TYPES OF INTERNET BANKING OR E-BANKING
Understanding the various types of Internet banking will help examiners assess the risks involved. Currently, the following three basic kinds of Internet banking are being employed in the marketplace.
Informational
This is the basic level of Internet banking. Typically, the bank has marketing information about the bank’s products and services on a stand-alone server. The risk is relatively low, as informational systems typically have no path between the server and the bank’s internal network. This level of Internet banking can be provided by the banks or outsourced. While the risk to a bank is relatively low, the server or web site may be vulnerable to alteration. Appropriate controls therefore must be in place to prevent unauthorized alterations to the bank’s server or web site.
Communicative
This type of Internet banking systems is the interaction between the bank’s system and the customer. The interaction may be limited to electronic mail, account enquiry, loan applications, or static file updates (name and address change). Because these servers may have a path to the bank’s internal networks, the risk is higher with this configuration than with informational systems. Appropriate controls need to be in the place to prevent, monitor, and alert management of any unauthorized attempt to access the bank’s internal networks and computer systems. Virus controls also become much more critical in this environment.
Transactional
This level of Internet banking allows customers to execute transactions. Since a path typically exists between the server and the bank or outsourcer’s internal network, this is the highest risk architecture and must have the strongest controls. Customer transactions can include accessing accounts, paying bills, transferring funds etc.
77 Comments