DR.

RAM MANOHAR LOHIYA NATIONAL LAW

UNIVERSITY LUCKNOW
SESSION 2013-14

Final Draft
Banking Law
Online Banking
Submitted for the project work undertaken in the partial fulfillment of B.A. LL.B. (Hons.) 5
years integrated course of Dr. Ram Manohar Lohiya NLU, Lucknow.

SUBMITTED TO:

SUBMITTED BY:

Mr.Anil Sen

Tushar Sharma

Faculty of Law

Roll No. 141

Dr. RMLNLU, Lucknow

5th Semester

1 | Page

INDEX
1. Introduction
2. Objective of the study
3. Hypothesis
4. The Concept of Online Banking
5. Types of Internet Banking
6. Benefits of Online Banking
7. Disadvantages of Online Banking
8. Internet Banking Frauds
9. Conclusion
10.References

2 | Page

INTRODUCTION
The concept of Online Banking is gaining more and more popularity day by day. With
everything just a click- away, online banking is the most user- friendly banking technique
in todays world. But, like other technological advancements, it also came with certain sideeffects. With the increasing popularity of the internet, more and more industries are seeking
ways to utilize this popular medium in an effort to keep up with the changing technological
preferences of their customers.
These days one can do just about anything online from grocery shopping to making a free
phone call to a friend in Tokyo through your PC. The possibilities of the internet are
seemingly endless and the banking industry has decided that it will not be left behind. While
most people have at least heard of online banking, the majority of them have probably not
tried it yet. Maybe it is because we find more comfort in working with real people and real
paper when it comes to money matters rather than performing transactions in the seemingly
impersonal universe of the World Wide Web.
Further, the risks involved in online banking, such as internet frauds and other disadvantages
of online banking, create a predicament for the customers, and they tend to vilify the worth of
online banking.
Whatever the case may be, there are both advantages and disadvantages to online banking. In
this project I shall endeavour to deal with the issue: Can the benefits of Online Banking
outweigh the risks involved in it?, emphasizing mainly on Internet Banking Frauds.
OBJECTIVE OF THE PROJECT
Now a day individual who are availing banking facilities rely mainly on online baking either
through ATMs, e-transfer etc. But sometimes it affects people in a bad way as some
individual are using fraudulent activities to thug individuals. So the researchers main
emphasis is on how online banking is useful, its advantages, disadvantages and some
suggestions also to improve online banking.
HYPOTHESIS
Although online banking is a boon for the people it still consists some loopholes in it proper
implication.
THE CONCEPT OF ONLINE BANKING
Banking industry the world over is yet another industry that is greatly benefited by the
ongoing Information Technology (IT) revolution. Globalization prompted relaxation of
banking regulations in several countries, promoting a reason for the banks to go global.
Advances in technology have enabled banks to manage larger information flows across more
locations, deliver better services, and manage risks making geographical disparities
3 | Page

irrelevant. These two phenomena have together facilitated global delivery of banking and
financial services at the lowest cost ever. Further, the growth in the international business
activities by multinationals, international trade and electronic commerce have created a
demand for new banking and financial services to be delivered across borders, hence have
paved the way for wide adoption of IT in banks globally.
Internet banking refers to systems that enable bank customers to access accounts and
general information on bank products and services through a personal computer (PC) or other
intelligent device. Internet banking products and services can include wholesale products for
corporate customers as well as retail and fiduciary products for consumers.1
Ultimately, the products and services obtained through Internet banking may mirror products
and services offered through other bank delivery channels.
Some examples of wholesale products and services include:
Cash management.
Wire transfer.
Automated clearinghouse (ACH) transactions.
Bill presentment and payment.
Examples of retail and fiduciary products and services include:
Balance inquiry.
Funds transfer.
Downloading transaction information.
Bill presentment and payment.
Loan applications.
Investment activity.
Other value-added services.2
Thus, the concept of online banking has resulted in a revolution in the banking industry,
where a person can now perform all the banking activities sitting in his bedroom, via his
personal computer, without actually going to a bank.
TYPES OF INTERNET BANKING
Understanding the various types of Internet banking products will help examiners assess the
risks involved. Currently, the following three basic kinds of Internet banking are being
employed in the marketplace:
Informational This is the basic level of Internet banking. Typically, the bank has
marketing information about the banks products and services on a stand-alone server. The
risk is relatively low, as informational systems typically have no path between the server and
the banks internal network. While the risk to a bank is relatively low, the server or Web site
1

