শনিবার, ২৬ অক্টোবর, ২০১৩

sms and Alert Banking System



sms and Alert Banking System
[ From chapter-13 of the book "Information Technology in Banking" written by Abul Kashem Md. Shirin and Nusrat Tamanna Prianka and published by Institute of Bankers, Bangladesh (IBB) ]


1.         sms Banking

sms Banking is a way of performing some banking activities sending sms from a customer’s registered mobile device. It is a push and pull service. The customer must have a deposit account and his mobile number must be linked to the account. On request of the customer, a Bank Officer links the customer’s account with a given cell number. The customer is given a PIN which he will use during all the transactions. Each of the messages has some pre-defined syntax. Customer must send the sms as per the syntax. For example if the syntax for a balance enquiry is ‘bal <PIN>’ and the PIN is 1234, the customer must write the sms like: bal 1234 and send to the bank’s short code. If the short code is 3225, the sms should be send to 3225. This short code should be registered with the mobile operator so that the mobile operator will divert all such messages to the bank server using a secured connectivity. Syntax and example of some of the sms functions are given below:
         Balance Enquiry
        Syntax: BAL <PIN>
        Example: BAL 1234
         Statement Enquiry
        Syntax: STM <PIN>
        Example: STM 1234
         Payment of Post-Paid Mobile Bills
        Syntax: PAY <PIN> <Amount> <Mobile #>
        Example: PAY 1234 200 01911223344
        Note: If the mobile # is not include, the bill will be paid for the mobile from which the sms is send
         Refill of Pre-Paid Mobile
        Syntax: RFL <PIN> <Amount> <Mobile #>
        Example: RFL 1234 30 01911223344
        Note: If the mobile # is not include, the refill will be done at the mobile from which the sms is send
         PIN Change
        Syntax: PIN <Old PIN> <New PIN>
        Example: PIN 1234 4321
         Payment of Utility Bills
        Syntax: UTL <PIN> <Amount> <Company Code> <account# / customer# / Telephone# / Meter#>
        Example: UTL 1234 423 101 1.1123456
        Note: Unique Company code is published by the bank for each of the utility companies
         Payment of Shopping Bills
        Syntax: POS <PIN> <Amount> <Merchant Code>
        Example: POS 1234 715 301
        Note: Unique Merchant code is published by the bank for each of the Merchants

2.         Alert Banking

Alert is a push service, hence customer does not require to initiate anything for alert. However he will need to register his mobile number with the bank for Alert Services and bank may charge a fee for this service.

The Alert Banking System initiates the alert sms and send to the customers mobile. The system will first send the sms to the Banks short code. The respective Mobile Operator’s system will receive the sms and send to the customers mobile.

The system generates three types of alerts and send to the customer’s mobile – Debit alert, Credit alert and Periodic alert. The three types of alerts are defined below:

2.1.            Debit Alert

An auto generated alert sms to the customers mobile when his account is debited for an amount greater than the specified amount. The customer will specify the amount during registration.

2.2.            Credit Alert

An auto generated alert sms to the customers mobile when his account is credited for an amount greater than the specified amount. The customer will specify the amount during registration.

2.3.            Periodical Alert

Month-end alert informing month-end balance or for sending any information to the customer’s mobile. Such alert sms are initiated by the bank officials.

3.         How sms Banking works?

Bank installs a software for sms/alert banking at its data center and makes an interface of the sms/alert banking system with the core banking system. Bank also needs to establish a physical connectivity with the mobile operators and makes necessary arrangement for sending and receiving text messages. The mobile operator will allocate a short code to the bank such as 3225.

Now customer types sms as per syntax defined by the bank (say bal 1234) and sends to the short code. The sms will go to the mobile operator’s sms server. Mobile operator will add the mobile number from which the sms has been generated with the text (01911223344 bal 1234) and send the entire text to the bank’s sms/alert software through the connectivity.

Bank’s sms/alert software will do the following:

a)         Check if the password (1234) is correct or not.

b)         If password is not correct, a message “Incorrect password” will be forwarded to the customer’s mobile. If the password is correct, the system will find out the account number which has been linked during registration with this mobile number.

c)         From the keyword ‘bal’ the bank’s sms/alert system will understand that the customer wants to know his account balance.

d)         The sms/alert banking system will send a request to the core banking system along with the account number of the customer to send back the current balance amount.

e)         The Core banking system will find out the current balance and send to the sms/alert banking system.

f)          The sms/alert banking system will create a sms using the balance amount, such as “Date: 20/10/2010; Time: 22:23; Ac No: 99999999; BAL: 99999.99 BDT” and will send back to the mobile number using the short code 3225 through the mobile operator.

4.         Important notes for the customers:

·         Please memorize the sms PIN and destroy this.

·         Do not disclose the sms PIN to anybody.

·         It is recommend that customer changes his PIN frequently.

·         As the SMS sent by the customer contains his PIN, it is strongly recommend that the customer deletes the SMS from his “Sent Items” or “Outbox” immediately.

·         Banks will not be responsible for any fraudulent activity on the customer’s account due to misuse of his PIN and mobile jointly.

5.         Security in sms and Alert Banking

sms Banking commands and information are passed from the customer’s mobile device to the bank’s server using ‘Short Messaging System’ which is a simple text. There is no encryption between the mobile and the server. It is also not session oriented. Thus sms banking is not secured.
On the other hand, sms is ‘Store and Forward Data’ service. Thus the entire text of the message including PIN is stored in the mobile set. If not deleted, this can be exposed to other peoples.

Therefore it is desirable that no fund transfer transaction be allowed using sms banking.

এর দ্বারা পোস্ট করা এই সময়ে

1 টি মন্তব্য:

  1. Unknown৭ মার্চ, ২০১৮ এ ১:১২ AM

    Thanks for the wonderful blog.Customized checks are the most recent trend
    and most most popular by shoppers these days. Checking account holders are now able to order checks at cheaper costs.
    NFL Football

    উত্তরমুছুন

এতে সদস্যতা: মন্তব্যগুলি পোস্ট করুন (Atom)