UNIVERSITY OF MUMBAI

PROJECT ON

BACHELOR OF COMMERCE

(BANKING & INSURANCE)

SEMESTER VI
(2011-2012)

SUBMITTED BY

PROJECT GUIDE
Prof. NANDINI JAGANNARAYAN

HINDI VIDYA PRACHAR SAMITIS

RAMNIRANJAN JHUNJHUNWALA COLLEGE,
GHATKOPAR (WEST), MUMBAI-400 086.
INFORMATION ABOUT HDFC BANK

BACHELOR OF COMMERCE
BANKING & INSURANCE
SEMESTER V

SUBMITTED
IN PARTIAL FULFILLMENT OF THE REQUIREMENTS
FOR THE AWARD OF DEGREE OF BACHELOR OF
COMMERCE- BANKING & INSURANCE

BY

HINDI VIDYA PRACHAR SAMITIS

RAMNIRANJAN JHUNJHUNWALA COLLEGE
GHATKOPAR (W), MUMBAI-400086

CERTIFICATE

THIS IS TO CERTIFY THAT Miss OF B.COM. BANKING & INSURANCE

SEMESTER V (2011-12) HAS SUCCESSFULLY COMPLETED THE
PROJECT ON UNDER THE GUIDANCE OF Prof. NANDINI
JAGANNARAYAN)

PRINCIPAL.
(DR. USHA MUKUNDAN)

PROJECT GUIDE/ INTERNAL EXAMINER

(Prof. NANDINI JAGANNARAYAN)

EXTERNAL EXAMINER

DECLARATION

I, Miss THE STUDENT OF B.COM. BANKING & INSURANCE SEMESTER

V (2011-12) HEREBY DECLARES THAT I HAVE COMPLETED THE
PROJECT ON .
THE INFORMATION SUBMITTED IS TRUE AND ORIGINAL TO THE
BEST OF MY KNOWLEDGE.

SIGNATURE OF STUDENT

NAME OF THE STUDENT

ACKNOWLEDGEMENT

I would like to express my sincere gratitude to The Almighty for having

Showered His immense blessings on me and has enabled me to complete this
research work.

I would also like to express my heartfelt gratitude to our principal Dr .USHA

MUKUNDAN, who has given me opportunity to conduct this study.

My guide Mrs. NANDINI JAGANNARAYAN also deserves sincere thanks

that has given me her guidance throughout the project and made it a success.

My parents have been a backbone to me in completing this project and my

friends who extended their constant support during my study also deserve
heartfelt thanks.

Executive summary
A sound and effective banking system is the backbone of an economy. The
economy of a country can function smoothly and without many hassles if the
banking system backing it is not only flexible but also capable of meeting the
new challenges posed by the technology and other external as well as internal
factors. The importance and role of information technology for achieving this
benign objective cannot be undermined. There is an urgent need for not only
technology upgradation but also its integration with the general way of
functioning of banks to give them a rim in respect of services provided to the
customers, better housekeeping, optimising the use of funds and building up of
management information system for decision making. The technology has the
potential to change methods of marketing, advertising, designing, pricing and
distributing financial products and services and cost savings in the form of an
electronic, self-service product-delivery channel. The technology holds the key
to the future success of Indian Banks. Thus, "Internet Banking is the need of
the hour, which cannot be lost sight of except at the cost of elimination from the
competition. The existence of Internet banking also becomes inevitable due to
the standards required to be matched at the international level. Thus, the
domestic as well as the international standards mandates the adoption of
Internet banking at the earliest possible moment.

Chapter Introduction to e-banking

Online banking (or Internet banking or E-banking) allows customers of a
financial institution to conduct financial transactions on a secure website
operated by the institution, which can be a retail or virtual bank, credit union or
building society.
To access a financial institution's online banking facility, a customer having
personal Internet access must register with the institution for the service, and set
up some password (under various names) for customer verification. The
password for online banking is normally not the same as for telephone banking.
Financial institutions now routinely allocate customer numbers (also under
various names), whether or not customers intend to access their online banking
facility. Customer numbers are normally not the same as account numbers,
because a number of accounts can be linked to the one customer number. The
customer will link to the customer number any of those accounts which the
customer controls, which may be cheque, savings, loan, credit card and other
accounts.
To access online banking, the customer would go to the financial institution's
website, and enter the online banking facility using the customer number and
password. Some financial institutions have set up additional security steps for
access, but there is no consistency to the approach adopted.
Importance of Information Technology
The benefits and advantages of information technology for the smooth and
efficient functioning of the banking business cannot be disregarded and
sidelined. Its proper and methodical use can bring the following advantages (2):
(1) Sound Payment System: The first advantage originating from the use of

technological advances relates to the Payment systems, which form the lifeline
of any banking system. The payments in India are largely cash based although
there are non-cash based payments as well. The usage of electronic means of
funds movement and settlement is still in its stages of formative years. The
various forms of electronic based payment, such as credit cards, Automated
Teller Machines (ATMs), Stored Value cards, Shared Payment Network Service
(SPNS) etc, are emerging at an incredible speed. Many banks have made
initiatives aimed at electronic modes of funds movement. While this is a
positive development, it needs to be ensured that such funds transfers are made
in a high level of security so that no unauthorised usage occurs in the newer
modes being implemented by banks. It is this area, which has been the focus of
attention by the Reserve Bank - and the efforts have now resulted in the form of
the Structured Financial Messaging Solution (SFMS). The SFMS incorporates
adequate security measures, including that of Public Key Infrastructure (PKI),
with encryption software equivalent to some of the best security measure in the
world. The use of the SFMS over the INFINET would automatically provide
safe, secure and efficient funds transfers with the added benefit of the settlement
of inter-bank funds transfers taking place in the books of account of banks,
maintained with the Reserve Bank, thereby providing for finality of the
settlement. Further, the message formats used in SFMS are very similar to those
used by SWIFT, resulting in ease of usage by the banking community in the
country. This secure messaging backbone can be used for a number of intrabank applications also.