Internet Banking, Comptrollers Handbook, (Comptroller of the Currency, Administrator of National Banks,
October, 1999) at 1.
2

Ibid.

4 | Page

may be vulnerable to alteration. Appropriate controls therefore must be in place to prevent

unauthorized alterations to the banks server or Web site.
Communicative This type of Internet banking system allows some interaction between
the banks systems and the customer. The interaction may be limited to electronic mail,
account inquiry, loan applications, or static file updates (name and address changes). Because
these servers may have a path to the banks internal networks, the risk is higher with this
configuration than with informational systems. Appropriate controls need to be in place to
prevent, monitor, and alert management of any unauthorized attempt to access the banks
internal networks and computer systems. Virus controls also become much more critical in
this environment.
Transactional This level of Internet banking allows customers to execute transactions.
Since a path typically exists between the server and the banks or outsourcers internal
network, this is the highest risk architecture and must have the strongest controls. Customer
transactions can include accessing accounts, paying bills, transferring funds, etc.3
BENEFITS OF ONLINE BANKING
Online banking is extremely beneficial for the customers in todays fast and globalised world.
First, online banking is convenient. It allows you to perform transactions, pay bills and check
balances 24 hours a day, 7 days a week. The bank virtually never closes because it is as
accessible as your PC or laptop computer. No matter where you are in the country or in the
world, you can visit your online bank and handle money matters. Your bank will
automatically send the payments on your behalf in the amounts and on the dates you specify.
Second, online banking is fast, efficient and effective. Through the internet, transactions are
typically performed and executed at a faster rate than ATM's. In addition, online banks give
you the ability to handle several bank accounts (checking, savings, CDs, IRAs, etc.) from one
site. The majority of banking sites are also compatible with programs like Quicken and
Microsoft Money, so as to allow for more effective management of assets.
Third, online banking allows you to perform transactions in absolute privacy, while sitting in
your bedroom.

Internet Banking, Comptrollers Handbook, (Comptroller of the Currency, Administrator of National Banks,
October, 1999) at 4.

5 | Page

Fourth, it is extremely beneficial for students as well, as they can perform various banking
activities at any time of the day, without affecting their studies or without forcing them to
bunk their classes in order to abide by the timings of the bank.

DISADVANTAGES OF ONLINE BANKING

Online banking can be a very useful and convenient tool to manage ones money. One can
access his/her account 24/7 from the comfort of his/her own home or workplace, earn a very
competitive return and spot any fraudulent transactions at once. There is no need for queuing
or travelling to his/her bank - the closest branch is just a few clicks away.
However, online banking system is not perfect. It have some flaws in it, because of which
people are not completely accepting it:
Customer service :
Customer service can be a lottery. You might get somebody helpful, friendly and
knowledgeable, or you might not. Even if a bank claims that their customer assistance
department is available 24/7, it doesnt mean that they will answer all your questions at night.
For example, if you want to learn more about the differences between available checking and
savings accounts, you may be asked to call during restricted hours from 9 to 5. It cuts the
advantage of banking whenever you want if you know that you will need help. On the
contrary, brick-and-mortar banks can offer face to face support and advice, which some
people find very useful.4

ATM Access:

The difference between Internet-only banks and brick-and-mortar banks is not only in the
buildings themselves. Your online financial institution may not own nor operate any ATMs,
so you will need to pay a fee to get cash. 5
Technical Difficulties:
4

Internet Banking, Comptrollers Handbook, (Comptroller of the Currency, Administrator of National Banks,
October, 1999) at 7.
5

Ibid.

