mis report on online banking
DESCRIPTION
My MIS reportTRANSCRIPT
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Table of Contents
CC H A P T E RH A P T E R 1 – I 1 – I N T R ON T R O T OT O O O N L I N EN L I N E B B A N K I N GA N K I N G .................................................................................................................................................................................... 11
WW H A TH A T I SI S M E A NM E A N B YB Y O N L I N EO N L I N E B A N K I N GB A N K I N G ?? .................................................................................................................................................................................................................... 11
Why online?............................................................................................................................................. 1
What is Bank Wire Transfers?................................................................................................................. 1
FIGURE 1.1 – Basic Illustration How Bank Wire Transfers Work.........................................................1
Some terminologies explained:................................................................................................................2
TT H EH E G G L O B A LL O B A L E - B E - B A N K I N GA N K I N G S S C E N A R I OC E N A R I O ............................................................................................................................................................................................................................ 33
Hurdles in implementation of E-Banking in the Region:...........................................................................4
II N T E R N E TN T E R N E T S S E R V I C E SE R V I C E S P P R O V I D E DR O V I D E D B YB Y B B A N K SA N K S ............................................................................................................................................................................................44
Issues in services provided by banks via internet....................................................................................4
The regulatory and Supervisory concerns in i-banking............................................................................5
FIGURE 1.2 – Information compromised through man-in-the-middle attack.........................................7
State Bank of Pakistan’s Concerns over Internet Facilities......................................................................9
The Global Scenario.............................................................................................................................. 10
Hurdles in implementation of E-Banking in the Region:.........................................................................10
II N T E R N E TN T E R N E T – – I T SI T S B A S I CB A S I C S T R U C T U R ES T R U C T U R E A N DA N D T O P O L O G YT O P O L O G Y ......................................................................................................................................1 11 1
World Wide Web (WWW)...................................................................................................................... 12
Wireless Application Protocol (WAP):....................................................................................................12
Security threats:..................................................................................................................................... 13
E-Commerce:......................................................................................................................................... 13
Business-to-Consumers (B2C):.............................................................................................................14
Opportunities:......................................................................................................................................... 15
Concerns:.............................................................................................................................................. 16
Business to Business (B2B)................................................................................................................... 16
The Growth of Internet Banking and common products:........................................................................17
Different Approaches............................................................................................................................. 18
CC H A P T E RH A P T E R 2 – O 2 – O N L I N EN L I N E B B A N K I N GA N K I N G V I ZV I Z A A S K A R IS K A R I B B A N KA N K ................................................................................................................................1 91 9
LL I N K I N GI N K I N G O FO F B R A N C H E SB R A N C H E S .......................................................................................................................................................................................................................................................................................... 1 91 9
BB R A N C HR A N C H N E T W O R KN E T W O R K ................................................................................................................................................................................................................................................................................................................ 1 91 9
FIGURE 2.1 – Askari Bank’s branch network across Pakistan region wise........................................19
South Region Cities:.............................................................................................................................. 20
North Region Cities:............................................................................................................................... 21
Center Region:....................................................................................................................................... 21
North Region Cities:............................................................................................................................... 22
South Region Cities:.............................................................................................................................. 22
WW H YH Y A A S K A R IS K A R I O O N L I N EN L I N E B B A N K I N GA N K I N G F F A C I L I T I E SA C I L I T I E S ?? ........................................................................................................................................................................2 32 3
Askari Bank Online Facilities.................................................................................................................23
ATM facility..................................................................................................................................... 23
______________________________________________________________________________i
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
iNET Banking................................................................................................................................. 23
Virtual Private Networking (VPN)...................................................................................................23
FIGURE 2.2 – Procedure showing how a VPN(Virtual Private Network) works..................................23
Inter Bank Fund Transfer – IBFT....................................................................................................24
FIGURE 2.3 – How AKBL’s Online transaction moves across the country.........................................24
Transaction via ATM to a Bank Account.............................................................................................25
Privacy guaranteed............................................................................................................................. 25
Network security................................................................................................................................. 25
AA S K A R IS K A R I B B A N KA N K W H I L EW H I L E F A C I L I T A T I N GF A C I L I T A T I N G B B U S I N E S S E SU S I N E S S E S ..................................................................................................................................................2 52 5
Network specifications........................................................................................................................... 26
Wide Area Network............................................................................................................................. 26
KBOX.................................................................................................................................................. 26
Bank’s IT Room.................................................................................................................................. 27
GG L O S S A R YL O S S A R Y ............................................................................................................................................................................................................................................................................................................................................................ 2 82 8
01. ATM........................................................................................................................................ 28
02. B2B......................................................................................................................................... 28
03. B2C........................................................................................................................................ 28
04. Bank-Wire Transfers...............................................................................................................28
05. Decrypt................................................................................................................................... 28
06. Encrypt................................................................................................................................... 28
07. FTP......................................................................................................................................... 28
08. IBAN....................................................................................................................................... 28
09. IBFT........................................................................................................................................ 28
10. Intranets and Extranets..........................................................................................................28
11. Middle-in-the-man attack........................................................................................................29
12. Spoof...................................................................................................................................... 29
13. SWIFT.................................................................................................................................... 29
14. System administrator..............................................................................................................29
15. TCP/IP.................................................................................................................................... 29
16. Topology................................................................................................................................. 29
17. Trojan..................................................................................................................................... 29
18. VPN........................................................................................................................................ 29
19. WAP....................................................................................................................................... 29
______________________________________________________________________________ii
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
CC H A P T E RH A P T E R 1 – I 1 – I N T R ON T R O T OT O O O N L I N EN L I N E B B A N K I N GA N K I N G
What is mean by online banking?Online banking (or Internet banking or Electronic banking) is an umbrella term for the process by
which a customer may perform banking transactions electronically without visiting a brick-and-mortar
institution. The following terms all refer to one form or another of electronic banking: personal computer
(PC) banking, Internet banking, virtual banking, online banking, home banking, remote electronic banking,
and phone banking. PC banking and Internet or online banking is the most frequently used designations.
It should be noted, however, that the terms used to describe the various types of electronic banking are
often used interchangeably.
Why online?Today, banks seem to be jumping on the bandwagon of Internet banking. Why is there a sudden
increase of bank interests in the Internet? The reasons are
Because of the improved security and encryption methods developed on the Internet.
Banks did not want to lose a potential market share to banks that were quick to offer their
services on the Internet.
Electronic banking is an activity that is not new to banks or their customers. Banks,
having been providing their services to customers electronically for years through
software programs, which allowed the user’s personal computer to dial up the bank
directly. In the past however, banks have been very reluctant to provide their customers
with banking via the Internet due to security concerns, but now it’s a reality. As high
growth potential for e-banking the players focused on increasing and improving their E-
banking services. As a part of this, the banks began to collaborate with functions online
via Bank Wire Transfers.
What is Bank Wire Transfers?Bank wire transfers is said to be the path or interface which allows bank-2-bank transactions
between two international banks, often the most expedient method for transferring funds between
bank accounts. A bank wire transfer is affected as follows
Sender’s Bank Account
SWIFT Receiver’s Bank Account
FIGURE 1.1 – Basic Illustration How Bank Wire Transfers Work.
