INTERNET BANKING IN ORIENTAL BANK OF COMMERCE

1. INTRODUCTION TO INTERNET BANKING

Internet banking is the easiest way to carry out banking transactions in today's hectic schedule. Internet banking is used widely by masses, and has numerous benefits to offer. Nowadays, all banks provide online banking facility to their customers as an added advantage. Gone are the days, when one had to transact with a bank which was only in his local limits. Online banking has opened the doors for all customers, to operate beyond boundaries. Nowadays, people are so busy in their work lives, that they don't even have time to go to the bank for conducting their banking transactions. Internet banking enable people to carry out most of their banking transactions using a safe website, which is operated by their respective banks. It provides many features and functions to their customers, and enables them to view their account balance, transfer money from their account to another account (be it in their respective bank or any other bank), view their account summary, etc.In this procedure, many financial transactions can be carried out by simply utilizing a computer with an Internet connection. The necessary things that a person needs for using online banking are, an active bank account with balance in it for transactions, debit or a credit card number, customer's user ID, bank account number, the Internet banking PIN number, and a PC with access to the web. People using Internet banking are certainly benefited by the online services their respective banks are providing them with. The primary reason why it is so famous and mostly used is that, customers are allowed to bank at non-working hours.1.2. HISTORY OF INTERNET BANKING

The finance services, associated with Internet, are being promoted due to the widespread use of Internet. Internet banking, that is also known as online banking, is one of the emerging services The concept of Internet banking has been simultaneously evolving with the development of the world wide web. Programmers working on banking data bases came up with ideas for online banking transactions, some time during the 1980s. The creative process of development of these services were probably sparked off after many companies started the concept of online shopping. The online shopping promoted the use of credit cards through Internet. Many banking organizations had already started creating data ware housing facilities to ease their working staffs. The development of these databases were widely used during the development of ATM's.

Sometime in 1980s, banking and finance organizations in Europe and United States started suggestive researches and programming experiments on the concept of 'home banking'. Initially in the 80's when computers and Internet were not so well-developed, 'home banking' basically made use of fax machines and telephones to facilitate their customers. The widespread of Internet and programming facilities created further opportunities for development of home banking.

In 1983, the Nottingham Building Society, commonly abbreviated and referred to as the NBS, launched the first Internet banking service in United Kingdom. This service formed the basis for most of the Internet banking facilities that followed. This facility was not very well-developed and restricted the number of transactions and functions that account holders could execute. The facility introduced by Nottingham Building Society is said to have been derived from a system known as Prestel, that is deployed by the postal service department of United Kingdom.The first online banking service in United States was introduced, in October 1994. The service was developed by Stanford Federal Credit Union, which is a financial institution. The online banking services are becoming more and more prevalent due to the well-developed systems. Though there are pros and cons of electronic cash, it has become a revolution that is enhancing the banking sector.

With the popularity of the Internet increasing steadily, most of the industries are finding new and interesting ways to make use of this new and equally interesting medium so as to keep up with the constantly changing preferences of clients all over. Nowadays, you can do almost anything over the Internet - from shopping for groceries to making a free call to a friend in New Zealand through your computer! Yes, the Internet has seemingly endless possibilities and the banking industry in turn has decided that it won't be left behind the rest of the pack.

While most of us have heard about online banking services, more than a majority of us have probably not even tried it out yet. It could possibly be because we are more comfortable working with real people; paper and money instead of its virtual counterpart, as performing transactions over the Internet can be very impersonal. Whatever may be the reason; there are a number of advantages and disadvantages to online banking services. This article will outline the good side as well as the bad side to online banking so that you can either feel that online banking is a safe way to manage your finances, or you could possibly be justified in your fears.1.3. TYPES OF INTERNET BANKING

Informational (Websites)

This has been identified as the first level of internet banking . Typicallythebankhasthemarketinginformation about the banks products and services on a standaloneserver. The risk is very low as informational systems typically have no path between the server andthebanksinternalnetwork.InformationalInternetbankingsimplymeansthebankprovides

basicinformationaboutitsproductsandservices,muchlikeabrochure. This is meant for marketing purposes only, andthere is noconnectiontothebank'smaincomputersystems.ThislevelofInternet banking can be offered by the bank or outsourced. While the risk to a bank is rather low, the server or Web site may be susceptible to adjustment. To prevent unauthorized alterations to the bank's server or web site, appropriate controls therefore must be in place.

Communicative/Simple transactional (Websites)

This type of internet banking allows some interaction between the bank's system n the customer. Theinteractionislimitedtoe-mail, account inquiry, loan application or static file updates (name and address).Itdoesnotpermitanyfundstransfers.Communicativeonline banking allows for some communication between the patron and bank. However,thisistypicallylimitedtofundamental interactions such as account inquiries, new account updates, loan or mortgage applications, contact information updates and balances. Communicative online banking may connect with the bank's main computer systems. Theriskishigherwith thisconfiguration than with informational systems since these servers may have a path to the bank's internal networks. Toprevent,monitor,andalert management of any illegal attempt to access the bank's internal networks and computer systems, appropriate controls required to be in place. In this environment, virus controls also become much more critical. AdvancedTransactional(Websites)

Thislevelofinternetbankingallowsbankcustomerstoelectronicallytransferfundsto/fromtheiraccounts,paybillsandconductotherbankingtransactiononline.Themostpopularonlinebankingtype,transactionalInternetbankingoffersallofthebenefitsofatraditionalbrick-and-mortarinstitution.Thisincludesfullcontrolover your accounts - deposits, withdrawals, transfers, updates and online payments. Increased security measures now make Internet banking safe, secure and convenient, especially inthecaseofmobile online banking. This is the highest risk architecture andmust have the strongest controls, since a path normally exists between the server and thebank's or outsourcer's internal networMerits

First let's start off with the merits of online banking. First and foremost, online banking is very, very, very convenient. It will allow you to pay your bills and make transactions anytime during the day and the week. The bank will never close because you can access it through your laptop or computer. So, no matter in which country you are anywhere in the world, you can go online and handle your finances.

