Electronic Bank Shield in Au

Index

1 Introduction        1

1.1 Types of electronic payments        

1.2 Trends of net banking fraud        

2   How electronic banking fraud occurs?        

2.1 Hoax emails        

2.1.1 Phishing emails        

2.1.2 Emails with malware        

2.2 Mule recruitment        

3. Protecting methods        

3.2 Extra Verification        

3.3Activity log        

3.4Automatically time-out        

3.5 Encryption        

3.7 Internet banking guarantee        

4. Conclusion        

Reference:        

1． Introduction

Net banking service increases dramatically under the development of the internet technology. Although online transactions are effective and convenient, the rate of internet banking frauds are growingrapidly in recent years. This report focuses on how Internet banking frauds occur and how ADIs protect customers against these kinds of frauds.

1.1 Types of electronic payments

Over the past decade, electronic payments have grown by around 230 per cent and the value of these payments by around 390 per cent (RBA, 2016). Non-cash payments are accounting for most of the value of payments in the Australian economy (RBA, 2016). They involve cards, Internet, mobile payment and person-to-person. There are three types of cards: credit, debit and prepaid cards. Credit cards are an extremely popular form of electronic payment because people can use them almost anywhere for almost any kind of purchase, and do not have to have cash on hand to pay for things. Internet payment includes a person transferring money or making a purchase online. This form of payment continues to increase in popularity with the ever-growing e-commerce industry. Although the amounts of transactions are limited via mobile phone, consumers still can use this form of payment in some electronic transactions. The person-to-person payments enable a person to pay another using an online account, a prepaid card or another mechanism that stores value.

1.2 Trends of net banking fraud

Comparing with cash, the use of non-cash payment ways continues to grow-with the exception of cheque payment. In particular, debit card uses continue to increase rapidly (Table 1). Total losses relating to fraudulent cheque and debit, credit and charge card transactions increased by 29 per cent to $450 million in 2014, according to data collected by the Australian Payments Clearing Association (APCA). The fraud rate on Australia-issued cards increased from $0.47 per $1000 in 2013 to $0.59 per $1000 in 2011. The increase reflected a 30 per cent rise in fraud on debit, credit and charge cards from the international schemes to $421 million in 2014 (Graph 1, Table 2)

Table 1 Non-cash Payment

[pic 1]

Reserve Bank of Australia, payment system, viewed 11 April 2016,

/payments-system.html>

Graph 1:

[pic 2]

Reserve Bank of Australia, payment system, viewed 11 April 2016,

Table 2: Fraud Losses by Transaction Type

[pic 3]

Reserve Bank of Australia, payment system, viewed 11 April 2016,

http://www.rba.gov.au/payments-and-infrastructure/payments-system.html

2   How electronic banking fraud occurs?

Since the internet banking fraud activities remain complex and various, this fraud rate is escalating. Therefore, the following will introduce three forms of online banking fraud.

2.1 Hoax emails

Hoax emails mean the emails which direct people to the fake websites and reveal their personal information.  Hoax emails include phishing emails and emails with malware.

2.1.1 Phishing emails

Phishing, which is a homophone of fishing, refers to the attempt to gain access to people’s confidential information by spam emails. Criminals may send spam emails that appear to be from a bank, and these emails often contain a link to a fake website that looks the same as the genuine website. These emails usually inform the customers to update their personal information such as password or pin. If the customers follow the requirements of the emails, the criminals can obtain the personal details and conduct a transaction on a real bank website. The customers should notice that banks would never send this kind of emails to customers.

2.1.2 Emails with malware

Virus emails are generally unsolicited emails sent from unknown addresses, containing malware links or attachments. Malware is a kind of intrusive program. When customers click the links or open the attachments, malware could install automatically on the device and steal customer’s personal information to break into their net bank accounts. What’s more, some sophisticated malware can capture customers’ personal details by turning off the anti-virus program on the device.

2.2 Mule recruitment

Mule recruitment is an electronic tactic that fraudsters hire a third party to receive stolen funds and then these funds which minus commission payment can be transferred to frausters’ account(Australian federal police, 2015). The following steps describe how mule recruitment happen. Firstly, the fraudster may use emails, recruitment websites, chat rooms to advertise some jobs. These jobs are normally high salaries but simple work, specifically, only requiring the candidates to have computers and bank accounts. Secondly, the fraudsters may convince the victim to work for the defrauding company which is called the mule. Thirdly, the victim will be requested to transfer money to the mule once recruited. Finally, the mule will transfer these funds abroad to an overseas account own by the fraudster. The mule could also receive a commission payment.

3. Protecting methods

Since customers are facing elevated electronic banking fraud risk, the ADIS have been taking efficient measures to increase security capability, reduce this fraud risk, thus protecting its customers against electronic banking fraud activity. This report focuses on commercial banks.

1. NetCode SMS (short message service)

NetCode SMS technology is being used more extensive by commercial banks when proceeding online transaction request. NetCode SMS is a kind of free SMS authentication system. To be specific, when customers attempt to pay online or do online bank transfer via net bank, the bank will deliver a free one-time code to the bank account holder via SMS, customers are required to fill out this one-time code online correctly. Only customers could finish the NetCode SMS verification, the transaction would be processed. NetCode SMS could automatically authenticate the account holder, authorise the transaction via the phone number registered with the bank, consequentlyavoid cyber fraud transaction.

...