Wednesday, April 20, 2011

RBI Acknowledges Risks Of E-Banking In India

Reserve Bank of India (RBI) has been playing a pro active role for securing Internet banking and online banking transactions. Recently, RBI showed its intention to boost ATM security in India. In the past, concerns have been raised from time to time for preventing online banking frauds in India by RBI.

There are many problems from which the online banking or Internet banking in India is suffering. The most important pertains to maintaining effective cyber security for banking and financial sectors of India. Similarly, there are no effective Internet banking laws in India or online banking laws in India. In the absence of stringent laws in this regard, online banking risks in India are increasing. However, of all the shortcomings, nothing can match the absence of encryption laws and standards in India. In the absence of proper encryption norms in India, e-banking in India is really insecure.

RBI has realised this fact and it has cautioned banks that e-banking must be used by them with proper security and safeguards. “The use of e-banking has brought many concerns from different stakeholders. Everybody’s primary concern is security. As more and more people are exposed to the information superhighway, privacy of information and the security that goes hand and hand with this information is crucial to the growth of electronic transactions,’’ said R Gandhi, executive director , Reserve Bank of India.

Gandhi said in order to provide effective and secure banking transactions, there are four technology issues that need to be resolved. “The key areas are the security, privacy and authentication,” he said. By strengthening the privacy technology, this will ensure the secrecy of sender’s personal information and enhance the system’s security. “Also encryption may help make the transactions more secure, but there is also a need to guarantee that no one alters the data at either end of the transaction,” Gandhi said.

Recently, G Gopalakrishna, the executive director of RBI, said that all Banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the Board Level at the earliest, informs Praveen Dalal, managing partner of New Delhi based ICT law firm Perry4Law and leading techno legal specialist of India. This step was taken to ensure proper Cyber Security Policies and Strategies at the highest Board Level of Banks, says Dalal.

Although, RBI has been taking many far reaching and important steps yet e-banking in India still very risky. Of late, cases of phishing and banking frauds have increased tremendously in India. Further, cyber due diligence of banks in India is still a far dream. Even the directions of RBI to appoint CIOs and steering committees on information security have not yet been implemented. The end result is that banking customers are still losing their hard earned money to cyber criminals. Hopefully, RBI would take some urgent steps in these directions as soon as possible, says Praveen Dalal.