(2) Sound Financial System: The information technology revolution has

significantly benefited the financial system. In particular, there are four key
areas in which the financial system has experienced the benefits of the
technology revolution: product development, market infrastructure, risk control

and market reach. In the process, technology has changed the contours of three
major functions of financial intermediaries: access to liquidity, transformation
of assets and monitoring of risks. The Indian financial system is adapting itself
to these developments and is acquiring a customer-centric focus. The
proliferation of Automated Teller Machines (ATMs), networking of these ATMs
and Shared Payment Network based ATMs have been features which have been
welcomed by the banking public. Other innovations already within the domain
of banks and financial systems in India include Internet Banking, Electronic
Funds Transfer and 'Anywhere/ Anytime Banking', all of which have a high
level of technology embedded in the systems offering these services. In recent
years, the Reserve Bank has assigned priority to upgrading the technological
infrastructure of the Indian financial system. Efforts have been made to
modernise clearing and payment through Magnetic Ink Character Recognition
(MICR) based cheque clearing, Electronic Clearing Services and Electronic
Funds Transfer (ECS and EFT) and the Centralised Funds Management System
(CFMS).

(3) Effective Regulation and Supervision: The information technology has a

great potential of effective regulation and supervision of various financial
institutions and banks. With fast growth in technology and the increasing
complexities of technology motivated developments in the financial markets,
the regulated are more pro-active than the regulators on modernization of
products and services, especially in countries like ours where there are multiple
regulators and central banks face a growing task in drawing abreast and
equipping themselves with an range of tools to deal with the regulatory
implications of a technology induced fast changing financial world. These
developments necessitate a qualitative change and fine tuning in the relationship
between the regulator and the regulated. The technology has brought alterations

to decades old attitude and practices, in a more effective, economical and

competitive manner.

(4) Effective Currency Management: The impact of technology on the issuances

of Bank Notes and Currency Management by Central bank is apparent. The
technology offers us immense opportunities to significantly improve our
performance of this core function. Given the high value and volume of currency
in circulation, the vast geographic spread of currency operations, the largest
distribution channel for the supply of currency, prevalent marked preference for
cash and currency handling practices, currency management in India is a
challenging and strenuous task. In 1999, the Reserve Bank of India announced a
"Clean Note Policy" to bring about improvements of the quality of notes in
circulation and technology has played an indispensable role in enabling the
Bank to provide better quality notes to the general public. The information
technology makes the task of currency management easy, effective, economical
and speedier.
(5) Monetary and Financial Stability: One of the critical activities undertaken by
Central bank to ensure monetary and financial stability is to provide the banking
sector with finality of settlement. The payment and settlement systems are the
conduits through which monetary policy measures are transmitted to the
financial and then the real economy. The information technology revolution has
given rise to an extraordinary increase in financial activity across the globe. The
progress of technology and the development of worldwide networks have
significantly reduced the cost of global funds transfer. The technology has, in
fact, placed at the disposal of Central bank a desirable selection of instruments
to manage and eliminate risks in payment and settlement systems. Electronic
trading platforms have reduced the gap between trade finalisation and trade

reporting and settlement and in the process have significantly reduced risks
arising from the trading and settlement process. The Real Time Gross
Settlement Systems (RTGS Systems) have been the preferred mode of
settlement for large value funds transfers by central banks globally to minimise
settlement and systemic risk. The RTGS systems would not have been possible
without the network and information system capabilities to transmit payment
messages to the settlement agency and process funds transfer instructions in real
time. Delivery versus payment systems to reduce credit risks is securities
settlement systems also owe their origin to the technological capability to
harmonise positions in settlement banks and depositories in real time. The
triumph of Information Technology has perhaps been the introduction of
Continuous Linked Settlement, which ensures payment versus payment
settlement of very large value foreign exchange transactions thus completely
eliminating the risks in cross border transactions.
Banking through electronic channels has gained increasing popularity in recent
years. This system, popularly known as 'e-banking', provides alternatives for
faster delivery of banking services to a wide range of customers. This study
aims to collect customers' opinions regarding the importance of e-banking and
the adoption levels of various e-banking technologies in India and Kenya. The
study also highlights the trends of e-banking indicators in India and Kenya.
Further, it segregates the data collected into an Indian and a Kenyan customer
basis, to identify differences in their attitudes towards the emergence of ebanking. The overall result indicates that customers in both countries have
developed positive attitudes and they attach much importance to the emergence
of e-banking.
Internet banking is the term used for new age banking system. Internet banking
is also called as online banking and it is an outgrowth of PC banking. Internet

banking uses the internet as the delivery channel by which to conduct banking
activity, for example, transferring funds, paying bills, viewing checking and
savings account balances, paying mortgages and purchasing financial
instruments and certificates of deposits. Internet banking is a result of explored
possibility to use internet application in one of the various domains of
commerce. It is difficult to infer whether the internet tool has been applied for
convenience of bankers or for the customers convenience. But ultimately it
contributes in increasing the efficiency of the banking operation as well
providing more convenience to customers. Without even interacting with the
bankers, customers transact from one corner of the country to another corner.
There are many advantages of online Banking. It is convenient, it isnt bound by
operational timings, there are no geographical barriers and the services can be
offered at a minuscule cost. Electronic banking has experienced explosive
growth and has transformed traditional practices in banking.
Private Banks in India were the first to implement internet banking services in
the banking industry. Private Banks, due to late entry into the industry,
understood that the establishing network in remote corners of the country is a
very difficult task. It was clear to them that the only way to stay connected to
the customers at any place and at anytime is through internet applications. They
took the internet applications as a weapon of competitive advantage to corner
the great monoliths like State Bank of India, Indian Bank etc. Private Banks are
pioneer in India to explore the versatility of internet applications in delivering
services to customers.
The e-banking is leading to a paradigm shift in marketing practices resulting in
high performance in the banking industry. Delivery of service in banking can be
provided efficiently only when the back ground operations are efficient. An
efficient back ground operation can be conducted only when it is integrated by

