From Wikipedia, the free encyclopedia

This article needs additional citations for verification. Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (November 2007)

Electronic commerce

Online goods and services Streaming media Electronic books Software

Retail product sales Online shopping Online used car shopping Online pharmacy

Retail services Online banking Online food ordering Online flower delivery Online DVD rental

Marketplace services Online trading community Online auction business model Online wallet Online advertising Price comparison service

E-procurement

This box: view • talk • edit

Online banking (or Internet banking) allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society.

Contents 1 History 2 Features 3 Security 4 Fraud 5 See also 6 References

One of the world's first home online banking services^[1] was set up by the Nottingham Building Society (NBS) in 1983 (History of the Nottingham. Retrieved on 2007-12-14.). The system used was based on the UK's Prestel system and used a computer, such as the BBC Micro, or keyboard (Tandata Td1400) connected to the telephone system and television set. The system (known as 'Homelink') allowed on-line viewing of statements, bank transfers and bill payments. In order to make bank transfers and bill payments, a written instruction giving details of the intended recipient had to be sent to the NBS who set the details up on the Homelink system. Typical recipients were gas, electricity and telephone companies and accounts with other banks. Details of payments to be made were input into the NBS system by the account holder via Prestel. A cheque was then sent by NBS to the payee and an advice giving details of the payment was sent to the account holder. BACS was used later to transfer the payment directly. The Bank of Scotland introduced the system in 1985.

The Presidential Savings Bank notes that it was America's first Internet online bank with a service starting on October 6, 1995.^[2]

Online banking solutions have many features and capabilities in common, but traditionally also have some that are application specific.

The common features fall broadly into several categories

• Transactional (e.g., performing a financial transaction such as an account to account transfer, paying a bill, wire transfer... and applications... apply for a loan, new account, etc.)
  • Electronic bill presentment and payment - EBPP
  • Funds transfer between a customer's own checking and savings accounts, or to another customer's account
  • Investment purchase or sale
  • Loan applications and transactions, such as repayments

• Non-transactional (e.g., online statements, check links, cobrowsing, chat)
  • Bank statements
• Financial Institution Administration - features allowing the financial institution to manage the online experience of their end users
• ASP/Hosting Administration - features allowing the hosting company to administer the solution across financial institutions

Features commonly unique to business banking include

• Support of multiple users having varying levels of authority
• Transaction approval process
• Wire transfer

Features commonly unique to Internet banking include

• Personal financial management support, such as importing data into a personal finance program such as Quicken, Microsoft Money or TurboTax. Some online banking platforms support account aggregation to allow the customers to monitor all of their accounts in one place whether they are with their main bank or with other institutions.

Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications in some countries. Online banking user interfaces are secure sites (generally employing the https protocol) and traffic of all information - including the password - is encrypted, making it next to impossible for a third party to obtain or modify information after it is sent. However, encryption alone does not rule out the possibility of hackers gaining access to vulnerable home PCs and intercepting the password as it is typed in (keystroke logging). There is also the danger of password cracking and physical theft of passwords written down by careless users.

Many online banking services therefore impose a second layer of security. Strategies vary, but a common method is the use of transaction numbers, or TANs, which are essentially single use passwords. Another strategy is the use of two passwords, only random parts of which are entered at the start of every online banking session. This is however slightly less secure than the TAN alternative and more inconvenient for the user. A third option is providing customers with security token devices capable of generating single use passwords unique to the customer's token (this is called two-factor authentication or 2FA). Another option is using digital certificates, which digitally sign or authenticate the transactions, by linking them to the physical device (e.g. computer, mobile phone, etc). Other banks have responded not with security tokens or digital certificates, but by setting up a combination of controls that recognize a customer's computer, ask additional challenge questions for risky behavior, and monitor for fraudulent behavior.

In 2001 the FFIEC issued guidance for multifactor authentication (MFA) and then required to be in place by the end of 2006. ^[3]

Main article: Internet fraud

Some customers avoid online banking as they perceive it as being too vulnerable to fraud^{[attribution needed]}. The security measures employed by most banks can never be completely safe, but in practice the number of fraud victims due to online banking is very small. This is probably due to the fact that a relatively small number of people use Internet banking compared with the total number of banking customers world wide. Indeed, conventional banking practices may be more prone to abuse by fraudsters than online banking^{[attribution needed]}. Credit card fraud, signature forgery and identity theft are far more widespread "offline" crimes than malicious hacking. Bank transactions are generally traceable and criminal penalties for bank fraud are high. Online banking becomes less secure if users are careless, gullible or computer illiterate. An increasingly popular criminal practice to gain access to a user's finances is phishing, whereby the user is in some way persuaded to hand over their password(s) to a fraudster.

• Current account.
• Enhanced Telephone.
• Guide to E-payments.
• Mobile banking.
• Online lenders.
• On-line and off-line.
• Smile Bank.
• Telephone banking.

1. ^ A transaction document DL34/01/84 used by the Nottingham Building Society has a printed footnote: 'HOMELINK - The world's first electronic Building Society Service operated from the customer's home - is available through Nottingham Building Society in association with British Telecom and the Bank of Scotland. Homelink is a Trade Mark of Nottingham Building Society'
2. ^ http://www.presidential.com/pk_marketspace.htm
3. ^ http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/occ-bul_2005-35.pdf