Online banking

Electronic banking, e-banking, online banking, home banking or electronic banking ( e- banking ) is banking transactions via data lines with the help of computers, smart phones and other electronic devices or via telephone connections using telephones and fax machines ( tele-banking, telephone banking or phone banking ).

2013 completed 45 % of Germans do their banking online. ( 1998 = 8 %, 2000 = 11% 2002 = 23%; 2006 = 34%; 2008 = 36%; 2010 = 35%; 2011 = 44%)

  • 3.1 Germany
  • 3.2 Switzerland
  • 3.3 Austria

Species

Electronic banking is a generic term for a number of different methods to perform banking transactions regardless of bank branches and bank opening times can. You can define these methods as follows:

  • Data medium exchange method (DTA or DTAUS )
  • (Also known as e-banking, home banking and tele-banking rare ) Online Banking
  • Telephone banking (often called tele-banking )
  • Map-based payment (also called Electronic Cash ).

The individual methods have been developed for specific target groups. For example, the classical data exchange carrier is preferably used by larger business customers, while in the use of very simple telephone banking rather appeals to private customers. In practice, however, often takes place mixing.

Data Medium Exchange

The physical data carrier exchange is common in addition to the electronic transmission of files via FTAM / BCS (see below), especially for large companies and municipalities with very many jobs.

Here, transfers and direct debits in file form on floppy disks or CD -ROMs, previously filed on magnetic tapes to the bank. The structure of the file (" DTAUS File") is prescribed unified across the databases of the German banking industry and in addition to the client and recipient data the order (bank transfer or direct debit ), as well as summary data for control.

The legitimacy and authorization of orders made ​​by a disk accompanying note signed by an authorized representative.

Switzerland

Within Switzerland there are uniform and standardized structure for the DTA format. The data medium exchange format ( DTA) is defined by the SIX Interbank Clearing Ltd (a joint venture of the Swiss banks). The Swiss format is not compatible with the German format.

Online Banking

Taking online banking refers to the direct access to the bank's computer. (eg via the Internet or direct dial-up at the bank via electronic data interchange ).

Here two processes are common:

  • Browser-based Internet banking through the Bank's website, usually secured by TLS.
  • Using an online banking program (so-called client program ), filled with the first offline, ie without a network connection, the transactions are prepared, as a proof of payment. After only a network connection for the transmission of the collected transactions is established.

The contracts will be signed using an electronic signature. Here, several methods have been established in Germany:

  • PIN / TAN ( with paper - TAN list, TAN - generator, or SMS - TAN)
  • Home Banking Computer Interface (HBCI ) or Financial Transaction Services ( FinTS ) with legitimacy by smart card or key diskette.
  • File Transfer and Access Management ( FTAM ) with electronic signature (ES ); particularly common in the corporate sector; Direct dial to the bank server via ISDN or DATEX -P.
  • Banking Communication Standard ( BCS), typically identical FTAM, then usually using electronic signatures mainly in larger companies use.
  • Electronic Banking Internet Communication Standard ( EBICS ): Expansion of the Banking Communication Standard for communication over the Internet using electronic signatures. Future Multi Bank Standard for corporate business over the Internet ( nationwide introduction in Germany as of 1 January 2008).

Modern internet browser-based banking systems are characterized among other things by Portal features, accessibility, various security mechanisms (eg against phishing), notification options (eg account balance change by SMS or email ), mobile TAN procedure and arbitrary logon name. All known browser-based Internet banking systems have already been implemented by proprietary software.

In Germany in 2008 24 million people took advantage of online banking, which is 38 percent of 16 - to 74 -year-olds.

In Austria, the MBS / IP method is mainly used.

Security for online banking

It is necessary to distinguish between the safety of the actual data transfer to or from the bank and the settlement in the workplace.

For all browser - and client -based electronic banking systems to encrypt the data transfer part of the banks is guaranteed. This is humanly not - or only with considerable time and resources - to manipulate. The transmission protocol HTTPS can use different encryption algorithms that are different secure. During connection establishment, acting web browser and server banks of the encryption algorithm, with most banks ( as of 2009) with the Advanced Encryption Standard with 256 -bit keys work.

The first attack opportunity for a scam is the home PC. So computer should always be backed up by an updated antivirus software and a firewall to prevent the spread of malicious programs such as viruses, keyloggers or Trojans. With such malicious programs such as remote control of the computer would be possible.