an electronic system. The components like data, hardware, software, network

and people are the essential elements of the system. Banking customers get
satisfied with the system when it provides them maximum convenience and
comfort while transacting with the bank. Internet enabled electronic system
facilitate the operation to fetch these result.
An in-depth analysis would help to understand that internet enabled electronic
bank system differentiates from traditional banking operation through faster
delivery of information from the customer and service provider. Additionally, it
has to be noted that the banking operations does not transfer physical currencies
instead it transfer the information about the value for currencies. I-banks enable
transfer of information more swiftly on-line. In service organizations like banks,
information flows more than physical items. In the commercial world,
especially in most advanced societies today, money is rather carried in
information storage medium such as cheques, credit cards and electronic means
that in its pure cash form. E banking has become an important channel to sell
the products and services and is perceived to be necessity in order to stay
profitable in successful.
The perception is the formed as a result of interpreting the experience. There is
a growing interest in understanding the users experience; as it is observed as a
larger concept than user satisfaction. From this perspective, assessing the user
experience is essential for many technology products and services.
Customers have started perceiving the services of bank through internet as a
prime attractive feature than any other prime product features of the bank.
Customers have started evaluating the banks based on the convenience and
comforts it provides to them. Bankers have started developing various product
features and services using internet applications.

The present study aims to explore the major factors responsible for internet
banking based on respondents perception on various internet applications.
Study also tries to examine whether there is any relation with the demographic
variable (e.g. gender) and respondents perception about internet banking; and,
whether the user and non-user perception differs.
Framework of the factors
As mentioned that survey focuses on the finding the customers perception on
various internet application related with internet banking. Various factors which
contribute to the customers perception such as convenience, flexible virtual
banking system, reliability, time factor, real time access to information, saving
transaction cost, on-line bill payments, digital signature for security, faster
transfer, easy to use, user friendly, low transaction fees, any time and anywhere
banking facility, access to current and historical transaction data, facility of fund
transfer to third party are taken for this study. These factors came from different
studies.
The Framework of the factors which are taken to assess the perception is as
follows:
1. Convenience way of operating banking transactions: Online banking is a
highly profitable channel for financial institutions. It provides customers
convenience and flexibility and can be provided at a lower cost than
traditional branch banking. The convenience of online banking is helping
people gain greater control of their finances and contributing to changing
patterns in cash withdrawal and day to day money management.
2. Flexible virtual banking system: Financial institutions have spent a great
deal of time and money developing online banking functionality to allow

customers an easy and convenient way to manage their money. A customer

can check balance by logging into banks website through a user name and
password. In this way he can enquire balance, status of cheques, perform
funds transfers, order drafts, request issue of cheque books etc.
3. Reliability: One of the very important service quality dimensions of ibanking service quality is reliability. The online banking environment has
grown tremendously over the past several years and will continue to grow
as financial institutions continue to strive to allow customers to complete
money transfers, pay bills, and access critical information online. During
this same time, online banking has been plagued by Internet criminals and
fraudsters attempting to steal customer information. Phishing, pharming,
and other types of attacks have become well known and are widely used as
a means for fraudsters to obtain information from customers and access
online banking accounts. As a result, authenticating customers logging onto
their online banking service has become a crucial concern of financial
institutions.
4. Time factor: Liu and Arnett in their study identified time factor as one of
the prime factor that in Internet banking service quality feature for the
customers. Saving time is an importance factor which influences the
customers prefers to use i-banking. Banks can make the information of
products and services available on their site, which is, an advantageous
proposition. Prospective customer can gather all the information from the
website and thus if he comes to the branch with queries it will be very
specific and will take less time of employee.
5. Real time access to information: The banks started i-banking initially with
simple functions such as real time access to information about interest

rates, checking account balances and computing loan eligibility. Then, the
services are extended to online bill payment, transfer of funds between
accounts and cash management services for corporate.
6. Saving transaction cost: Improving customer service, increasing market reach
and reducing costs are now basic expectations of Internet banking
services. If consumers are to use new technologies, the technologies must
be reasonably priced relative to alternatives. Otherwise, the acceptance of
the new technology may not be viable from the standpoint of the
consumer. Internet banking model offers advantages for both banks and
customers. The Internet provides the banks with the ability to deliver
products and services to customers at a cost that is lower than any existing
mode of delivery.
7. On-line bill payments: The most popular online transaction through internet
banking is funds transfer/bill payment. Of the twenty-two million users,
twenty percent or 4.6 million people regularly used online bill payment
services offered by the top ten financial institutions. This report also
highlighted that the usage of online bill payment services increased by
thirty-seven percent at the end of the first quarter 2004.
8. Digital signature for security: In a survey conducted by the Online Banking
Association, member institutions rated security as the most important issue
of online banking. There is a dual requirement to protect customers
privacy and protect against fraud. Digital signature is a precautionary
measure to prevent malpractices and tampering the information. It is a
form of enhanced authentication. Nearly one in 5 customers were victims
of identity theft and fraud.

9. Faster transfer: Another important factor that contributes the framework of

the perception is the faster transfer of fund. The fundamental advantage of
the internet banking is the transfer of the information about the moneys
worth to any place at any time with a mouse clicks distance.
10. Easy to use and user friendliness: Ease of use is another important
determinant for the customer preferring the internet banking. In a study
conducted by; reported that ease of use of innovative product or service as
one of the three important characteristics for adoption from the customers
perspective. The user friendliness of domain names as well as the
navigation tools available in the web-sites is an important determinant for
ease of use. The design of the web-sites with appropriate use of graphical
user interface is also considered as an important determinant. It is also
worth noting that proper navigation attributes and search facility will also
certainly be helpful to consumers when they surf the Internet. In addition,
the level of interactivity of the site will certainly have an effect on the
consumers perception of the user friendliness of the Internet.
11. Low transaction fees: Another factor that would stand in the way of
consumer adoption of Internet banking is the cost factor. In Internet
banking, two types of costs are involved. First, the normal costs associated
with Internet access fees and connection charges and secondly the bank
fees and charges. These two types of costs shape the perception of the
customers.
12. Any time and anywhere banking facility: Online banking users say that
convenience is the most important factor; online banking lets them access
their accounts from anywhere and at any time.

