JOJU SIR practicum content - security issues in online transaction

SECURITY ISSUES IN ONLINE TRANSACTIONS
The evolution of e-banking has fundamentally transformed the way banks traditionally conduct their businesses and the ways consumers perform their banking activities. Today e-banking has experienced phenomenal growth and has become one of the main avenues for banks to deliver their products and services. Electronic banking is defined as the automated delivery of new and traditional banking products and services directly to customers through electronic, interactive communication channels. E-banking includes the systems that enable financial institution customers, individuals or businesses, to access accounts, transact business, or obtain information on financial products and services through a public or private network, including the internet.
There are different types of financial transactions. Some of the important ones are discussed below.
·      Purchases: most common type of financial transaction. Any item or goods are exchanged for money. This transaction results in a decrease in the finance of purchaser and an increase in the benefits of the seller.
·      Loan: slightly more complicated transaction in which lender gives a single large amount of money to the borrower now in return for many smaller repayments of the borrower to the lender overtime, usually on fixed schedules.
·      Mortgage: this is a combined loan and purchases in which the lender gives a large amount of money to a borrower for a specific purpose of purchasing a very expensive item.
·      Internet banking: internet banking is a business that based entirely on financial transactions via internet.
·      Credit cards: this is a special combination of a purchase and a loan. the bank or other financial institution issues credit card to the buyers that allow any number of loans up to a certain cumulative amount.
·      Debit card: the card contains an electronic record of the purchaser’s account with the bank.
The delivery channels through which financial transactions through internet are possible are as follows:
·      Automated teller machine (ATM)
·      Internet banking
·      Phone banking
·      Mobile banking
·      TV banking
·      Non cash retail payments: debit cards, credit cards, ECS, NEFT, RTGS

Here are few best practices that will keep our transactions protected.
1.     Check the link before you click it: Pay attention to the links you want to access. To make sure you are not deceived; simply hover the mouse cursor over the link to see if you are directed to a legitimate location.
If you were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates “hfieo88.net“, then you should resist the urge of clicking the link. Hyperlinking is a common practice in phishing attacks and it’s always best to double check embedded URLs.
To make sure you are about to access the right online destination, use a free tool such as Redirect Detective. This tool will allow you to see the complete path of a redirected link. Alternatively, you can also check the suspicious links using a reliable URL checker, such as VirusTotal.

2. Check the file before you click it

We all know malware is everywhere. But how can we make sure a file (or an executable file) we just downloaded is what it’s pretending to be? Can we tell the difference between a safe file and a malicious one?
An important step for everyone is to use a browser which integrates a reputation-based technology. This technology uses a cloud scoring system to analyze each application downloaded and where it comes from. As a result of the analysis, websites that distribute malicious software – not yet detected by existing defense mechanisms – are more easily blocked.
3.    Use secure websites to run financial transactions
Financial operations and transactions should be given high scrutiny, as they hold the key for cyber criminals to cashing out your life’s savings. Here’s how to make sure you visit a secure website:
a.       Look to the left of the web address and find the “Lock” icon. This indicates that you are visiting an encrypted and/or a verified website.
b.      Make sure the web address starts with “https://”. The “s” comes from “secure socket layer” and it indicates you are connected to a website where data, which is sent and received, is encrypted.
4.    Set strong passwords for your accounts: Your passwords should contain around 20 characters. Don’t forget to combine upper and lowercase letters, numbers, and symbols. Don’t use the same password for all your accounts. Make a habit of changing your main passwords every 30 days. Even if you are hacked, having different passwords for each account will help you limit a potential loss.

5. Use two-factor authentication

This is one of the best ways to ensure your online accounts or your email inbox are not accessed by anyone else but you. This option means that, besides entering your credentials, you will be required to enter a one-time code sent to your phone. Use this method to protect confidential information from social media accounts, such as Facebook, Twitter or valuable data from email accounts.

6. Log out

As soon as you’re done with financial operations on your e-banking platform, don’t just close the web browser, but always log out. We recommend you also use a virtual browser for your financial operations (usually sandboxed) that’s designed to keep your online banking secure. private sessions are also recommended if you want to prevent authentication credentials (or cookies) from being stored.

7. Don’t reply to unknown emails

Don’t reply to emails that offer an unexpected present or prompt you to update your security information. It is a classic phishing scheme through which you are tricked into sending personal details, such as credit card information or personal data. If you’re not sure whether the email is from your bank or not, simply contact the bank directly for more information.
8. Use official banking apps: If you want to manage financial transactions on your mobile, install the official mobile application of your bank. To make sure you have the right application, contact your bank directly or access their official website.

9. Don’t post private information on social media account

Exposing personal details may lead hackers into finding your financial information. For the same reason, check your kids’ social media behaviour to make sure they won’t expose private information that may possibly be used against you, in phishing attacks

10. Don’t access questionable web locations

Don’t access or download content from unknown or controversial locations. Access websites that proved to be safe and you know you can trust. Nevertheless, this is not a guarantee that you won’t get infected. Nowadays, cybercriminals exploit vulnerabilities in legitimate websites and inject malicious code, as to perform drive-by attacks on unsuspecting visitors. It may be a free screen saver or a browser toolbar that may infect you with a key logger that can record and send your personal data to cybercriminals.

11. Use a good antivirus program

It is important to use a reliable antivirus solution on your system, one that includes real-time scanning, an automatic update (to stay clean even against the latest threats) and a firewall, which monitors and guards your network activity.
To choose the best solution, access the antivirus test results run by established names in the security industry, such as AV Comparatives, PC MagazineAV-TEST or Virus Bulletin and select the best security solution for your system.
12. Use a dedicated security solution against financial malware
Install a security solution designed to protect your system from financial malware and phishing attempts.

13. Don’t be vulnerable. Update your software: Cyber security experts always advise to keep your operating system, web browser and the main software applications you use up to date by installing the latest security patches. The updates are mainly released to cover security breaches. Unless you keep your software updated, you will be exposed to the latest threats.

14. Back it up
Even if the steps above will keep you safe from IT criminals and malicious software, there may still be hardware issues that could endanger your valuable data. To make sure your private information stays safe, we recommend using a twofold strategy, which should include combining an external hard drive usage with an online backup service.

15. Use common sense

The steps we presented are just general guidelines and cannot guarantee total protection from all the malware out there. Use common sense if you want to access random websites, run online games or purchase from online locations you didn’t use before.
            Cyber attacks on financial institutions or with financial consequences for users like you and I are putting financial assets at risks. Consequently, financial data protection should be a strong concern for anyone.


Comments

Popular posts from this blog

Fourth semester Internship first week report