INFORMATION SECURITY AUDITING FOR INTERNET BANKING WEB APPLICATION

Abstract

The basic function of audit is finding risk and preventing fraud from occurring as well as maintaining healthy, safe operation of enterprise. The web today has become the most used and popular platform for application development. Banking industry is considered one of many businesses that have taken advantages of the internet and IT development by introducing internet banking service to their customers that brings many benefits to banks and customers. However information security risks are associated with internet banking. In this research a new way to look at mathematics, multi criteria decision making (MCDM), is used. This research analyzes the security of existing deployments of internet banking services from the perspective of end user, whose main goal is completing the online transaction securely. Many internet banking security parameters are taken and given weight according to their security effectiveness with the help of research papers, and then existing deployments are compared based on these parameter weights by using MCDM algorithm. Context authentication has become increasingly important in online banking, which involves confidential data that belong to users who trust their banks. Developing a usable and secure authentication approach and method is the most challenging area for researchers in the fields of security and human-computer interaction. Along with MCDM, a new approach of user authentication system is suggested which improves current authentication system to an extent. This model doesn’t allow users to login same account from different places simultaneously and any such activities are notified to genuine user.