Web Banking Security
Web Banking services constitute a key activity of each bank and offer flexibility and convenience to customer transactions. As a service, it should operate 24 hours a day, be reliable and easy to navigate by all users. At the same time, Web Banking must be compliant with all procedures for secure transactions as described in Best Practices and international guidelines and local standards.
1995 was a landmark year for the security of electronic transactions since it was then that the first successful attack to an eBanking system took place by a hacker. Citibank was the bank that received the mentioned attack, resulting in huge money loss, shares fall but also a blow of credibility.
Vulnerabilities hidden by Web Banking systems are related to security holes in the design of the electronic trading system. The design shortcomings may relate to the network infrastructure and topology, the servers that host the application, application vulnerabilities or end user authentication key issues and corresponding data storage.
External, internal and web penetration tests, secure network infrastructure design, Web Application, Database and Internal Firewalls, Intrusion Prevention Systems-IPS, Public Key Infrastructure (PKI), strong authentication systems (Smart Cards, Tokens), Patch Management for Servers, Antivirus for servers, Encryption solutions, Load balancers, SSL Certificates for bank's website.