32 C
Friday, July 19, 2024

Security of IT and the circle of concern of contemporary bankers

  • Rashedul Hasan Khan

  The landlord asked the potential guard, “Do you know English?” Potential guard, “Key? Chor ki bilat thon aibo nihi?” (Why? Will the fraudster hailed from UK?)

But at the present time, not just at home; in many organizations, especially in financial or equivalent institutions, it is necessary and compulsory. The mentioned interview here is shown in a metaphorical sense. The guard will work to ensure impeccable security, with the help of technology to prevent untoward situations as much as possible. Knowledge of English language is essential for the practical use of technology, in some context knowledge of computer language has also become essential in banking sector as well.

Every decade, there has been a revolution in the use of technology; in the context of Bangladesh, in harmony and coordination with the banking system around the world, which is visible to all. Two decades after, the new millennium; in other words, at the beginning of the third decade, just before the new revolution, the invisible deadly germ called “corona” was enforced to reflect the practical reality of the new technology not only in financial institutions but also in daily life as well. As employees of the banking services system, it is the high time for those of us who are involved in this profession to expand the range of technological thinking and capabilities to survive in a competitive market.

The important and timely direction of Bangladesh Bank is also a mirror of the need of the society wrapped in various rules, regulations and policies. The central bank is talking about the future of the introduction or implementation of various service policies of banking sectors in adhere the future of our work and the compatibility of the global banking system. Extensive, promotion and dissemination of integration of various types of finance and technology in a platform with innovation there services; above all, the services are widely appreciated and discussed for the convenience of the consumers. The acceptance of graphs of information obtained from reputed local magazines, trade magazines or international Bloomberg portals is not only showing upward, but also positively skewed and accepted by a special class of consumers in the form of kurtosis.

In order to reap the full benefits of those services, it is necessary to take a thorough idea of ​​the safety of the use of technology or to promote it, so that unintentional or unwanted errors do not lead to unwanted deviations from this emerging trend of services. In this case, it is important to avoid the statement “I understand banking but I don’t understand computers” mentality. Or withdrawing money from an ATM by an office assistant by giving both the card and the PIN for the trivial reason or saving time or writing the PIN on the back of the card with utmost care; will also be extremely risky for the customer concerned in the future, it can be said with almost certainty. Mobile phone money technology services (MFS), on the other hand, have increased the risk of sending, withdrawing or transferring money from an outlet by giving “PIN and Mobile” to those shockers.

Complying the well-known and world-tested frameworks used for the security of customer data, various banks do not disclose the full ‘account number’ or ‘credit card number’ in a text message for the sake of customer data security, so that customer information is not ‘disclosed or revealed’ under any circumstances. Even trained telebanking executives have been barred from seeking information on their full account numbers or “credit card” numbers. These numbers are masked or encrypted in various ways so that only the actual users or beneficiaries will get the latest status of their asked facility or instant instruction or authorized service, on their own customer service platform such as their registered mobile phone or email.

In order to fully integrate oneself in the banking profession considering present demand, it is the high time to expand the scope of potential knowledge of the practical knowledge of information technology as well as the practical approaches to its security rules. Nowadays, the security of the data obtained with the change in “ACID” behavior of the database due to the integration of different services of the banks is also very important in the management of this “core (banking)” era. Banks as well as bankers must always be diligent; When?, How?, How fast? customer service can be ensured from a data-security perspective, especially using two-tier (2FA) approaches.

The use and effectiveness of “OTP” obtained from the registered mobile number of the customer on various service receiving platforms as well as the identification, accuracy, availability of the actual consumer is being considered as an integral part of the technology service now a days. In fact, the relatively high quantity or volume transactions can be safe guarded by introducing OTP or one-time short-term password  approach as a means of receiving instructions from the customer. Even for various foreign currency transactions, this kind of two-tier security approaches used to bring not only the customers but also those directly involved in approving the transaction into the realm of accountability.

Maybe in the near future, the mobile number provided by the customer will become the only and only major and most acceptable customer identifier where almost all the customer information such as national identity card, biometric information etc. which are duly tested and approved by Telcos. At present, e-KYC is one of the unique means of implementing the guidelines issued by the Central Bank for approving customer identification as a unique medium of various financial technologies or FinTech. In our country, as in the rest of the world, the mobile phone number is the most practical means of receiving any technology service under financial technology in the case of ‘OTP’, through which the two-tier security belt could be used to ensure service security.

IoT, IeT, BigData, Blockchain, Artificial Intelligence (AI), Machine Learning (ML), Cloud Computing (IaaS, PaaS, SaaS), Face Recognition, Mobile Computing, FinTech for the upcoming “Fourth Industrial Revolution (IR 4.0)” will all be integrated and flow into a new trend in the social system, where for the benefit of technology, the idea of ​​being able to take a loan by sitting at home by opening a bank account will not be stuck of augmented reality, it would be a reality. To that end, the importance of “security” is even more important in this banking sector with the practical preparation of technology because the biggest victim of cyber heist is still on our foreheads though it is under jurisdiction process.

The biggest hurdle to integration is that compromising a single service flaws can have an impact on the entire system management, which in turn means a large increase in the level of probability. Even the smallest deviation can put the entire technology system at high risk if the security of the integrated or incorporated service platform or the identified devices is not ensured in a separate, strong and cryptologic policy; at the same time, it would not be appropriate to consider the risk of massive financial loss as unreasonable. In this case, it is possible to reduce the level of risk tolerance only if one is always spontaneous in using technology driven tools i.e. IT savvy and tries to create an environment of awareness by motivating the colleagues with a thorough idea sharing approach.

Let us all keep pace with the world in this age of globalization and become one of the strongest worker of the “Fourth Industrial Revolution” in such a changed, refined and expanded society; trivialize the frown of risk or fear. Our rebel poet Kazi Nazrul Islam wrote in his poem “Khaled” in the verse of “Jinjir” in rhyme:

“The world is moving forward when we sit still, wife divorce ruling searching across Fiqh and Hadith!”


The author is MIT, MBA (Banking) & MSc (Statistics) SPO, NRB Global Bank Ltd.

Related Articles


Cloud Computing Security Issues, Threats and Controls

Cloud Computing and service models  The official NIST definition (NIST 800-145) of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand...
API and Open Banking

API and Open Banking: Way for New Service Innovation for Banks and FinTech Companies

The people who gathered at a hall room of a city hotel in last month had one thing in common—they all are working in...
ISO 2001

ISO 27002: 2022 Implementation vs Reality

After almost a decade, ISO27001: 2013 is going to publish its new iteration of ISO27001:2022 in second (2nd) Quarter this year1. But prior to...
Deepfakes: The Synthetic Media I want to believe

Deepfakes: The Synthetic Media I want to believe

What Are Deepfakes? A deepfake is a sort of "synthetic media," which refers to material (such as images, audio, and video) that has been modified...
The power of API platforms

The power of API platforms brings the open banking promise into sharper focus

Open banking is a global phenomenon whose merits are felt in virtually every time zone, including those in the Asia-Pacific region. In contrast to...
Blockchains Gaming and Collusion

“Blockchains: Gaming and Collusion- A Reading in Political Economy”:  Futuristic Exploration with Fact-based Analysis

In this digital age, it has become quite common for us to constantly remain mesmerized by fascinating technologies.  However, deeper thoughts about those technologies,...