Академический Документы
Профессиональный Документы
Культура Документы
|TheJournalofInternetBankingandCommerce
(hp://www.icommercecentral.com/)
TheJournalofInternetBankingandCommerce
Searchhere..
ISSN:12045357
JournalFlyer
(hp://rroij.com/admin/yerpdfs/thejournalofinternetbankingandcommerce
yerpdf.gif)
ShareThisPage
2
IndexedIn
(hp://www.elsevier.com/onlinetools/scopus)
EBankingSecurityIssues?IsThereASolutioninBiometrics?
AmtulFama*
Scholar,JawaharlalUniversityofTechnologicalstudies,A.P.,India
Corresponding Author: Amtul Fama, Scholar, Jawaharlal University of Technological studies, A.P., India,
Tallakunta,Chandrayanguaxroad,Hyderabad500005,A.P.,
India,Email:brackishsea@gmail.com
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 1/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
Visit for more related arcles at The Journal of Internet Banking and Commerce
(hp://www.icommercecentral.com/)
Abstract
TheprovidersofInternetbankingservicesmustbemoreresponsivetowardssecurityrequirements.Whilethere
is no doubt that Internet banking transacon should have layered protecon against security threats, the
providers should approach security consideraons as part of their service oerings. Biometric based
authencaon and idencaon systems are the new soluons to address the issues of security and privacy.
UsingbiometricsforidencaonrestrictindividualsfromaccesstophysicalspacesandelectronicservicesAn
eecve authencaon method should have customer acceptance, reliable performance, scalability to
accommodate growth, and interoperability with exisng systems and future plans. In this study, the security
threats in Internet banking, its soluons in biometrics and its acceptance in the consumer market are studied
usingdescripveandexploratoryresearch.Themethodsofdescripveresearchareusedtoobtaininformaon
concerningthemajorsecurityissuesineBanking.Theresearchhadbeencompletedonthebasisofsecondary
data(onlinedatabases,sciencjournals,surveys,news).
KEYWORDS
Biometrics,ebanking,electronicbanking,esecurity,securetransacons,securitythreats,Identythes
INTRODUCTION
Bankingorganisaonshavebeendeliveringservicestoconsumersandbusinessesremotelyforyears.Electronic
funds transfer, including small payments and corporate cash management systems, as well as publicly
accessible machines for currency withdrawal and retail account management are global xtures. However,
deliveringnancialservicesoverpublicnetworkssuchastheInternetisbringingaboutafundamentalshiin
the nancial services industry.[1] According to Heikki et al. (2002), the transformaon from the tradional
bankingtowardsebankinghasbeenaleapchange.Theincreaseininformaonaccessterminalsalongwith
the growing use of informaon sensive applicaons such as ecommerce, elearning, ebanking and e
healthcare have generated a real requirement of reliable, easy to use, and generally acceptable control
methodsforcondenalandvitalinformaon.Ontheotherhand,thenecessityforprivacymustbebalanced
withsecurityrequirements for the advantage of the general public. Payment systems are undergoing radical
changessrredlargelybytechnicaladvancementsuchasdistributednetworktechnology,realmeprocessing
and online consumers inclinaon to use ebanking interfaces making the study of biometrics even more
importantinthisnewEWorld.[2]FinancialinstuonsoeringInternetbasedproducts andservicestotheir
customers should use eecve methods to authencate the identy of customers using those products and
services.[3] An accurate automac personal idencaon is crical to a wide range of applicaon domains.
