are hacked, having different passwords for each
account will help you limit a potential loss.
5.
Use two-factor authentication
This
is one of the best ways to ensure your online accounts or your email inbox are
not accessed by anyone else but you. This option means that, besides entering
your credentials, you will be required to enter a one-time code sent to your
phone. Use this method to protect confidential
information from social media accounts, such as Facebook, Twitter or valuable
data from email accounts.
6.
Log out
As
soon as you’re done with financial operations on your e-banking platform, don’t
just close the web browser, but always log out. We
recommend you also use a virtual browser for your financial operations (usually
sandboxed) that’s designed to keep your online banking secure. private sessions
are also recommended if you want to prevent authentication credentials (or
cookies) from being stored.
7.
Don’t reply to unknown emails
Don’t
reply to emails that offer an unexpected present or prompt you to update your
security information. It is a classic phishing scheme through which
you are tricked into sending personal details, such as credit card information
or personal data. If you’re not sure whether the email is from your bank or
not, simply contact the bank directly for more information.
8. Use
official banking apps: If you want to manage financial transactions on your mobile, install
the official mobile application of your bank. To make sure you have
the right application, contact your bank directly or access their official
website.
9.
Don’t post private information on social media account
Exposing
personal details may lead hackers into finding your financial information. For
the same reason, check your kids’ social media behaviour to make sure they
won’t expose private information that may possibly be used against you,
in phishing attacks
10.
Don’t access questionable web locations
Don’t
access or download content from unknown or controversial locations. Access
websites that proved to be safe and you know you can trust. Nevertheless,
this is not a guarantee that you won’t get infected. Nowadays,
cybercriminals exploit vulnerabilities in legitimate
websites and inject malicious code, as to perform drive-by
attacks on unsuspecting visitors. It may be a free screen saver or a browser
toolbar that may infect you with a key logger that can record and
send your personal data to cybercriminals.
11.
Use a good antivirus program
It
is important to use a reliable antivirus solution on your system, one that
includes real-time
scanning, an automatic update (to stay clean even against the
latest threats) and a firewall, which monitors and guards your network activity.
To choose the best solution,
access the antivirus test results run by established names in the security
industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus
Bulletin and select the best security solution for your system.
12.
Use a dedicated security solution against financial malware
Install a security solution designed to protect
your system from financial malware and phishing attempts.
13.
Don’t be vulnerable. Update your software: Cyber security experts always advise to keep your operating system,
web browser and the main software applications you use up to date by installing
the latest security patches. The updates are mainly released to cover security
breaches. Unless
you keep your software updated, you will be exposed to the latest threats.
14. Back
it up
Even if the steps above will keep you safe from IT
criminals and malicious software, there may still be hardware issues that could endanger your valuable data.
To make sure your private information stays safe, we recommend using a twofold strategy, which should
include combining an external hard
drive usage with an online
backup service.
15.
Use common sense
The
steps we presented are just general guidelines and cannot guarantee
total protection from all the malware out there. Use common sense if you want to access random
websites, run online games or purchase from online locations you didn’t use
before.
Cyber attacks on financial
institutions or with financial consequences for users like you and I are
putting financial assets at risks. Consequently, financial data protection
should be a strong concern for anyone.
Comments
Post a Comment