Transcript Electronic Banking

Electronic Banking

The rapid development of
electronic technology has
a profound effect on the
financial sector, especially
in the provision of retail
and wholesale financial
services. Electronic
banking services are
offered by banks to
personal and business
customers.
Automated Teller Machine (ATM)

An automated teller machine is a data
terminal connected to a host computer
through a private network and the host
computer is connected to a bank’s computer.
It offers round-the-clock banking services
including enquiry of account balances,
deposit and withdrawal of cash, transfer of
funds between accounts, etc.
Automated Teller Machine (ATM)

Like any other data terminal, the ATM
connects to, and communicates through, a
host processor. The host processor is
analogous to an Internet service provider in
that it is the gateway through which all the
various ATM networks become available to
the debit-card holders.
Automated Teller Machine (ATM)
Automated Teller Machine (ATM)

Most host processors can support either
leased-line or dial-up machines. Leased-line
machines connect directly to the host
processor through a four-wire, point-to-point,
dedicated telephone line. Dial-up ATMs
connect to the host processor through a
normal phone line using a modem and a tollfree number, or through an Internet service
provider using a local access number via a
modem.
Automated Teller Machine (ATM)

Leased-line ATMs are preferred for very highvolume locations because of their throughput
capability, and dial-up ATMs are preferred for
retail merchant locations where cost is a
greater factor than throughput. The initial cost
for a dial-up machine is less than half that for
a leased-line machine. The monthly operating
costs for dial-up are only a fraction of the
costs for leased line.
Automated Teller Machine (ATM)

The host processor may be
owned by a bank or financial
institution, or it may be
owned by an independent
service provider. Bankowned processors normally
support only bank-owned
machines, whereas the
independent processors
support merchant-owned
machines.
Electronic Fund Transfer (EFT)

Electronic funds transfer enables an individual to
access the payment system by means of a debit
card. In Hong Kong, the electronic funds transfer at
point of sale service is offered by means of the EPS.
Easy Pay System (EPS) is operated by the
Electronic Payment Services Company (Hong Kong)
Limited which is a consortium of banks in Hong
Kong, including the major note-issuing banks. They
issue EPS debit cards to consumers which allows
consumers to deduct purchases from their bank
accounts at most retail stores in Hong Kong.
Telephone Banking

Telephone banking is developed from computer
telephone integration. It is very popular nowadays
and is based on either human interaction or
automated voice recognition systems. It is also
possible to automatically present the operator with a
customer’s information before the telephone is
answered. A lot of banking services can be done
through telephone banking which include enquiry of
account balances, interest rates, exchange rates,
transfer of funds between accounts, request for
cheque books, change of maturity instructions for
time deposit, etc.
Cash Management Services

Cash management services is global
electronic banking which provides timely and
accurate portfolio information. Through the
highly secured system, corporate customers
have access to the end-of-day balance
position, including ledger balance, available
balance, credit facilities, funds held and
clearing items. Balances can be examined
and reported in different ways : by account,
by bank, by currency and by location.
Cash Management Services

The customers can also reconcile and
monitor their accounts by instant screen
access to the credit and debit transaction
details as far as 30 days. Funds can be
transferred to third parties or moved between
accounts. Payment and transfer can be
made individually or in bulk, and repetitive
instructions can be stored within the system
and called back as required.
Electronic Data Interchange (EDI)
Services

EDI enables all paper-based
trade documentations to be
sent, received and
acknowledged by all parties
electronically, including
purchase orders,
documentary credits and
shipping documents. This
helps importers and
exporters to reduce errors,
save time and resources.
Electronic Data Interchange (EDI)
Services
Electronic Money

The shift from paper
currency to electronic cash
creates the potential for
private money to compete
with bank notes. Electronic
payments system reduces
transaction costs and helps
retailers to expand markets.
Smart Card

Smart card is a plastic card embedded with a
micro-chip which stores money in digital form.
It looks and feels like a credit card but acts
like a computer. It can be used to verify a
user’s identity to log on to a computer
network, enable a doctor to scan a patient’s
medical records, and, in theory, replace many
of the ever-growing assortment of
identification, travel, credit, and access cards.
Smart Card