Tradionalpersonalidencaonmethods(e.g.,passwords,PIN)suerfromanumberofdrawbacksandare
unabletosasfythesecurityrequirementofourhighlyinterconnectedinformaonsociety.Biometricsrefers
toautomacidencaonofanindividualbasedonherphysiologicalorbehavioraltraits.Whilebiometricsis
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 2/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
notanidencaonpanacea,itisbeginningtoprovideverypowerfultoolsfortheproblemsrequiringposive
idencaon.[4]
eBANKINGTHEPRESENTSCENARIO:
In August of 1995, Cibank had problems with outsiders breaking into their system. A $10 million computer
fraudagainstCibankwastherstsuccessfulpenetraonbyahackerintothesystemwhichtransferredtrillions
ofdollarsadayaroundtheworld.Ofthe$10milliondollarsillegallytransferred,$400,000werenotfound.[5]
InAugust2000,BrishpolicehavearrestedthreemeninconneconwithanaempttodefraudtheInternet
bank Egg. The bank was reportedly the target of an eort to obtain money via fraudulent accounts but no
moneywasstolenandEggstressed that none of its computer systems had been breached. According to the
BBC,fraudstershadaemptedtoobtainthousandsofpounds(GBP)viamulplesavingsaccountsandloans.
Thethreemenareallegedlypartofanorganisedcrimesyndicate.[7]
In April 2010, a re alarm company in Arkansas lost more than $110,000 this monthwhenhackersstolethe
rms online banking credenals and drained its payroll account. Over the course of the previous few days,
someonehadapprovedtwobatchesofpayrollpaymentsonefor$45,000andanotherfor$67,000.Afew
dayslater,MelanieEakel,chiefexecuveofJESystemsInc.,wasinformedbythebankthatitwasthe[Internet]
addressthatwasusedtoprocessthepayments,andtheonlinebankingusernameandpassword.[6]
In such a situaon, informaon security is essenal to a nancial instuons ability to deliver ebanking
services,protectthecondenalityandintegrityofcustomerinformaon,andensurethataccountabilityexists
for changes to the informaon and the processing and communicaons systems. A major challenge for e
Bankingthatrequiresinnovaveapproachesstemsfromtheneedtoannihilatetheeectsofrapidlygrowing
cybercrime. Recent stascs show that the internet usage has gone up dramacally since last decade with
Asiaspenetraonitselfbeing21.5%and37.9%populaonofpenetraonfortherestoftheworld[8].Further
stascs report that 35.9% of nancial sector is the target of Phishing frauds [9]. According to Javelin 2010
identythereport,thenumberofidentythevicmsandtheamountoffraudincreasedby12and12.5%
respecvely,thehighestrateeverissuedbythecompany.
OrganizaonssuchasbankswithdedicatedInternetconneconsfacegreaterriskofsomeonefromtheInternet
gainingunauthorizedaccesstotheircomputerornetworkthanthosewhousedialupmodem.However,the
electronic banking system users sll face the security risks with unauthorized access into their banking
accounts. Therefore, it is extremely important to build in nonrepudiability which means that the identy of
boththesenderandthereceivercanbeaestedtobyatrustedthirdpartywhoholdstheidentycercates.
[5]
LEGALAUTHORITIESREGULATINGEBANKING:
Most legal regulaons regarding the protecon of consumer interests by ensuring the security of eBanking
plaormsareconsidering:
Ensuringthesecurityandcondenalityofcustomerinformaon;
Proteconagainstanyancipatedthreatsorhazardstothesecurityorintegrityofsuchinformaon;
Proteconagainstunauthorizedaccesstooruseofsuchinformaonthatcouldresultinsubstanalharmsor
inconveniencetoanycustomer.
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 3/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
Dierentformalsetoflawsthatregulateecommerceandebankingareenactedindierentcountrieswiththe
common aim of protecng cyber crimes. Few of them are Electronic Commerce Act (Ireland), Electronic
TransaconsAct(UK,USA,Australia,NewZealand,Singapore),ElectronicTransaconsOrdinance(HongKong,
Pakistan), Informaon Technology Act (India), Informaon Communicaon Technology Act Dra (Bangladesh)
[11].InRomania,speciclegislaonhasbeencreatedbythedevelopmentofLawno.455/2001onElectronic
Signatures, Regulaons of Naonal Bank of Romania no. 4 / 2002 concerning transacons by electronic
payment instruments and the relaonship between parcipants in these transacons and the Law no.