13. Access to current and historical transaction data: According to IAMAI

reports online banking 2006, customers prefer to view account
balances, transaction history and updates get e-statements, credit card and
debit card transaction history and updates, checking the status of their
credit card accounts, viewing information regarding their demat account,
information on their fixed deposits.
14. Facility of fund transfer to third party: According to IAMAI reports
online banking 2006, majority of the customers prefer on-line banking
channels to transfer funds to third party.
15. Queue management: One among the important dimensions of e-banking
service quality is queue management.

Chapter CHALLENGES BEFORE INTERNET BANKING

The information technology in itself is not a panacea and it has to be effectively

utilized. The concept of Internet banking cannot work unless and until we have
a centralised body or institution, which can formulate guidelines, regulate, and
monitor effectively the functioning of Internet banking. The most important
requirement for the successful working of Internet banking is the adoption of
the best security methods. This presupposes the existence of a uniform and the
best available technological devices and methods to protect electronic banking
transactions. In order for computerisation to take care of the emerging needs,
the recommendations of the Committee on Technology Upgradation in the
Banking Sector (1999) may be considered. These are:

(1) Need for standardisation of hardware, operating systems, system software,

application software to facilitate interconnectivity of systems across branches

(2) Need for high levels of security

(3) Communication and networking - use of networks which would facilitate

centralised databases and distributed processing

(4) Need for a technology plan with periodical upgradation

(5) Need for business process re-engineering

(6) Need to address the issue of human relations in a computerised environment

(7) Need for sharing of technology experiences

(8) Need of Payment systems which use information technology tools. The
Reserve Bank of India has played a lead role in this sphere of activity - with the
introduction of cheque clearing using the MICR (Magnetic Ink Character
Recognition) technology in the late eighties.

The Reserve Bank of India constituted a "Working Group on Internet Banking"

which focused on three major areas of I-banking, i.e., (i) technology and
security issues, (ii) legal issues and (iii) regulatory and supervisory issues.
These areas are selected in such a manner that the problems faced by banks and
their customers can be minimized to the maximum possible extent. The Group
recommended certain guidelines for the smooth and proper working of Internet
banking. These centralised guidelines would bring uniformity in the selection
and adoption of security measures, with special emphasis on a uniform
procedure. The security of Internet banking transactions would not be
jeopardised if these security mechanisms are adopted. This is because the
success of Internet banking ultimately depends upon a uniform, secure and safe
technological base, with the most advanced features.

The RBI has accepted the recommendations of the Group, to be implemented in

a phased manner. The RBI has issued (3) the following guidelines through a
Circular for implementation by banks in this regard:

(1) Technology and Security Standards: The technology and security standards
are of prime importance as the entire base of Internet banking rests on it. If the
technology and security standards are inadequate, then Internet banking will not
provide the desired results and will collapse ultimately. The RBI realizing this
crucial requirement issued the following guidelines in this regard:

a. Banks should designate a network and database administrator with clearly

defined roles as indicated in the Group's report. (Para 6.2.4 of the Report)
b. Banks should have a security policy duly approved by the Board of Directors.
There should be a segregation of duty of Security Officer / Group dealing
exclusively with information systems security and Information Technology
Division, which actually implements the computer systems. Further,
Information Systems Auditor will audit the information systems.

c. Banks should introduce logical access controls to data, systems, application

software, utilities, telecommunication lines, libraries, system software, etc.
Logical access control techniques may include user-ids, passwords, smart cards
or other biometric technologies.

d. At the minimum, banks should use the proxy server type of firewall so that
there is no direct connection between the Internet and the bank's system. It
facilitates a high level of control and in-depth monitoring using logging and
auditing tools. For sensitive systems, a stateful inspection firewall is
recommended which thoroughly inspects all packets of information, and past

and present transactions are compared. These generally include a real time
security alert.

e. All the systems supporting dial up services through modem on the same LAN
as the application server should be isolated to prevent intrusions into the
network as this may bypass the proxy server.

f. PKI (Public Key Infrastructure) is the most favoured technology for secure
Internet banking services. However, as it is not yet commonly available, banks
should use the following alternative system during the transition, until the PKI
is put in place:

1. Usage of SSL (Secured Socket Layer), which ensures server authentication

and use of client side certificates issued by the banks themselves using a
Certificate Server.

2. The use of at least 128-bit SSL for securing browser to web server
communications and, in addition, encryption of sensitive data like passwords in
transit within the enterprise itself.

g. It is also recommended that all unnecessary services on the application server

such as FTP (File Transfer Protocol), telnet should be disabled. The application
server should be isolated from the e-mail server.

h. All computer accesses, including messages received, should be logged.

Security violations (suspected or attempted) should be reported and follow up

action taken should be kept in mind while framing future policy. Banks should
acquire tools for monitoring systems and the networks against intrusions and
attacks. These tools should be used regularly to avoid security breaches. The
banks should review their security infrastructure and security policies regularly
and optimize them in the light of their own experiences and changing
technologies. They should educate their security personnel and also the endusers on a continuous basis.

i. The information security officer and the information system auditor should
undertake periodic penetration tests of the system, which should include:
1. Attempting to guess passwords using password-cracking tools.
2. Search for back door traps in the programs.
3. Attempt to overload the system using DDoS (Distributed Denial of Service)
& DoS (Denial of Service) attacks.
4. Check if commonly known holes in the software, especially the browser and
the e-mail software exist.
5. The penetration testing may also be carried out by engaging outside experts
(often called 'Ethical Hackers').
j. Physical access controls should be strictly enforced. Physical security should
cover all the information systems and sites where they are housed, both against
internal and external threats.

k. Banks should have proper infrastructure and schedules for backing up data.
The backed-up data should be periodically tested to ensure recovery without
loss of transactions in a time frame as given out in the bank's security policy.

