Application of Online Database in Banking System

blogger /

Suppose your personal important document is stored in an online database and has been connected to the web page with programming thus enabling you to see your personal important document. Think if the database software holding your important document to be full of securities. Only secure web database can save your document and it can be accessible to any part of the Globe. Besides your personal important document another significant application of online database is banking system that became integral part of every individual in modern banking system, whatever may be internet banking, mobile banking or another term used is core banking. Recent advancement of banking system like ATM, core banking using Information Technology people is very safe while they are traveling far way from home. It is still unsafe traveling with good amount of money, some time pulls your life in danger.

The main advantage of using an ATM is the fact that you can have access banking database up to certain level and as your requirement of cash in your bank account from any part of world, whenever you need it.

For instance, you are at a store that does not take checks or credit cards but it has an ATM, you can withdraw the money for your purchase. This also means you can travel anywhere without cash. If the location has an ATM and you have your ATM card, you can access your money instantly. Now days ATMs are not just technology you can use to access cash using online database software. Some ATMs you can transfer funds between accounts, buy stocks, check account balances and even buy stamps. All of these features can be accessed with one debit card or credit card and a PIN number. If you take measures to protect your PIN and account information, having access to an ATM is very convenient and makes life’s little emergencies far less challenging.

Cautions While Using ATM: You do need some carefulness when using an ATM. Identity thief in recent times using useless ATM receipts to get the bank account numbers of innocent customers. Consumers who have an ATM card are assigned a PIN to use when accessing their funds. Shoplifter sometimes stands close behind an ATM user to get this PIN, and then pinch his purse with the ATM card in it to cheat money from the account.

The Importance Of Quality Banking Software

blogger /

Perhaps as never before, the necessity for excellent banking software has become evident. Retail banking requires a client-focused approach that will attract new customers and maintain them in a long term business relationship. One way to ensure customer satisfaction has been to guarantee rapid response to questions as well as information-gathering for business transactions. New banking software technology can provide broad retail functionality while it supports various multi-channel models simultaneously. Scalability and resilience are also important features in quality software for banking needs. New core banking applications need to be able to address and support merger and acquisitions activities.

A new concern has been raised by the recent financial collapses within the banking industry. Astute attention to collateral management might have played a positive role in averting some of the humiliating losses that occurred and adversely affected so many smaller banks and loan institutions as well as the customers they represented. Quality banking software is being developed to include systems that monitor collateral descriptions and types. It will have the capability of maintaining customer information, collateral data, and credit count relationships. This will be a significant part of any core banking application program.

Excellent financial software is also available for corporate and correspondent banking requirements. This software can introduce new business models as it responds speedily to ever-changing market conditions. It can reduce costs and identify and manage the risk factors at work, as well. In collateral management, this feature will assist in recognizing collateral shifts in value before they can cause significant damage. An excellent banking computer program will be flexible enough to include new products as they become available and should improve the overall efficiency of the banking business. All of these improvements should add value to the customer relationship which, of course, is paramount.

When one thinks in terms of universal banking, the amount of information that must be gathered, processed, re-calculated regularly, and stored is mind-boggling. More and more banks have chosen to simply out source some of this mass of data collections, including information in collateral management, rather than handle it in-house. New technology will allow for broader functionality in the banking service. Various different kinds of banking products will be able to move across all kinds of channels, especially on the international level. This agility will enable banks to compete with the large international financial institutions that venture into their markets.

When considering the best in banking software, one must look at its “functional richness” as well as its scalability and flexibility. It must be adaptable to the latest in open technology, and it should include a system- connectivity with collateral management. Customers today want as close to real-time views as possible. They want quick access to their counter-party’s collateral and exposures. The ability to function with broad and sweeping informational strokes will strengthen the attractiveness and competitiveness of banking operations for the approaching years.

