Tuesday, May 5, 2020
Information Security in e-Banking Analysis of Potential Threat and So
Question: Describe about the Information Security in e-Banking? Answer: Introduction Internet banking has been receiving growing popularity across the globe. E-banking permits its customers to undertake financial transaction on a website governed by the bank and it can be accessed from anywhere, anytime. Convenience of the e-banking is the principal factor for its popularity (Hole, Moen and Tjostheim, 2006). Despite of several advantages, online banking transactions have been encountering significant security threats. Increasing number of malicious applications and security attack has been a major concern for the banking organizations as well as users (Cook, 2002). In recent past, several cases of internet banking fraud have been reported across the globe. Hence, sound and secured information technology environment is the major concern for all banking organizations. However, it must be noted that the responsibility of secure online banking transactions is not only on the banks but also the users (Dhillon and Backhouse, 2000). Online banking is consisted of series of processes where the customers logs into the website of the bank and undertakes different transactions (Twum and Ahenkora, 2012). It has been identified that the information security in online banking has been a major issue due to various reasons such as flaws in banking websites, errors in policy, lack of security measures and lack of awareness among the customers (Kasemsan and Hunngam, 2011). Information security in the internet banking context is highly concerned regarding the protecting the integrity, confidentiality and availability of the information with the aid of technical solution as well as managerial actions (Hole, Moen and Tjostheim, 2006). This paper will focus on identification of the major threats and propose effective solutions in order to combat with the security threats. Research Aims and Objectives Research aims and objectives help in indicating the principal purpose of the study. Moreover, the aims and objectives of a research help in denoting the desired result of the study (Adams, 2007). The major research aims and objectives of the study are given below: To understand and analyze the existing e-banking security policies and techniques. To identify the potential threats regarding information security in e-banking. To protect the integrity, availability and confidentiality of the information in internet banking. Research Questions Research questions are drafted for discussing the principal concerns of the research paper or solving the main problem. Answering the research questions, the study can proceed further towards the right direction and ultimately it will reach firm conclusion. The research questions for this study are presented below: What are the information security policy and techniques adopted by the banking institutions? What are the potential information security threats in internet banking? How the banks as well as users can combat with the potential information security threats for protecting the information? Research Hypothesis H (0): There is no appropriate information security system in internet banking for protecting integrity and confidentiality of the information. H (1): There is an appropriate information security system in internet banking for protecting integrity and confidentiality of the information. Research Methodology Research methodology is the significant part of the study which provides an insight to different elements of the research study. The research methodology can be described as a comprehensive approach that helps in designing the pathways for the researcher that ensures successful achievement of the research goals (Adams, 2007). Hence, it can be stated that the research methodology plays a crucial role in the success of the research study. It is very important for the researcher to be careful in determining the research methodology of that particular study. Research methodology includes every step undertaken by the researcher during the study. Research design, research approach, methods of data collection, data analysis procedure etc are discussed in the research methodology (Bryman, 2004). The research methodology adopted for analyzing the potential security threats and solution in the e-banking industry will be discussed in this section. Research Onion Research studies are designed for answering a question of addressing a specific issue. Research onion is a metaphor that is used for illustrating how the different elements of the study will be considered in relation to other components for addressing the particular research topic. Research onion was conceptualized by Saunders et al. (2007), for describing different stages through which the researcher need to pass in order to formulate an effective strategy for conducting the study. Each stage of the research study has significant importance and crucial to the success of the study. It is evident that each layer of the research onion has a specific implication. Hence, the major responsibility of the researcher is to start the exploration from the outer most layers of the research onion and therefore going through the each layer for reaching a firm conclusion. The research onion provides significant assistance for identification of the most suitable pathway in order to undertake the re search study (Saunders, Lewis and Thornhill, 2007). Research onion significantly contributes in structuring different activities and developing strategies for undertaking the study in right direction. Research Philosophy The outer most layer