Business continuity should be ensured by setting up disaster recovery sites.

These facilities should also be tested periodically.

l. All applications of banks should have proper record keeping facilities for legal
purposes. It may be necessary to keep all received and sent messages both in
encrypted and decrypted form.

m. Security infrastructure should be properly tested before using the systems

and applications for normal operations. Banks should upgrade the systems by
installing patches released by developers to remove bugs and loopholes, and
upgrade to newer versions, which give better security and control.

(2) Legal Issues: The adoption and switch over to Internet banking will also
raise certain legal issues and disputes in the future which have to be anticipated
and remedial measures for the same need to be adopted. Further, these issues
should also be compatible with the existing laws, particularly the Information
Technology Act, 2000. The RBI, keeping in mind these factors, has issued the
following guidelines in this regard:

a. Considering the legal position prevalent, there is an obligation on the part of

banks not only to establish the identity but also to make enquiries about
integrity and reputation of the prospective customer. Therefore, even though
request for opening account can be accepted over Internet, accounts should be
opened only after proper introduction and physical verification of the identity of
the customer.

b. From a legal perspective, security procedure adopted by banks for

authenticating users needs to be recognized by law as a substitute for signature.
In India, the Information Technology Act, 2000, in Section 3(2) provides for a
particular technology (viz., the asymmetric crypto system and hash function) as
a means of authenticating electronic record. Any other method used by banks
for authentication should be recognized as a source of legal risk.

c. Under the present regime there is an obligation on banks to maintain secrecy

and confidentiality of customers' accounts. In the Internet banking scenario, the
risk of banks not meeting the above obligation is high on account of several
factors. Despite all reasonable precautions, banks may be exposed to enhanced
risk of liability to customers on account of breach of secrecy, denial of service
etc., because of hacking/ other technological failures. The banks should,
therefore, institute adequate risk control measures to manage such risks.

d. In Internet banking scenario there is very little scope for the banks to act on
stop-payment instructions from the customers. Hence, banks should clearly
notify to the customers the timeframe and the circumstances in which any stoppayment instructions could be accepted.

e. The Consumer Protection Act, 1986 defines the rights of consumers in India
and is applicable to banking services as well. Currently, the rights and liabilities
of customers availing of Internet banking services are being determined by
bilateral agreements between the banks and customers. Considering the banking
practice and rights enjoyed by customers in traditional banking, banks' liability
to the customers on account of unauthorized transfer through hacking, denial of

service on account of technological failure etc. needs to be assessed and banks

providing Internet banking should insure themselves against such risks.

(3) Regulatory and Supervisory Issues: The banks operating in real space are
regulated and supervised by the RBI on regular basis. This regulation and
supervision is required to be extended to Internet banking as well. Thus, the RBI
has issued the following guidelines in this regard:

1. Only such banks which are licensed and supervised in India and have a
physical presence in India will be permitted to offer Internet banking products
to residents of India. Thus, both banks and virtual banks incorporated outside
the country and having no physical presence in India will not, for the present, be
permitted to offer Internet banking services to Indian residents.
2. The products should be restricted to account holders only and should not be
offered in other jurisdictions.
3. The services should only include local currency products.
4. The 'in-out' scenario where customers in cross border jurisdictions are offered
banking services by Indian banks (or branches of foreign banks in India) and the
'out-in' scenario where Indian residents are offered banking services by banks
operating in cross-border jurisdictions are generally not permitted and this
approach will apply to Internet banking also. The existing exceptions for limited
purposes under FEMA i.e. where resident Indians have been permitted to
continue to maintain their accounts with overseas banks etc., will, however, be
permitted.
5. Overseas branches of Indian banks will be permitted to offer Internet banking

services to their overseas customers subject to their satisfying, in addition to the

host supervisor, the home supervisor.
Given the regulatory approach as above, banks are advised to follow the
following instructions:

a. All banks, who propose to offer transactional services on the Internet, should
obtain prior approval from RBI. Bank's application for such permission should
indicate its business plan, analysis of cost and benefit, operational arrangements
like technology adopted, business partners, third party service providers and
systems and control procedures the bank proposes to adopt for managing risks.
The bank should also submit a security policy covering recommendations made
in this circular and a certificate from an independent auditor that the minimum
requirements prescribed have been met. After the initial approval the banks will
be obliged to inform RBI any material changes in the services / products offered
by them.

b. Banks will report to RBI every breach or failure of security systems and
procedure and the latter, at its discretion, may decide to commission special
audit / inspection of such banks.
c. The guidelines issued by RBI on 'Risks and Controls in Computers and
Telecommunications' vide circular DBS.CO.ITC.BC. 10/ 31.09.001/ 97-98
dated 4th February 1998 will equally apply to Internet banking. The RBI as
supervisor will cover the entire risks associated with electronic banking as a part
of its regular inspections of banks.

d. Banks should develop outsourcing guidelines to manage risks arising out of

third party service providers, such as, disruption in service, defective services

and personnel of service providers gaining intimate knowledge of banks'

systems and misutilizing the same, etc., effectively.

e. With the increasing popularity of e-commerce, it has become necessary to set

up 'Inter-bank Payment Gateways' for settlement of such transactions. The
protocol for transactions between the customer, the bank and the portal and the
framework for setting up of payment gateways as recommended by the Group
should be adopted.

f. Only institutions who are members of the cheque clearing system in the
country will be permitted to participate in Inter-bank payment gateways for
Internet payment. Each gateway must nominate a bank as the clearing bank to
settle all transactions. Payments effected using credit cards, payments arising
out of cross border e-commerce transactions and all intra-bank payments (i.e.,
transactions involving only one bank) should be excluded for settlement through
an inter-bank payment gateway.