Secondly, online banking is very fast, effective and efficient. Over the Internet, you can make transactions that are typically executed and performed at a much faster pace than at ATM's. These services also give you the option of handling several different bank accounts from one site itself. Most online banking sites are compatible with programs like Microsoft Money and Quicken, which makes management of assets more effective. Paying Bills Online: Online banking provides people the facility of paying bills online from their checking account, money market account or credit card account or from their home equity line of credit. In order to avail this facility, people would have to set up payees or pay to accounts for which they would need a copy of their bills. Recurring payments can be made without delay, by making use of the facility of being able to set up pay to accounts, on completing a simple formality. One can schedule bill payments up to one year in advance. It helps people keep their bill payment history in an electronic format, thus eliminating the need for paperwork. Some companies also dispatch bills directly to the customer's online banking service. However, not all companies offer e-bills. The customer can thus receive, view and pay e-bills or electronic versions of their paper bills. Electronic Funds Transfer: Online banking allows the facility of electronic transfer of funds between a number of accounts maintained with the same bank. Generally, people can transfer money from their checking or their savings account to the following: credit cards, line of credit and investment account. People can also transfer money from their personal account to the personal account of others, assuming that the accounts are maintained with the same bank. Customers can also opt to transfer funds from their personal account, maintained with a bank, to the accounts maintained in other financial institutions. Withdrawals and deposits are thus facilitated by electronic fund transfers. Other Facilities: One can access one's account from anywhere in the world and view the current balance in the linked accounts. The system of linked accounts allows the bank to transfer funds from the customers savings account to cover the overdrawn checking and credit card account. Viewing the balances in linked accounts helps a person keep a check on spending habits. Stopping payments on checks, re-ordering checks, requesting copies of paid checks, savings and checking account statements are some of the other facilities.

Demerits

Just like with anything else, there are disadvantages too! The biggest problem is that most people lack trust. How many times have you performed transactions online and wondered whether you did the right thing? Of course, you can overcome any uneasiness by printing the transaction receipt. This receipt will conform whether or not your transaction has gone through successfully. Online banking can be difficult to learn for a beginner and a site could take time to start up. Some sites ask for photo identification, which can be very inconvenient.

However, most online banking sites provide tutorials for online banking. Some sites provide live online customer support to provide solutions for any problems. The number of cases of banking frauds is considerably low so you don't have to worry about the safety of your money. Clearly, the whole concept of online banking has its fair share of advantages as well as disadvantages. For some people, online banking simplifies life, while for the others it is intimidating and complex. Taking into consideration these perceptions, most banks have now started offering online banking services and a viable option to their clients.

Some people prefer talking personally to a person in case of a problem. They prefer the 'personal touch' aspect of customer service. If you are this kind of a person, then you'll probably never feel comfortable with Internet banking. On the other hand, if unlimited access to your bank accounts and convenience is highest on your list of banking priorities, then nothing can beat online banking. What with the security of the FDIC standing like a fortress behind them, it is very clear that online banking is here to stay.Although the merits clearly outnumber the demerits of Internet banking, some people may prefer banking theo;d fashioned way due to the following reasons:Safety Concerns: Phishing, the presence of malicious software, key logger issues and security concerns due to weak wireless security networks deter people from opting for Internet banking.Meant for Tech Savvy People: People belonging to the older generation may not be tech savvy and may find it difficult to use online banking. Online banking is a wonderful facility that can save us time and make our life simpler. However, one must take adequate measures to protect oneself from getting cyber scammed.

2. INTERNET BANKING VS TRADITIONAL BANKING

Internet banking is very similar to traditional banking. In fact, if you do much of your banking online and use features like bill pay, etc. - you are already familiar with how the majority of internet banking works.

The main difference is that there is not a local branch you can walk into. If you don't regularly require special face-to-face services from a banker, you probably will not care.

It may feel scary to give up that brick-and-mortar bank that you know is right down the street if you need it, but you'd probably be surprised at how easy banking with an internet bank is. I had not idea until I tried it myself.

With an internet bank, you can avoid many of the fees that a traditional bank charges. (They don't have the cost of maintaining all of those secure branches!) If you are setting up simple business bank account, it makes sense to avoid as many fees as possible, especially if you are already paying bank fees on your personal account.

Many services that you might think could only be handled in a branch can actually be dealt with over the internet, by mail or by fax. You may even find the entire process easier and less time consuming than physically going into your bank. Times are changing, which actually makes internet banking more feasible and easier to use for the average customer.

Many internet banks let you use a variety of ATMs free of charge (they reimburse you for fees charged by other bank, usually up to a certain amount). You may find that the selection of ATMs offered by internet banks are even more convenient to you than with a local bank. Once you start comparing internet banking services and fees to those of your local branches, you find that an internet bank is the right choice for you.

3. HISTORY OF OBCOriental Bank of Commerce (BSE 500315, NSE: ORIENT BANK) is an India based bank established in Lahore (then a city of British India, and currently in Pakistan), is one of the public sector banks in India. Oriental Bank of Commerce made a beginning under its Founding Father, Late Rai Bahadur Lala Sohan Lal, the first Chairman of the Bank. Within four years of coming into existence, the Bank had to face partition. Branches in the newly formed Pakistan had to be closed down and the Registered Office had to be shifted from Lahore to Amritsar. Late lalaKaram Chand Thapar, the then Chairman of the Bank, in a unique gesture honored the commitments made to the depositors from Pakistan and paid every rupee to its departing customers.The Bank has witnessed many ups and downs since its establishment. The period of 1970-76 is said to be the most challenging phase in the history of the Bank. At one time profit plummeted to Rs.175, that prompted the owner of the bank, the Thapar House, to sell / close the bank. Then employees and leaders of the Bank came forward to rescue the Bank. The owners were moved and had to change their decision of selling the bank and in turn they decided to improve the position of the bank with the active cooperation and support of all the employees. Their efforts bore fruits and performance of the bank improved significantly. This was the turning point in the history of the bank. The bank was nationalized on 15 April 1980. At that time total working of the bank was Rs.483 crores having 19th position among the 20 nationalised banks. Within a decade the bank turned into one of the most efficient and best performing banks of India. The bank has progressed on several fronts crossing the Business Mix mark of Rs 2 lacs crores as on 31 March 2010 making it the seventh largest Public Sector Bank in India, achievement of 100% CBS, reorienting of lending strategy through Large & Mid Corporates and establishment of new wings viz., Rural Development and Retail & Priority Sector. The Bank has to its utmost credit lowest staff cost with highest productivity in the Indian banking industry. 3.1. WHERE OBC WAS? Inearly1990smorethan7000brancheswereusing traditional manual procedures. These manual procedures were inherited from the Imperial Bank. Traditional procedures were evolved over decades Very few changes were brought in those procedures as perthe need of time.

