Apply now

Online Banking

For more than 15 years, online banking — also called e-banking or home banking — has been growing in popularity; by 2011 already 44 percent of German bank customers were handling their transactions this way.

Apply now for your desired loan

Inhaltsübersicht

Online Banking

For more than 15 years, online banking — also called e-banking or home banking — has been growing in popularity; by 2011 already 44 percent of German bank customers were handling their transactions this way.

This steady increase in online banking users is not only due to the convenient handling and the enormous speed of transaction processing, but also to the high security standards that banks must comply with, which are important arguments in favor of online banking.

Replacement of paper forms

Online banking makes traditional paper forms completely unnecessary in the private sector, since transfer slips and other orders can be filled out and executed directly on the bank’s website.

The private banking customer receives an online access that is linked to their account number and must be authorized for online banking.

For this purpose, a so-called PIN (personal identification number or secret number) and a TAN list (transaction numbers) or a TAN generator are usually sent to the customer by separate mail. Some banks also offer sending a transaction-related TAN via SMS. To activate access to online banking, the PIN and a TAN must be entered to ensure security.

Once activated, customers have a variety of options available in online banking: viewing the current account balance, obtaining information on transactions from recent months, setting up standing orders, making domestic and international transfers, and more. Online banking completely replaces the need to visit a branch and always provides an up-to-date overview of the account.

Beyond that, other transactions can also be conducted online, such as securities trading, opening savings accounts, or ordering and managing credit cards.

Speed and security in online banking

The biggest advantage of online banking, besides convenient and direct access to the account, is undoubtedly the speed at which transactions are processed. A normal online transfer within the same bank institution takes only a few minutes; to another bank it takes about a day.

It is also very customer-friendly that transactions can be carried out around the clock from home, although bookings are, of course, subject to the banks’ normal business hours and are not processed at the weekend.

The security of online banking is a constant challenge for banks and the service providers who must ensure secure data transmission and protection against unauthorized access. Essentially, online banking operates in two different ways: browser-based via the respective bank’s website, or with a special banking program that allows offline preparation of transactions and then transmits the data to the bank in batches. Data transfer is performed encrypted and secured; attacks could theoretically only be carried out with great effort.

Attack points in online banking

The most common attack points are the private PC and the user themselves, who should treat and store secret numbers and authorization documents as such. If the computer is protected from viruses and malware with a reputable antivirus scanner and a firewall, trojans and malicious programs that can take control of the PC from the outside have little chance.

A relatively new attack method is so-called phishing, where an attempt is made to obtain the user’s data by sending fake emails with the layout of the respective bank and a corresponding request for PIN and TAN. Banks repeatedly warn on their websites about unauthorized PIN and TAN requests in online banking, as they fundamentally do not use such means.

Even more sophisticated is so-called pharming, which redirects a bank website to another server through DNS attacks. Very detailed reproductions can intercept online banking access data. Active protection programs and a firewall that raise the alarm also help here. Another security factor is the SSL encryption certificate, which should be checked for authenticity.

Authorization in online banking

Every transaction in online banking must be authorized individually. In home banking, where all transactions are prepared offline with a separate program and then sent to the bank in a batch, this is done with a special chip card and a card reader.

For browser-based online banking in the private sector, a customer password and the PIN — which can be changed on first use from the secret number received by post — must be entered to log into the bank’s banking program.

For each individual transfer or any other transaction in online banking, the customer then needs a transaction number (TAN), which they either take from a list provided by the bank or generate.

Another option is the mobile TAN, which is sent directly to the customer’s phone after the transfer form has been completed on the bank’s website.

A very widespread variant is a TAN generator. These small auxiliary devices are available in different versions; some work only with the customer card, others generate TANs based on the account number, date and time, or similar factors. The newest generation of these devices works with light signals generated on the computer screen and picked up by optical sensors in the generator. From these data the device calculates the TAN, which must then be entered to authorize the banking transaction.

Since a TAN consists of six characters, the probability of guessing a TAN is extremely low.

Conclusion on Online Banking

Online banking represents a new quality in the handling of banking transactions, as the user can conveniently process all common orders from home or on the go and around the clock, view their account balance, and conduct securities transactions. A browser-based access on the bank’s website opens up all possibilities.

The other variant of online banking, which works with special banking software and enables the batch transmission of offline-prepared transactions to the bank, is more suitable for companies with a large volume of transfers or similar needs.

In the private sector, a personal identification number (PIN) and a transaction number (TAN) are sufficient for online banking to authenticate and process transactions securely. Over the years these procedures have been refined so that the attack points on the home PC and the user themselves have been reduced. Hardware should in any case be equipped with an antivirus scanner and a firewall.

Furthermore, access data should be treated confidentially and stored securely by the user so that no unauthorized access is possible. Unauthorized requests for PIN and TAN should be deleted immediately or ignored, because banks would never request such information from online banking users in this way.

All in all, security is a top priority in online banking, transaction processing is extremely fast, and the convenience of being able to conduct banking business from anywhere at any time is outstanding.