of the research onion is associated with the set of beliefs concerning the nature of the environment in which the study has been carried out (Dooley, 2001). Adoption of the research philosophy provides the justification for how the research study will be carried out. As research philosophy is the outer most layer of the research onion, the other layers are significantly reliant upon the chosen research philosophy. There are two common research philosophies: positivism and constructism (Bryman, 2004). The major objective of this research study is to recognize the major security threats in context of e-banking. Additionally, it is important to find out solution for combating with those identified threats so that the information remains secured. In this study, adoption of positivism philosophy will be significantly helpful in satisfying the objective of the exploratory study. This study will focus on emphasizing the information that has been derived by using differe nt analytical tools and critical thinking along with the information collected from the reliable sources (Saunders, Lewis and Thornhill, 2007). Hence, it can be stated that positivism philosophy will be suitable for this research study. Research Approach Research approach is considered to be the second layer of the research onion. Research approach determines the method of conducting the study or deciding different activities that need to be conducted for reaching firm conclusion. Generally researchers adopt inductive or deductive approach for conducting research study. Inductive research approach is applied in case of researches where the researcher moves from specific to general. It is used in case of qualitative researchers where theoretical frameworks do not exist (Silverman, 2005). In case of inductive approach the researcher develops a new theory on the basis of observation. Deductive approach focuses on development of hypothesis on the basis of an existing theoretical framework. Therefore, it engages in formulating an approach for testing it (Kothari, 2004). Deductive approach is suitable in case of positivist approach where hypothesis is formulated and statistical tools are used for analyzing the data. In this research paper, the researcher will focus on identification of the potential threats and solution for protecting the security of information in internet banking. Hypothesis has been developed in this paper on the basis of past research studies. Hence, it can be stated that adoption of deductive research approach will be appropriate for this paper. Research Design Research design is the third layer of the research onion and it is associated with the pathway of the research study. Research design makes a contribution through providing a specific direction to the study. The research design assists in establishment of a framework in order to undertake the study. It is evident that the specific direction or pathway determined by the research design has a significant correlation with the objective of the study. Generally, researchers adopt a research design among three research designs: exploratory, descriptive and explanatory. Descriptive design has been found to be effective for this study for providing support to relate the research objectives (Silverman, 2005). The descriptive research study significantly helps in analyzing the findings and it will assist in answering the research questions. Ultimately, it will help the researcher in drawing a firm conclusion which will help in fulfilling the requirement of the study (Singh, 2007). Hence, descr iptive research design will be effective for identification of the potential security threats in e-banking. Moreover, it will also help in providing appropriate solution in order to combat with the security threats. Data Collection Method Data collection is considered to be one of the important activities of research study. It has been observed that the results of the study are extensively reliant on the gathered information (May, 2011). The analysis will be conducted on the basis of the gathered data. In this section, the methodology for collecting data will be discussed. There are two types of data that will be used in this study: primary and secondary. Primary Data Collection Primary data refers to the information that are exclusively collected for that particular study through different methods primary data can be collected through conducting survey or interview (Dooley, 2001). In this study, primary data will be gathered by conducting interview. IT managers of the banking organizations will be approached and they will be interviewed (May, 2011). Before conducting the interview, the researcher needs to develop an open ended questionnaire that will help in gaining information security in internet banking. Secondary Data Collection Secondary data refers to the information, theoretical framework, findings of past research studies etc. In this paper, secondary data can be collected from wide range of books, academic journals, trusted websites, research papers etc (Gillham, 2000). All secondary information has been sourced from the authentic and reliable resources. The sources of secondary information have been properly referenced at the end of the paper (Kothari, 2004). Data Analysis After collecting the relevant data, data analysis must be undertaken for deriving information that will help in reaching the final conclusion. Both qualitative as well as quantitative data analysis technique can be adopted by the researchers. In this study, the researcher must adopt qualitative as well as quantitative data analysis method. It means, mixed research method will be adopted