g. Inter-bank payment gateways must have capabilities for both net and gross
settlement. All settlement should be intra-day and as far as possible, in real time.

h. Connectivity between the gateway and the computer system of the member
bank should be achieved using a leased line network (not through Internet) with
appropriate data encryption standard. All transactions must be authenticated.
Once, the regulatory framework is in place, the transactions should be digitally
certified by any licensed certifying agency. SSL / 128 bit encryption must be
used as minimum level of security. Reserve Bank may get the security of the
entire infrastructure both at the payment gateway's end and the participating

institutions' end certified prior to making the facility available for customers
use.
i. Bilateral contracts between the payee and payee's bank, the participating
banks and service provider and the banks themselves will form the legal basis
for such transactions. The rights and obligations of each party must be clearly
defined and should be valid in a court of law.

j. Banks must make mandatory disclosures of risks, responsibilities and

liabilities of the customers in doing business through Internet through a
disclosure template. The banks should also provide their latest published
financial results over the net.

k. Hyperlinks from banks' websites often raise the issue of reputational risk.
Such links should not mislead the customers into believing that banks sponsor
any particular product or any business unrelated to banking. Hyperlinks from a
banks' websites should be confined to only those portals with which they have a
payment arrangement or sites of their subsidiaries or principals. Hyperlinks to
banks' websites from other portals are normally meant for passing on
information relating to purchases made by banks' customers in the portal. Banks
must follow the minimum recommended security precautions while dealing
with request received from other websites, relating to customers' purchases.
Thus, the guidelines issued by the RBI have taken care of the challenges to be
faced by the Internet banking. The Reserve Bank of India has directed that all
banks offering Internet banking services, with immediate effect, should adopt
the Group's recommendations. Even though the recommendations have been
made in the context of Internet banking, these are applicable, in general, to all

forms of electronic banking and banks offering any form of electronic banking
should adopt the same to the extent relevant. Further, all banks offering Internet
banking are advised to make a review of their systems in the light of these
guidelines and report to Reserve Bank the types of services offered, extent of
their compliance with the recommendations, deviations and their proposal
indicating a time frame for compliance. The first such report must reach the RBI
within one month from 14-06-2001(4). The banks not offering any kind of Ibanking may submit a 'nil' report. The banks who are already offering any kind
of transactional service are advised to report, in addition to those mentioned in
paragraph above, their business models with projections of cost / benefits etc.
and seek RBI's post-facto approval.

Data Analysis and Results

The Internet has revolutionized the way we live, shop, entertain and interact and
also the way we save and invest. Internet banking arrived in India in the late
1990s. ICICI was the first bank to champion its usage and introduced internet
banking to its customers in 1996. With lower internet costs and increased
awareness about electronic media, online banking established itself only in
1999. Other banks followed suit, including HDFC, Citibank, IndusInd and the
now redundant Times Bank.
Internet banking changed both the banking industry as well as banks services to
its customers. Anywhere banking came to be recognized as an opportunity
also for Differentiated and competitive services. Ancillary online services like
checking Account status, fund transfer, ordering demand drafts, loan
applications, credit card Verifications, shopping portals etc. as well as not

requiring a visit to the branch during Office hours were viewed as high-value
offerings and increasingly started to become a necessity rather than a service.
Once banking institutions recognized the low processing cost per transaction via
the internet, they began viewing online banking as an extension of the bank
rather than as an add-on service. The motivation to introduce online banking
now

also include new business potential, additional funds from new and

existing customers, expansion in geographical reach, image as a tech-savvy

bank especially if targeting the youth and the threat of customers shifting
loyalty if they did not introduce it.
Nationalized banks initially viewed online banking as insecure and
counterintuitive and were therefore hesitant. But eventually, SBI, Canara Bank,
Allahabad Bank, Punjab National Bank, Bank of Baroda, Syndicate Bank and
others introduced it. SBI launched internet banking in 2001 and experienced
good response. In general, internet banking saw an exponential rise in users.
Today, banks encourage their customers to use online banking. Besides cost and
Revenue impacts, this paradigm shift is because they also recognize that selfcontrol transactions have greater potential for customer satisfaction and
retention. Online banking has thus come to be among essential banking
services. The approach to adopting online banking however is often to merely
stay abreast of industry and technology and online banking is becoming a
separate business unit driven by technological possibilities. The user often has
minimal place in such an approach as evidenced by non-human centric
experiences that flourish. However, the cultural and organizational shift needed
by Indian banks to draw old customers into this new banking channel as well as
to draw new customers requires a user centric focus. But how much have banks
paid attention to the user? How is the overall experience and how do customers
perceive their bank as they struggle unaided in the comfort of their homes? How
cognizant are banks that customers silently leave after getting frustrated? Do

they measure how much revenue they are losing because of a technology
focused approach to online banking? How do Indian consumers behave in this
dichotomy between technology barrier and convenience?
2 Indian Banking Industries and Online Awareness of its User Base:
A large chunk of the Indian banking industry still belongs to the public sector
banks having the most extensive network of physical branches. These are
followed by large private banks and lastly by multinational banks (MNC) who
have the smallest physical network and therefore their online banking needs to
be the most developed and able to address user needs without requiring human
intervention. This is depicted in Figure.

1. The fact that most government organisations have their payroll accounts

With public sector banks contributes significantly to the large customer bases of
these banks. Traditional public sector banks have existed for many years and
have serviced diverse income groups. This has resulted in their customer base
being huge as well as belonging to a wider demographic representation, given
Indias heterogeneous population as well. However, most of the traditional
customers prefer to bank with a bank with a human touch and prefer public
sector banks as they form an emotional relationship with their bank personnel,
which is not really encouraged by private sector or multi-national banks.

