COMPARATIVE ANALYSIS OF SECURITY FEATURES FOR INTERNET BANKING IN MALAYSIA NUR SYAZWANI BT ABD LATIF 2021178703
Introduction Internet banking Services (IBS) is essential for both customers and bank. IBS is beneficial for banks in terms of cost-effectiveness, efficiency, improve reputation, reach a wide range of populations, provide unlimited distribution networks which improve the competitive advantages to banks, and offer excellent banking experience.
Problem Statement Every bank have their own security features that make user feel safer and more confident while carrying out online transactions. However, up to the author knowledge in Malaysia there is no study that compares which bank for internet banking is more secure in terms of security features. Since, user do not know which bank offer more secure security features for internet banking, user’s personal information or financial information can be invade. User also should be given information about the security features that the bank offers before register for internet banking.
The goal of this research is to compare security features for internet banking so, the result can be used as a guidelines to the user before using internet banking. Project Aims
To investigate the current security features in five internet banking in Malaysia which are Maybank2u, BIMB, CIMB Clicks, myBSN and Public Bank Berhad. To analyse the internet banking with the best security features based on AAA computer security concept. Project Objectives
Project Scope Target user : people that use internet banking. Internet Banking Services : Maybank, Bank Islam, Cimb, Bank Simpanan Nasional and Public Bank Berhad. Security Features : Antivirus protection, data encryption, firewalls, proxies, internet address screening program, system security monitors, compatibility “best” with the popular internet browser (based on the bank’s information provided), provides password security tips, general online security guidelines, hotline/helpdesk service availability, frequent ask question, secure socket layer encryption, extended validation SSL, username or user ID, password, private image, private word, session time out, parallel login, logon failure limitations, SMS authentication, biometric authentication, one time password (OTP), transaction authorisation code (TAC), i-Access code (IAC), authentication code and two factor authentication.
Project Methodology Choose 5 Banks Start End List down 5 security features for each banks Navigate to the bank website Create a table comparing the 27 security features of 5 internet banking services Analyze the 27 security features Repeat the process for the remaining banks Flowchart of the project.
Results and Analysis Result Test 1 : Compare security features between five internet banking.
(Cont..)
(Cont..)
One of the concepts of AAA Computer Security, which is authentication, has been achieved as the five selected internet banking services in Malaysia have implemented a two-factor authentication to improve security for users and increase usage rates. Two-factor authentication can include user-selected security measures such as a private image and a private word to provide an additional layer of protection for internet banking transactions. Users in Malaysia ' s internet banking services are required to provide login credentials, which is one implementation of the two-factor authentication security standard. Discussion about the security features. Two Factor Authentication
The second concepts of AAA Computer Security, which is authorisation, has been achieved as the transaction authorisation code (TAC) is a common security feature in Malaysia internet banking and was present on all five selected internet banking. When a user initiates a transaction, a TAC is generated and sent to their registered mobile phone number or email address. To ensure that only authorised transactions are processed, the TAC must be entered by the user in order for the transaction to be finalised. Transaction Authorisation Code (TAC)
(Cont..)
The third concept of AAA Computer Security, which is accounting, has been achieved as there is no such thing as a parallel login for any of the chosen internet banking services. Because of this, unauthorised access to user accounts can be prevented in the event that a user ' s device is lost or stolen; in such a scenario, the user simply needs to log out of all of their other active sessions. Parallel Login
All selected internet banking services in Malaysia use SSL certificates with extended validation (EV). Upgrading to EV SSL provides better protection for users ' privacy than standard SSL certificates. Users can check if a Malaysia internet banking service uses EV SSL by looking for the secure padlock icon and ensuring that the URL starts with "https." This encryption helps keep sensitive information safe from third parties. To protect sensitive information like passwords and credit card numbers, it' s important to verify that you are using a secure and legitimate website. Users can check the website ' s SSL certificate by clicking the padlock icon and reviewing its details, ensuring that it' s issued by a reputable Certificate Authority and contains the organization ' s name. Encryption and Digital Certificate
Conclusion To conclude, objectives one and two has been achieved. All the security features for the five selected internet banking services in Malaysia has met the AAA computer security concepts. Besides that, all five of the selected internet banking services in Malaysia have implemented a combination of technical and non-technical measures to ensure the safety and security of their users ' personal and financial information.
Recommendation for Future Research The recommendation for future research is to establish connections with security experts and internet banking services. The purpose of these connections is to obtain accurate and up-to-date information on the security features offered by different services to improve the project. Future research could compare internet banking security features in Malaysia with those offered in other countries. The comparison could use international security standards and best practices as a benchmark.
THANK YOU