SMS Smart
【Introduction】
“SMS Smart” by the Industrial Bank is a brand-new SMS messaging service for internet banking. The service adds another layer of security to internet banking and provides more convenience. The service covers three main aspects as follows:
“Smart Messenger” ---includes notifications for due loan repayments, notifications of any account activity and notifications when account limits are reached by SMS. These previously available functions can now be applied for and activated in corporate internet banking.
“Smart Guard” ---designed to protect operator access to internet banking. When the operator logs-on to corporate internet banking or when a command is generated, the system will send an authorization code in a SMS message or request the password generated by mobile phone dynamic password authorization software so that the security of internet banking is strengthened.
“Smart Secretary” ---First, regarding the pauses that occur in the process of command circulation, the system will send an SMS message to prompt the next operator in the chain. This increases the efficiency of the command circulation process. Secondly, the outcome of command implementations is sent to the operator by means of an SMS message so that he or she will be able to stay up to date with the status of implementation. “Smart Secretary” also includes notifications of internet banking information. When a new notice is announced by the internet banking information center, the system will notify the operator in a SMS message straight away.
【Main Features】
Enhanced Security
In addition to the protection offered by the corporate certificate, clients who activate “Smart Guard” will have the added security of a dynamic password. This makes transactions in internet banking even safer.
Improving the Efficiency of Command Circulation
Clients who activate “Smart Secretary” can send a message to inform the next operator in the chain once the command has been generated, and are able to choose to receive SMS notification of the outcome of the command or of command return. This means that the people handling such affairs can stay up to date on the status of commands and thereby enhance the efficiency of command circulation.
Greater Convenience
“Smart Messenger” functions that were previously available can now be activated online, which saves clients the hassle of queuing-up in a bank outlet to activate such services.
【Solutions to Corporate Problems】
Problem One---Security of internet banking
| Foundation protection measures of internet banking | Smart Guard Strengthening protection mechanisms | Mobile phone dynamic password software Strengthening self-protection mechanisms |
Security measures | • Password verification • Certificate verification • Operator access control • Business process control • Limit control | • Log-on control • Signature Control • Early warning for password error • Overtime cancellation for dynamic password • Control on mobile phone number change | • Application control, download code verification • Second-time confirmation with SMS in software download • Password verification for software log-on • Mandatory password modification mechanism for first time log-on • Preventive mechanism for attempts to extract password • Anti-copy technology & identity-binding mechanism |
Applications | Universally used in banking | IB innovation | IB innovation |
Means of attack | Stealing document certificate and password by attacking client terminal | Stealing mobile phone or Sim card | Owing to the fact the software itself cannot be copied or transplanted, it can't be stolen, so the bank terminal would be the target. |
Attacker | Network hackers | Acquaintances | Network hackers |
Attack difficulty | Known cases have occurred | Related to the operator's behavior | No known cases |
Recommendations: a combination of the Smart Guard protection mechanisms and the foundation protection measures of internet banking provide the strongest security backing.
Problem Two---Reminding Business
Bank Notification VS Auto Notification
Person issuing notification | A bank | A corporate operator |
Credibility | High credibility with the bank's credit | Personal credit |
Validity | Accurate information using the template | Possibility of erroneous input |
Convenience | A single click | Time & energy consuming |
Cost | RMB 0.1 Yuan/text | RMB 0.1 Yuan/text |
Emotional orientation | Not affecting superior-subordinate relationships as the notice comes from the bank | Unwillingness to use frequently and no reminding unless absolutely necessary |
Recommendations: allowing the Bank to make notifications of the behalf of the operator is more believable, accurate and convenient. It can help operators to avoid embarrassing situations brought about by constantly urging.
Problem Three---Feedback of command outcome
1. Two payment modes: payment upon approval and payment on agreed date
2. Typical payment process: operator → recheck → authorization → 【waiting for execution】 → executing payment
(1) Normal Circumstances: payment successful
(2) Uncommon Circumstances: returned, payment failure, part of batch payment failed
3. Channels for result feedback:
(1) Through the payee, the delivery is confirmed or urgent action is required----triggering a credit crisis
(2) The operator logs-on to internet banking and checks himself or herself---time & energy consuming
(3) Notifications of return or account transfer---timely notification, prevents anything from being missed.
Recommendations: with Smart Secretary, command return notification and transfer outcome notification can effectively solve the issue of command outcome feedback, and thereby help to prevent a crisis of credit. This service also helps to conserve human resources.
Problem Four---Requirements for Department Function
1. Issues concerning large cash outflow
Executives in an enterprise need to be kept up to date on the status of funds.
2. Issues concerning the paying-in of loans/deposits/guarantee:
Correspondent functional departments need to arrange production or processing.
3. Issues concerning investment & financing:
Received loans from the bank or redeemed money from a fund must be used for production or re-invested immediately.
4. Problems concerning focus:
Not just one person in the company needs the latest information about cash flows. How can an enterprise address this?
Recommendations: Smart Messenger is able to send notifications to 10 people. Each person can set different kinds of notification or an upper or lower limit for transactions that require notification. This flexible service can meet the different demands of different departments.
Copyright © Industrial Bank Co.,Ltd. All Rights Reserved.