IT security and contemporary concern of bankers

A landlord asked a man interviewing for the position of a guard, "Do you know English?"

The candidate replied, "Why? Will the thief come from London?"

This conversation is of course hypothetical. While the prospective guard may feel he does not need to know English; in the contemporary world, because of our increasing dependence on technology, English is not only useful, but compulsory. For those working in more complex jobs such as financial institutions and banks, not only do you need to know English, computer programming language has also become essential.

Throughout the decades, regardless of the circumstances, the banking sector in Bangladesh has successfully gone through a revolution in keeping up technologically with the banks all over the world.

Twenty years into the new millennium, the banks and the financial world now face a new crisis triggered by the deadly Covid-19 virus that has affected the whole world.

For employees of the banking service system, time has come to expand their technological knowledge i.e. capabilities, to survive in a competitive market. Bangladesh Bank has moved in this direction, adopting relevant laws, legislations and policies, which reflect the needs of the society.

The central bank is creating the pathway for implementing different service policies and creating a bridge between our future responsibilities and the global banking system. Promoting different technologies and bringing innovation to services far and wide is necessary for the comfort of the consumers.

To yield the full benefit of these services, security of IT must be ensured so that any unwarranted incident does not disrupt it. In this situation, "understanding banking but not understanding computers" mentality cannot be allowed.

For example, practices such as giving out the card and pin to a peon for withdrawing money to save time, or writing down the pin on the back of the card for ease of remembering, will bring nothing but greater risks in future.

Mobile Financial Services (MFS) have also increased this risk as transactions are done through sharing "pin and mobile" with merchandisers to send, withdraw or transfer money.

For security reasons, different banks do not use text messages to send out account numbers or credit card numbers, to protect the customer information from being exposed.

Trained telebanking executives are restricted from asking for full account numbers or credit card numbers so that information is protected.

These numbers are kept encrypted so that only the actual owner can avail the services, or receive instant instructions or access the latest status through the customer service platforms on their registered mobile phones or emails.

At present, if someone wants to succeed in the banking profession, practical knowledge of IT as well as the increasing ability to apply security methods will be beneficial for them as it is a demand of the time.

Nowadays, banks use a merged database created by ACID properties, which provides data security by changing the information in an encode-decode format, which is very essential in this era of CORE banking system.

Banks, as well as the bankers, must also be aware of when and how fast customer service can be ensured from a data-security perspective, especially using Two Factor Authentication (2FA) system.

On different kinds of service providing platforms, the use and effectiveness of One Time Password (OTP) received on the registered phone number of the customer, along with identifying authentic customers, has become a part and parcel of technological securities services.

In fact, the comparative highly secure encoded-decoded OTP or One Time Password can also make mistakes or deviate to a great extent, but can also provide the desired services to a customer.

While making foreign currency transactions this kind of Two Factor Authentication process will not only bring the customers, but also those who are directly connected to approving these transactions, into play, and make them potentially accountable.

Maybe soon, the mobile numbers provided by the customers will become the only or most acceptable customer identification system, where almost all the customer information such as their national identity card number, biometric information etc. will be stored, as testified and certified by the telecom company.

At present, different instructions and technology provided by e-KYC centred banks or platforms developed by FinTech are unique for customer identification. Like the rest of the world, our country also accepts mobile numbers to provide financial security through "OTP", by which services can be ensured through the Two Factor Authentication process.

In the upcoming "Fourth Industrial Revolution (IR 4.0)", IoT, IeT, BigData, Blockchain, Artificial Intelligence (AI), Machine Learning (ML), Cloud Computing (IaaS, PaaS, SaaS), Face Recognition, Mobile Computing, FinTech etc. will all be integrated and flow into a new trend in the social system, where the blessing of technology will let customers sit back at home and allow them to open bank accounts, to taking loans.

While setting this goal, preparing applicable technology as well as providing emphasis on "security" is also important because cybercrime is the greatest infraction which is rarely ever brought to justice.

The biggest hurdle of integration is that the flaws of a single service can have an impact on the entire system management, which increases the risk to a great extent.

As such, being tech-savvy and inspiring coworkers with adequate knowledge: being eager to create a conscious environment can help reduce the risk to a tolerable level.  Come let us become an active participant of the "Fourth Industrial Revolution" keeping pace with this globalised age that is a changed, refined and enlarged social system.

The author serves as the SPO of NRB Global Bank Ltd's Motijheel Branch.