A smart card is programmable, so
applications and data can be downloaded
onto it for an infinite number of uses. It has
storage and processing capability, so it can
add or subtract value. The capability to act as
a computer also brings security features not
found in ordinary credit cards. And, unlike
credit cards with their magnetic stripes, smart
cards have a built-in processor that allows
data can be written onto it with an infinite
number of times.
Smart Card

In the banking industry, smart card technology is
applied to the multi-purpose stored value card. It
can replace cash and cheques for low value
purchases and customers no longer need to wait for
the changes. Moreover, the value transfer between
two chips enables users to complete the transaction
faster than credit card and EPS payment. Smart
card helps merchants to reduce their costs for
handling cash and changes, and increase the
efficiency by faster queues.
Smart Card

There have been four
smart cards issued in
Hong Kong. The first
one is Compass Visa
launched in 1995 by
Hutchison Whampoa and
OTB Card Co. Ltd. This
is not a stored value card
but offers a cash rebate
from 30 merchants
including Park’N Shop,
Watson’s, etc.
Smart Card


The second one is VisaCash launched in
1996 by Bank of China, Standard Chartered
Bank and Visa International. Visacash stores
HK$200 and consumers can use it in some
fast food shops, convenient stores and car
parks.
The third one is Mondex which was launched
in 1996 but was withdrawn in 2001 by the
HSBC Group. It was a reloadable stored
value card with an initial cash value of
HK$3,000.
Smart Card

The last one is Octupus. This smart card can be
used across six transport operators which have
joined together in a joint venture called Creative Star
Limited. The joint venture includes the MTR
Corporation, the Kowloon-Canton Railway
Corporation (KCRC) – light and heavy rail, the
Kowloon Motor Bus Co. (1933) Ltd (KMB), Citybus
Ltd and Hongkong & Yaumati Ferry. This
contactless smart card system was launched in
1997 and up to 2001 over four million octopus cards
have been issued. The system is able to handle up
to 10 million transactions daily across all modes of
public transport.
Smart Card

Octopus has not only gained momentum
among the passenger transportation industry
but is also expanding into other retail
channels such as fast food outlets and
automatic vending machines. The popularity
of this e-payment system is due to the
convenience to consumers and the low cost
to the merchants. The merchants are
charged a commission of 0.5% of the
transaction value.
Virtual Banking

Virtual banking means banking conducted
through the internet. There are three stages of
development. In the first stage, the world-wide
web and email enables customers to access to
information of banking services. Browsing the
websites of banks is like reading a packet of
brochures. Application forms for banking services
can be download. In the second stage, the epayment service involves online payment of bills
with a credit card. Then in the third stage, echeque and e-cash have been developed to make
full use of the internet for commercial purposes.
Virtual Banking

Most banks in Hong Kong have launched
websites on the internet to provide information of
their banking services. Chekiang First Bank was
the first local bank to open a website for online
transactions in 1998. The following banking
services are provided by the Chekiang First Web
Banking Service :
Virtual Banking






Bank information
Account transfer between customers’ registered
accounts
Hong Kong dollar account transfer to third party
account with the bank
Enquiry of account statement and balances
Buying and selling foreign currencies during office
hours
Time deposit instructions. Customers can place new
time deposit or change maturity instructions of time
deposit during office hours.
Virtual Banking






Enquiry of mortgage repayment calculation
Enquiry of outstanding items like inward and outward
bills, letters of credit, trust receipts, etc.
Enquiry of local or foreign currency deposit interest
rates
Enquiry of foreign exchange rates
Requesting cheque books
Changing password
Virtual Banking

Meanwhile most of the above banking services
are provided by other banks through telephone
banking. The internet banking services offered
by the Wing Lung Bank in 1999 added new
features like property valuations and
management tools for portfolio monitoring.
Shortcomings of virtual banking