365/2002 on electronic commerce[10]. The Reserve Bank of India, like peers in Malaysia, Indonesia, the
Philippines, and other countries around the world, has created rules for emoney issued by nonbanks to
addressaprevious regulatory vacuum [12]. The Informaon Technology Bill, 1999 and Electronic Commerce
Bill,1999inIndiaareintendedtobegeneralpurposelegislaoncoveringmainlyissueslikesecureelectronic
records and signatures, acceptance of digital signatures, dues of cercaon authority, liability of network
serviceproviders,computercrimeanddataprotecon.Boththebillsdealwithelectroniccontractsandthey
are being promoted by the Government of India primarily to facilitate introducon of Electronic Data
Interchangeinthecommercialsector[13].Abriefexaminaonofdataprivacyandbanksecrecyregulaonsin
developingcountriesrevealsapatchworkofrulesissuedbyavarietyofagencieswithoverlappingjurisdicon
and oversight (Lyman, Pickens, and Porteous 2008). As an example of dierences among countries, bank
secrecyrulesdonotexplicitlyapplytoagentsinIndia,whereastheydoinBrazil,Peru,Colombia,andMexico.
(InIndia,however,providersareliablefortheactsofomissionandcommissionoftheiragentsinallrespects,
including bank secrecy.) While Peru and India have data privacy regulaon, Brazil has none. [12] In India,
EnactmentoftheITAct2000andIT(Amendment)Act2008,AnMoneyLaunderingAct2002,establishmentof
Adjudicaon Ocers and Cyber Appellate Tribunal, Financial Intelligence unit India, have facilitated in
providingrequisitelegalframeworktocarryoutthetransaconintheinternetmedia.InanutshelltheActhas
provided the requisite legal recognion to the electronic records for the purpose of conducng ecommerce
acvies.Severaloensesconcernedwithcybermediahavebeenidenedandrequisitepenalesintheform
of imprisonment and/or with ne have been formulated to curb the cyber crime. The IT Act 2000, u/s 3(2)
provides for a parcular technology (viz., the asymmetric crypto system and hash funcon) as a means of
authencang electronic record. The IT (Amendment) Act 2008 has made a menon of electronic
authencaontechnique,thedetailsofwhichhoweverarenotmenonedintheSchedule II of the Act. The
digitalsignaturetechnologyidenedintheActneedstobecompablewiththetechnologyadoptedbythe
banks.
ReserveBankofIndiavideitsguidelinesdatedJune14,2001,hasmadeitmandatoryforthebankstoadopt
digitalsignatureasauthencaontool/techniqueforthepurposeofauthencaonandnonrepudiaon.
SECURITYTHREATSINEBANKING:
Since Electronic Banking is a new technology that has many capabilies and also many potenal problems,
users are hesitant to use the system. The number of malicious applicaons targeng online banking
transaconshasincreaseddramacallyinrecentyears.