In that time, mainframe or mini computers were used forMIS,RECONCILLATION&FUNDSETTLEMENTPROCESS,orwecansaythatforbackhandoperationspurpose.Changes brought in Information Technology by OBC:- Inthenextdecadeinternetfacilitywasprovidedforindividuals All OBC branches were connected and ATMS were launch 2001 - KMPG appointed consultant for preparing IT Plan for the Bank. LateronCorebankingproposedbytheITconsultancy company. 2002Allbranchescomputerizedbutondecentralized systems, there the initiative of core banking took place 2008- morethan6500 branches (95%of business) onCore Banking Solution (CBS) Internet Banking facility for Corporate customers were also launched in early 2008 More Interfaces developed with e-Commerce & other sitesthrough alternate channels like ATM & Online Banking All Foreign Offices were brought on Centralized Solution Largenetworkisplayingtheroleofbackboneforconnectivity across the country Multiple Service Providers are providing the links BSNL,MTNL, Reliance, Tata & reliance which are making thesystem errorless and provide high speed. MultipleTechnologiestosupportthenetworking infrastructure Leased lines, Dial-up, CDMA & VSAT3.2. COMPANY PROFILE

Registered AddressHarsha Bhawan,E-Block, Connaught PlaceNew DelhiDelhi110001Tel:011-23417121Fax:011-23739768Email:mbd@obc.co.inWebsite:http://www.obcindia.co.inGroup:Public Sector

RegistrarsM C S Ltd. Sri Venkatesh BhawanNo. W-40,Okhala Industrial Area Phase -IITel:011-41406149, 41406150, 41406151, 41406152Fax:011-41709881Email:admin@mcsdel.comWebsite:http://www.mcsdel.comManagement - Oriental Bank Of Commerce

NameDesignation

S L BansalChairman and Managing director

V KannanExecutive Director

B SrinivasDirector

S S ShishodiaDirector

K S SreenivasanDirector

Abha ChaturvediDirector

S C SinhaExecutive Director

Sreya GuhaDirector

K H PandeyDirector

C P SinghDirector

T ValliappanDirector

P SanthanakrishnanDirector

3.3. FACILITIES OFFERED

The following services are being offered throughOriental Banks iBanking Services, Free of Cost:-Services offered through Oriental Banks iBanking

1.Accounts Related OperationsI. Online Balance Inquiry

II. View transactions

III. Statement of Account For a given period, range of Cheque nos & Amount

IV. Cheque Status Inquiry

V. Clearing Instruments Inquiry

VI. Stop Payment of Cheques

2. Fund Transfer OperationsI. Funds Transfer to own accounts

II. Funds Transfer to other accounts within CBS Branches of OBC

III. 3rd Party Funds Transfer to other Banks accounts

Min. Amount : Rs. 100/- per transaction

Max.Amount : : Rs. 3,00,000/- per transaction

Per day Maximum: Rs.5,00,000/-

3. PaymentsExternal Payments viz. IRCTC (For Railway Reservation) and Sharekhan.com for Funds Transfer Facility for Shares purchases.

Bank Charges Rs.11/- per ticket (including Service Tax)

4. MailsI. Customers can send mails for clarifications/queries on Internet Banking.

II. Relationship Manager at IBC, Secunderabad gives reply to the queries / requests raised by the customers, within 12hours.

5. Activity:Customer can view various financial and non-financial activities performed by him during a period of time.

6. CustomizeYou can customize your various information likeI. Change your passwords

II. Add Nick names to your accounts

III. Select primary accounts in case you have many accounts

IV. Change your various preferences like Date Format, Amount Format, Add email id, Change your Salutation etc.

4. INTERNET BANKING SECURITY MODELS

Online banking systems require efficient security models capable of identifying users and authorizing transactions, thus mitigating fraud. However, current models are focused on fraud identification instead of fraud prevention, which means that actions are taken only after a fraud occurs instead of performing a seriesof preventive procedures. Analyzing the security devices implemented by the ten largest banks in Brazil it is observed that several security layers and methods are concurrently adopted (Figure 1). Virtual keyboards are clearly one of the most used models, being adopted in 8 different banks. However, banking trojans continue to successfully operate, directing security toreactive fraud identification rather than prevention.

Figure : Internet Banking Security Models

In this analysis, SSL (Secure Sockets Layer) was not considered because it is adopted in all online banking systems. Moreover, SSL only provides security from the network layer downwards but is not capable of guaranteeing protection against attacks based on the application layer, where data is captured ormodified before encryption. Basically, banking systems need to accurately identify the user and authorize his access to banking transactions. The identification schemes are based on two main factors: unique secret information previously shared by the user and the bank (such as passwords) and unique characteristics of the device which is being used to access the service (device fingerprinting).However, if any of the media through which these informations are collected (including the user's device) is compromised, thesecurity system is compromised as a wholebecause it would allow an adversary to insert and capture information at a point of the system. It is important to understand how banking systems employ security mechanisms and why they do not efficiently mitigate system subversion and consequent frauds.

4.1. CURRENTLY ADOPTED SECURITY MODELS

The models currently adopted in online banking systems are based on several security layers, consisting on diverse parallel solutions and mechanisms which aim at protecting the banking application and the user's data, providing identification, authentication and authorization.