In the light of above illustration, we understand that:
1. The entity wishing to do a transfer approaches a bank and gives the bank the order to transfer a
certain amount of money. IBAN and BIC codes are given as well so the bank knows where the
money needs to be sent.
______________________________________________________________________________1
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
2. The sending bank transmits a message, via a secure system (such as SWIFT) to the receiving
bank, requesting that it effect payment according to the instructions given.
3. The message also includes settlement instructions. The actual transfer is not instantaneous:
funds may take several hours or even days to move from the sender's account to the receiver's
account.
4. Either the banks involved must hold a reciprocal account with each other, or the payment must be
sent to a bank with such an account, a correspondent bank, for further benefit to the ultimate
recipient.
Banks collect payment for the service from the sender as well as from the recipient. The sending bank
typically collects a fee separate from the funds being transferred, while the receiving bank and
intermediate banks through which the transfer travels deduct fees from the money being transferred so
that the recipient receives less than what the sender sent.
Some terminologies explained:
THE INTERNATIONAL BANKING ACCOUNT NUMBER SYSTEM
The International Bank Account Number (IBAN) is an international standard for identifying
bank accounts across national borders with a minimal of risk of propagating transcription errors. It
was originally adopted by the European Committee for Banking Standards (ECBS), and was later
adopted as an international standard under ISO 13616:1997 and now as ISO 13616-1:2007.The
official IBAN registrar under ISO 13616-2:2007 is SWIFT.
Why IBAN?
The IBAN was originally developed to facilitate payments within the European Union but
the format is flexible enough to be applied globally. It consists of an ISO 3166-1 alpha-2
country code, followed by two check digits that are calculated using a mod-97 technique
and Basic Bank Account Number (BBAN) with up to thirty alphanumeric characters. The
BBAN includes the domestic bank account number and potentially routing information.
The national banking communities decide individually on a fixed length for all BBAN in
their country.
SWIFT CODE:ISO 9362 (also known as SWIFT-BIC, BIC code, SWIFT ID or SWIFT code) is a standard format
of Business Identifier Codes approved by the International Organization for Standardization
(ISO). It is a unique identification code for both financial and non-financial institutions. These
codes are used when transferring money between banks, particularly for international wire
transfers, and also for the exchange of other messages between banks. The codes can
sometimes be found on account statements.
______________________________________________________________________________2
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
The latest edition is ISO 9362:2009 (dated 01-10-2009). The SWIFT code is 8 or 11 characters,
made up of:
1. 4 letters: Institution Code or bank code.
2. 2 letters: ISO 3166-1 alpha-2 country code
3. 2 letters or digits: location code
4. if the second character is "0", then it is typically a test BIC as opposed to a BIC used on
the live network.
5. if the second character is "1", then it denotes a passive participant in the SWIFT network
6. if the second character is "2", then it typically indicates a reverse billing BIC, where the
recipient pays for the message as opposed to the more usual mode whereby the sender
pays for the message.
7. 3 letters or digits: branch code, optional ('XXX' for primary office)
Where an 8-digit code is given, it may be assumed that it refers to the primary office.
SWIFT Standards, a division of The Society for Worldwide Interbank Financial
Telecommunication (SWIFT), handles the registration of these codes. For this reason, Business
Identifier Codes (BICs) are often called SWIFT addresses or codes.
The Global E-Banking Scenario The banking industry is expected to be a leading player in e-business. While the banks in developed
countries are working primarily via Internet as non-branch banks and operating virtually, banks in the
developing countries use the Internet as an information delivery tool to improve relationship with
customers.
In early 2001, approximately 60 percent of e-business in the UK was concentrated in the financial services
sector, and with the expected 10-fold increase of the British e-business market by 2004, the share of the
financial services will further increase. Around one fifth of Finish and Swedish bank customers are
banking online, while in the US, according to UNCTAD, online banking is growing at an annual rate of 60
percent and the numbers of online accounts are expected to reach 15 million near future.
Banks have established an Internet presence with various objectives. Most of them are using the Internet
as a new distribution channel. Financial services, with the use of Internet, may be offered in an equivalent
quantity with lower costs to the more potential customers. There may be contacts from each corner of the
world at any time of day or night. This means that banks may enlarge their market without opening new
branches. The banks in the US are using the Web to reach opportunities in three different categories: to
market information, to deliver banking products and services, and to improve customer relationship.
______________________________________________________________________________3
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Hurdles in implementation of E-Banking in the Region:In Asia, the major factor restricting growth of e-banking is security factor, in spite of several
countries being well connected via Internet. Access to high-quality e-banking products is an issue
as well. Majority of banks in Asia are just offering basic services compared with those of
developed countries. Still, e-banking seems to have a future in Asia. According to McKinsey
survey, e-banking will succeed if the basic features, especially bill payments, are handled well. Bill
payment was the most popular feature, cited by 40 percent of respondents of the survey.
However, providing this service would be difficult for banks in Asia because it requires a high level
of security and involves arranging transactions with a variety of players,
In 2001, over 50 percent of the banks in the US were offering e-banking services. However, large
banks appeared to have a clear advantage over small banks in the range of services they offered.
Some banks in the US were targeting their Internet strategies towards business customers. Apart
from affecting the way customers received banking services; e-banking was expected to influence
the banking industry structure. The economics of e-banking was expected to favor large banks
because of economies of scale and scope, and the ability to advertise heavily. Moreover, e-
banking offered entry and expansion opportunities that small banks traditionally lacked.
Internet Services Provided by BanksBroadly, the levels of banking services offered through INTERNET can be categorized in to three types:
1. The Basic Level Service is the banks’ websites which disseminate information on different
products and services offered to customers and members of public in general. It may receive and
reply to customers’ queries through e-mail,
2. In the next level are Simple Transactional Websites which allow customers to submit their
instructions, applications for different services, queries on their account balances, etc, but do not
permit any fund-based transactions on their accounts,
3. The third level of Internet banking services are offered by Fully Transactional Websites which
allow the customers to operate on their accounts for transfer of funds, payment of different bills,
subscribing to other products of the bank and to transact purchase and sale of securities, etc.
The above forms of Internet banking services are offered by traditional banks, as an additional method of
serving the customer or by new banks, who deliver banking services primarily through Internet or other
electronic delivery channels as the value added services. Some of these banks are known as ‘virtual’
banks or ‘Internet only’ banks and may not have any physical presence in a country despite offering
different banking services.
Issues in services provided by banks via internetFollowing are some of the issues which are being faced by the banks while providing internet
banking facilities
______________________________________________________________________________4
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
1. It removes the traditional geographical barriers as it could reach out to customers of
different countries/legal jurisdiction. This has raised the question of jurisdiction of
law/supervisory system to which such transactions should be subjected,
2. It has added a new dimension to different kinds of risks traditionally associated with
banking, heightening some of them and throwing new risk control challenges,
3. Security of banking transactions, validity of electronic contract, customers’ privacy,
etc., which have all along been concerns of both bankers and supervisors have
assumed different dimensions given that Internet is a public domain, not subject to
control by any single authority or group of users,
4. It poses a strategic risk of loss of business to those banks who do not respond in
time, to this new technology, being the efficient and cost effective delivery mechanism
of banking services,
5. A new form of competition has emerged both from the existing players and new
players of the market who are not strictly banks.
