Customers are increasingly concerned about the issue of security when it comes to choosing a bank. One of the reasons for this is the rapid increase in the volume of electronic payments, which attracts the attention of cybercriminals. The volume of transactions conducted via the Internet has increased five times over the past three years in Ukraine. Around 280 successful hacking attempts into banking systems were recorded only during the last year. They resulted in 87 million UAH stolen from the accounts of Ukrainian enterprises.

Cybercrime is a relatively new phenomenon in Ukraine, and the fight against it is only now beginning to take on a systematic character. Associations of Banks, the Ministry of Interior in cooperation with other government agencies establish working groups to deal with cybercrime. And there is a whole unit to combat cyberfraud in our bank.

Clients are used to the fact that the services of the leading financial institutions are always available and running smoothly. To ensure this, banks invest in the most advanced technologies and software to enable secure services and customers' information.

But it is not enough to ensure the invulnerability of the banking systems. It is very important to avoid intrusion into clients' computer networks. Companies often neglect the recommended safety precautions; they do not log off from the "Client-Bank" system after each transaction having a stream of payments of several hundreds of thousands, they do not store the key, which is only used when signing a payment order, on a separate removable media and so on. Therefore, the most "vulnerable place" is still the customer's computer.

One way to effectively protect customers from fraud is a logical system of payment orders verification. If the payment order from the client contains a company, which the client has previously conducted transactions with, it will be processed automatically, and if there are bank details of a new company (often the bank details of fraudsters), the payment document will be transferred to a bank specialist for additional confirmation over the phone.

In addition to the possibility of theft of funds directly, in the case of such a computer hacking, fraudsters can seize a huge database of highly confidential client's information (data on all transactions, bank details, cash flows, etc.), as these databases are stored directly on the side of the enterprise. In order to protect client's data, an online Internet banking system has been developed. The data is stored directly on the servers of the bank, when using it.

Directive 1999/93/EC has been adopted in the EU long time ago, and according to it the storage of the key to the digital signature on a specialized device is mandatory. The NBU also recommends the use of smart cards/USB-tokens to store these keys. Their application is a proof of the integrity and authenticity of the document. Even if the fraudsters hack into the client's computer and create a payment order they will not be able to send it to the bank without a smart card/USB-token.

Source Capital