6 | Page

Another problem with Internet banking appears to be access. Sometimes computers crash or
the Internet connection disappears. Your bank may need to shut down its website for
maintenance from time to time. It typically happens when you need to make an urgent
payment, transfer funds or view up-to-the-minute balance.
If your bank is online only, there wont be any backup branches that you can go to. Perhaps
you can try to handle matters by phone, but that can be rather difficult especially if you do
not have any bill or invoice to refer to.

Online Security:

Online security is the most important problem related to online banking. Cyber fraud has
become more difficult to detect. The information about hacking, electronic break-ins,
phishing scams, and Trojan viruses appear in news stories nearly every day.
Taking into consideration all risks, threats, and vulnerabilities existing in the Internet, 100%
online banking security is just a dream. People who aren't particularly tech savvy have a
tough time trying to protect their sensitive financial information. Security in the physical
world is easier to deal with because you can hide your check book or shield the keypad with
your hand when you are entering your PIN number. 6

Billing History:

Typically, banks keep your statements, bills, checks and other tax-related financial records for
up to two years. It means that your important documents may not be readily available when
you need them most. The IRS can generally audit taxpayers for three years after they
have filed their return. What would happen if the IRS decided to conduct an audit and
you didn't have any bills to refer to?

Complicated interface:

Some online banking systems are really difficult to use. Many customers tell that their banks
website has so many links and functions that they feel overwhelmed. Even if you are an
experienced Internet user, you can also got stuck and need to call to the customer assistance
department.7
6

Ibid.

Ibid.

7 | Page

INTERNET BANKING FRAUDS

Internet Banking Fraud is the most common threat to the online banking users. Internet
Banking Fraud is a fraud or theft committed using online technology to illegally remove
money from a bank account and/or transfer money to an account in a different bank. Internet
Banking Fraud is a form of identity theft and is usually made possible through techniques
such as phishing.
Now internet banking is widely used to check account details, make purchases, pay bills,
transfer funds, print statements etc. Generally, the user identity is the customer identity
number and password is provided to secure transactions. But due to some ignorance or
mistakes one can easily fall into the trap of cyber criminals.
The major types of Internet Frauds are:
PHISHING:
In the field of computer security, phishing is the criminally fraudulent process of attempting
to acquire sensitive information such as usernames, passwords and credit card details by
masquerading as a trustworthy entity in an electronic communication. Communications
purporting to be from popular social web sites, auction sites, online payment processors or IT
administrators are commonly used to lure the unsuspecting public. Phishing is typically
carried out by e-mail or instant messaging,8 and it often directs users to enter details at a fake
website whose look and feel are almost identical to the legitimate one. Even when using
server authentication, it may require tremendous skill to detect that the website is fake.
Phishing is an example of social engineering techniques used to fool users, and exploits the
poor usability of current web security technologies.9

SPAM:

Tan, Koon. "Phishing and Spamming via IM (SPIM)". Internet Storm Center. http://isc.sans.org/diary.php?
storyid=1905. Retrieved December 5, 2006.
9

Josang, Audun et al.. "Security Usability Principles for Vulnerability Analysis and Risk Assessment."
Proceedings of the Annual Computer Security Applications Conference 2007 (ACSAC'07).
http://www.unik.no/people/josang/papers/JAGAM2007-ACSAC.pdf. Retrieved 2007.