Banking Interview Questions – What Not To Do

blogger /

Banking is one of the most challenging industries in which to get hired. The number of applicants for each vacant position can be as high as 100-to-1. The worst thing a potential applicant can do is to make mistakes in answering banking interview questions. Here are some examples of what you do not want to do when you are interviewing for a banking position.

Lack of enthusiasm

Most interviewers will form an impression of you within the first 60 seconds based on how you act and what you say. If you fail to show interest in the position, the company will pass on hiring you. A successful applicant will show enthusiasm for their accomplishments and be able to clearly articulate how they will benefit the company. If you are unable to enthusiastically sell yourself during the interview, how do you expect to sell anything to your bank’s customers?

Dress inappropriately

I once interviewed a person for a banking position that showed up for the interview wearing shorts and flip flops. I asked him if he thought bankers wore this type of attire in their position. His response was that he thought this interview was casual and that is why he dressed the way he did. Always dress more conservatively than the position requires. You do not want to damage your chance of getting a job by dressing inappropriately.

Inefficient knowledge of key job requirements

You may expect the position you are interviewing for includes extensive interaction with bank clients during golf outings, sporting events or dinner. If your expectations for the job are way off then the company will reject your application. If your job routinely requires 80+ hour work weeks then do not ask if you can work only 50 hours.

Ringing cell phone

You should never bring a cell phone to an interview. If you must bring your cell phone, make sure to turn off the ringer before the interview starts. Nothing is more disrespectful to an interviewer than to have a cell phone ring in the middle of an interview. If it does ring, DO NOT ANSWER the phone!

Talking Negatively

If you had a conflict in your current or previous position, do not talk negatively about the issue. Companies do not want employees who are going to be negative because this impacts team dynamics and performance. You do not want to use profanity in answering questions. This shows a lack of professionalism. If you are talking with a bank client and you use profanity, it may lose their account which could be a multi-million dollar account.

An interview is a dialogue between the company and yourself. The interview benefits both parties to determine whether or not a candidate is a good fit for a banking position. Making these mistakes will terminate any chance you have of getting the position.

Must Know Business Logic Vulnerabilities In Banking Applications

blogger /

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on. On one side, SQL Injection, XSS and CSRF vulnerabilities are still the top classes of vulnerabilities found by our automated scanning system, on the other hand however, there are a lot of business logic vulnerabilities that are often found by our security experts powered by a comprehensive knowledge base.

A business logic vulnerability is defined as security weakness or bug in the functional or design aspect of the application. Because the security weakness or bug is in the function or design, it is often missed by all existing automated web application scanners.

In this blog we are sharing the top commonly found Business Logic Vulnerabilities in the Virtual Credit Creation (VCC) module of a Banking Application.

Consider the following scenario: A Banking Application provides web based functionality to users to pay Bills Online as well as to create and manage Virtual Credit Cards. Virtual Credit cards are used to shop online. A Virtual Credit Card creation use case involves the following steps: 1.User visits banking application. 2.User opts to create virtual credit card. 3.User fills up personal details, required amount, expiry date of VCC etc. 4.User chooses a payment gateway. 5.User fills up credit / debit card details. 6.Banking Application redirects user to a Payment Gateway. 7.Required amount + Service Charge are debited from user’s Debit / Credit card. 8.Payment Gateway redirects user to a Callback URL provided by the Banking Application. 9.Banking Application verifies the Payment Gateway confirmation. 10.Banking Application generates a CVV number. 11.Banking Application presents VCC details to the user. 12.Banking application performs SMS verification of the user.

A couple of security weaknesses that are found in the above scenario are as follows:

TAMPERING OF DATA COMMUNICATION BETWEEN PAYMENT GATEWAY AND BANKING APPLICATION: Weaknesses: The Banking application does not verify whether the required amount is successfully paid at the Payment Gateway Side, or what amount is being paid at the Payment Gateway Side. As a result, a virtual card can be recharged with higher amount while paying a lower amount to the bank by modifying amount when the request is sent from payment gateway to the bank.

