An Investigation of Internet Banking Security of Selected Licensed Banks in Vietnam

Panida SUBSORN, Sunsern LIMWIRIYAKUL

Abstract


Currently, most Vietnamese banks provide internet banking services to customers. These services may include internet banking, online trading, and mobile banking. One critical aspect of internet banking is security. Confidentiality, integrity, and privacy are important elements for secure internet banking. This paper makes a comparative study of internet banking security features provided by the 22 selected licensed Vietnamese banks. The objective of the analysis was to improve the existing internet banking information security checklist (Version 1.05) and make it a more realistic and comprehensive international guideline. Results identified a lack of related internet banking security information on internet banking websites of all 22 selected licensed Vietnamese banks. Lack of security information by banks can impact negatively to the provision of confidentiality by the selected banks which may ultimately lead to a general reduction of trust from their current and potential internet banking customers.

Keywords


Customer perspective, internet banking information security checklist, internet banking security, personal internet banking, Vietnam

Full Text:

PDF

References


D Son, N Que, P Dieu, T Trang and M Beresford. Policy reform and the transformation of Vietnamese agriculture, Available at: ftp://ftp.fao.org/docrep/fao/009/ag089e/ag089e04.pdf, accessed October 2014.

A Ho and R Baxter. Banking reform in Vietnam, Available at: http://www.frbsf.org/banking-supervision/publications/asia-focus/2011/june/banking-reform-vietnam/june-banking-reform-in-viet nam.pdf, accessed October 2014.

N White. Study finds online banking security shortfalls, Available at: http://sciencewa.net.au/topics/technology-a-innovation/item/1021-study-finds-online-banking-securi ty-shortfalls/1021-study-finds-online-banking-security-shortfalls, accessed May 2015.

C Yiua, K Grant and D Edgar. Factors affecting the adoption of internet banking in Hong Kong-Implications for the banking sector. Int. J. Inform. Manag. 2007; 27, 336-51.

P Subsorn and S Limwiriyakul. A comparative analysis of the security of internet banking in Australia: A customer perspective. In: Proceedings of the 2nd International Cyber Resilience Conference. Perth, Western Australia, 2011.

P Subsorn and S Limwiriyakul. A comparative analysis of internet banking security in Thailand: A customer perspective. Procedia Eng. 2012; 32, 260-72.

P Subsorn and S Limwiriyakul. An analysis of internet banking security of foreign subsidiary banks in Australia: A customer perspective. Int. J. Comput. Sci. Issues 2012; 9, 8-16.

P Subsorn and S Limwiriyakul. A case study of internet banking security of Mainland Chinese Banks: A customer perspective. In: Proceedings of the 4th International Conference on Computational Intelligence, Communication Systems and Networks 2012. Phuket, Thailand, 2012.

S Limwiriyakul and P Subsorn. A customer perspective investigation on internet banking security of licensed banks in Hong Kong. In: Proceedings of the International Conference on Security and Management 2012. Las Vegas, USA, 2012.

Usonlinebiz. Types of Internet banking and security threats, Available at: http://www.usonlinebiz.com/article/Types-of-Internet-Banking-and-Security-Threats.php, accessed April 2011.

D Hutchinson and M Warren. A framework of security authentication for internet banking. In: Proceedings of the International We-B Conference 2001. Perth, Australia, 2001.

D Hutchinson and M Warren. Security for Internet banking: A framework. Logist. Inform. Manag. 2003; 16, 64-73.

Dah Sing Bank. How can I login Dah Sing E-Banking service? Available at: http://www.dahsing.com/en/html/other_services/ebanking/faq_ds_login.html, accessed October, 2014.

L Peotta, M Holtz, B David, F Deus and RT Sousa. A formal classification of internet banking attacks and vulnerabilities. Int. J. Comput. Sci. Inform. Tech. 2011; 3, 186-97.

M Agarwal, M Mehra, R Pawar and D Shah. Secure authentication using dynamic virtual keyboard layout. In: Proceedings of the International Conference and Workshop on Emerging Trends in Technology 2011. Mumbai, India, 2011.

S Rajarajan, K Maheswari, R Hemapriya and S Sriharilakshmi. Shoulder surfing resistant virtual keyboard for internet banking. World Appl. Sci. J. 2014; 31, 1297-304.

Federal Financial Institutions Examination Council (FFIEC). Authentication in an Internet banking environment, Available at: http://www.ffiec.gov/pdf/authentication_guidance.pdf, accessed October 2014.

VeriSign Incoporation. The Latest advancements in SSL technology, Available at: http://www.veris ign.com/static/042485.pdf, accessed October 2014.

National Security Agency. Suite B cryptography, Available at: https://www.nsa.gov/ia/programs/sui teb_cryptography, accessed October 2014.