Digital Certificates:

Digital certificates are used to authenticate both the users and the banking system itself. This kind of authentication depends on the existence of a Public Key Infrastructure (PKI) and a Certificate Authority (CA), which represents a trusted third-party who signs the certificates attesting their validity. In Brazil, banking systems use A1 and A3 certificates issued and signed by ICP-Brasil.

One-Time Password Tokens:

One-Time Password devices are commonly used as a second authentication factor, which may be requested in specific or random situations. This kind of devices render captured authentication data useless for future attacks through the use of dynamically changing passwords which can be used only once.

One-Time Password Cards:

One-Time Password Cards constitute a less expensive method for generating dynamic passwords, also providing a second authentication factor. However, in some banking systems, passwords generated by OTP cards are reused a number of times before being discarded, rendering this system vulnerable to short term replay attacks.

Browser Protection:

In this model, the system is secured at the Internet browser level, which is used to access the banking system. The user and his browser are protected against known malware by monitoring the memory area allocated by the browser in order to detect such malware and hinder credential theft and capturing ofsensitive information.

Virtual Keyboards:

Virtual keyboards were developed to thwart the efficient use of key loggers (which capture information typed into the device). These devices are usually based on Java and software based cryptography, allowing portability between different devices. Currently they are being replaced by other more efficient methods which require less processing power and slowertransmission rates.

Device Registering:

This method restricts access to the banking system top reviously known and registered devices. Hardware fingerprinting techniques are used in conjunction with user identification through secretcredentials.

Short Message Service (SMS):

This method has been applied in some banking systems to notify users about transactions requiring their authorization. It provides a second authentication channel for transactions that fit certain characteristics by sending to the user a set of characters which have to informed in order to authorize and process the transaction through the online banking system

Device Identification:

Device identification is usually applied together with device registering but it is also used as a stand-alone solution in online banking systems that aim at facilitating user access. This identification model is based on physical characteristics of the user's devicethrough which it is possible to identify its origin and history information.

Positive Identification:

Positive identification is a model where the user is required to input some secret information only known to him in order to identify himself. It is applied as a second authentication method.

Pass-Phrase:

It is a security model based on information held by the user. It is usually used as a second authentication method in transaction that involve money movement.

Transaction Monitoring:

Even though this method is not thoroughly analyzed in the present work, it is currently applied in all online banking systems, each of the musing different techniques. Artificial intelligence, transaction history analysis and other methods that identify fraud patterns in previously processed transactions are among the various approaches to transaction monitoring.

4.2. ATTACK MODELLING AND TYPICAL SCENARIOS

The attack tree model for common attacks against online banking systems is presented in Figure . This model represents the main components of banking systems authorization and authentication mechanisms and efficient attacks against them. The attacks exploit vulnerabilities inherent in the people (engineering social and phishing) then to gain control ofdevice (malware) and credential theft legitimate user (fakeWeb pages and malware).Attack Tree model The attacks description in this section are based on current trends observed in malware specifically focused on banking. It has been observed that such attacks are efficient against the authorization and authentication schemes currently adopted in online banking systems. Each attack is present along with adescription of the security mechanisms they target.

CREDENTIAL THEFT

This kind of attack is the simplest and most commonly performed against banking systems. Itbasically consists in obtaining the necessary credentials and user data in order to access thesystem as a legitimate user, providing information normally known only to legitimate users.

DEVICE CONTROL

The device control attack is presented in Figure and its objective is to obtain full control ofthe user's device instead of only stealing data used in the authentication process. The user'sdevice itself is then used by the attacker to access the banking service and perform frauds. Thisattack is more complex than credential theft (Figure) and tracing its origin is much moredifficult because the attacker never directly accesses theonline banking service.

The attacker publishes specially crafted malware orcounterfeit web pages. Exploiting vulnerabilities in applications such as browsers or applying social engineering the attacker manages to install malware in the device through which the honest user access online banking services.

The malware then captures the information necessary foraccessing the service.

After the malicious artefact obtains the information necessary for accessing the Internet banking system through the legitimate user's device,it downloads a listoftransactions to be performed previously stored by the attacker in a remoterepository.Having obtained the necessary data, the malware automatically accesses the online banking system as a legitimate user through the user's device and performs the transactions specified by the attacker.6.

While the malware remains active, it suppresses information about the transactions it performed from the banking system's interface, preventing the user room detecting the attacks.5. ADVANTAGES OF INTERNET BANKING

In recent time internet banking has spread rapidly all over the globe. All Banksaremaking greateruseof internetbanking facilitiestoprovide better service and to excel in competition. The spread of internet banking has also greatly benefited the ordinary customer in general and corporate world in particular. The following points summarize benefits ofInternetBanking.

5.1 ADVANTAGES TO THE CUSTOMER

Internetbankingdoesoffermanybenefitsforbothbanksandtheircustomers.Sothebanksaredoingwhattheycantoencourage customers to try it.

Aninternetbankingaccountissimpletoopenanduse,justbyenteringafewanswerstothequestionsinaformwhilesittingcomfortablyinhomeoroffice.Toaccesstheaccount,varioussecuritymeasuresareestablishedsuchasusernamesandpasswords. To complete the set up of the account, one just prints, signs and sends in the form.

Internetbankingcostsless. Because there are fewer buildings to maintain, and less involvement by salaried employees, there is a much lower overheadwithonline banks.Thesesavingsallowthem to offer higher interest rates on savings accounts and lower lending rates and service charges. Even traditional brick and mortar banks offer better deals such as free bill paying services to encourage their customers to do theirbanking online.

Comparing internet banks to get the best deal is easy. In a shorttime,onecanvisitseveralonlinebankstocomparewhattheyoffer, savings and checking account deals as well as their interest rates. Other things one can easily research are what credit cards are available, credit card interest rates, loan terms and the banks own rating with the FDIC.

Bouncingacheque(accidentally)shouldbeathingofthepastbecauseonecanmonitortheaccountonlineanytime,dayornight.Onecantrackthebalancedaily,seewhatchequeshavecleared and when andknow when automatic deposits and payment sare made. This is all possible by simply going online to the banks website and logging into ones account.