The regulatory and Supervisory concerns in i-bankingThe Regulatory and Supervisory concerns in i-banking arise mainly out of the distinctive features
outlined above. These concerns can be broadly addressed under three broad categories, viz,
1. Legal and regulatory issues,
2. Security and technology issues and
3. Supervisory and operational issues.
LEGAL AND REGULATORY ISSUES:
Legal issues cover those relating to the jurisdiction of law, validity of electronic
contract including the question of repudiation, gaps in the legal / regulatory environment
for electronic commerce. On the question of jurisdiction the issue is whether to apply the
law of the area where access to Internet has been made or where the transaction has
finally taken place. Allied to this is the question where the income has been generated
and who should tax such income. There are still no definite answers to these issues.
SECURITY AND TECHNOLOGICAL ISSUES
Security of i-banking transactions is one of the most important areas of concerns to
the regulators. Security issues include questions of adopting internationally accepted
state-of-the art minimum technology standards for access control, encryption/decryption
(minimum key length etc), firewalls, verification of digital signature, Public Key
Infrastructure (PKI) etc. The regulator is equally concerned about the security policy for
the banking industry, security awareness and education.
______________________________________________________________________________5
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Security Incidents
2003 and 2004 saw the emergence of fraudulent activities pertaining to Internet
Banking or better known in the industry as “phishing”. A total of 92 phishing cases
were reported to the Malaysian Computer Emergency Response Team (MyCERT,
www.mycert.org.my) in 2004. The modus operandi of this activity is to use spoofing
techniques to gain names and passwords of account holders.
The victims reported being deceived into going to a fake website where perpetrators
stole their usernames and passwords and later use the information for the
perpetrators’ own advantage. Phishing is an attempt to commit fraud via social
engineering. The impact is the breach of information security through the compromise
of confidential data.
The Association of Banks Malaysia (ABM) has urged both commercial banks and
their customers to be extra vigilant following reports of fraudulent email purportedly
sent by banks with Internet banking services to online customers.
The fraudulent activities mentioned above are not limited to the Malaysian banking
industry. It is a worldwide problem particularly in the United States. There, 2560 new
unique phishing sites were reported to the Anti Phishing Working Group (APWG) in
this year. (see
http://antiphishing.org/APWG_Phishing_Activity_Report_Feb05.pdf).
It was an increase of 47 percent over the December 2004 figure. APWG is an
industry association focused on eliminating identity theft and fraud that result from the
growing problem of phishing and email spoofing. This voluntary based organization
provides a forum to discuss phishing issues, trials and evaluations of potential
technology solutions, and access to a centralised repository of reports on phishing
attacks.
In China, it was reported that the National Computer Network Emergency Response
Technical Team / Coordination Centre of China (CNCERT/CC) received 223 Phishing
reports from over 33 worldwide financial and security organization.
Attack Techniques
Nowadays, the nature of attacks is more active rather than passive. Previously, the
threats were all passive such as password guessing, dumpster diving and shoulder
surfing. Here are some of the techniques used by the attackers today:
• Trojan Attack.
The attacker installs a Trojan, such as key logger program, on a user’s computer.
This happens when users visited certain websites and downloaded
programs. As they are doing this, key logger program is also installed on their
computer without their knowledge.
______________________________________________________________________________6
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
When users log into their bank’s website, the information keyed in during that
session will be captured and sent to the attacker.
Here, the attacker uses the Trojan as an agent to piggyback information from
the user’s computer to his backyard and make any fraudulent transactions
whenever he wants.
• Man-in-the-Middle Attack.
Here, the attacker creates a fake website and catches the attention of users
to that website. Normally, the attacker was able to trick the users by
disguising their identity to make it appear that the message was coming from
a trusted source. Once successful, instead of going to the designated
website, users do not realize that they actually go to the fraudster’s website.
The information keyed in during that session will be captured and the
fraudsters can make their own transactions at the same time.
FIGURE 1.2 – Information compromised through man-in-the-middle attack.
Striking a Balance
Presently, Internet banking customers only need a computer with access to the
Internet to use Internet banking services. Customers can access their banking
accounts from anywhere in the world. Each customers is provided a login ID and
a password to access the service. It is indeed easy and convenient for
customers. ______________________________________________________________________________
7
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
However, the use of password does not provide adequate protection against
Internet fraud such as phishing. The problem with password is that when it has
been compromised, the fraudsters can easily take full control of online
transactions. In such cases, the password is no longer works as an authentication
token because we cannot be sure who is behind the keyboard typing that
password in.
However, easy access and convenience should not be at the expense and mercy
of the security of information. This is important in order to ensure the
confidentiality of information and that it is not being manipulated or compromised
by the fraudsters.
There are several methods of ensuring a more secure Internet banking:
1. Minimum Requirement: Two Factor Authentication
Based on the above method, the security measures in place are not
adequate to prevent fraud. The current method of using only one factor of
authentication definitely has its weaknesses. The security aspects of
Internet banking need to be strengthened. At minimum, a two-factor
authentication should be implemented in order to verify the authenticity
of the information pertaining to Internet banking services.
The first authentication factor can be the use of passwords and the
second authentication factor can be the use of tokens such as a
smartcard. MyKAD is a good avenue to introduce the second factor.
The above security measures will greatly minimize incidents of Internet
banking fraud. The smartcard here provides a second layer of
authentication. This will stop a perpetrator even if he manages to obtain
the user’s password.
Intercepted passwords cannot be used if fraudsters do not have the
Smartcard. Besides addressing fraudulent activities, this can instill
customers’ confidence in Internet banking.
2. Additional Requirement: Three Factor Authentication
However, for a better security, a three factor authentication process
should be considered. The third authentication factor is the use of
biometric such as iris or thumbprint recognition. This ascertains who one
is, biologically. This method of authentication has been introduced by the
______________________________________________________________________________8
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Employee Provident Fund (EPF) for it members, but is limited to getting
the latest statements of a member.
With a three-factor authentication a more secure method can be
implemented - a password to ascertain what one knows, a token
(smartcard) to ascertain what one has, and biometric recognition (for
example fingerprint or thumbprint) to ascertain who one biologically is.
As such, if passwords have been compromised, fraudsters need to get
through another two levels of authentication to access a customers
account. This would be difficult, if not totally impossible.
SUPERVISORY AND OPERATIONAL ISSUES
The supervisory and operational issues include risk control measures, advance
warning system, Information technology audit and re-engineering of operational
procedures. The regulator would also be concerned with whether the nature of products
and services offered are within the regulatory framework and whether the transactions do
not camouflage money-laundering operations.
State Bank of Pakistan’s Concerns over Internet FacilitiesThe Central Bank may have its concern about the impact of Internet banking on its monetary and
credit policies. As long as Internet is used only as a medium for delivery of banking services and
facilitator of normal payment transactions, perhaps, it may not impact monetary policy. However,
when it assumes a stage where private sector initiative produces electronic substitution of money
like e-cheque, account based cards and digital coins, its likely impact on monetary system can not
be overlooked.