In the case of Internet banking, the fact that
financial transactions can be conducted through
the cyber space without any human interactions
changes the nature of the business risks
involved. A major concern over the internet is its
open nature. Financial transactions transported
on closed networks can ensure a degree of
security. Virtual banking, however, is conducted
through open networks. The risk of being
intruded during the course of a banking
transaction is thus significantly increased.
Shortcomings of virtual banking
The intrusions related to virtual banking can be
sorted into three categories:
 Application-based intrusion. E.g. attacks on
encrypted networks
 Host-based intrusion. E.g. unauthorized use
of Trojan horses
 Network-based intrusion. E.g. denial-ofservice attacks
Shortcomings of virtual banking
Few weeks ago, there was a worldwide example of the
denial-of-service attack. On Saturday, 25 January
2003, a computer worm W32/SQLSlammer.worm was
discovered to appear on the Internet. This worm
affected Microsoft SQL Server 2000 series by
generating a huge amount of network traffics and
spread them amongst SQL servers through the
Internet (known as denial-of-service attack). Once the
worm got control on the target computer, it loaded
WS2_32.DLL and started to continually send itself to
port 1434/udp of randomly selected IP targets in an
infinite loop. This propagation strategy consumed a
lot of network bandwidth and eventually caused
immediate crashes of SQL servers all over the world.
Shortcomings of virtual banking
This incident also affected the daily operations of
the worldwide banking industry. In America and
Europe, because of the crashes of network
servers, almost all Internet banking and ATM
services were down for half a day on that
Saturday. In South Korea, half of the normal daily
transactions of national stock trading were unable
to complete causing a loss of around HK$6.7
million. In Hong Kong, certain academic
institutions including HKU, HKUST and City U
found their computer network traffics were
jammed for the whole day.
Solutions to Virtual Banking Problems
Security measures have been developed by the new
technologies like Secure Sockets Layer (SSL) and
Secure Electronic Transaction (SET). They enable
all information sent between a customer computer
and a bank server to be encrypted by the sending
software and decrypted by the receiving software,
thus providing a high degree of confidentiality to
protect both the bank and the customers. The
authentication of the customer’s identity can also be
done through a combination of user password and
digital certificates. Detailed descriptions of these
new technologies are as follows:
SSL
Developed by Netscape, SSL is the de facto standard
protocol used to provide a secure network
communication channel. It is another layer in the
network protocol stack that rides on top of the TCP/IP
stack. It provides secure encrypted communications,
authentication of the server, and data integrity of the
message. Because SSL resides on top of the TCP/IP
layers, it can potentially secure the communications
of any number of application-level protocols that
communicate over the Internet. SSL secures the
channel by providing end-to-end encryption of the
data that is sent between a Web client and a Web
server. Although a sniffer might be able to steal the
data in transmission, the encryption will effectively
scramble the data so that it cannot be intelligently
interpreted.
SET
Secure Electronic Transaction makes use of “hash”
algorithms to prove the integrity of computer data or
messages. “Hash” algorithm is also called messagedigest algorithm. It can take any computer data as
inputs and generate a fixed-length number as outputs.
The output is the same size, regardless of the size of
the input data. If a bank wants to prove to the client
that its computer message was not altered during
transmission, it can take a “hash” of the message
before sending it to the intended recipient. When the
bank sends the message, it includes the output of the
hash function. When the recipient receives the
message, she can compute a hash of the message
and compare it to the hash received with the
message. If they match, it means that the message
was not altered during transmission.
Digital Certificates
A digital certificate is the electronic equivalent of
an identification card, such as a HKID care or
a driver’s license. It is a digitally signed
statement from a trusted third party that
verifies the identity and public-key of an
individual or computer. A digital certificate can
be obtained either from a public Certificate
Authority (e.g. HK Post) or from a private
authority running its own certificate server. It
can be used to strongly authenticate a user to
a system and to encrypt email messages and
other types of communications.
Conclusions
Technology can improve the services that banks
offer to their customers. Information can be
produced accurately and quickly to enables
banks to cut costs. But bankers have to make
their decisions as to whether they should
follow every new idea in technological
advances.
Conclusions
Information can be extremely powerful. Through the
information systems, banks have perfect knowledge
of the financial dealings of almost every economically
active person and organization in the society. They
could identify spending patterns, predict spending
requirements and savings requirements. Besides the
provision of banking services to customers,
technology developments should also enable banks
to establish their operational networks with their
business associates and the regulatory authorities.
Clearing functions, reporting systems and even
trading can all be handled electronically. The Hong
Kong Monetary Authority has started to obtain reports
from banks through electronic channels since
1996/97.