One can keephis/her accountbalancedusing personalcomputerandmonthlystatement.Thebankaccountinformationcanbedownloaded into software programs; making is easyto reconcile the account with just a few mouse clicks. The convenience of the data capture online makes it much easier to budget and track where themoneygoes.Theinternetbankaccountevenallowsonetoviewcopies of the cheques one has written eachmonth.

With the ability to viewthe account at anytime, it is easier to catch fraudulentactivity inthe accountbefore much damage isdone.Assoonasonelogsintotheaccount,onewillquicklyseewhetherthereisanythingamisswhenonechecksonthedepositsanddebits.Ifanyonewritesachequeorwithdrawsfundsfromtheaccount, onewill seeit right away.This lets onetoget startedon correcting the problem immediately rather than having to wait to receiveacluethatit ishappeningas wouldbethecasewitha traditional bank Internet Banking offers a great deal of conveniencethanone could get from a conventional bank. One is bound by 'banker's hour's and physical presence is not required.Timeisnot wasted when one has work to do because one can do the banking without leaving the office. No matter where one is or what time it is, one can easily saving.

Convenience. Unlike any normal physical bank, online banking sites never close. They're available 24 hours a day, seven days a week,365 days a year andthey're only just a mouse click away.

If one is out of station or even out of the country on a tour or on an official trip, and suddenly a money problem arises, all one has to do is log on to the internet and transfer funds from one account to another and take care ofpersonal needs and business 24/7.

Transaction speed Online banking initiates speedy transactions and theyare verycosteffective andare generallyquickerthanthe transactions conducted at the ATMs or at the bank.

Efficiency.Freetoaccess,manageandcontrolallthebankaccounts,includingIndividualRetirementAccounts,CDs,evensecurities,fromonesecuresite,theindividualscanefficiently manage their money.

EffectivenessManagingthemoney, themoney,investment,bank accounts without even going to the bank, getting emails and wireless alerts on various transactions,gettingthestatementsonline,making bill payments on-line and transferring funds, all for free, has made the banking highly effective. General consumers have been significantly affected in a positive mannerbyinternetbanking.Manyoftheordinarytaskshavenowbeenfullyautomated resulting in greater ease andcomfort.

Customers account is extremely accessible with anonline account.

Customer can withdraw money at any time through ATMs that are now widely available throughout the country.

Besideswithdrawingcashcustomerscanalsohaveminibanks statements, balance inquiry at these ATMs.

Through Internet Banking, customer can operate his account while sitting in his office or home. There is no need to go to the bank in person for such matter.

Internet banking has also greatly helped in payment of utility bill. Now there is no need to stand in long queues outside banks for this purpose.

All services that are usually available from the local bank can be found on a single website.

Thegrowthofcreditcardusagealsoowesgreatlytointernetbanking. Now a customer can shop worldwide without any need ofcarrying paper money with him.

Banks are available 24 hours a day, seven days a week andthey are only a mouse click away.

5.2 ADVANTAGES TO THE BANK

Banking industry has also received numerous benefits due to growth ofinternet banking infrastructure. These arehighlighted below: Thegrowthofinternetbankinghasgreatlyhelpedthebanksincontrolling their overheadsand operating cost. Many repetitive and tedious tasks have now been fully automatedresultingingreaterefficiency,bettertimeusageandenhanced control. The rise ofinternet banking hasmade banks morecompetitive. It has also led to expansion of the banking industry, opening of new avenues for bankingoperations. Internet banking has greatly helped the banking industry to reduce paper work, thus helping them to move the paper less environment. Internet banking has also helped bank in proper documentation oftheir records andtransactions. The reach and delivery capabilities of computer networks, such as the Internet, are far better than anybranch network. Banks have quickly leveraged the capabilities of the Internet and Web 2.0 technologies and adopted the online banking model. Every mainstream banknowoffersahostofbanking servicesandproductstoanever increasing base of customers. Through online banking, banks have been able to reach outto millions of customers not in their geographical area ofoperations and offer more products and a relatively better, convenient and flexible banking experience than that prevalent in traditional, fixed-locationbranches. Thebenefitscanbestudiedinthefollowingbroad categories: More Customers

Through online banking, better service levelsand strategic marketing initiatives, banks are able to reach out to more customers than possible through traditional banking through physical location branches. OnlineOnlyProductsandServices

Leveragabilityand amenability of new technologies, tools and widespread broadband Internet acceptance, has made it possible for banks to offer a whole host of online only products andservices to customers, such as CDs, e-bank statements, financial calculators, and personal finance newsfeeds. Broader Customer Base

Banking online has afforded customersuser-friendlyfeaturesofWebsites,robustsecuritytechnologies,privacy protection measures, and mainstream Internet acceptance.Bankscanreachouttoabroadercustomerbasebeyondthe geographical confines of their locations or baseoperations. Attractive Rates and Incentives - Better management practices, consolidated operations and streamlinedsavingsfrommanaging anddeliveringonlinebankingservicesallowbankstooffer attractive rates and other incentives tocustomers. CostSavings Bankssaveasignificantamountofoperational capital from not having to open brick and mortar branches in new locations and far-flung areas. These savings are passed onto the consumer in the form of reduced or no fees for inter-bank and even intra-bank money transfers, no fees for online payment of utilities' bills, and cash-back options on frequent use of online-applied bank credit cards.There are sound reasons why internet banking is growing. The economic advantages have encouraged banks to provide an increasing range ofeasytouseservicesviatheinternet.