Even countries where i-banking has been quite developed, its impact on monetary policy has not
been significant. Even in Pakistan, such concern, for the present is not addressed as the Internet
banking is still in its initial stages.
The world over, central bankers and regulators have been addressing themselves to meet the
new challenges thrown open by this form of banking. Several studies have pointed to the fact that
the cost of delivery of banking service through Internet is several times less than the traditional
delivery methods. This alone is enough reason for banks to flock to Internet and to deliver more
and more of their services through Internet and as soon as possible. Not adopting this new
technology in time has the risk of banks getting edged out of competition.
In such a scenario, the thrust of regulatory thinking has been to ensure that while the banks
remain efficient and cost effective, they must be aware of the risks involved and have proper built-
in safeguards, machinery and systems to manage the emerging risks. It is not enough for banks
______________________________________________________________________________9
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
to have systems in place, but the systems must be constantly upgraded to changing and well-
tested technologies, which is a much bigger challenge.
The other aspect is to provide conducive regulatory environment for orderly growth of such form
of banking. Central Banks of many countries have put in place broad regulatory framework for i-
banking.
The Global ScenarioThe world over, central bankers and regulators have been addressing themselves to meet the
new challenges thrown open by this form of banking. Several studies have pointed to the fact that
the cost of delivery of banking service through Internet is several times less than the traditional
delivery methods. This alone is enough reason for banks to flock to Internet and to deliver more
and more of their services through Internet and as soon as possible.
Not adopting this new technology in time has the risk of banks getting edged out of competition. In
such a scenario, the thrust of regulatory thinking has been to ensure that while the banks remain
efficient and cost effective, they must be aware of the risks involved and have proper built-in
safeguards, machinery and systems to manage the emerging risks.
It is not enough for banks to have systems in place, but the systems must be constantly upgraded
to changing and well-tested technologies, which is a much bigger challenge. The other aspect is
to provide conducive regulatory environment for orderly growth of such form of banking. Central
Banks of many countries have put in place broad regulatory framework for i-banking.
Hurdles in implementation of E-Banking in the Region:In Asia, the major factor restricting growth of e-banking is information security factor, in spite of
several countries being well connected via Internet. Access to high-quality e-banking products is
an issue as well. Majority of banks in Asia are just offering basic services compared with those of
developed countries. Still, e-banking seems to have a future in Asia. According to McKinsey
survey, e-banking will succeed if the basic features, especially bill payments, are handled well. Bill
payment was the most popular feature, cited by 40 percent of respondents of the survey.
However, providing this service would be difficult for banks in Asia because it requires a high level
of security and involves arranging transactions with a variety of players,
In 2001, over 50 percent of the banks in the US were offering e-banking services. However, large
banks appeared to have a clear advantage over small banks in the range of services they offered.
Some banks in the US were targeting their Internet strategies towards business customers. Apart
from affecting the way customers received banking services; e-banking was expected to influence
the banking industry structure. The economics of e-banking was expected to favor large banks
because of economies of scale and scope, and the ability to advertise heavily. Moreover, e-
banking offered entry and expansion opportunities that small banks traditionally lacked.
______________________________________________________________________________10
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Internet – its basic structure and topology Internet is a vast network of individual computers and computer networks connected to and communicate
with each other using the same communication protocol – TCP/IP (Transmission Control Protocol /
Internet Protocol). When two or more computers are connected a network is created; connecting two or
more networks create ‘internetwork’ or Internet. The Internet, as commonly understood, is the largest
example of such a system. Internet is often and aptly described as ‘Information Superhighway’, a means
to reach innumerable potential destinations. The destination can be any one of the connected networks
and host computers.
Internet has evolved to its present state out of a US Department of Defense project ARPANet (Advanced
Research Project Administration Network), developed in the late 1960s and early 1970s as an experiment
in wide area networking. A major perceived advantage of ARPANet was that the network would continue
to operate even if a segment of it is lost or destroyed since its operation did not depend on operation of
any single computer. Though originally designed as a defence network, over the years it was used
predominantly in areas of scientific research and communication. By the 1980s, it moved out of
Pentagon’s control and more independent networks from US and outside got connected to it. In 1986, the
US National Science Foundation (NSF) established a national network based on ARPA protocol using
commercial telephone lines for connectivity. The NSFNet was accessible by a much larger scientific
community, commercial networks and general users and the number of host computers grew rapidly.
Eventually, NSFNet became the framework of today’s Internet. ARPANet was officially decommissioned
in 1990.
It has become possible for innumerable computers operating on different platforms to communicate with
each other over Internet because they adopt the same communication protocol, viz, TCP/IP. The latter,
which stands for ‘Transmission Control Protocol / Internet Protocol’, is a set of rules which define how
computers communicate with each other. In order to access Internet one must have an account in a host
computer, set up by any one of the ISPs (Internet Service Providers). The accounts can be SLIP (Serial
Line Internet Protocol) or PPP (Point to Point Protocol) account. These accounts allow creating temporary
TCP/IP sessions with the host, thereby allowing the computer to join the Internet and directly establish
communication with any other computer in the Internet. Through this type of connection, the client
computer does not merely act as a remote terminal of the host, but can run whatever programs are
available on the web. It can also run several programs simultaneously, subject to limitations of speed and
memory of the client computer and modem. TCP/IP protocol uses a unique addressing scheme through
which each computer on the network is identified.
TCP / IP protocol is insecure because data packets flowing through TCP / IP networks are not normally
encrypted. Thus, any one who interrupts communication between two machines will have a clear view of
the data, passwords and the like. This has been addressed through Secured Socket Layer(SSL), a
Transport Layer Security (TLS) system which involves an encrypted session between the client browser
and the web server.
______________________________________________________________________________11
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
FTP or File Transfer Protocol is a mechanism for transferring files between computers on the Internet. It
is possible to transfer a file to and from a computer (ftp site) without having an account in that machine.
Any organization intending to make available to public its documents would normally set up a ftp site from
which any one can access the documents for download. Certain ftp sites are available to validated users
with an account ID and password.
E-Mail: The most common and basic use of Internet is the exchange of e-mail (electronic mail). It is an
extremely powerful and revolutionary result of Internet, which has facilitated almost instantaneous
communication with people in any part of the globe. With enhancements like attachment of documents,
audio, video and voice mail, this segment of Internet is fast expanding as the most used communication
medium for the whole world. Many websites offer e-mail as a free facility to individuals. Many
Corporate have interfaced their private networks with Internet in order to make their email accessible from
outside their corporate network.
World Wide Web (WWW) Internet encompasses any electronic communication between computers using TCP/IP protocol,
such as e-mail, file transfers etc. WWW is a segment of Internet, which uses Hyper Text Markup
Language (HTML) to link together files containing text, rich text, sound, graphics, video etc. and
offers a very convenient means of navigating through the net. It uses hypertext transfer protocol
(HTTP) for communication between computers. Web documents, which are referred to as pages,
can contain links to other related documents and so on, in a tree like structure. The person
browsing one document can access any other linked page. The web documents and the web
browsers which are the application programs to access them, are designed to be platform
independent. Thus any web document can be accessed irrespective of the platform of the
computer accessing the document and that of the host computer. The programming capabilities
and platform independence of Java and Java applets have further enriched the web. The ‘point
and click’ method of browsing is extremely simple for any lay user of the net. In fact, the
introduction of web since early 1990 has made Internet an extremely popular medium and its use
in business has been enhanced dramatically.
