Secure banking on the Internet

printable version

Electra Internet Banking offers the highest available security to users with respect to making transactions via the Internet.

Due to the applied technical solutions, the system offers full security to both financial institutions and their clients. To our knowledge, the Electra Internet Banking system has never been compromised by unauthorised people.

Authentication

Protection is based on two-tier authentication. You can find more information on that in the article on signatures.

Notifications

Electra Internet Banking can send SMS notifications to a specified telephone number when certain operations pre-defined by the user are carried out. These notifications can inform the user about successful logins or about successful or failed money transfers.

Login can be a two-level procedure itself. If that is the case, the system will send a login code as well as a login password in an SMS, and the user can access the services only after entering this code as well.

Security components

Electra Internet Banking provides comprehensive and full protection against Internet attacks threatening online banking systems. The following is a non-exhaustive list of attack types that the service is protected against:

  • XSS - Cross-site scripting
  • SQL injection
  • CSRF - Cross-site request forgery
  • Input manipulation
  • Theft of session ID
  • Pharming

As a consequence of the multi-level logging and alert system of our Internet Banking solution, operators can immediately learn of any security incident.

We provide our partners consultancy on secure operation in the course of system installation and operation, and we also supply them with up-to-date information about new threats occurring on the Internet.

Due to our numerous partners and their foreign parent banks, our development team receives information from a uniquely wide range of users, and we also pay close attention to novel technological solutions and standards. As we get access to all that information, Electra Internet Banking always contains up-to-date security solutions.

Audit

The security of an online banking system always depends on the IT infrastructure which it is implemented in. Therefore, an Internet banking system is never audited as a standalone solution but rather in the context of the IT environment in which it runs.

Accordingly, a number of companies have audited the Electra Internet Banking system and performed penetration tests on it at several financial institutions, and our system was always found to be in compliance with the requirements. We implement audit recommendations consulting with the respective banks on a continuous basis.

 
 Related articles