Mitigation: There should be sufficient validations between the Banking application and the payment gateway. The callback URL should not be allowed to be directly controlled by an attacker.

NO VALIDATION ON BANKING APPLICATION’S CALLBACK URL Weakness: There is lack of validation on the Banking Application Side when the Payment Gateway redirects a user to the Banking Application’s callback URL. As a result, a virtual credit card can be created without paying any service charges, by sending the request directly to the callback URL of Payment Gateway.

Mitigation: There should be enough validations on the callback URL including whether the URL is redirected by the Payment Gateway or directly called by an attacker.

VIRTUAL CREDIT NUMBER IS PREDICTABLE Weakness: Generated Virtual Credit card numbers are predictable or follow certain patterns. As a result, an attacker can predict what virtual credit card numbers are being used by other legitimate users.

Mitigation: Virtual Credit Card numbers should be sufficiently random.

NO ANTI-AUTOMATION IN VIRTUAL CREDIT CARD DETAILS VERIFICATION Weakness: There is no anti-automation (e.g. CAPTCHA) while verifying the Virtual Credit Card details such as CVV number and expiry date. The Credit Card number is sufficiently long however, the CVV number is generally a 3 digit number and expiry date is also a 2 digit number. As a result, it is possible to bruteforce the CVV number and expiry date, and shop online using a stolen virtual credit card number.

Mitigation: There should be sufficient anti-automation e.g. CAPTCHA while verifying the CVV numbers along with the Credit Card Number.

NO ANTI-AUTOMATION IN CARD CREATION PROCESS Weakness: There is no anti-automation while creating a virtual credit card. An attacker can use automated scripts to exhaust credit card numbers. As a result, Credit Card Numbers can be exhausted and be therefore made unavailable to users leading to a Denial of Service (DoS) attack. It can also lead to other attacks including Credit Card Number pattern prediction.

Mitigation: There should be sufficient anti-automation e.g. CAPTCHA while creating virtual credit card numbers

Read Banking Labour Law Books Ca Cs Mba Books At Online Book Store

blogger /

How an Online Book Store can be defined?
An online book store is nothing but a website owned by a dealer of various types of books like books on banking, law, taxation, labor law, CA, CS, MBA etc. Also online book stores usually maintain in accordance to the market they serve.
Reading knowledgeable books is a good habit to everyone. Books are a great source to get information on any topic or subject. Reading books is some peoples hobby too, they can spare a long time reading some informative books.
The Internet is a great source where you can find adequate and relevant information on any topic or subject. Buying books online is much easier and full of fun than purchasing books from on-road books shops. Online Buying of books not only save your time but also the physical exertion and money you spend while traveling to purchase books from the regular bookstore. Thus, buying books online is more advantageous than buying books from regular shops. As buying books online is fast, accurate, takes less time.
Bookcorporation is one of the leading book store of law, taxation, labor law, CA, CS, MBA etc. It has a wealth of books with considerable strengths in the law, Direct Taxation, FEMA, SEBI, Banking, Service Tax, Central Excise, Customs, Import, Export, etc. It aims to be the book store of choice for students, lawyers, Engineers, businessmen, labor etc.
Labor law books available online are full of information and updated labouring rules/laws which help to business and other industries. You cannot take any type of labour work from child under 14 years age, because this comes under the law. All such laws are fully explained in these law books. Books provide guidelines to us in all fields/areas for business or commercial point of view.
Another advantage of buying books online is the impressive discount offered by the online bookstores. Due to reduced cost of maintaining a physical store and paying the salesmen, you can get discount books online as well as a large collection of books too.
You have to very careful during search for online books, such as price and the right author name of the book etc. The same text book is sold at different prices on the Internet. So, you need to search various online shops that sell the same text book. You will experience the difference in prices by some book sellers for the same book or title. You can save some money by visiting some great online book stores online. Moreover, you don’t need to waste your time searching for the textbook in your local store.