Faith Murugi Kariuki SECURITY FEATURES IN WESTERN BANK.

1
Faith Murugi KariukiSECURITY FEATURES IN
WESTERN BANK.
2

• Western Bank is a small , family owned bank with
  6 branches spread all over the country. It has
  decided to move onto the Internet with a website
  that permits customers to access their accounts
  and pay bills.
• Design the Key Security Hardware and Software the
  Bank should use.

3
Internet security is in 3 ways

• 1. At Customer Computer
• To conduct online banking from your personal
  computer customer must have a browser that
  supports 128-bit encryption.

4
If you have Internet Explorer

• I.E. lists the security in its Help menu, under
  "About Internet Explorer". Next to the section
  marked "Cipher Strength" it will say 128-bit if
  you have the 128-bit secure browser.

5
If you have Netscape or Apple.

• Netscape Navigator for Windows lists its security
  level in its Help menu, under "About Netscape".
• In the Mac version, it is listed under the Apple
  icon.

6
2. Internet

• Banking transactions are encrypted for protection
  from unauthorized access, tampering. Done by
  banking servers. Data encryption is the process
  by which data is scrambled while being
  transmitted through the Internet.

7
2. Bank's Website

• Protect unauthorized users attempting to access
  the Banks website.
• Include physical security of the Banks computer
  hardware, software firewalls to prevent
  unauthorized electronic access to the Banks
  website, and the monitoring of logon attempts for
  unauthorized access attempts.

8
Security Features 4 Categories

• Authentication of e-banking customersEnsure
  legitimate access customers who access e-banking
  services and reduce the risk of identity theft by
  using authentication mechanisms,eg PINs,
  passwords, smart cards,digital certificates.
• Encryption online buyers credit card encryption,
  password encryption for e-banking customers
• Auditing Keeps a record of operations.

9
NOTE

• Software-based protection are easily obtained at
  lower costs than hardware-based protection.
• Consequently, software-based protection is more
  widely used. But, software-based protection has
  many potential hazards.

10
IMPLEMENTING SOFTWARE FEATURES
11
1.Use of Passwords

• Implement Passwords for customer identification
  username,passwords, (PIN), Transaction
  Authorization Number (TAN) to Access Banking
  Services.
• "Phishing" scheme Fraudulent e-mails, trick
  recipients into disclosing their EBanking details
  eg passwords, PIN codes on fake Internet sites.
  The e-mails and Internet sites pretend to
  represent serious businesspeople

12
2.Encryption

• To protect transaction/banking details during
  delivery/ transmission.Upon receipt,info is
  decoded using an encryption key.
• RemoteScope encrypts all data transmissions,
  password and username information, and some
  application files.
• SSL (secure socket layer)
• provides the data encryption
• provides authentication to the Banks web server
• determines the level of security between your
  browser and the Banks Internet Banking web
  server

13
3.Install Antivirus

• Viruses eg Trojan Horse are malicious programs
  which may run a password sniffing program in the
  background to capture Online Customers password
  keystrokes without their knowledge. Being
  constantly online may increase your risk exposure
  for your computer.

14

• The Bank should issue internet banking customers
  with anti-virus software, as part of attempts to
  reduce online identity theft. The bank can signed
  a deal with an anti-virus firm to provide
  software to the banks Internet banking
  customers.

15
4.Firewalls

• NB Firewalls can be either hardware or software.
  
• The ideal firewall configuration consist of both.

16
Software Firewall eg Symantec Enterprise Firewall

• Protect the Banks N/w from outside intrusion by
  preventing malicious programs from infiltrating
  the system
• It inspects network traffic passing through it,
  and permits or ignores information coming from an
  unsecured, unknown or suspicious locations.
  Account info,Passwords,Credit card numbers can be
  available to Hackers
• Software firewalls offer additional security
  functions such as intrusion detection systems, ad
  blockers and private information protection

17
Educate customers of fraudulent activity on the
Internet -Install Sofware firewalls/Antivirus

• Customer IP address is visible as soon as they
  log on to the internet identifying their PC .
  Hacker can easily hack into your PC. This means
  that e-banking becomes a security risk because
  you have no protection functions on customer
  side. Although the bank does all it can to make
  e-banking secure, it's very important that users
  also protect their own computers.
• Using internet without a firewall or anti-virus
  protection is a security risk.

18

• A software firewall will protect your computer
  from outside attempts to control or gain access
  your computer
• It could also provide protection against the most
  common Trojan programs or e-mail worms. 
• Software firewalls may incorporate privacy
  controls, web filtering
• The downside to software firewalls is that they
  will only protect the computer they are installed
  on, not a network, so each computer will need to
  have a software firewall installed on it.

19
5.Digital certificate

• Digital Certificate provides a means of proving
  your identity in electronic transactions E.g a
  passport/DL. You can present a Digital
  Certificate electronically to prove your
  identity/right to access information/services
  online.
• Issued by a Certification Authority (CA) .

20
6.Electronic Digital Signatures

• Is a digital code that can be attached to an
  electronically transmitted message that uniquely
  identifies the sender.
• Serves as a guarantor of data origin, integrity,
  and nonrepudiation. When a customer digitally
  signs an online purchase order, the
  merchandiserthrough the document's digital
  signaturecan identify the customer who
  originated the order, verify that no one tampered
  with the contents of the order in transit, and
  has proof that a particular customer made a
  specific order.

21
7.Secure Electronic Transaction (SET)

• Is a software system global standard for Secure
  Card payments on the Internet, defined by
  International Companies eg Visa MasterCard.
• Ensures security of transactions which involves
  scrambling of the information between you and the
  Bank
• SET adopts RSA public key encryption to ensure
  message confidentiality. The system uses a unique
  public/private key pair to create the digital
  signature.
• SET ensures privacy of data in transit and
  Provides authenticity which both the sender and
  the receiver are the ones they claim to be.

22
8.Intrusion Detection Systems (IDS).

• Software/hardware that detects and logs
  inappropriate, incorrect, or anomalous activity.
• Designed to catch what might have gotten past the
  firewall.
• Free intrusion detection (IDS) and prevention
  (IPS) software to help you identify and respond
  to malicious or suspicious network activity on
  your network and stop any hackers, viruses,
  trojans or other malware from spreading e.g of
  IDS is SNORT

23
HARDWARE FEATURES
24
Hardware Firewalls eg Cisco PIX

• Hardware firewalls can be purchased as a
  stand-alone product but more recently hardware
  firewalls are typically found in broadband
  routers,
• Hardware firewalls and software firewalls offer
  the same level of protection. The only difference
  is that hardware firewalls has no installation
  procedure. One other advantage is NAT (Network
  Address Translation) this function makes the IP
  address of your PC invisible on the internet

25
Cryptographic Server

• Hardware Security Modules are widely used to
  ensure high-speed cryptographic processing
  services and secure key storage within a
  tamper-resistant platform.
• Key areas of application and deployment
• Advanced Security and Digital Signatures for VISA
  3-D Secure and MasterCard's SPA online payment
  systems.

26
IDS Hardware

• Software/hardware that detects and logs
  inappropriate, incorrect, or anomalous activity.
• Designed to catch what might have gotten past the
  firewall.
• Free intrusion detection (IDS) and prevention
  (IPS) software to help you identify and respond
  to malicious or suspicious network activity on
  your network and stop any hackers, viruses,
  trojans or other malware from spreading e.g of
  IDS is SNORT