The disclosure of important informaon that should remain condenal, by unauthorized persons or that
exceed their authority can cause signicant losses for nancial instuons. Alteraon of informaon by
entering,modifyingoroverwringdataintothesystemwithoutauthorizaonorbyexceedingonesauthorityis
atypeofaackthatcouldpotenallyharmgreatlythebanksandtheircustomers.[10]
Acommonmistakemadebyendusersisbelievingthattheironlinebankingsessionisperfectlysafewhenthey
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 4/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
use an SSL connecon. Security experts connually state that everything is safe if there is a yellow padlock
symbolinthebrowserwindow.ButSSLisdesignedasasecuretunnelfromtheendusercomputertothebank
mainframeanddoesnotprotecttheendpointssuchastheenduserscomputer.[14]Theaackerinstallsa
Trojan,suchaskeyloggerprogram,onauserscomputer.Thishappenswhenusersvisitedcertainwebsitesand
downloadedprograms.Astheyaredoingthis,keyloggerprogramisalsoinstalledontheircomputerwithout
theirknowledge.Whenuserslogintotheirbankswebsite,theinformaonkeyedinduringthatsessionwillbe
capturedandsenttotheaacker[15].Minordisruponsonthepartofthirdpartyserviceproviderscanexpose
banking organisaons to potenal nancial loss and substanal legal and reputaon risk. Complexity is also
added by mulple vendor/service provider relaonships that oen support ebanking operaons. Major
securitybreachesinabankoranonbankcompetorswebsitecouldundermineoverallconsumerormarket
condenceinbanksabilitytoappropriatelymanageInternetbasedtransacons.[1]
ManInTheMiddleaackisthetypeofaackwhereaackersintrudeintoanexisngconnecontointercept
the exchanged data and inject false informaon. It involves eavesdropping on a connecon, intruding into a
connecon, intercepng messages, and selecvely modifying data. Phishing aacks use email or malicious
websites to solicit personal informaon by posing as a trustworthy organizaon. Pharming is a type of fraud
thatinvolvesdiverngtheclientInternetconnecontoacounterfeitwebsite,sothatevenwhenheentersthe
correctaddressintohisbrowser,heendsupontheforgedsite.Pharmingcanbeconductedeitherbychanging
thehostsleonavicmscomputerorbyexploitaonofavulnerabilityinDNSserversoware.Inrecentyears
bothpharmingandphishinghavebeenusedforonlineidentytheinformaon.Themostprevalentthreats
includeviruses,Worms,TrojanHorses,drivebydownloads,spoongaacks.[10]Aswasrstreportedearlyin
March on Internet Banking Wire, for instance, a "server worm" known as the SQLSlammer Worm aacked
Microso's SQL Server 2000 and Desktop Engine 2000 soware, slowing online trac and even temporarily
cungocashatsomeATMsatBankofAmericaandCanadianImperialBankofCommerce.
Thewormcausedsomuchcongesononthebank'sinternalnetworkthat"whenanATMwenttocommunicate
or dispense cash," it was unable to do so, explained a Bank of America spokesperson. Security vendor
Symantec,Cuperno,Calif.,tracksacvityontheinternetaspartofitsoeringsandissuesaSecurityResponse
Reportregularly.Theynotedthatinrecentmonths"Klez,""Bugbear,"and"OPAserve"constuted80%ofthe
maliciouscodegatheredfrommonitoringsystemsdeployedatclientlocaons.[16]Aneecveauthencaon
programshouldbeimplementedtoensurethatcontrolsandauthencaontoolsareappropriateforallofthe
nancial instuons Internetbased products and services. Authencaon processes should be designed to
maximizeinteroperabilityandshouldbeconsistentwiththenancialinstuonsoverallstrategyforInternet
bankingandelectroniccommercecustomerservices.Thelevelofauthencaonusedbyanancialinstuon
inaparcularapplicaonshouldbeappropriatetothelevelofriskinthatapplicaon.[3]
Securitythreatscanaectanancialinstuonthroughnumerousvulnerabilies.Nosinglecontrolorsecurity
devicecanadequatelyprotectasystemconnectedtoapublicnetwork.Manyproblemsconcerningthesecurity
oftransaconsaretheresultofunprotecteddatabeingsentbetweenclientsandservers.EBankingplaorms
oer several methods to ensure a high level of security: (a) idencaon and authencaon, (b) encrypon,
and(3)rewallsmechanism.TheidencaonofanonlinebanktakestheformofaknownInternetaddressor
UniformResourceLocator(URL),whilethecustomerisidenedbyhisloginIDandpasswordtoensureonly
authorizeduserscanaccesstheiraccounts.Ontheotherhand,messagesbetweencustomersandonlinebanks
are all encrypted so that another person cannot view the contents of messages. The common encrypon