The next in the HTML genre is the Extensible Markup Language (XML), which allows automated
two-way information flow between data stores and browser screens. XML documents provide
both the raw content of data and the data structure and is projected by its proponents as taking
the web technology beyond the limits of HTML.
Wireless Application Protocol (WAP):WAP is the latest industry standard which provides wireless access to Internet through handheld
devices like a cellular telephone. This is an open standard promoted by WAP forum and has been
adopted by world’s all major handset manufacturers. WAP is supplemented by Wireless
Application Environment (WAE), which provides industry wise standard for developing
applications and services for wireless communication networks. This is based on WWW
______________________________________________________________________________12
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
technology and provides for application for small screens, with interactive capabilities and
adequate security. Wireless Transaction Protocol (WTP), which is the equivalent of TCP, sets the
communication rules and Wireless Transport Layer Security (WTLS) provides the required
security by encrypting all the session data. WAP is set to revolutionize the commercial use of net.
Security threats:One of the biggest attractions of Internet as an electronic medium is its openness and freedom. It
is a public domain and there is no restriction on who can use it as long as one adheres to its
technical parameters. This has also given rise to concerns over the security of data and
information transfer and privacy. These concerns are common to any network including closed
user group networks. But over the Internet, the dimensions of risk are larger while the control
measures are relatively fewer. These issues are discussed in detail in Chapter–5 and Chapter–6
of the report. It will be sufficient to say here that the key components of such concern are,
i. authentication, viz., assurance of identity of the person in a deal,
ii. authorization, viz., a party doing a transaction is authorized to do so,
iii. the privacy or confidentiality of data, information relating to any deal,
iv. data integrity, viz., assurance that the data has not been altered and
v. non repudiation, viz., a party to the deal can not deny that it originated the communication
or data.
E-Commerce:Even though started as network primarily for use by researchers in defense and scientific
community, with the introduction of WWW in early 1990s, use of Internet for commerce has grown
tremendously. E-commerce involves individuals and business organizations exchanging business
information and instructions over electronic media using computers, telephones and other
telecommunication equipments. Such form of doing business has been in existence ever since
electronic mode of data / information exchange was developed, but its scope was limited only as
a medium of exchange of information between entities with a pre-established contractual
relationship. However, Internet has changed the approach to e-commerce; it is no longer the
same business with an additional channel for information exchange, but one with new strategy
and models.
A business model generally focuses on
i. where the business operates, that is, the market, the competitors and the customers,
ii. what it sells, that is, its products and services
______________________________________________________________________________13
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
iii. the channels of distribution, that is, the medium for sale and distribution of its products
and
iv. the sources of revenue and expenditure and how these are affected.
Internet has influenced all the four components of business model and thus has come to influence
the business strategy in a profound way. The size of the market has grown enormously as
technically, one can access the products and services from any part of the world. So does the
potential competition. The methods of reaching out to customers, receiving the response and
offering services have a new, simpler and efficient alternative, now, that is, Internet. The cost of
advertisement, offer and delivery of services through Internet has reduced considerably, forcing
most companies to rework their strategies to remain in competition.
A research note by Paul Timmers of European commission had identified eleven business
models, which have been commercially implemented. These are e-shop, e-procurement,
e-auction, e-mall, Third-party market place, Virtual communities, Value chain service providers,
Value chain integrators, Collaboration platforms and Information brokers. He classified business
models along two dimensions, i.e, degree of innovation and extent of integration of functions. The
innovation ranged from the electronic version of a traditional way of doing business (e-shop) to
more innovative ways by offering functions that did not exist before. The second dimension, i.e,
extent of integration ranges from a single function business model (like e-shop) to fully integrated
functionality (value chain integrator). In the top end of the graph are models, which cannot be
implemented in a traditional way and are critically dependent upon information technology and
creating value from information flow. Business models, in between these two limits are a
combination of both dimensions in different degrees and have some degree of analogy in
traditional firms.
There are two types of e-commerce ventures in operation: the old brick and mortar companies,
who have adopted electronic medium, particularly Internet, to enhance their existing products and
services, and / or to offer new products and services and the pure e-ventures who have no visible
physical presence. This difference has wider ramifications than mere visibility when it comes to
issues like customer’s trust, brand equity, ability to service the customers, adopting new business
culture and cost.
These aspects of e-commerce will be touched upon in the following discussions.
Another way of classifying the e-commerce is by the targeted counterpart of a business, viz,
whether the counterpart is a final consumer or another business in the distribution chain.
Accordingly, the two broad categories are: Business-to-Consumer (B2C) and Business-to-
Business (B2B).
Business-to-Consumers (B2C):In the B2C category are included single e-shops, shopping malls, e-broking, e-auction,
e-banking, service providers like travel related services, financial services etc., education,
______________________________________________________________________________14
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
entertainment and any other form of business targeted at the final consumer. Some of the
features, opportunities and concerns common to this category of business irrespective of the
business segment, are the following.
Opportunities:Internet provides an ever-growing market both in terms of number of potential customers and
geographical reach. Technological development has made access to Internet both cheaper and
faster. More and more people across the globe are accessing the net either through PCs or other
devices. The purchasing power and need for quality service of this segment of consumers are
considerable. Anybody accessing Internet is a potential customer irrespective of his or her
location. Thus, any business targeting final consumers cannot ignore the business potential of
Internet.
Internet offers a unique opportunity to register business presence in a global market. Its
effectiveness in disseminating information about one’s business at a relatively cost effective
manner is tremendous. Time sensitive information can be updated faster than any other media. A
properly designed website can convey a more accurate and focused image of a product or
service than any other media. Use of multimedia capabilities, i.e., sound, picture, movies etc., has
made Internet as an ideal medium for information dissemination. However, help of other media is
necessary to draw the potential customers to the web site.
The quality of service is a key feature of any e-commerce venture. The ability to sell one’s product
at anytime and anywhere to the satisfaction of customers is essential for e-business to succeed.
Internet offers such opportunity, since the business presence is not restricted by time zone and
geographical limitations. Replying to customers’ queries through e-mail, setting up (Frequently
Asked Questions) FAQ pages for anticipated queries, offering interactive help line, accepting
customers’ complaints online 24 hours a day and attending to the same, etc. are some of the
features of e-business which enhance the quality of service to the customers. It is of crucial
importance for an e-venture to realize that just as it is easier to approach a customer through
internet; it is equally easy to lose him. The customer has the same facility to move over to another
site.
Cost is an important issue in an e-venture. It is generally accepted that the cost of overhead,
servicing and distribution, etc. through Internet is less compared to the traditional way of doing
business. Although the magnitude of difference varies depending on the type of business and the
estimates made, but there is unanimity that Internet provides a substantial cost advantage and
this, in fact, is one of the major driving forces for more number of traditional business adopting to
e-commerce and pure e-commerce firms to sprout.
