IBEX 2015 - Budi Rahardjo
-
Upload
frans-hasiholan-hutapea -
Category
Documents
-
view
227 -
download
0
description
Transcript of IBEX 2015 - Budi Rahardjo
E-Banking in Indonesia: Opportunities and Challenges from Security Perspective
Budi Rahardjo [email protected]
OPPORTUNITIES
2015 BR e-Banking in Indonesia 2
Large number of Users
More than 100 Million cellphone (telco) users Internet users
– 55M internet users in 2011, increase 22% from 2008 (2012 Internet Trends — Kleiner Perkins Caufield Byers)
– In 2009, Indonesia was not in twitter user list. Now
• Jakarta #1 • Bandung #6
2015 BR e-Banking in Indonesia 3
2015 BR e-Banking in Indonesia 4
High ICT Adoption Rate
2015 BR e-Banking in Indonesia 5
Electronic Market Place
2015 BR e-Banking in Indonesia 6
Opportunities
• Non-bank players • Machine-to-machine
– Non-human accounts
2015 BR e-Banking in Indonesia 7
CHALLENGES
2015 BR e-Banking in Indonesia 8
Current Malware Problem
Steal user account through malware http://regional.kompas.com/read/2015/08/11/12185971/Kronologi.Hilangnya.Uang.Nasabah.Bank.Mandiri.Versi.Korban 2015 BR e-Banking in Indonesia 9
SMS Banking (in)Security
• User is assigned 6-digit PIN • Transaction requires combination of two
digit PIN • Problems
– Only 15 different combinations – Fastest guess: 3 times – Certain numbers are used more frequently – SMS is saved. Phone stolen => disaster – SMS not delivered
2015 BR e-Banking in Indonesia 10
Challenges
• Distrust society • Fraud
– ATM fraud – Marketplace
• Insecure IT infrastructure – Network & applications – Performance issue (lack of capacity planning)
2015 BR e-Banking in Indonesia 11
Challenges
• No large scale micropayment, nano payment, pico payment
2015 BR e-Banking in Indonesia 12
Challenges
• Lack of security regulation outside banking – Lack of periodical security audit – Not only network, but also application security
evaluation – Enforcement is a must
2015 BR e-Banking in Indonesia 13
Concluding Remarks
• There are opportunities, but challenges must be address before they create problems
2015 BR e-Banking in Indonesia 14