standardadoptedbymostbrowsersiscalledSecureSocketLayer(SSL).Firewallisasetofdevicesconguredto
permit,deny,encryptordecryptallcomputertracbetweendierentsecuritydomainsbaseduponasetof
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 5/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
rules. A mullayered security architecture comprising rewalls, ltering routers, encrypon and digital
cercaon can ensure that customer account informaon is protected from unauthorized access. [10] At
minimum, a twofactor authencaon should be implemented in order to verify the authencity of the
informaonpertainingtoInternetbankingservices.Therstauthencaonfactorcanbetheuseofpasswords
and the second authencaon factor can be the use of tokens such as a smartcard. However, for a beer
security,athreefactorauthencaonprocessshouldbeconsidered.Thethirdauthencaonfactoristheuse
ofbiometric.Thisascertainswhooneis,biologically.[15]
BIOMETRICSINEBANKING:
Electroniccommerceandelectronicbankingaretwoofthemostimportantandemergingapplicaonareasof
biometrics due to the rapid progress in electronic transacons. Currently, there are several large biometric
securityprojectsintheseareasunderdevelopment,includingcreditcardsecurity(MasterCard)andsmartcard
security (IBM and American Express). Informaon system/computer network security such as user
authencaon and access to databases via remote login is another important potenal applicaon area for
biometrics.[4]
Sincetradionalpaperbasedandinpersonidentyauthencaonmethodsreducethespeedandeciencyof
electronictransacons,thereareavarietyofalternavetechnologiesandmethodologiesnancialinstuons
can use to authencate customers. These methods include the use of customer passwords, personal
idencaonnumbers(PINs),digitalcercatesusingapublickeyinfrastructure(PKI),physicaldevicessuchas
smart cards, oneme passwords (OTPs), USB plugins or other types of tokens, transacon prole scripts,
biometricidencaon,andothers.[3]
Biometrics can be dened as a measurable physiological and behavioural characterisc that can be captured
andsubsequentlycomparedwithanotherinstanceatthemeofvericaon.[19]
Verifying the idenes of customers and authorizing ebanking acvies are integral parts of ebanking
nancialservices.Avericaonsystemauthencatesaperson'sidentybycomparingthecapturedbiometric
characterisc with her own biometric template(s) prestored in the system. In a vericaon (authencaon)
system,anindividualdesiredtobeidenedsubmitsaclaimtoanidentytothesystemusuallyviaamagnec
stripe card, login name, smart card, etc:, and the system either rejects or accepts the submied claim of
identy. [4] Biometric technologies idenfy or authencate the identy of a living person on the basis of a
physiologicalorphysicalcharacterisc.Physiologicalcharacteriscsincludengerprints,irisconguraon,and
facial structure. Physical characteriscs include, for example, the rate and ow of movements, such as the
paern of data entry on a computer keyboard. Moskovitch et al. (2009) propose the use of behavioral
biometrics, i.e., keystroke and mouse dynamics to authencate to devices and websites (Moskovitch et al.,
2009).Abasicbiometricauthencaonsystemconsistsofvemaincomponents(Aniletal.,2008).Theseare:
sensor,featureextractor,ngerprint/templatedatabase,andmatcheranddecisionmodule.[17]
Thegeneralpurposeofallbiometrictechnologiesistocaptureandstoreinformaonatanenrollmentstageto
compareatalatervericaonstage.Theprocessofintroducingpeopleintoabiometricsbasedsystemiscalled
enrollment. In enrollment, samples of data are taken from one or more physiological or physical
characteriscs; the samples are converted into a mathemacal model, or template; and the template is
registered into a database on which a soware applicaon can perform analysis. Once enrolled, customers
interact with the livescan process of the biometrics technology. The live scan is used to idenfy and
authencatethecustomer.Theresultsofalivescan,suchasangerprint,arecomparedwiththeregistered
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 6/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
templatesstoredinthesystem.Ifthereisamatch,thecustomerisauthencatedandgrantedaccess.[3]
Basicallytherearetwofactorsinmeasuringtheaccuracyofanecientbiometricsystem:
1. False reject rate (FRR): FRR is the rate, usually in percentage at which a true authenc person is rejected
duringtheprocessofauthencaonasunidenedorunveriedbyabiometricsystem.
