I have been an Ex-Banker having started my Banking career from IOB, Mysore in the year 1973. Having built my career on the foundation of Banking, I moved into private sector in 1987 and landed in the Cyber Law area some time in 1998. Ever since, I have been working in this domain.
Those were the days when Bankers used to display the quotation of Mahatma Gandhi made in South Africa in around 1890 stating
“A customer is the most important visitor on our premises. He is not dependent on us. We are dependent on him. He is not an interruption in our work. He is the purpose of it. He is not an outsider in our business. He is part of it. We are not doing him a favor by serving him. He is doing us a favor by giving us an opportunity to do so…”
Those were also the days when persons like Late Mr M R Pai worked selflessly for the betterment of Bank Customers.
Banking has come a long way since then. Technology has transformed Banking. We have come past Computerization, ATM Banking and Internet Banking and are now exploring Mobile Banking.
But,
In pursuit of technology, I often get a doubt if we still remember what Mahatma Gandhi said about Bank customers being the focus of business. We often feel today that a bank Customer is only an object around whom a derivative service called Banking has been developed and traded with the sole objective of making profits.
As we have and are increasingly are embracing new technology, the fundamental aspect of Banking being a “Safe Avenue” for investments is being given a go by. This is manifesting itself in the form of increasing litigation in banking where the disputes revolve around the use of technology.
Techno Banking laws such as Information Technology Act have therefore become a focus of attention for today’s Banking practitioners. After ITA 2008 version became effective in 27th October 2009 the need to understand and comply has become critical for all Bankers. The prescriptions of ITA 2008 on Information Security, the liabilities it imposes have become an essential knowledge for Bankers in the technology era.
In order to create better awareness of the implications of ITA 2008 on Bankers, Cyber Law College organized a workshop at Bangalore on “Implication of ITA 2008 for Bankers”.
Introducing the workshop, Naavi indicated that he was extremely happy that this program was happening in the month of October when we celebrate the two special days connected with Digital Society in India viz, October 17 which is the “Digital Society Day”, the day digital documents first gained legal recognition in India exactly 10 years ago and October 27th which is the first anniversary of ITA 2008.
Honourable Justice Sri Rajesh Tandon, the Chair Person Cyber Appellate Tribunal inaugurated the workshop and Dr N Vijayaditya, the Controller of Certifying Authorities delivered the key note address. Delivering the inaugural speech, Sri Tandon drew the attention of the participants to the authentication requirements as indicated in the Act. Dr Vijayaditya highlighted how the Digital Signature system under the Act provided non repudiable authentication.
The technical sessions were kicked off by Naavi and Rakesh Goyal providing an overview of ITA 2008 and its relevance to Bankers. While Rakesh provided a quick overview of the Act including its penal sections and the liability for data protection under the Act, Naavi emphasized how ITA 2008 has made Cyber Security a mandatory prescription for any IT user. Referring to authentication, Naavi also highlighted that RBI has recognized through their circular way back in 2001 that Banks must use digital signature for authentication or otherwise assume legal risk and get insurance.
Naavi also presented his Three dimensional Information Security approach based on Technical, Legal and Behavioural Science approaches and the Information Security Framework, IISF-309.
Mr Kumar, AGM of Corporation Bank presented the recent security measures initiated by the Bank in compliance of ITA 2008 including the introduction of digital signature based access system. MR N.Vidyashankar, an eminent techno legal professional shared his own experience as a victim of Phishing and how he was able to get the issue resolved through the Banking Ombudsman process.
Mr Vicky Shah, a techno legal consultant shared the recent Consumer Court decision in Mumbai on a Phishing Case and indicated that the Bank involved faced the liability due to lack of due diligence. Mr Dube, another IS audit practitioner shared his methodology of ITA 2008 compliance audit.
Following this a battery of technologists presented various security concerns and solutions. Mr Venkat of E Mudhra (Certifying Authority) presented a mobile security solution which Banks may require to secure mobile banking. Mr Chandrashekar (Bellur Infortech) presented an E-Audit Tool, Mr Vinod Senthil spoke of how zero day attacks made Bank security measures vulnerable to many attacks. Mr Jayachandran discussed issues in data center security.
Delivering the concluding remarks address, Mr Sanjeev Kumar, COO of 3i Infotech Consumer Services stressed that cost effective digital signature solutions are now available and there is no reason why Banks need not undertake measures to meet the requirements of ITA 2008.
The Program was organized by Cyber Law College, attended by senior Banking professionals and was sponsored by 3iInfotech Consumer Services and Department of IT and BT, Government of Karnataka and supported by Mandamus Info Consultants.

Naavi of naavi.org
.

Be Sociable, Share!