Electronic banking, walk on egg shells

The world’s oldest bank, Monte dei Paschi di Siena- was founded in 1472; it defined a model of banking consisting of branches, cheques, and paper currency that functioned largely unchanged for 500 years, until in the 1990s when banks started digitizing some of its processes. 

Electronic banking is part of the broader context for the move to online banking, where banking services are delivered over the internet.

The internet is an international network of interconnected computers that enables millions of people to communicate with one another in “cyberspace” and to access vast amounts of information and services from around the world. 

The universal nature of the internet makes it complex on how it affects many sectors including banking.

It obviously presents unmatched comparative advantages like efficiency, convenience, and effective ways of serving and receiving services over traditional banking.

For example, I am able to pay for any services including utility bills using a credit card, electronically generated debit or credit card or “low end” technologies like Unstructured Supplementary Service Data (USSD). This all can be done at the comfort of one’s home without queuing up in the bank.

However, by the flip of the coin, internet banking makes consumers and banks vulnerable to cyberattacks and crimes. These risks are compounded by the issues of jurisdiction, which will be a discussion for another day.

Most of the financial-related cyber-crimes are not defined in our penal laws, yet it is trite that no one can be charged with a none existing offence.

We can only read them in the existing legal framework, which is utterly insufficient to protect the interests of commercial banks and consumers.

The hackings we have had are just a tip of the iceberg of a gradually growing problem of rampant and sophisticated cyberattacks like; identity theft, a person with a stolen credit card is able to purchase products online that they would not be able to purchase in person because of  EMV security, a set of international standards that define interoperability of secure transactions across the international payments landscape, if a hacker is able to hack in the bank, he may not steal money but identities of the customers without ever coming into personal contact with them, this is the easiest and attractive crime.

Account takeovers may be familiar in Uganda, though in the 'social world', in electronic banking, criminals access customers’ accounts and then change information such as email addresses and personal contacts.

The real owner of an account stops receiving updates from the bank and all the transactions because the communication becomes rerouted to the criminal.

Meanwhile, others are; cyber spoofing, Phishing, Malware automated threats, where malicious internet bots are used to complete many repetitive tasks.

Whereas the bank has a mandate- never to omit privacy, the customer must always read and understand the terms and condition presented to them by the bank on top of protecting the login creditials.

Some banks under their terms do not guarantee to inquire into the authority of any person using the client’s assigned credentials as it is assumed that the transactions initiated using the client’s credentials and access codes are initiated by him or herself.

With other banks’ terms, they are not obliged to verify funds transfer details or the destination account numbers, names or the amounts involved in any instruction. Somehow, the bank will not be responsible in many circumstances of the losses caused unless there has been negligence on its part.

Mr Timothy Amanya is a legal practitioner.