6. POTENTIAL COUNTER MEASURES

Due to the inherent complexity and flexibility of the presented attacks it seems unlikely that a single centralized security solution would successfully solve the security issues on which they are based, effectively mitigating those attacks. The main problem relies on the weakest link in the security chain, generally the user (or his access device), and its role in the whole authentication and authorization process. In most cases, the security of the authentication and authorization process in online banking systems is based on secret information supposedly known only by legitimate users and the bank, depending on the user for maintaining the secrecy of such information. However, as it was described in the previous sections, an attacker can easily obtain this secret information through the use of social engineering techniques and malware, compromising the system as a whole. In face of these issues, new authentication and identification models should be as independent from the user or the security of his device as possible, relying on more than one source for authentication and identification data .A identification and authentication model potentially resilient to the attacks presented should be based on independent secure channels for authentication/authorization data and transaction data. In this model, security is guaranteed even if an attacker compromises one of the channels. The separate authentication/authorization channel is to be chosen in such a way that the user has little or no influence on its security, being based on devices which the user does not control or administer, and not on the user's internet access device (used for transactions) which may be easily compromised by remote attackers .Taking into consideration that any device associated or dependent on a compromised environment (such as compromised network or host) is also considered compromised, apotentially secure authentication and identification model for online banking systems should fit the following requisites:

The authentication data channel is independent from the transaction data channel.

The identification model is independent fromuser provided information.

Perform mutual authentication, where both the user and the service provider must prove their identities.

Verify and confirm all the information obtained from the user in order to detect patterns and irregularities which may indicate a fraud.

Maintain a history database for eachuser containing information which form a user transaction profile associated with reputation and trust models used to detect fraud and malicious tendencies. A authentication and identification model with these characteristics would be secureagainst the attacks presented in section.

SOLUTIONS:Here are some simple tips to prevent you from falling into the trap of cybercriminals. Remember, a simple ignorance or oversight can make a huge dentin your hard- earned savings.I. Securing your account:Avoid online banking on unsecured wifi systems and operate only from PCs at home. Never reveal password to anyone. Do not even write it on a piece of paper on diary. Just memorise it. It should bealphanumeric and change it frequently.Neverreply toqueries frombank online about account orpersonal details. The personal information should not be kept in a public computer or in emails.II. Phishing:Aperson'spersonaldetailsareobtainedbyfraudstersposing as bankers, who float a site similar to that of theperson's bank. They are asked to provide all personal information about themselves and their account to the bank on the pretext of database upgradation. The number and password are then used to carry out transactions on their behalf without theirknowledge. Phishinginvolvesusingaformofspamtofraudulentlygainaccesstopeople'sonlinebankingdetails.Aswellastargetingonlinebankingcustomers, phishing emails may target online auction sites or other onlinepayment facilities. Typically, a phishing email will ask an online banking customer to follow a link in order to update personal bank account details. Ifthe link is followed, the victim downloads a program which captures his orher banking login details and sends them toa third party.7. MISUSE OF INTERNET BANKING 7.1 INTERNET LOTTERY FRAUDMP Cyber police has investigated several case of cheating through Internet lottery offer which is commonly known as Nigerian 419 scam. In this kind of cheating the culprits used to send bulk emails, bulk SMS to millions of users using software, stating that the receiver has won lottery worth thousands of pounds or dollars which comes out to be crores of Indian rupees, in a lucky draw. They used to create fake lottery winning certificate using logo and text from original website, which seems to be original at a glance. This kind of sending bulk emails or SMS is an act of commonly known as PHISHING attack. Those who are lured by such offer often tempted to contact them. The culprits then ask the target to fill a form and thus receives all the personal information of the target and asks him to deposit token money in various names to earn the lottery prize. The target who is hoping to earn huge amount of money finds these charges to be minimal. The culprit asks the target to deposit money in the name yellow tag, custom clearance UN anti terrorism certificate, RBI charges or any other name they feel it to suitable to convince the target. The culprits ask the target to deposit in various bank accounts and once the money is deposited by the target it is withdrawn same day by the suspect.

After losing lacs of amount people come to know that they are being cheated. In this kind of cheating the contact number are usually taken in the fake names or in the other Indian guys name, account are being opened in the fake names or acquired on the basis of commission by fooling the account holders.

Mp cyber police has investigated the case of Internet lottery fraud and arrested Nigerian national Gods power from Meharauli Delhi with the suspected mobile used for communication, one laptop, printer and box used for black dollar scam.

Mp cyber police has investigated the case of Internet lottery fraud Crime no 07/09 420,468,34 IPC and crime no 05/10 420,468,34 aIPC and arrested Nigerian national Idiogbe Joseph from Mumbai with the suspected mobile used for communication, laptop, fake Income tax certificate and seals.

Apart from the above MPCP is investigating two more such cases in which suspects are being monitored and efforts are being made to arrest them.

7.2 INTERNET BANKING FRAUD

Kotak mahindra bank and Poonam Gulati reported to IGP MP Cyber Police that an amount worth Rs 17 lacs has been illegally transferred to account in the name of Gourav Shukla from account of Poonam Gulati through internet banking and susequently withdrawn from various ATMs. The matter came to light when Mrs Poonam Gulati read her bank account statement in the month of July that amount worth Rs 17 lac had been transferred through internet banking to some new account which she didn't know. She enquired at the bank and asked when she didn't asked for internet banking then how it can be activated and transfers could be made.

On preliminary enquiry MP Cyber police found that it was an act of cheating forgery and fraud against the bank and not the customers as the customer never asked for the activation of Internet banking, Hence a FIR was lodged in the name of Kotak mahindra Bank.

As per complaint a fake account was opened in the name Gourav Shukla. For the purpose of cheating the suspect approached the bank and submitted forged document to add mobile in the account of Poonam Gulati. The bank official matched only PAN number but didn't match the photocopies with the original. After getting registered the mobile number in the account of Poonam Gulati the suspect requested to add Internet banking in the account of Poonam gulati. After getting Internet banking activated the suspect made request forgot password through Internet banking. He could obtain the same partial on internet window and partial on registered mobile. The suspect after getting the internet banking password transferred Rs 17 lacs , one lac each per day from the account of Poonam Gulati to account of Gourav Shukla. He withdrew money at the rate of One lac per day from the various ATMs of State Bank of India wearing helmet.