The Open Web Application Security Project (OWASP). Password length and complexity, Available at: https://www.owasp.org/index.php/Password_length_%26_complexity, accessed October 2014.

Comodo CA Limited. What is HTTPS? Available at: https://www.instantssl.com/ssl-certificate-products/https.html, accessed October 2014.

China Merchants Bank (CMB). All in One Net: Personal Internet Banking General Edition, Available at: https://pbsz.ebank.cmbchina.com/CmbBank_GenShell/UI/GenShellPC_EN/Login/ Login.aspx#, accessed October 2014.

DigiCert. Behind the scenes of SSL cryptography, Available at: https://www.digicert.com/ssl-cryptography.htm, accessed October 2014.

VeriSign Authentication Services. FAQ: Extended validation SSL, Available at: http://www.verisign.com.au/ssl/ssl-informationcenter/extended-validation-ssl-certificates/? accessed April 2011.

RSA, The Security Division of EMC. Two-factor authentication, Available at: http://www.rsa.com/glossary/default.asp?id=1056, accessed April 2011.

Bank of Queensland Limited. Using the BOQ security token, Available at: http://www.boq.com.au/online_enhancedIB_security_token.htm, accessed October 2014.

VeriSign Authentication Services. Two-factor authentication, Available at: http://www.verisign.com/authentication/two-factor-authentication/index.html, accessed April 2011.

Suncorp-Metway Limited. Internet banking security tokens: How do I order / activate a security token?, Available at: http://www.suncorpbank.com.au/about/ways-to-bank/internet-banking/security-tokens#_accordion-tiles-2, accessed October 2014.

The Hongkong and Shanghai Banking Corporation (HSBC) Bank Australia Limited. We’re serious about online banking security, Available at: http://www.hsbc.com.au/1/2/osd, accessed October 2014.

Bendigo Bank. Security tokens, Available at: http://www.bendigobank.com.au/public/personal/ ways-to-bank/online-banking-old/security-tokens?fb_keyword=security+tokens, accessed October 2014.

F Cheng. A secure mobile OTP Token. In: Proceedings of the 3rd International Conference, Mobilware 2010. Chicago, USA, 2010, p. 3-16.

JD Aussel. Smart cards and digital identity, Available at: http://www.telenor.com/wp-content/uploads/2012/05/T07_3-4.pdf, accessed October 2014.

UBank. What we do to protect you, Available at: https://www.ubank.com.au/security, accessed October 2014.

C Marinakis and N Karanikolas. Strengthening the security of E-banking transactions. In: Proceedings of the 11th Panhellenic Conference in Informatics 2007. Patras, Greece, 2007.

D M'Raihi, S Machani, M Pei and J Rydell. TOTP: Time-based one-time password algorithm, Available at: http://www.hjp.at/doc/rfc/rfc6238.html, accessed October 2014.

JC Liou and S Bhashyam. A Feasible and Cost Effective Two-Factor Authentication for Online Transactions. In: Proceedings of the 2nd International Conference on Software Engineering and Data Mining. Chengdu, China, 2010.

Suncorp-Metway Limited. How we protect your money online: Automatic lock-out, Available at: http://www.suncorpbank.com.au/security/how-we-protect-your-money-online, accessed October 2014.

Global Organization Of Oriented Group Language Of Earth (Google). The reCAPTCHA advantage: What is reCAPTCHA?, Available at: https://www.google.com/recaptcha/intro/ index.html#the-recaptcha-advantage, accessed October 2014.

S Gaw and E Felten. Password Management Strategies for Online Accounts. In: Proceedings of the Symposium on Usable Privacy and Security 2006. Pittsburgh, USA, 2006.

The Bank of Western Australia Limited (BankWest). Website terms of use, Available at: http://www.bankwest.com.au/terms-conditions/website-terms-of-use, accessed October 2014.

The Open Web Application Security Project (OWASP). Cross-site Scripting (XSS), Available at: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS), accessed October 2014.

City of Perth. Payment types, Available at: https://eservices.perth.wa.gov.au/ePathway/ Production/Web/Payments/PaymentTypes.aspx, accessed October 2014.

City of Joondalup. Rates, Available at: https://www.joondalup.wa.gov.au/Live/PayOnline/ Rates.aspx, accessed October 2014.

City of Melville. Payments, Available at: https://services.melvillecity.com.au/ePathway/Production/ Web/Payments/PaymentEntry.aspx? accessed October 2014.

Tenders WA. Welcome to tenders WA, Available at: https://www.tenders.wa.gov.au/watenders /index.do, accessed October 2014.


Refbacks

  • There are currently no refbacks.




http://wjst.wu.ac.th/public/site/images/admin/image012_400

Online ISSN: 2228-835X

http://wjst.wu.ac.th

Last updated: 25 September 2018