8 | Page

Spam is the abuse of electronic messaging to send unsolicited bulk messages

indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is
applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam,
Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone
messaging spam, Internet forum spam, junk fax transmissions, social networking spam, and
file sharing network spam.
Spamming remains economically viable because advertisers have no operating costs beyond
the management of their mailing lists, and it is difficult to hold senders accountable for their
mass mailings. Because the barrier to entry is so low, spammers are numerous, and the
volume of unsolicited mail has become very high. The costs, such as lost productivity and
fraud, are borne by the public and by Internet service providers, which have been forced to
add extra capacity to cope with the deluge. Spamming is widely reviled, and has been the
subject of legislation in many jurisdictions.
NIGERIAN FRAUD:
Nigerian fraud is a confidence trick in which the target is persuaded to advance sums of
money in the hope of realizing a significantly larger gain. This scam usually begins with a
letter or e-mail10 purportedly sent to a selected recipient but actually sent to many, making an
offer that would result in a large payoff for the victim. The details vary, but the usual story is
that a person, often a government or bank employee, knows of a large amount of unclaimed
money or gold which he cannot access directly, usually because he has no right to it. Such
people, who may be real but impersonated people or fictitious characters played by the con
artist, could include the wife or son of a deposed African or Indonesian leader or dictator who
has amassed a stolen fortune, or a bank employee who knows of a terminally ill wealthy
person with no relatives or a wealthy foreigner who deposited money in the bank just before
dying in a plane crash (leaving no will or known next of kin), a US soldier who has stumbled
upon a hidden cache of gold in Iraq, a business being audited by the government, a
disgruntled worker or corrupt government official who has embezzled funds, a refugee, and
similar characters. The money could be in the form. Whilst the vast majority of recipients do
not respond to these e-mails, a very small percentage do, enough to make the fraud
worthwhile as many millions of messages can be sent. Invariably sums of money which are
10

Nigerian Scam". Snopes. 2003-09-06. http://www.snopes.com/crime/fraud/nigeria.asp.

Retrieved 2006-07-09.

9 | Page

substantial, but very much smaller than the promised profits, are said to be required in
advance for bribes, fees, etc.this is the money being stolen from the victim, who thinks he
or she is investing to make a huge profit.
However, many scammers are part of less organized gangs or are operating independently;
such scammers have reduced access to the above connections and thus have little success
with wealthier investors or business entities attempting to research them, but are still
convincing to middle-class individuals and small businesses, and can make hundreds of
thousands of dollars from such victims.
SPYWARES:
Spyware is a type of malware that is installed on computers and that collects information
about users without their knowledge. The presence of spyware is typically hidden from the
user. Typically, spyware is secretly installed on the user's personal computer. Sometimes,
however, spywares such as key-loggers are installed by the owner of a shared, corporate, or
public computer on purpose in order to secretly monitor other users.11
While the term spyware suggests software that secretly monitors the user's computing, the
functions of spyware extend well beyond simple monitoring. Spyware programs can collect
various types of personal information, such as Internet surfing habits and sites that have been
visited, but can also interfere with user control of the computer in other ways, such as
installing additional software and redirecting Web browser activity. Spyware is known to
change computer settings, resulting in slow connection speeds, different home pages, and/or
loss of Internet or functionality of other programs.
Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses,
however, spywareby designexploits infected computers for commercial gain. Typical
tactics include delivery of unsolicited pop-up advertisements, theft of personal information
(including financial information such as credit card numbers), monitoring of Web-browsing
activity for marketing purposes, and routing of HTTP requests to advertising sites.
In one case, spyware has been closely associated with identity theft.12 In August 2005,
researchers from security software firm Sunbelt Software suspected the creators of the
11

http://www.pctools.com/security-news/what-is-spyware/as accessed on October, 19,

2013.
12

Ecker, Clint (2005). Massive spyware-based identity theft ring uncovered. Ars Technica, August 5, 2005.

10 | P a g e

common CoolWebSearch spyware had used it to transmit "chat sessions, user names,
passwords, bank information, etc.",13 however it turned out that "it actually (was) its own
sophisticated criminal little trojan that's independent of CWS."14 This case is currently under
investigation by the FBI.
The Federal Trade Commission estimates that 27.3 million Americans have been victims of
identity theft, and that financial losses from identity theft totalled nearly $48 billion for
businesses and financial institutions and at least $5 billion in out-of-pocket expenses for
individuals.15
All of the aforementioned types of internet frauds generally results in identity theft and
ultimately in the loss of victims money. These are the major risks involved in online banking
and despite of the various benefits of online banking, they create trepidation in the minds of
online banking customers that their money is unsafe.