8. INOVATIONS IN INTERNET BANKINGNEFT AND RTGS

India has two main electronic funds settlement systems for one to one transactions: theReal Time Gross Settlement(RTGS) and the National Electronic Funds Transfer (NEFT) systems. Transactions which are bulk and repetitive in nature are routed through electronic clearing service (ECS) which is further of two categories viz ECS-Credit (one debit and multiple credits e.g. Salary, Dividends) and ECS- debit (one credit and multiple debits e.g. bill payments, SIPs etc.). ECS is currently provided in around 75 centres in India.

8.1. REAL TIME GROSS SETTLEMENT [RTGS]The acronym 'RTGS' stands for real time gross settlement. TheReserve Bank of India(India's Central Bank) maintains this payment network. RTGS system is a funds transfer mechanism where transfer of money takes place from one bank to another on a 'real time' and on 'gross' basis. This is the fastest possible money transfer system through the banking channel. Settlement in 'real time' means payment transaction is not subjected to any waiting period. The transactions are settled as soon as they are processed. 'Gross settlement' means the transaction is settled on one to one basis without bunching with any other transaction. Considering that money transfer takes place in the books of the Reserve Bank of India, the payment is taken as final and irrevocable.

Fees for RTGS vary from bank to bank.RBI has prescribed upper limit for the fees which can be charged by all banks both for NEFT and RTGS. Both the remitting and receiving must havecore bankingin place to enter into RTGS transactions. Core Banking enabled banks and branches are assigned anIndian Financial System Code(IFSC) for RTGS and NEFT purposes. This is an eleven digit alphanumeric code and unique to each branch of bank. The first four letters indicate the identity of the bank and remaining seven numerals indicate a single branch. This code is provided on the cheque books, which are required for transactions along with recipient's account number.

RTGS is a large value (minimum value of transaction should be2,00,000) funds transfer system whereby financial intermediaries can settle interbank transfers for their own account as well as for their customers. The system effects final settlement of interbank funds transfers on a continuous, transaction-by-transaction basis throughout the processing day. Customers can access the RTGS facility between 9 am to 4:30 pm on weekdays and 9 am to 1:30 pm on Saturdays. However, the timings that the banks follow may vary depending on the bank branch. Time Varying Charges has been introduced w.e.f. 1 October 2011 by RBI.

Banks could use balances maintained under thecash reserve ratio(CRR) and the intra-day liquidity (IDL) to be supplied by the central bank, for meeting any eventuality arising out of the real time gross settlement (RTGS). The RBI fixed the IDL limit for banks to three times their net owned fund (NOF).

The IDL will be charged at25 per transaction entered into by the bank on the RTGS platform. The marketable securities andtreasury billswill have to be placed as collateral with a margin of five per cent. However, the apex bank will also impose severe penalties if the IDL is not paid back at the end of the day.

Service Charge for RTGSa) Inward transactions Free, no charge to be levied.

b) Outward transactions

For transactions of2 lakh to5 lakh -25 per transactions plus applicable Time varying Charges (1/- to5/-) total not exceeding30 per transaction.

Above5 lakh -50 per transaction plus applicable Time varying Charges (1/- to5/-) total charges not exceeding55 per transactions.

No time varying charges are applicable for RTGS transactions settled up to 12:30 hrs.

8.2. National electronic fund transfer [NEFT]The national electronic fund transfer (NEFT) system is a nation-wide system that facilitates individuals, firms and corporates to

electronically transfer funds from any bank branch to any individual, firm or corporate having an account with any other bank branch in the country. For being part of the NEFT funds transfer network, a bank branch has to be NEFT-enabled. As at end-January 2011, 74,680 branches / offices of 101 banks in the country (out of around 82,400 bank branches) are NEFT-enabled. Steps are being taken to further widen the coverage both in terms of banks and branches / offices

IFSC or Indian financial system code is required to perform a transaction usingNEFTor RTGS.IFSCcode identifies a specific branch of a bank. IFSC code can be found out on RBI website. These codes are also known from your bank branch, and it is best to confirm the IFSC code, before going for any transaction.

Service Charges for NEFTThe structure of charges that can be levied on the customer for NEFT is given below:

a) Inward transactions at destination bank branches (for credit to beneficiary accounts)

Free, no charges to be levied from beneficiaries

b) Outward transactions at originating bank branches (charges for the remitter)

For transactions up to10 thousand not exceeding2.5 (+ Service Tax) - For transactions up to1 lakh not exceeding5 (+ Service Tax) - For transactions above1 lakh and up to2 lakhs not exceeding15 (+ Service Tax) - For transactions above2 lakhs not exceeding25 (+ Service Tax)

8.3. COMPARISION BETWEEN RTGS AND NEFT

The key difference between RTGS and NEFT is that while RTGS is on gross settlement basis, NEFT is on net settlement basis. Besides, RTGS facilitates real-time ("push") transfer, while NEFT involves eleven settlements from 9 am to 7 pm on week days and five settlements from 9 am to 1 pm on Saturdays. Customers can access the RTGS facility between 9 am to 4:30 pm on week days and 9 am to 1:30 pm on Saturday. Thus if a customer has given instruction to its bank to transfer money through NEFT to another bank in the morning hours, money would be transferred the same day, but if the instruction is given later during the day, money would be transferred next day.

RTGS facility is available in over 72000 branches, while NEFT is available in little over 75000 branches of 100 banks. RBI has recently discontinued the EFT (Electronic funds transfer).