Through phishing and pharming attempts directly to the data necessary for the exchange of contracts ( eg PIN / TAN) to arrive. Each bank customer can already thereby protect, when the access permissions provided by the banks available not passed on or stored in the computer.

It could also be a manipulation of the Domain Name System to implement the URL of an online banking site on the IP address of an attacker ( DNS spoofing ). Thus, the web browser would be redirected to a different web server, even though the correct URL was typed.

A more elaborate attack on the online banking is the man-in- the-middle attack in which the attacker switches between user and bank. It is a direct monitor traffic in real time is required. According attacks are performed on approximately Trojan on the computer of the user. 2012, therefore, recommended the European Agency for Network and Information Security all banks the PCs of their customers generally to be regarded as infected, and therefore to use security procedures in which the client can again independently of the PC control the actual transfer data, such as - under the condition that the can be guaranteed security of the mobile phone - mTAN or smartcard-based solutions with its own control display as chipTAN.

Measures for safe online banking

The prerequisite for secure online banking is a safe method for authentication and authorization. The browser -based online banking chipTAN method corresponds to the current state ( 2012) of the technique. In the area of ​​home banking, for which a home banking software must be installed on the customer computer, with HBCI smart card and Secoder -compatible card reader is the safest method, with the respective bank must support the Secoder extension for HBCI.

In addition, there are a variety of technical measures that can be implemented on the client computer. These include, for example, the installation of anti -virus software and a personal firewall. For users of older TAN procedure, such as the ListenTAN process, the use of a live CD or a live USB stick with the free Knoppix or c't Bankix may be useful. Live systems do not normally contain banking Trojan and can thus protect the user from the Trojan problem. These measures focus on the technical aspects.

An equally important aspect for secure online banking is to raise the level of knowledge of the user and be aware of potential fraud. Banking Trojans like SpyEye or Tatanga have made ​​it clear that the deliberate manipulation of the user does not need a bypass of the technical security measures. By pretending false facts taking advantage of the ignorance of the bank customers many banking customers have been cheated out of large sums.

Known online banking programs (selection for the German market )

Germany
  • ALF Banco
  • Bank X (Mac OS X)
  • GnuCash (free software )
  • Hibiscus (Java, free software)
  • KMyMoney (free software )
  • MacGiro (Mac OS X)
  • Money Money (Mac OS X)
  • Moneyplex
  • IOutBank (Apple iOS )
  • OutBank (Mac OS X)
  • Pecunia (free software ) (Mac OS X)
  • Professional cash ( local cooperative banks)
  • SFirm
  • Steganos Online Banking
  • VR - NetWorld ( local cooperative banks)
  • Quicken
  • Star Money
  • WISO Mein Geld
Austria
  • ELBA MBS: BKS, BTV, CAPITAL Bank - GRAWE Gruppe AG, Hypo Upper Austria, Salzburg Hypo, Hypo Steiermark, ING Bank NV Vienna Branch, Upper Bank, Raiffeisen, Sanpaolo IMI SpA, Sparkasse, Erste Bank, BAWAG / PSK Group, Societe Generale, Svenska Handelsbanken AB, VKB - Bank, ZVEZA BANK reg.zz oj, Sparda Bank
  • Business Line, Business Net: Bank Austria,
  • HBP MBS: Volksbank sector, Hypo Vorarlberg, Hypo Tirol, Hypo Alpe- Adria-Bank, Hypo Niederösterreich Austria, Schoeller Bank AG, Bank of doctors and professionals, Invest Bank AG, Bankhaus Schelhammer & Schattera, direktanlage.at, Renault Bank AG, Bankhaus Carl Spängler & Co. Ltd., Gärtnerbank rGmbH, IMMO -BANK AG, Austrian Apothekerbank
Switzerland
  • Mammut ENTERPRISE
  • CLX.PayMaker
  • Office Wings
  • E-Finance
  • DirectNet
  • E-Services for Avaloq
  • CLX.E banking

Phone Banking

In telephone banking balance inquiries, transfers, often, securities transactions are handled over the phone. Here are voice computers, but also call center solutions or combined for use.

Card Supported Payment

Also paying with credit card, debit card or debit card falls in the range of electronic banking. Depending on the card you will be authorizing the payment by PIN or signature. The cash card no authorization is performed.

See also: Cashless payment transactions

CD-ROM Webbrowser Order (business) Integrated Services Digital Network Keystroke logging Trojan horse (computing) Uniform Resource Locator Bundesverband deutscher Banken
103759
de