CONCLUSION & SUGGESTIONS

The concept of online banking is definitely a revolutionary change in the banking industry. It
has changed the traditional picture of a bank from a building of bricks with people sitting and
working in it, to a webpage on our computer screen. It is cheap, fast, effective and
convenient. But, at the same time, risks involved in online banking, such as internet frauds,
which results in a great loss of customers money are becoming more and more frequent.
This has created a predicament for the customers and tends to vilify the worth of online
banking. The customer always fears that his money is unsafe.
The solution to this problem is that both the bank and the customer must take extra care while
performing banking activities online.
Customers must make sure that their online banking password is at least six characters long
and includes both letters and numbers. Avoid using the same password you use for other sites,
and avoid obvious combinations such as your street address or the combination of your first
initial and last name.

13

Eckelberry, Alex. "Massive identity theft ring", SunbeltBLOG, August 4, 2005.

14

Eckelberry, Alex. "Identity Theft? What to do?", SunbeltBLOG, August 8, 2005.

15

FTC Releases Survey of Identity Theft in U.S. 27.3 Million Victims in Past 5 Years, Billions in Losses for
Businesses and Consumers. Federal Trade Commission, September 3, 2003.

11 | P a g e

If you receive an e-mail allegedly from your bank, never click the link in the e-mail message.
Instead, type the URL of your bank right into the browser's Address bar yourself, and forward
the e-mail to a known, legitimate bank e-mail address.
If you believe you've reached your bank's Web site, check the security certificate before you
type in any personal information. In Internet Explorer, select File, Properties and click the
Certificate button. The name on the certificate should match your bank's name. Then select
View, Privacy Report to see more details about the site's privacy policies.
Most banks insist that you use a browser with at least 128-bit encryption. Also, most Trojan
horse viruses are aimed at Internet Explorer. To be extra safe, try using an alternative
browser, such as Mozilla, Mozilla Firefox, Opera, or Netscape.16
Further, digital signatures, firewalls, etc. are also very efficient in this regard.
Online banking is extremely beneficial in todays fast and globalized world and one can enjoy
all its benefits by avoiding risks by just being more careful, while working online.

REFERENCES
1. Internet Banking, Comptrollers Handbook, (Comptroller of the Currency,
Administrator of National Banks, October, 1999) at 1.
2. Tan, Koon. "Phishing and Spamming via IM (SPIM)". Internet Storm Center.
http://isc.sans.org/diary.php?storyid=1905. Retrieved December 5, 2006.
3. Josang, Audun et al.. "Security Usability Principles for Vulnerability Analysis and Risk
Assessment." Proceedings of the Annual Computer Security Applications Conference 2007
(ACSAC'07). http://www.unik.no/people/josang/papers/JAGAM2007-ACSAC.pdf. Retrieved
2007.
4. Nigerian Scam". Snopes. 2003-09-06. http://www.snopes.com/crime/fraud/nigeria.asp.
Retrieved 2006-07-09.
5. http://www.pctools.com/security-news/what-is-spyware/ as accessed on October, 19, 2013.
16

Ibid.

12 | P a g e

6. Ecker, Clint (2005). Massive spyware-based identity theft ring uncovered. Ars Technica,
August 5, 2005.
7. Eckelberry, Alex. "Massive identity theft ring", SunbeltBLOG, August 4, 2005.
8. Eckelberry, Alex. "Identity Theft? What to do?", SunbeltBLOG, August 8, 2005.
9. FTC Releases Survey of Identity Theft in U.S. 27.3 Million Victims in Past 5 Years,
Billions in Losses for Businesses and Consumers. Federal Trade Commission, September 3,
2003.

13 | P a g e