9. CONCLUSIONStudying the project we came to know that Internet banking is clearly the way forward for the Oriental Bank Of Commerce. It provides comfort to customers at the same time it provides cost cutting to OBCbyeliminatingphysicaldocumentation.Internetbanking saves time of bank as well as those of customers. Study states that internet banking provides greater reach to customers. Feedback can be obtained easily as internet is virtual in nature. Customer loyalty can be gain. Personal attention can be given by bank to customer also quality service can be served. Bank should know that No system is perfect, however a system ofsuch a type will need to be very secure. This is a system which holds account details and customers wealth. If such a system was not trusted and not reliable, then SBI would face serious laws and would lose business. After studying the SWOC analysis, we came to know various strengths of OBC such as quality customer service, greater reach, customer loyalty, easy access to information, 24 hours access, easy online applications etc. OBC should put efforts to multiply the number of strengths. In terms of weakness I come to know some of the major weaknesses they are lack of awareness of internetbanking among thecustomers, obsolesce of technology relatedtosecurity,complicated proceduresofavailinginternetbanking facilities, lack of knowledge among the employees of OBC. OBC should concentrate on the weaknesses and reduce them to zero. In the third segment of SWOC analysis of internet banking wedealt with opportunities like 95 % market of internet market isuntapped, OBCs path to become first virtual bank. By encashing such opportunities bank can become the leader in banking sectorof India. whichareinfrontofOBC,likesamenessinITinfrastructurewithinvariousbanks,needofvariousvendorsupportsforcomplextechnology,maintainingsecuredITinfrastructure, alternative mechanism in case of failure of present security system. The company can take the advantage of the reputation it has created in the market foritself and become more competitive. Therecommendations andsuggestionsgiven, ifadoptedwill improve the position of the company substantially and optimalprofitabilitycoupled withbetterserviceandsatisfactions for investors may be achieved.10. PrimaryDataAnalysisA survey was conducted todetermine peoples perception towards onlinebanking and their expectations on internet banking services.The questionnaire was prepared for the purpose andresponse was analyzed. The questions were distributed by hand to the people, some were queried by telephone while others replied by e-mail. The questions were concerned with thepersonal information and characteristics of the respondent. Questions 1 to 5 test the users usage and the awareness of computing and internettechnologies. Questions 6 to 11deal with banking behaviour of respondent, their usageand responsiveness to new technology.

Objectives:

To identify the major factor why people opted to bank online.

To understand the intention of users to use internet banking services.

To study the main reasons/owners that can affect the users intention for not using internet banking servicesprovided by the banks.

Findings:

I have research thatthe internet is becoming increasingly important channel for the bank toprovide banking services to both individual customers and businessmen.

I found that internet banking wouldalmost certainly become a majorfull-fledged distribution channel of banking servicesand products in India within the next 3 years.

Evidence suggests that those who are banking with the larger bank are more likely to adopt internet banking.

I even found that internet banking is going to develop much fasterthan most people imagine andwith the revolution, new financial system will evolve in many ways and even more secure than wehave today. It was interesting to analyze what made the people opt for internet banking services provided by the banks.60% of the respondents weredriven by convenience that internet banking offered, while 12% of them optedfor online banking services because its saved a lot of time and money. Complementing this result was that another8% of the population had opted net banking as they found it wasmuch easierto maintain account through the internet. It was even noted that respondents access their bank account from theirworkplace also (use office PC) during free time so, 14% of the surveyedpopulation were convinced that internet banking was highly safeand secure and sometimes even safer than the traditional modes of banking and remaining 60% respondents found an internet banking service effective and simple to use. The features considered important by those who have not yet opened an internet bank account said that security of the security of the transaction would be a very important factor, which might lead them to open an account. Other features considered important would be convenience and having a variety of features and services.

So, the big question here is, IsInternet banking for you?

Yes, if you need the convenience and speed.

No, if you trust the internet as much asyou trust your car mechanism.

ANNEXURE

10.1. Questionnaire For CustomersDear Respondent, I am a student of Self Finance Course and doing Banking and Insurance. This survey is designed to understand bank account holder's satisfaction on internet banking. So, please spare some precious time of years to make my study complete. Name ofrespondent

................................................................................................

GenderMale{} Female{} Age Below25years{} 25-50years{} Over50years{} Profession Business{} Employee(job){ } Student{} Housewife{}1.Do you have any Bank Account?

Yes { } No { }

2.Which method do you use for banking? Online{} Offline{}3. What induced you tobegin on-line bank Account? Thebrandnameofthebank{} Referencebyfriends{} Advertisement{} Easyandquick{}4. While opening up the account, were you aware of internet banking services provided by your bank? Fullyaware {} hadanidea{} no idea { }

5. What is the most important factor which prompted you to start using i-banking? (1: the most Important, 5: the least important) Convience(24hoursservices,anywhereconnectivity{}

Easytomaintainmybankingtransactionactivity{}

Lowservicecharge{} Safeandsecure{} Betterrates{}6. What are your main transactions you would prefer todo by net? Orderachequebook{ } Moneytransfers{}

Creditfixeddepositonline{} Requestademanddraft{}

Checkingofyourcurrentbalance{} Paybills{}

Requestforstoppingpaymentonacheque {}7. In general,how often do you use online banking services? Never{} Rarely{} Sometimes{} Often{}

Veryoften {}8. Do you feel safe in disclosing your details on net? Yes{} No{}9. Are you satisfied with your bank services? Yes{}No{}10. How would you rate the internet banking facility provided by your bank? Excellent{} Verygood {} Good{}

Average {} Poor{}11. What other services you would like to have through internet banking?.................................................................................................................................................*** Thank you very much for your help. ***

10.2. Questionnaire For Bank 1. Name of the bank:--------------------------------

2. Does the bank website exist? : Yes { } No { }

3. If yes, please specify web site address:----------------------------4. When did the banks web site become active? (Year) :--------

5. Which of the following i-banking products/services are offered? Internet Banking Yes { } No { }6.When did the Bank begin offering Internet Banking? (Year):-----7.How many customers are using this facility? : -------- 8.Which software is being used for it?: ----------------

9. Is the Banks website reviewed internally?

Yes { } No { }

10. Are security measures in place to secure the banks website?:

Yes { } No { }

11. How many customers are still using traditional way of banking transaction?

25% { } Below 50% { } 50% & Above { } 75% { } Above 75% Name :---------------------------------Designation :---------------------Signature:----------

*** Thank you very much for your help. ***

BIBLIOGRAPHY

Primary Data

Customer Survey through Questionnaire Case Study on ORIENTAL BANK OF COMMERCE

Visiting internet banking services websites

Secondary Data

College Library

Business Aspect SY BMS

Times Of India Dt 24th January 2011Electronic Banking: The Ultimate Guide to Online BankingWebliography

www.obcindia.co.in

www.rbi.org

www.timesofindia.com

154