Security and privacy of electronic banking by

SECURITY AND PRIVACY OF ELECTRONIC BANKING 
By: 
Zachary B. Omariba 

PhD. Candidate, Masinde Muliro University of Science and Technology 
Nelson B. Masese 

PhD. Candidate, Masinde Muliro University of Science and Technology
& 
Dr. G. Wanyembi 
Senior Lecturer, 
Masinde Muliro University of Science and Technology 
 
Abstract: 
The internet has played a key role in changing how we interact with other people and how we do 
business today. As a result of the internet, electronic commerce has emerged, allowing business 
to more effectively interact with their customers and other corporations inside and outside their 
industries. One industry that is using this new communication channel to reach its customers is 
the banking industry. The e-banking system addresses several emerging trends: customer’s 
demand for anytime, anywhere service, product time-to-market imperatives and increasingly 
complex back-office integration challenges. The challenges that oppose electronic banking are 
concerns of security and privacy of information. This paper will first discuss the drivers of e-
banking; secondly, it will talk about the concerns about e-banking from various perspectives. 
Thirdly, the security and privacy issues will also be discussed, and fourthly the attacks of e-
banking with their solutions are discussed. 
Keywords: 
Internet, e-commerce, e-banking, security, privacy, and attacks. 
Introduction 
The information superhighway has found its way into many homes, schools, businesses, and 
institutions. Many people are cruising the internet each day to obtain information on the weather, 
latest sport scores, job offers, local news, and may other exciting information. These people also 
buy and sell goods on this media. Consequently many businesses are reaching out to customers 
worldwide using the internet as its communication channel. This new electronic media of 
interaction has grown to be known as electronic commerce (E-commerce). E-commerce 
integrates communications, data management, and security services, to allow business 
IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 
ISSN (Online): 1694-0814 
www.IJCSI.org
432
Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved.

applications within different organizations to automatically interchange information. Also e-
commerce is comprised of interconnected communications networks; advanced computer 
hardware and software tools and services; established business transaction, data exchange, and 
interoperability standards; accepted security and privacy provisions; and suitable managerial and 
cultural practices. This infrastructure facilitates diverse and distributed companies nationwide to 
rapidly, flexibly, and securely exchange information to drive their business processes.
The banking industries are one such business that is using this new communication media to 
offer its customers value added service and convenience. This system of interaction between the 
consumers and the banking industries is called the electronic banking system. FinCen (2000) 
states that “E-banking is an umbrella term for the process by which customer may perform 
banking transactions electronically without visiting a brick-and-mortar institution”. E-banking is 
the use of electronic means to deliver banking services, mainly through the internet. The term is 
also used to refer to ATMs, telephone banking, use of plastic money, mobile phone banking, and 
electronic funds transfers. 
E-banking is the use of a computer to retrieve and process banking data (statements, transactions 
details, etc) and to initiate transactions (payments, transfers, requests for services, etc) directly 
with a bank or other financial services provider remotely via telecommunications network. 
Electronic banking system addresses several emerging trends: customer demand for anytime, 
anywhere service, product-to-market imperatives and increasingly complex back-office 
integration challenges. This system allows consumers to access their banking accounts, review 
most recent transactions, request a current statement, view current product information, and re-
order checks. Some of the banks that are currently offering this service in Kenya are Standard 
Chartered Bank, Kenya Commercial Bank, Barclays Bank of Kenya, Equity bank, Consolidated 
Bank of Kenya, Commercial bank of Africa, Cooperative bank of Kenya, National Bank, Family 
Bank, among others.
The e-banking system can be seen as an extension of existing banks. These banks are catering to 
a very large population of internet users. Heidi Goff, Senior Vice President for Global Point of 
Interaction of MasterCard estimated that there will be more than 100 million users by the year 
2000. This projection was right as the number of internet users rose to 361 million people 
globally, which was a 5.8% of world population in the year 2000. According to the internet 
world statistics, internet users stood at 2,267 million which is actually 32.7% of the world 
population in December 2011. Many other estimates conclude similar results, which lead to the 
indication that the internet will play a major role in everyone’s life and promote the electronic 
banking industry.
The current focus of security of information transfer is on the session layer protocols and the 
flaws in end-to-end computing. A secure end-to-end transaction requires a secure protocol to 
communicate over un trusted channels and a trusted code at both endpoints. The solution 
addresses the use of secure protocols because trusted channels don’t really exist in most of the 
IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 
ISSN (Online): 1694-0814 
www.IJCSI.org
433
Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved.

environment especially since we are dealing with linking to the consumers. The solutions of the 
security issues require the use of software- based systems or hardware-based systems or a hybrid 
of the two. These software-based solutions involve the use of encryption algorithms, private and 
public keys, and digital signatures and pretty good privacy. Hardware-based solutions such as the 
Smartcard and the MeChip provide better protection for the confidentiality of personal 
information. Software-based solutions have advantage over hardware-based solutions in that they 
are easy to distribute and are generally less expensive.