Online security growing concern for Indian banks

Summary:Survey reveals 30 percent of India's top 40 banks were victims of phishing attacks in the past year. Only 57 percent have formal plan to drive user awareness about fraud.

INDIA--Some 30 percent of India's top banks have fallen victim to identity theft in the last one year, according to a new survey released Wednesday.

Conducted by Singapore-headquartered software product company ReadiMinds, the online survey also determined that online security was one of the top three security concerns for Indian banks this year. The study, titled State of online security in financial institutions in India 2008, was conducted in April 2008 and polled India's top 40 banks.

"Stronger online security is a business issue, and Indian banks are increasingly focusing on improving online security," Naren Nagpal, CEO of ReadiMinds told ZDNetAsia in an e-mail interview. "[However], online security at Indian banks is well below that of global banks."

Phishing is also a growing cause of concern for Indian banks, where 30 percent of those surveyed said they were victims of phishing attacks in the last one year.

According to the ReadiMinds survey, 10 percent of banks in the country have been victims of "man-in-the-middle (MITM) attack" during the same period. This is an emerging type of attack, in which a fraudster or malicious hacker intercepts the transaction between the user and Web-banking server. The hacker compromises and modifies the electronic communication link between the user and the bank's Web server in a bid to obtain financial gain.

Better security, better business
The survey also identified a strong link between the business performance of a financial institution and the online security measures it had implemented.

"Over 70 percent of banks that had implemented stronger security regularly delivered better business performance compared to their peer group," said ReadiMinds.

However, more than 57 percent of the banks still do not have a dedicated budget for online security, choosing instead to include online security as part of their overall IT budget, the survey found.

Similarly, only 57 percent of the Indian banks had a formal plan in place for creating customer awareness against online identity theft and financial frauds.

Yet, all the respondents were aware that integrating stronger user authentication, with fraud detection and risk-based transaction verification, was the strongest form of defense against online identity theft and financial frauds, the survey said.

Swati Prasad is a freelance IT writer based in India.

Topics: Security, Banking, IT Employment

About

Swati Prasad is a New Delhi-based freelance journalist who spent much of the mid-1990s and 2000s covering brick-and-mortar industries for some of India's leading publications. Seven years back when she took to freelancing, India was at the peak of its "outsourcing hub" glory and the world of Indian IT, telecom and Internet fascinated her.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.