Know and Safeguard: Digital Banking - Part 1

Basics of Digital banking- attacks and mitigation

Digital banking is a type of virtual banking operation that provides end-users with multiple banking services over the internet. Various banking services are available in digital banking systems, namely loan management, bill payment, cash deposition, cash withdrawal, cash transfer, account services, and account management.

The digital banking system consists of several middleware software solutions. The middleware software solution connects the database or operating system to other applications. The financial organization and banks adapt to the latest trends in technology and various changes occurring in the digital banking security services.

The digital banking security system is a defensive technique practiced by the banking staff to protect customer data from cyber-attacks. Understanding the digital banking security threats is essential to cope up with the security risks. Every digital security attack focuses on a particular set of information to compromise or violate the privacy of end-users.

The cyber-criminals attempt various types of attacks in the digital banking system, such as they infiltrate the customer bank account or redirect the customers to fake websites to steal their credentials. Digital banking security teams need to take active security measures to protect end-users from being the victim of cyber-attacks.

Types of digital banking security attacks

User credential attacks: the cybercriminals gain user credentials using various malware or malicious software. Password-stealing ware (PSW) is a malware used by the cyber-criminals to collect the user data directly from the web browser. The password-stealing ware steals sensitive data such as user credentials, saved card details, auto-fill data, and other financial information of the users.

The various other malware similar to PSW is designed to steal user credentials and other essential banking data.

Channel breaking attacks: the channel breaking attack involves manipulating the user data. The criminals manipulate the user data during the communication between the user and the bank. One such attack is known as eavesdropping. The attackers develop an independent connection with the victims and send messages to make them believe that the link is private and safe to communicate, and later collects the information transferred between the two victims.

Pharming: Pharming is a type of phishing attack that cyber-criminals use in digital banking security attacks. The attackers inject malicious code into the user’s machine. The process of injecting malicious code is called DNS cash poisoning. In pharming attacks, the end-users observe the proper URL in the browser as the user network is identified; the cyber-criminals then redirect it.

Man in the Browser: the man in the browser attack harms the end-user browser with malware, namely Trojan, to modify the user transaction without questioning the end-users. The man in the browser targets the users when they initiate the transactions and then edit the information like destination bank account number, or the amount transferred. The criminals modify the bank server response to manipulate the end-user and won’t allow them to see the changes that occurred during the transactions. Zeus is an example of a man in the browser malware.

Mobile Malware: the end-users generally prefer mobile phones in the digital banking system. Mobile malware is used by cyber-criminals to monitor data transmitted through mobile phones to bank servers. The mobile malware is capable of reading the user’s SMS and sending it to the criminal’s command and control servers, allowing the cyber-criminals to steal the OTP sent by the banks through SMS to authenticate transactions and logins. With this feature, the attackers can use the victim’s mobile banking accounts.

The criminals in mobile malware attacks use social engineering techniques to convince end-user to install malware applications. The mobile malware in the digital banking system is capable of stealing contacts, disabling the mobile security software, installing malicious apps, and replacing legitimate banking applications with fake services.

Security measures used in the digital banking system

•  Digital Certificates: the digital certificate is used in the digital banking system to authenticate both users and banking systems. It aids the users to transfer data securely through the internet with the help of public-key Infrastructure (PKI). The digital certificates are also called public-key certificates or identity certificates.
•  One Time Password token: users in various random situations request one-time password tokens. The dual authentication method generally uses one-time password tokens. The OTP generated is valid only for the one login session or transaction on the digital devices used for digital banking.
•  Browser protection: in digital banking, browser protection secures internet browser communications. The memory area of the browsers monitors against the malware. The browser protection detects the malware and stops the capturing of sensitive information and credential theft.
•  Virtual keyboard: is developed to hinder the active use of key loggers. The key logger captures the data typed on the keyboard. The virtual keyboard replaces the physical keyboard.
•  Device identification: device identification is a standalone solution in the digital banking system. The goal of the device identification security system is to facilitate user access.

‍