2.Falseacceptrate(FAR):FARistheoppositeofFRR.FARisalsomeasuredinpercentage.Thisistherateat
whichanunenrolledoranimposterpersonisacceptedasatrueauthencbyabiometricsystem.[17]
An important issue in designing a praccal biometric system is to determine how an individual should be
idened. Depending on the applicaon context, a biometric system may be either a vericaon
(authencaon) system or an idencaon system [5]. The me required by a biometric system to make an
idencaondecisioniscricaltomanyapplicaons.Foratypicalaccesscontrolapplicaon,thesystemneeds
tomakeanauthencaondecisioninrealme.InanATMapplicaon,forinstance,itisdesirabletoaccomplish
theauthencaonwithinaboutonesecond.[4]
BENEFITSOFBIOMETRICS:
BiometrictechnologyisoneareathatnosegmentoftheITindustrycanaordto ignore. Biometrics provide
securitybenetsacrossthespectrum,from ITvendorsto end users, and from security system developers to
security system users. All these industry sectors must evaluate the costs and benets of implemenng such
security measures. Dierent technologies may be appropriate for dierent applicaons, depending on
perceiveduserproles,theneedtointerfacewithothersystemsordatabases,environmentalcondions,anda
hostofotherapplicaonspecicparameters.Itsbenetscanbesummarizedinthefollowingpoints:
Greatersecuritybiometricslinkapersontoanacon.
Convenienceclientshavenoidencaonnumberorpasswordtoremember.
Localvericaonclientsholdtheiridentyinformaon(e.g.,onaSmartCard),sothereisnoneedtoverify
identyviaacentralrepositoryorserver.
Vericaonisswianddoesnotrequiresta.
Useridentyisstoredsafelyandistamperfree.
Thegoalofanyaccesscontrolsystemistoletauthorizedpeopleintospecicplaces.
Onlywiththeuseofabiometricdevicecanthisgoalbeachieved.Acardbasedaccesssystemcancontrolthe
accessofauthorizedpiecesofplasc,butnotwhoisinpossessionofthecard.SystemsusingPINs(personal
idencaon numbers) require that an individual only know a specic number to gain entry. Who actually
entersthecodecannotbedetermined.Biometricdevicesverifywhoapersonisbywhattheyare,whetheritbe
theirhand,eye,ngerprintorvoice.
Biometricsalsocaneliminatetheneedforcards.Whiledramacpricereduconshaveloweredtheinialcost
ofthecardsinrecentyears,thetruebenetofeliminangthemisrealizedthroughareducedadministrave
eort.Alostcardmustbereplacedandreissuedbysomeone.Thereisacostassociatedwiththemespentto
completethetask.Eyesandhandsareseldomlost,stolenorforgoen.Theyalsodontwearoutandneedto
bereplaced.
CONCLUSION:
FinancialinstuonsoeringInternetbasedproductsandservicesshouldhavereliableandsecuremethodsto
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 7/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
authencatetheircustomers.Thelevelofauthencaonusedbythenancialinstuonshouldbeappropriate
totherisksassociatedwiththoseproductsandservices.
REFERENCES
1.ElectronicBankingRiskManagementIssuesforBankSupervisors;ElectronicBankingGroupWhite Paper;
Oct2000(hp://www.bis.org/publ/bcbs76.pdf)
2.Sharma, K.; Singh, AJ, Biometric Security in the E World. Applied Cryptography for Cyber Security and
Defense:InformaonEncryponandCyphering.Nema,2010;pp289337.