for analyzing data (Fielding, 2010). Ethical Consideration In this research study, wide range of data is collected from different sources. Ethical issues are associated with data collection and utilization of those data. First of all, the personal information of the interviewee must be kept confidential. Moreover, the information will be only used for academic purpose. These aspects must be considered at the time of research study. Gantt chart Gantt chart provides an insight regarding the probable time taken for conducting each step of the research study (Dooley, 2001). Principal Activities Week 1 Week 2 Week 3 Week 4 Week 5 Week 6 Week 7 Research topic selection scope analysis Identification of the sources for secondary data Literature Review Description of Research Methodology Preparation of survey questions Collection of primary data Data analysis Comparison of findings Conclusion and recommendation Final submission Expected Outcome or Importance This paper has focused on analyzing the information security system in internet banking. Growing concern regarding the security issues in online banking has been identified across the globe. This study will help in identification of the major security threats of the information system in e-banking. The expected outcome relating to the potential security threats is briefly discussed. The potential security threats can be categorized into two types. First of all internal security threats are associated with the internal activities of the banking organizations (Kasemsan and Hunngam, 2011). As the internet banking transaction is significantly reliant on the software programs and information technology mechanisms, errors in the system can lead to major issue in the online transaction. Moreover, human errors must be considered as a major threat. Wrong entry of data relating to a transaction is considered to be a major issue which affects the security of the account (Smith, 2006). Sometimes , the fraudulent activities of the internal employees are found to be responsible for the security risk (Lei and Wang, 2014). Often the internal employees misuse the personal information; access code and password of the customers for making own benefit (French, 2012). Poor administration of the banking industry can be blamed for the security risk in the internet banking. Corporate governance plays a major role in the protecting the confidentiality and integrity of the information in e-banking (Hole, Moen and Tjostheim, 2006). Organization having poor corporate governance system has greater exposure towards security risk. External security threats may include the attack of malwares, computer virus, and spyware. Unethical hacking and other security attacks by external party are considered to be a major threat in internet banking (Post and Kagan, 2007). These issues need to be resolved by enhancing the IT security by the banking organization. Firewall and improved internet security pro tocol are considered to be effective solution for combating with the external security threats in e-banking (R. Melba Kani and Thanga Joy, 2011). On the other hand, internal security threats can be resolved with the aid of improved IT security system, effective internal and strong corporate governance (Dhillon and Backhouse, 2000). References Adams, J. (2007).Research methods for graduate business and social science students. New Delhi: SAGE Publications. Bryman, A. (2004).Social research methods. Oxford: Oxford University Press. Cook, D. (2002). Information Security Management: Global Changes in the New Millennium.European Journal of Information Systems, 11(1), pp.83-84. Dhillon, G. and Backhouse, J. (2000). Technical opinion: Information system security management in the new millennium.Commun. ACM, 43(7), pp.125-128. Dooley, D. (2001).Social research methods. Upper Saddle River, N.J.: Prentice Hall. Fielding, N. (2010). Mixed methods research in the real world.International Journal of Social Research Methodology, 13(2), pp.127-138. French, A. (2012). A Case Study on E-Banking Security When Security Becomes Too Sophisticated for the User to Access Their Information.Journal of Internet Banking and Commerce, 17(2). Gillham, B. (2000).Case study research methods. London: Continuum. Hole, K., Moen, V. and Tjostheim, T. (2006). Case study: online banking security.IEEE Security Privacy Magazine, 4(2), pp.14-20. Kasemsan, M. and Hunngam, N. (2011). Internet Banking Security Guideline Model for Banking in Thailand.CIBIMA, pp.1-13. Kothari, C. (2004).Research methodology. New Delhi: New Age International (P) Ltd. Lei, T. and Wang, Y. (2014). The Study of Influencing Factors of the Online Banking Information Security Products Service Quality.AMM, 644-650, pp.5703-5709. May, T. (2011).Social research. Maidenhead, Berkshire, England: McGraw Hill, Open University Press. Post, G. and Kagan, A. (2007). Evaluating information security tradeoffs: Restricting access can interfere with user tasks.Computers Security, 26(3), pp.229-237. Melba Kani, R. and Thanga Joy, D. (2011). Security Issues in Online Banking Services.IJAR, 4(3), pp.100-101. Saunders, M., Lewis, P. and Thornhill, A. (2007).Research methods for business students. Harlow, England: Financial Times/Prentice Hall. Silverman, D. (2005).Doing qualitative research. London: Sage Publications. Singh, K. (2007).Quantitative social research methods. Los Angeles: Sage Publications. Smith, A. (2006). Exploring security and comfort issues associated with online banking.IJEF, 1(1), p.18. Twum, F. and Ahenkora, K. (2012). Internet Banking Security Strategy: Securing Customer Trust.JMS, 3(4).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.