The new generation which has been banking for less than a decade prefers faster
Transactions and more professional relationships as compared to the traditional
customer. For them, opening a bank account is incidental and connected to their
direct deposit salary accounts. The private sector bank has captured the
corporate and IT sector as compared to the public sector bank. As a result, banks
in the public sector tend to have a huge user base, but very few of their
customers have the technology orientation or the inclination to use electronic
media for banking. This is depicted in Figure 2. Therefore, the awareness of
customers of public sector banks about online banking as an active banking tool
is relatively lower. To tap this type of user base that has an inherent barrier to
and not an obvious need for internet usage, just adding an internet banking
channel to a banks lists of services may not be enough of an incentive. A
streamlined, simple and customer satisfaction oriented approach to service
novice users only can help banks achieve better internet banking penetration.

Objectives:
User research studies of four banks were conducted to understand users current
relations with their bank, their perception of offline and online banking services
and to offer recommendations for more customer-focused services. We

specifically investigated users offline and online expectations of their bank

and association with it brand.
Homepage as a touch point for encouraging online banking
Customer engagement barriers for online banking services
Concept of new online services like branchless banking
The methodology involved recruiting and studying users from the banks
customer database, categorized on the basis of usage and transactional
behaviours. The 3 types of users interviewed were:
Non-users who dont bank online
Users who bank online but only check account status and dont do any
transactions
Users who perform extensive online transaction via their bank account

Findings: User Perceptions and Attitudes to Online Banking

In response to how they perceived their general banking experience, users
mentioned requirements mentioned below that have been detailed in Table 2:

 Zero minimum balance

Presence of ATM everywhere (redundant now as all ATMs are connected)
Proximity from home/work
fast growing and high savings interest rates
Air-conditioned interiors
Responsive banking
Base 800 respondents (Multiple responses)
It was seen that the ability to bank without visiting the branch was a high
priority.
Responses to queries about their online banking experience, expectations and
Concerns by user segments have been generalized and detailed in Table 3
below.

Broadly, all users emphasized 3 major attributes they considered important for
their online banking experience: Simplicity, Security, and Service.
Simplicity
Users and non-users expect online banking to be further simplified than what
they see today. Some expectations:
Better link label clarity suggestive of action required

 Better navigation that highlights and presents relevant information in

Context and at the right time needed
Better content partitioning according to popularity and priority of action
Security
Non-transistors and non-users reported that they did not transact online because:
Concerns about the security of their banking information is not fully addressed
Technical glitches and unreliability create confusion and anxiety
Additional security gateways were absent
Service
Almost all transistors demanded better service they wanted.
More services to be available online
Better and faster customer support channels like online chat to solve banking
hurdles
Innovative and intuitive interface
This is depicted in Figure 3 below.

Banking Industry Perspective and Approach to Users

Based on our client interactions before and after the studies, we found that
banks view online banking as an important medium of servicing its customer
base. While they recognize it as a direct cost savings, they do not necessarily
recognize it as a point of service and hence do not give it the attention they give
customer service at the branch where they take great pains to satisfy the
customer, and to address the smallest of queries common in live banking.
A simple example is their changing banking terminology without realizing its
impact on the customer that can leave an average customer baffled. A label like
Ebonies National Funds Transfer is very confusing for the customer.
Changing it to a simpler Funds Transfer reduces confusion and allows the
customer to complete their transaction. Another example is use of marketing
gimmicks resulting in loss of usability. If other banking portals have a link
called SMS Alert, then coining a similar link called Insta-alert only serves to
create confusion. Many banks have now understood that online banking is here
to stay and that they need to upgrade and enhance their offerings for simple
solutions and desired security to retain and attract customers. They also need to
recognize that they must offer the same convenience and service that people
have come to expect at the branch as well as in other areas of their life like
shopping online. Payment for too requires users to invariably go through the
online banking portals. Banks need to also understand that transition of a new
user to an advanced one is a gradual process that needs to be supported by
encouraging users to explore with confidence by offering intuitive processes
user-friendly nomenclature. Only when users feel confident with the system,
will it be easy for them to explore new services through cross-sell banners and
other means that are popular and successful in banking.
Banks are however yet to regard online banking as a person-less service
counter where the user is left to fend for himself/herself amidst stiff usability
barriers and that it costs them. The attention they accord their other points of

service are therefore deficient in online. (See Fig. 4) Setting up the hardware for
online banking, which is viewed as the end point for the bank is often the
beginning from a users perspective. That a methodical user-centric rather than a
technology-centric design approach is a systemic investment that creates
satisfied customers, reduces costs and increases revenue is yet to be accepted by
the banking industry.
Fig 4: Services offered via various banking channels

6 Design Lessons and Recommendations

Banking is a task-focused activity and also deals with peoples money. Both
need ease of use and psychological comfort of the user as fundamental
requirements, for example, giving feedback like your money will be transferred
in 24 hours. It needs a clear task flow, clarity of language and terminology and
support available at all times. Further, if a task completion process is intuitive
and logical, the user is more likely to gain confidence and increase usage of the
internet for all their banking needs, thus increasing revenue potential for the
bank. An online demo of the service is an easy way to address both the task
centric nature of banking as well as address the comfort level of the wide
variety and vast numbers of novice users. An example of customer focused
online banking would be specialized banking for the Islamic community. It is a
huge business opportunity. To capitalize on that opportunity, banks must
understand and design for highly specialized user behaviour, expectations and
critical aspects of the various Islamic cultures. Many Islamic cultures are
exceptionally collective in decision-making and tend to be more concrete and
risk-averse. There is a wide variety and large numbers of novice users among
Indian online banking customers today. Their view goes beyond the novelty of
online banking. They expect their experience to be similar to what they get at a
service counter. The unfamiliar virtual experience cannot be completely

different from their familiar physical experience. Indian users have shown their
readiness to accept online banking as a sales channel by purchasing through
cross selling online. But this is possible only if they are able to navigate the
bank site. Banks need to view and reflect this through thoughtful designs of
their offerings. While banks have clarity of their market segmentation, they
must progress to behaviour-based segmentation and user-centred methods and
move beyond predesigned technology solutions. Online banking design must
create a 'quick in and out' experience, ensure success in transactions users
undertake, arouse curiosity and attract the customer to explore. Studying users,
defining user types, benchmarking designs and testing for ease of use are
critical for this. Specific needs therefore are: clear task flows, brevity and clarity
of language and terms, basic functions made obvious to average users and
support available at all times. Besides short-term solutions, the long-term
strategy needed is to not just create but also measure user performance with the
design to ensure it is self-evident and transactions are truly self-controlled.