Cost of communication through WWW is the least compared to any other medium. Many a time
one’s presence in the web may bring in international enquiries, which the business might not have
targeted. The business should have proper plans to address such opportunities.
______________________________________________________________________________15
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Concerns:There are a number of obstacles, which an e-commerce venture needs to overcome. Trust of
customers in a web venture is an important concern. Many customers hesitate to deal with a web
venture as they are not sure of the type of products and services they will receive. This is
particularly true in a B2C venture like e-shop, e-mall or e-auction site. Traditional business with
well established brands and goodwill and having a physical presence face less resistance from
customers in this regard than a pure e-venture.
Many B2C ventures have ultimately to deliver a product or service in physical form to the
customer for a deal contracted through Internet. This needs proper logistics, an efficient
distribution network, and control over quality of product or service delivered. These issues are not
technology related and any let off in this area can drive the customer away to the competitor or
from e-commerce. The privacy of information on the customer’s preferences, credit card and bank
account details etc. and customers’ faith in a system where such privacy is stated to be ensured
are important issues to be addressed. These are mainly technological issues, but human factor is
important both at the business and at the customers’ end and also in building the trust in the
system.
Security of a transaction, authenticity of a deal, identification of a customer etc. are important
technological and systems issues, which are major sources of concern to ecommerce. Equally
important are questions of repudiation of a deal, applicability of law, jurisdiction of tax laws etc.
These are important to all forms of e-commerce, whether B2C or B2B and all segments of
business, i.e. manufacturing, services and finance and are addressed in different chapters of this
report. Accessibility to Internet by the consumers is an important issue in B2C domain. This is
particularly so in countries like India where penetration of PCs and other devices to households
for access to Internet is minimal. Also important are availability of bandwidth and other
infrastructure for faster and easier access. Considering that ecommerce aims at global market,
deficiencies of these kinds in the developing world are no longer concerns confined to these
areas, but are global e-commerce concerns.
Business to Business (B2B)As opposed to B2C e-commerce, in B2B domain, the parties to a deal be at different points of the
product supply chain. Typically, in a B2B type domain, a company, its suppliers, dealers and
bankers to all the parties are networked to finalize and settle all aspects of a deal, online.
Perhaps, only the goods in different stages of processing physically move from the supplier to the
dealer. This scenario can be extended to include the shipper, providers of different ancillary
services, IT service provider and the payment system gateway, etc., depending on the degree of
sophistication of the available systems.
Another important feature of a B2B domain, as distinct from B2C, is that business information /
data is integrated to the back office systems of parties to a deal and the state of straight through
______________________________________________________________________________16
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
processing (STP) or near STP is achieved. This is a very significant aspect of B2B model of e-
commerce, which results in improved profits through lowering cost and reducing inventories.
For example, in a B2B environment, typically, the back office system of a company controls
inventory requirement with reference to the order book position updated regularly on the basis of
orders received from dealers through Internet. At the optimum level of inventory it raises a
purchase order with the supplier, whose system in turn, personnel, etc., since they involve large
investments and are critical to success. Several studies have attempted to assess the relative
importance of B2B and B2C business domains. There is wide difference in estimates of volume of
business transacted over Internet and its components under B2C and B2B. However, most
studies agree that volume of transactions in B2B domain far exceeds that in B2C. This is
expected result. There is also a growing opinion that the future of e-business lies in B2B domain,
as compared to B2C. This has several reasons some of which are already discussed earlier, like
low penetration of PCs to households, low bandwidth availability etc., in a large part of the world.
The success of B2C ventures depends to a large extent on the shopping habits of people in
different parts of the world. A survey sponsored jointly by Confederation of Indian Industries and
Infrastructure Leasing and Financial Services on e-commerce in India in 1999 made the following
observations. 62% of PC owners and 75% of PC non-owners but who have access to Internet
would not buy through the net, as they were not sure of the product offered. The same study
estimated the size of B2B business in India by the year 2001 to be varying between Rs. 250
billion to Rs. 500 billion. In a recent study done by Arthur Anderson, it has been estimated that
84% of total e-business revenue is generated from B2B segment and the growth prospects in this
segment are substantial. It has estimated the revenues to be anywhere between US $ 2.7 trillion
to over US $ 7 trillion near future.
The Growth of Internet Banking and common products:Internet Banking is a product of e-commerce in the field of banking and financial services. In what
can be described as B2C domain for banking industry, Internet Banking offers different online
services like balance enquiry, requests for cheque books, recording stop-payment instructions,
balance transfer instructions, account opening and other forms of traditional banking services.
Mostly, these are traditional services offered through Internet as a new delivery channel. Banks
are also offering payment services on behalf of their customers who shop in different e-shops,
emails etc. Further, different banks have different levels of such services offered, starting from
level-1 where only information is disseminated through Internet to level-3 where online
transactions are put through. These aspects have been dealt with in brief in the introductory
chapter and again detailed products and services are discussed in chapters 3 and 4. Hence, in
the following paragraphs I-banking concerns in B2B domain are discussed.
Considering the volume of business e-commerce, particularly in B2B domain, has been
generating, it is natural that banking would position itself in an intermediary role in settling the
transactions and offering other trade related services. This is true both in respect of B2C and B2B
domains. Besides, the traditional role of financial intermediary and settlement agents, banks have
______________________________________________________________________________17
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
also exploited new opportunities offered by Internet in the fields of integrated service providers,
payment gateway services, etc. However, the process is still evolving and banks are repositioning
themselves based on new emerging e-commerce business models.
In B2B scenario, a new form of e-commerce market place is emerging where various players in
the production and distribution chain are positioning themselves and are achieving a kind of
integration in business information flow and processing (STP or near STP) leading to efficiencies
in the entire supply chain and across industries. Banks are positioning themselves in such a
market in order to be a part of the financial settlements arising out of transactions of this market
and providing wholesale financial services. This needs integration of business information flow not
only across the players in the supply chain, but with the banks as well.
With the integration of business information flow and higher degree of transparency, the banks
and other financial services institutions have lost some of the information advantage they used to
enjoy and factor in to pricing of their products. However, such institutions have the advantage of
long standing relationships, goodwill and brand, which are important sources of assurance in a
virtual market. Banks are in fact, converting this goodwill into a business component in e-
commerce scenario in providing settlement and other financial services. Some banks have also
moved to providing digital certificates for transactions through e-markets. Banks’ strategies in B2B
market are responses to different business models emerging in e-commerce. A recent study by
Arthur Andersen shows that banks and financial service institutions generally adopt one of three
business models to respond to e-business challenges. In the first place, they treat it as an
extension of existing business without any significant changes other than procedural and what
technology demands. The second strategy takes the same approach as the first but introduces
structural changes to the underlying business. In the third approach banks launch e-business
platform as a different business from the existing core business and as a different brand of
product.
Different ApproachesThere is no definite answer as to which approach is appropriate. Perhaps it depends on the type
of market the bank is operating, its existing competencies and the legal and regulatory
environment. It is, however, sure that e-banking is evolving beyond the traditional limits of banking
and many new products / services are likely to emerge as ecommerce matures.
