ReadiMinds has announced the results of its second annual India online security survey titled ‘State of Online Security in Financial Institutions in India – 2009’. Survey respondents represented a cross section of India's major banks. The survey primarily focused on issues pertaining to transaction security, online financial fraud prevention and real-time risk mitigation.

Key findings of this survey are:

1. Surprise, surprise. Unlike their Asian counterparts, 75 percent of Indian respondents rated their own financial insitution's ability to counter online security threat as ‘good’.

2. External sources are the fastest growing area of online fraud. This is in line with other Asian countries.

3. Only 25 percent of respondents indicated having implemented some form of online fraud detection and prevention technology.

4. Almost all respondents reported that their financial institutions were victims of online fraud(s) during the year.

5. Increasing concerns raised about the inconveninence of hardware tokens. New ‘Software 2FA’ technology, namely device finger-printing is increasingly attracting attention, similar to Asia and other parts of the world, due to its effectiveness, convenience and lower cost.

6. Indian financial institutions are still taking ‘piecemeal/ fraud-wise/ channel-wise’ approach to tackling online frauds, as opposed to taking holistic financial crime surveillance approach across channels. However, 75 percent of respondents showed strong desire to implement enterprise-wide, holistic, cross-channel financial fraud prevention moving forward.

7. Over 75 percent of respondents preferred ‘real-time’ fraud detection and prevention as opposed to traditional ‘cooling period/ review period’ based approach.

8. Over 87 percent respondents claimed to have known that an integrated, multi-layered security consisting of stronger user authentication, cross-channel fraud detection [and false positive reduction] and risk-based transaction authorisation is the strongest form of defence against identity theft and online financial frauds - both traditional and emerging ones.

9. Surprise, surprise. Unlike their Asian counterparts, 50 percent Indian respondents rated efforts of their financial institutions to tackle online branch banking frauds as ‘good’.

10. Easy access to technology/ systems, improper hiring practices, and staff dissatisfaction were the top three contributing factors to online branch banking frauds.

11. Fund transfer to fraudulent accounts was rated the single biggest branch banking fraud concern by 50 percent of the respondents.

12. Audit is still the primary mechanism being used to detect online branch banking frauds.

13. 66 percent of respondents felt a Real-Time Enterprise Risk Monitoring and Mitigation System, being part of a regulatory and compliance framework, could have helped minimise risk crisis in the financial industry.

14. Unlike their Asian counterparts, only 25 percent of respondents would like to implement real-time operational risk monitoring & mitigation framework.

15. Surprise, surprise. Unlike their Asian counterparts, 50 percent of Indian respondents rated their organisation's readiness to tackle trading desk related frauds as ‘good’.

16. Online Financial Fraud Prevention and Regulatory Compliance are the topmost security and risk agendas during the year.

17. There is an increasing desire to take a holistic approach to transaction security for preventing financial crime across various channels, across the enterprise.

18. FIs starting to think about the future challenges as well: After implementing ‘point’ solutions that could only tackle limited security challenges for a single channel like identity theft, financial institutions are now realising they actually need a future-safe, investment-proof fraud prevention solution that could grow to meet challenges posed by emerging online frauds across channels.

Naren Nagpal, CEO, ReadiMinds, said, "Divergent views of Indian respondents compared to that of Asian counterparts indicate that Indian financial institutions have raised their efforts over the last one year to tackle the online security & fraud challenges more aggressively than their Asian counterparts. However, most still have only the basic channel-wise transaction security method in place primarily targeted for identity theft, as opposed to prevent broader online frauds. It is obvious there exists an excellent opportunity to leapfrog and adopt real-time, integrated, multi-layered, cross-channel financial fraud prevention as opposed to doing a catch-up with traditional piecemeal fraud/ channel-wise approaches."