I wrote my thesis on a number of proposed guidelines for Internet Banking security in the UK, and I would like to share my paper with you.
Below is the executive summary, and the first chapter is available for download here.
Financial institutions depend on a number of information systems to offer banking services over the Internet. The information held within such systems about customer transactions, and customer account balances are very valuable and the manipulation of such information can lead to banking fraud. Hence they should be just as resistant manipulation as traditional physical information systems.
While the web may provide a great avenue for companies to offer services to a multitude of users simultaneously. However, it exposes clients and businesses alike to a number of threats. Offering services over the Internet mean both legitimate users and cybercriminals alike can access Information systems. Cybercriminals seek out flaws and exploit such flaws to carry out attacks to manipulate users information and con users. Ignoring such threats can lead to identity theft, phishing, malware attacks and banking fraud.
This paper seeks to put the risk of Internet banking in the UK, into sharp focus within the financial institution and users. This paper proposes a number of “guidelines for secure web 2.0 Internet banking” that can minimize the risk of successful attacks on Internet banking systems. Providing protection for financial institutions that offer Internet banking services and the users of these systems.