______________________________________________________________________________18
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
CC H A P T E RH A P T E R 2 – O 2 – O N L I N EN L I N E B B A N K I N GA N K I N G V I ZV I Z A A S K A R IS K A R I B B A N KA N K
As explained earlier how Banks work online with different challenges they face while operating online.
Similarly is the case with the bank we have chosen i.e. Askari Bank Limited. As we already know that the
purpose of having online facility is to have real-time transactions without having a customer to present
physically in the home branch and only with mere virtual presence like internet access, phone-banking,
mobile banking, inter-branch funds transfer etc.
Linking of branchesAll branches of Askari Bank Limited are connected but not limited only via:
Satellite links
Copper-wire media
Radio links
Fiber-optics
Nostra etc.
Branch network
FIGURE 2.1 – Askari Bank’s branch network across Pakistan region wise.
______________________________________________________________________________19
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
South Region Cities: » Chaman
» Dharki
» Ghotki
» Gwadar
» Hyderabad
» Jacobabad
» Jamshoro
» Kandhkot
» Karachi
» Khairpur
» Larkana
» Mirpur Khas
» Nawabshah
» Quetta
» Shikarpur
» Sukkur
» Tando Adam
______________________________________________________________________________20
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
North Region Cities: » Abbotabad
» Allai
» Chaksawari
» Chakwal
» Chashma
» Dadyal
» Dera Ismail Khan
» Gilgit
» Gujar Khan
» Haripur
» Hazroo
» Islamabad
» Jatlan
» Jhelum
» Kamra
» Mangla
» Mardan
» Mirpur
» Muzaffarabad
» Nowshera
» Peshawar
» Pindi Gheb
» Rawalpindi
» Risalpur
» Swat
» Taxila
» Wah Cantt
Center Region: » Bahawalpur
» Bhalwal
» Burewala
» Chiniot
» Daska
» Depalpur
» Dera Ghazi Khan
» Faisalabad
» Gujranwala
» Gujrat
» Hasil Pur
» Jalalpur Bhattian
» Jhang
» Khanewal
» Kharian
» Lahore
» Lalamusa
» Layyah
» Mandi Bahauddin
» Mianwali
» Multan
» Okara
» Phool Nagar
» Pir Mahal
» Rahim Yar Khan
» Sadiqabad
» Sahiwal
» Sargodha
» Sheikhupura
» Sialkot
» Toba Tek Singh
» Vehari
______________________________________________________________________________21
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
North Region Cities: » Abbotabad
» Allai
» Chaksawari
» Chakwal
» Chashma
» Dadyal
» Dera Ismail Khan
» Gilgit
» Gujar Khan
» Haripur
» Hazroo
» Islamabad
» Jatlan
» Jhelum
» Kamra
» Mangla
» Mardan
» Mirpur
» Muzaffarabad
» Nowshera
» Peshawar
» Pindi Gheb
» Rawalpindi
» Risalpur
» Swat
» Taxila
» Wah Cantt
South Region Cities: » Chaman
» Dharki
» Ghotki
» Gwadar
» Hyderabad
» Jacobabad
» Jamshoro
» Kandhkot
» Karachi
» Khairpur
» Larkana
» Mirpur Khas
» Nawabshah
» Quetta
» Shikarpur
» Sukkur
» Tando Adam
______________________________________________________________________________22
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Why Askari Online Banking Facilities?Askari Bank online banking facility is unique in its own way because they provide this facility to each and
every of their valued customers and that’s not it, online banking in a same city is free, apart from having
facility of making online cheques, payorders, demand-draft (DD) etc. i.e. having facility to make online
cheques, PayOrders/Demand draft from anywhere across Pakistan, plus Askari Bank (AKBL) has an
excellent credit rating compared to the banks of its stature.
Askari Bank Online FacilitiesAskari Bank has always been a pioneer in providing some of the top-notch services to its consumer base,
which includes some of the following service
ATM facility Including AskCard, Askari Visa Debit Cards, Askari MasterCard etc are to name some, which with
the power of Visa and MasterCard, gives you the privilege of using it globally.
iNET Banking Internet, intranet and online banking to their valuable customers via bank’s 24/7 intranet
Virtual Private Networking (VPN)
FIGURE 2.2 – Procedure showing how a VPN(Virtual Private Network) works.
A virtual private network (VPN) is a computer network that uses a public telecommunication
infrastructure such as the Internet to provide remote offices or individual users secure access to
their organization's network. It aims to avoid an expensive system of owned or leased lines that
can be used by only one organization.
It encloses data transfers using a secure cryptographic method between two or more networked
devices which are not on the same private network so as to keep the transferred data private from
other devices on one or more intervening local or wide area networks via security checks like
firewalls and head-office which is generally referred as EDT/Phoenix. There are many different
classifications, implementations, and uses for VPNs.
______________________________________________________________________________23
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Inter Bank Fund Transfer – IBFTNo branch of AKBL far for you when having the privilege of transferring cash and funds from
anywhere to anywhere in Pakistan. Every AKBL consumer can avail this facility complimentary.
FIGURE 2.3 – How AKBL’s Online transaction moves across the country
Similarly, AKBL’s online network is centrally controlled from AWT Plaza, Rawalpindi, which they in short
call as ETD and system administrators and network auditors as Phoenix, where all their online records are
verified and are put in black and white, whether its day-end reporting, branch report, 100, 40 reports,
which includes all transactions to and from a particular branch.
As far as the above diagram concern, it is showing that a person whose home branch is in Islamabad, and
he’s in Karachi for some business work, so whenever he’ll be needing an online bank fund transfer option,
it’ll go through Phoenix in Islamabad and a log will be created there which will be including agent ID
(usually the CD incharge is the person who’s responsible for all such transactions) and than the
transaction will move forward to its final destination. All this takes merely 60 seconds to authenticate and
______________________________________________________________________________24
1Link / MNet
DHA Branch Khayaban-e-
Ittehad Branch, Karachi
Blue Area Branch,
Islamabad
HEAD-OFFICE/ETD/
PHOENIX
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
verify. In 40 report, all this log from a branch’s point-of-view is printed at day end and a CC is sent to the
ETD for reconciliation and only AFTER verification and rectification from Phoenix, the system
administrator is allowed to switch off the branch’s online network and most of the time he’s the last person
to leave the office building.
Transaction via ATM to a Bank Account
Thanks to the online banking network, you do not have to be physically present to make a
transaction or send or receive money. With having power of ATM in our ATM cards, we are able
to transfer funds and cash easily not limited to AKBL-to-AKBL but AKBL to all those banks which
support either MNET or 1Link (Cirrus network still in progress to be commonly used ATM network,
right now only SAMBA Bank is using it).
Not only that, ATMs now also allows us to have bill payments (not limited to utility bills payments
but also cell phone bill payments, school colleges university fees payments as well, provided that
particular bank supports such transactions as well.