4.JainA, Hong L, Pankan S; Biometrics: Promising froners for emerging idencaon market; Feb 2000.
(hp://citeseerx.ist.psu.edu/viewdoc/summary?doi=?doi=10.1.1.10.5497)
5.Yang Y.J.; The Security of Electronic Banking. Proc. Nat. I Internaonal Systems Security Conference.
NaonalComputerSecurityCenter.1997;pp.4152.
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 8/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
7.Arrests made over Internet banking fraud; Internet Business News, Aug 2000;
(hp://www.allbusiness.com/nance/6151651.html)
8.InternetWorldStatsUsageandPopulaonStascs.(hp://www.internetworldstats.com/stats3.html)
9.APWG;Retrievedfromhp://www.anphishing.org/(AccessedonDec2010)
10.Vrancianu M.; Popa LA; Consideraons Regarding the Security and Protecon of EBanking Services
ConsumersInterests;TheAmteatruEconomicJournal.Jun2010;12(28):pp388403
11.JamilZU;CyberlawtowardsanewphilosophyofRegulaon;Retrievedfromhp://jamilandjamil.com/wp
content/uploads/2010/11/cyberlaw_supreme_court_v10edit.pdf (hp://jamilandjamil.com/wp
content/uploads/2010/11/cyberlaw_supreme_court_v10edit.pdf)(accessedonDec2010)
12.Dias D, McKee K; Protecng Branchless Banking Consumers: Policy Objecves and Regulatory Opons;
CGAP Focus Notes; Sep 2010 Retrieved from hp://www.cgap.org/gm/document
1.9.47443/FN_64_Rev.pdf (hp://www.cgap.org/gm/document1.9.47443/FN_64_Rev.pdf) Accessed on
Dec2010
14.Candid Weest; Threats to Online Banking; White Paper: Symantec SecurityResponse; Retrieved
fromhp://www.symantec.com/avcenter/reference/threats.to.online.banking.pdf(Accessed on Dec
2010)JIBCAugust2011,Vol.16,No.29
15.Zin ANM, Yunos Z; How To Make Online Banking Secure; The Star InTech;April 2005. Retrieved from
hp://www.crimeresearch (hp://www.crimeresearch)org/analycs/online_banking/ (accessed on Jan
2011)
16.BielskiL.;StrivingtoCreateaSafeHavenOnline:IDThe,Worms,Bugs,andVirtualEavesdroppingBanks
CopewithEscalangThreat;ABABankingJournal,May2003;95
17.KhanB.;KhanMK.;AlghathbarKS,Biometricsandidentymanagementforhomelandsecurityapplicaons
inSaudiArabia;AfricanJournalofBusinessManagement,Nov2010,Vol.4(15):pp.32963306.
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 9/10
4/5/2016 EBankingSecurityIssues?IsThereASolutioninBiometrics?|TheJournalofInternetBankingandCommerce
19.RathaNK,ChikkerurS,ConnellJH,BolleRM;GenerangCancelableFingerprintTemplates,IEEETransacon
onPaern,AnalysisandMachineIntelligence,Apr2007;29(4),pp.561572.
20.LiuS.;SilvermanM.;Apraccalguidetobiometricsecuritytechnology,ITProfessional,Jan/Feb2001;3(1),
pp2732
21.Spence B.; Biometrics In Physical Access Control Issues, Status and Trends;Retrieved
fromhp://www.edsales.com.au/pdfs/biom_PhysicalAccess%20Control.pdf(AccessedonJan2010)
22.AlterS.;Theworksystemmethodforunderstandinginformaonsystemsandinformaonsystemresearch
CommunicaonsoftheAssociaonforInformaonSystems(Volume9,2002)90104
http://www.icommercecentral.com/openaccess/ebankingsecurityissuesisthereasolutioninbiometrics.php?aid=38240 10/10