Fig 4 Services offered via various banking channels

Conclusions:
It is clearly in the interest of banks to encourage their customer base to use
online banking. Current designs of online banking systems do not address users
needs and expectations of online banking. User-centred design methods can
achieve this. Internet, phone, paper, statements, ATM and visit to the branch all
need to appear as one holistic experience [8] for the customer who is anybody.
In India, banking, like several other transactions, continues to be relation-based
and in need of human assurance and intervention, technology notwithstanding.
Hence this is particularly significant. True benefits will be seen when banks use
this technology to offload customer service costs and increase sales by
maximizing self-service. As 21st century banking users entrust the care of one
of their most important assets to cyber space, a seamless, stress free and
successful experience is essential. Design with users success as focus, content
understandable by anybody, supported with demos and help to reduce
intimidation, will justify investment in online through increased usage by
satisfied customers.

Competitive advantage in the Indian banking industry has been historically

determined by factors such as size, branch or distribution capability, and
artificial barriers to entry arising from the archaic credit delivery process. This
has helped some of the older players in maintaining a prominent position in the
industry despite their relative inefficiencies. This however is all set to change as
the trend of new policies is to fundamentally alter the basis of competitive
advantage in Indian banking.
The direction of the new policies is to establish a level playing field between
various components of the industry and remove barriers to entry and exit. The
creation of the term money market, the changes in the credit delivery

mechanism, the flexibility in the credit assessment process and the

diversification of the sources of money (external commercial borrowings,
various local debt instruments) collectively will change the factors that
determine survival, growth and profitability in this competitive industry. For
instance:

The development of an active term money market will mitigate the competitive
disadvantages arising today from the absence of a branch network. Branch
networks will be required in future to support some retail products, but not as a
means to raise resources for lending. Constraints on lending will be determined
by financial strength, risk taking ability, and capital rather than by the ability to
raise resources in an imperfect market.
nThe gradual dilution of the consortium discipline will improve access of
companies to banks and vice versa. The consortium discipline has been widely
misused by banks and has degenerated into an old boys club in a large number
of cases. There are several instances in recent years of companies being
prevented or unduly restrained by dominating banks from developing
relationship with bankers of their choice.
Competitive advantage among banks will be determined by very different
factors in future.
Strategic focus: As in other businesses, the concept of core competition will be
important in banking. Some universal banks may exist but the majority of
banks will need to develop their mix of products and business based on relative
strengths and competence rather than by historical accident. Every product and
business deposit banking, credit cards, retail lending, corporate banking,
investment banking, etc. - must pay for itself in terms of return on investment,
rather than exist to promote or subsidise other business.

Adaptability: Size alone is not sufficient, and perhaps not even essential, to
ensure survival and growth (the dinosaur syndrome). Big is not necessarily
beautiful - adaptability to new products, processes, technology, markets and
customer needs will be more crucial.
Cost efficiency : Competitive pressures will always lead to declining margins .
In that eventuality, lower cost operators in the industry have an obvious
advantage. The principal costs in banking are people, premises and technology.
Each of these influence the others and the lean and mean organisations will be
the winners.
Productivity: Related to this is the ability to work smartly. The capability to
handle volumes and changing processes efficiently and in a cost effective
manner will be crucial.
Technology: Adopting, assimilating and implementing appropriate technology
will significantly influence competitive strengths. Technology has a broad
spectrum impact as it affects cost, productivity and people. The necessity and
utility of branch networks must be seen in the context of the power and reach of
technology.
People : Like in all other service industries, the quality of people will often
support an organisation in an environment where differentiation based on
product, pricing and delivery methods will be negligible.
Risk Management : The ability to grow and expand will also ultimately depend
on the quality of risk. A lot of the major players in todays market are likely to
see the results of indifferent management, unwise economic policies (directed
lending), political interference, all too clearly through massive debt write offs.
Various estimates of problem loans in the Indian banking system range from 18
per cent to 25 per cent of outstanding advances which is a staggering Rs

50,000 crore to Rs 75,000 crore. In a free market, the quality of risk will
determine access to funds as well as the freedom to price products
competitively.
Attitudinal changes : Perhaps more important than all the other factors is the
requirement of a flexible mind-set to understand, appreciate and anticipate the
changes in the market place . A large part of the banking industry has for long
been conditioned to think in a directed manner in an environment where
innovation was virtually prohibited.
In a recent study on banking in emerging markets, The Economist had most
appropriately quoted Ralph Waldo Emerson as saying: We learn geology the
morning after the earthquake. Unfortunately, this appears all too prophetic in
the Indian banking scenario. Perhaps the only mitigating factor is that we often
overestimate the speed of change in India and hence banks will have more time
to re-orient their attitudes and strategies.

CONCLUSION
The adoption of Internet banking in India will have its own advantages to both
the banks and the ultimate customers. The use of information technology will
not only reduce the costs of operation but also would be effective, easy to
maintain, speedier and highly competitive. The banks cannot remain standoffish
from this concept of Internet banking, and they should bring apposite changes to
meet the necessities and challenges of Internet banking. The challenges posed
by the Internet banking are mostly of procedural nature, which can be easily
counterbalanced by adopting suitable technological and security measures. The
domestic standards of banking have to be in conformity with the well-known

international standards and in the near future international dealings from India
would be a reality, which are presently not liberal enough. No system or
institution can hope to benchmark it against international standards without
making optimal use of technology. There can be no doubt about the enormous
potential and emancipated opportunities offered by advances in technology.
However, there are pre-requisites and preparations, which have to be made
before the full benefits of the technology can be harvested.