Privacy guaranteed
Privacy while using ATM services matters greatly as all these transactions and printing of receipt
are system generated and under no circumstances, private information which could disclose
one’s identity is not a matter of concern as even when a particular branch network administrator
takes out the 40 report from ATM, even in that report, only first and last 4 digit of their card
numbers are visible and rest is hidden behind asterisks. Although those reports are kept in the
branch till Saturday and on every Saturday, they put those bundles of ATM receipt sheet which
includes their transaction activities across the week is dispatched in a folder and iFax one copy to
ETD on weekly basis with their particular branch ID.
Network securityNetwork security in current environment is a great matter of concern for banks because at times,
a little mishap can result a catastrophic output. That’s why all AKBL’s transactions are fully
secured by keeping it encrypted algorithm while using ATM facility, using up-to-date antivirus
security (at AKBL they are using Kaspersky Antivirus), last but not the least is Firewall guard.
These steps also applicable for having batch-transfers in real-time transaction and general
ledgers especially when they are being printed from out-of-network to AKBL ATM.
Askari Bank while facilitating Businesses
Askari Bank is currently facilitating businesses to a great deal. They are providing facilities like
Free-Fund-Transfer from Business-to-Business Account,
Business Visa Debit Cards
Country-to-Country Money and Fund Transfer via Nostra
______________________________________________________________________________25
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Insurance
o Includes all business transactions
o All ATM transactions are fully insured
o All these facilities are complimentary for their customers
Business loans with low mark-up
Askari Paishgi Munafa Account
SWIFT Accounts
Network specificationsAs we know that there are many types of networks which are being used, most commonly is the LAN or
local area network. But Askari Bank uses WAN or Wide Area Network because of its wide array of
networked branches.
Wide Area NetworkWANs are used to connect LANs and other types of networks together, so that users and
computers in one location can communicate with users and computers in other locations. Many
WANs are built for one particular organization and are private. Others, built by Internet service
providers, provide connections from an organization's LAN to the Internet. WANs are often built
using leased lines. At each end of the leased line, a router connects to the LAN on one side and a
hub within the WAN on the other. Leased lines can be very expensive. Instead of using leased
lines, WANs can also be built using less costly circuit switching or packet switching methods.
Network protocols including TCP/IP deliver transport and addressing functions. Protocols
including Packet over SONET/SDH, MPLS, ATM and Frame relay are often used by service
providers to deliver the links that are used in WANs. X.25 was an important early WAN protocol,
and is often considered to be the "grandfather" of Frame Relay as many of the underlying
protocols and functions of X.25 are still in use today (with upgrades) by Frame Relay.
Academic research into wide area networks can be broken down into three areas: Mathematical
models, network emulation and network simulation.
Performance improvements are sometimes delivered via WAFS or WAN optimization.
As mentioned earlier, they also provide extranet support to their customers so that they can access their
account anywhere in the world. AKBL’s iNET banking is a prime example of their WAN accessibility
features.
KBOXKBOX is another of the software which is included with their WAN network package and the
purpose of this software is to limit personalized use of office computers and while at the day-end,
this report is also forwarded to ETD and a copy is saved in home branch, by personalized use we
mean:
______________________________________________________________________________26
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Playing games and listening music
Installing software other than the prescribed ones from ETD
Using any other source of connecting to internet (as apart from Branch manager and
Operations manager, no one in the branch is allowed to use internet of any means, even
anti-virus software is also to be updated directly by the system/network administrator and
no officer is allowed to do the same from his/her own) like internet device, USB stick etc.
Unauthorized flash-drive activity
Attaching any other device to office computers except office printers, scanners etc like
cell phones, smart phones, laptops (even though manager grades have such privileges)
Bank’s IT Room
All these records are initially kept at the branch’s IT room. An IT room is a place where usually on
a common day, no one is allowed to enter the room as case sensitive information is placed over
there,
like server configuration,
bandwidth distribution and allocation,
printing and saving logs of customer statements,
direct connected to the ETD,
usually the IT room is placed upstairs under the surveillance of CCTV cameras as voiding
it is a audit objection,
any network or equipment problem is referred to the network administrator,
Even in case of a problem with ATM like machine out of order or customer card stuck is
only recovered when there’s a network administrator around, because of his peculiar ID
he’s able to forward the complain to ETD therefore no one else in the branch have the
privilege of doing the same, else even in case of a problem with ATM no one is allowed to
touch it,
Therefore, in the light of above, one can’t deny the importance of a network administrator
and its room in Bank.
______________________________________________________________________________27
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
Glossary
01. ATMAutomatic Teller Machine
02. B2BBusiness-to-Business
03. B2CBusiness-to-Customers
04. Bank-Wire TransfersBank wire transfers is said to be the path or interface which allows bank-2-bank transactions between
two international banks, often the most expedient method for transferring funds between bank
accounts.
05. DecryptTo decode -
06. EncryptTo encode -
07. FTPFile Transfer Protocol
08. IBANThe International Bank Account Number (IBAN) is an international standard for identifying bank
accounts across national borders with a minimal of risk of propagating transcription errors.
09. IBFTInter-Bank-Fund-Transfer – Allows a customer to access his bank account away from his home-
branch and able to transfer cash and funds to and from a remote branch without physically present at
his home-branch.
10. Intranets and Extranets Intranet
Intranet is a network which is only available inside an organization or a company. It can be
accessed by all the computers that are operated inside the company's premises and is not
connected to the Internet. The purpose is to keep information contained inside the organization
and prevent leak of information due to employee errors or hacking attempts.
ExtranetExtranet is an extension of intranet to some entities outside the organization or a company. For
example if a company allows its customers to connect to the company intranet, then it will form an
______________________________________________________________________________28
RR E P O R TE P O R T O NO N O O N L I N EN L I N E B B A N K I N GA N K I N G
extranet, which is composed of computers inside the company and outside the company but still
is separated from the regular internet.
11. Middle-in-the-man attackNormally, the attacker was able to trick the users by disguising their identity to make it appear that the
message was coming from a trusted source. Once successful, instead of going to the designated
website, users do not realize that they actually go to the fraudster’s website. The information keyed in
during that session will be captured and the fraudsters can make their own transactions at the same
time
12. SpoofA mail from hacker which misguides the end user to enter his personal details, and on the basis of
which, the log of the keys pressed on that spoof website, is directly key-logged into hackers’ computer
and therefore he’s able to use that information to personify others.
13. SWIFTISO 9362 (also known as SWIFT-BIC, BIC code, SWIFT ID or SWIFT code) is a standard format of
Business Identifier Codes approved by the International Organization for Standardization (ISO).
14. System administratorA system administrator or network administrator in a bank is a person who controls all network
transaction made through bank’s computer systems, which can include but not limited to printing of
receipts like statements, day-end procedures etc. It also helps connect the bank to the central network
and is the body responsible for keeping network server and its related equipments in well working
conditions. Apart from that he’s responsible for keeping the ATM machine well intact and any problem
in that machine has to be rectified by him.
15. TCP/IP
16. Topology
17. Trojan
18. VPNVirtual Private Network - A virtual private network (VPN) is a computer network that uses a public
telecommunication infrastructure such as the Internet to provide remote offices or individual users
secure access to their organization's network. It aims to avoid an expensive system of owned or
leased lines that can be used by only one organization.
19. WAPWireless Application Protocol –
______________________________________________________________________________29