IPPB FINACLE CBS COMMANDS IPPB CBS MENU
Tuesday, June 18, 2019
Revision of Pattern & syllabus for Limited Departmental competitive Examination for the post of Inspector Posts
DOP Revised the Pattern & syllabus for Limited Departmental competitive Examination for the post of Inspector Posts.
a) Indian Post Office Act, 1898
b) Government Savings Bank Act, 1873
c) Government Savings Certificate Act, l959
d) PPF Act, 1968
e) Prevention of Money Laundering Act, 2002 and its Amendments (Necessary on account of AML/CFT Norms)
f) Consumer Protection Act, 1986
g) Information Technology Act, 2000
2) Rules:
a) Indian Post Office Rules, 1933
b) Post Office Savings Bank General Rules, l981
c) Post Office Savings Account Rules, 1981
d) National Savings Recurring Deposit Rules, 1981
e) National Savings Time Deposit Rules, 1981
f)National Savings Monthly Income Account Rules, 1987
g) Post Office Savings Certificates Rules, 1960
h) Senior Citizen Savings Scheme Rules, 2004
i) National Savings Certificate (VIII Issue) Rules, 1989
j) Kisan Vikas Patra Rules, 2014
k) Public Provident Fund Scheme, 1968
l) Sukanya Samriddhi Yojana Rules, 2014
m) Post Office Life Insurance Rules,2011
n) Book of BO Rules
o)Pradhan Mantri Yojana Schemes and its Rules - PMSBY, PMJJBY, APY
3)Guidelines/Instructions relating to Inland/Foreign Post:
a) Post Office Guide Part - I
b) Post Office Guide Part - II, except Section VII & VIII
c) Domestic foreign Post guidelines issued by Directorate
4) Mail Operations and Money Remittances:
a) Postal Manual Volume V, except Appendix - I
b) Postal Manual Volume VI, Part - I, Chapter - I
c) Postal Manual Volume VI, Part - II, except Telegraphic Money Orders, British & Irish Postal Orders (to be deleted)
d) Postal Manual Volume VI, Part - III, except Appendices
e) Postal Manual Volume VII
f) Guidelines issued by Directorate on Mail Network Optimization Project and Parcel Network Optimization Project.
g) Guidelines issued by Directorate on eMO, iMO, IMTS, MMTS and IFS MO
5) Savings Bank and Savings Certificates:
a) Post Office Savings Bank Manual Volume I, II and III read with SB orders issued by Directorate from time to time
b) Guidelines issued by Directorate from time to time on Core Banking Services
6) Postal Life Insurance and Rural Postal Life Insurance:
a) Guidelines issued by Directorate from time to time on PLI/RPLI and Core Insurance Solution
b) Annual Reports and Book of Information of Department of Posts
7) Information Technology:
a) IT Modernisation Project 2012 and its update
b) Working knowledge on Core Banking Solutions, PLI-CIS, CSI and DARPAN.
8) India Post Payments Bank
9) Preservation and disposal of Postal Records
10) Swachha Bharat
2) CVC guidelines on Public procurement, guidelines and instructions on eProcurement in Government of India
3) Manual on policies and procedures for purchase of goods and services available on website of Ministry of Finance
4) Schedule of Financial Powers of Divisional Heads, Heads of Circle, etc
5) Welfare measures available to Departmental Employees and Gramin Dak Sevak of DoP
6) RTI Act,2015 and RTI Rules,2012
7) Fundamental Rules (FR) and Supplementary Rules (SR)
8) P&T FHB Volume I and Postal FHB Volume II
9) Rules relating Children Education allowance and reimbursement of Tuition fees
l0) CGEGIS Rules, 1980
1l) CCS(GPF) Rules, 1961
l2)Central Services (Medical Attendance) Rules, 1944 and CGHS Guidelines issued by Directorate
13)New Pension Scheme, 2004 and its amendments
I4)CCS Pension Rules, 1972 and its amendments
15)CCS Commutation of Pension Rules, 1981
l6) Postal Manual Volume II, except;
a) Chapter III - Appeals and Petitions,
b) Chapter IV - Personal matters
c) Chapter V - Security Deposits
d) Chapter VII - Forged Counterfeit stamps, defaced postage stamps, coins and currency notes
17) Postal Manual Volume IV Leave, Pension, Gratuities, Dealings on Examination, Recruitment rules of all Cadres and Establishment norms
18) Service Discharge Benefit Scheme, 2010
a) Chapter III - Appeals and Petitions
b) Chapter IV - Personal matters
c) Chapter V - Security Deposits
d) Chapter VII - Forged Counterfeit stamps, defaced postage stamps, coins and currency notes
2) Postal Manual Volume III
3) Postal Manual Volume VIII
4) CCS (Conduct Rules), 1964
5) CCS(CCA) Rules, 1965
6) CCS(Temporary Service) Rules, 1965
7) GDS (Conduct and Engagement) Rules, 2011
8) Brochure on Casual Labourers and instructions on Casual labourer issued by DoP&T from time to time
9) Constitution of India
10) Short title, extent, commencement & definitions of Civil Procedure Code & Criminal Procedure Code:
a) Cr PC: Proclamation for person absconding, attachment of property of person absconding, claims and objections to attachments, release, sale & restoration of attached property
b) Indian Evidence Act: Short title, extent & commencement of the relevancy of the facts
c) Evidence may be given of facts in issue and relevant facts
d) relevance of facts forming part of same transaction,
e) facts which are the occasion,
f) cause or effect of facts in issue, motive, preparation and previous or subsequent conduct.
g) facts which need not be proved.
h) Of oral evidence
i) Of documentary evidence
j) Indian Penal Code: General Explanation:
k) of punishments
l) of offences by or relating to public servants
m) of contempts of the lawful authority of public servants
n) of the criminal breach of contract of service
11)Instructions issued by Directorate and DoP&T on maintenance of APAR
l2)Central Administrative Tribunal Act, 19g5
13) Revenue Recovery Act, I 890
l4)Sexual Harassment of Women at Workplace (Prevention, prohibition and
Redressal) Act, 2013
l5)Public Accountant Default Act, 1850
l6)Prevention of Corruption Act, 1988
2) 50 questions on Current Affairs (Minimum 10 questions each from field of Indian Economy and polity, Sports, culture & science)
3) 50 questions on Reasoning, Interpersonal Skills, Mental Aptitude, Intelligence and Ethics
4) Noting (approx. 200 words) and Drafting (approx. 200 words) on a given topic [25 marks each]
Paper I
l) Acts:a) Indian Post Office Act, 1898
b) Government Savings Bank Act, 1873
c) Government Savings Certificate Act, l959
d) PPF Act, 1968
e) Prevention of Money Laundering Act, 2002 and its Amendments (Necessary on account of AML/CFT Norms)
f) Consumer Protection Act, 1986
g) Information Technology Act, 2000
2) Rules:
a) Indian Post Office Rules, 1933
b) Post Office Savings Bank General Rules, l981
c) Post Office Savings Account Rules, 1981
d) National Savings Recurring Deposit Rules, 1981
e) National Savings Time Deposit Rules, 1981
f)National Savings Monthly Income Account Rules, 1987
g) Post Office Savings Certificates Rules, 1960
h) Senior Citizen Savings Scheme Rules, 2004
i) National Savings Certificate (VIII Issue) Rules, 1989
j) Kisan Vikas Patra Rules, 2014
k) Public Provident Fund Scheme, 1968
l) Sukanya Samriddhi Yojana Rules, 2014
m) Post Office Life Insurance Rules,2011
n) Book of BO Rules
o)Pradhan Mantri Yojana Schemes and its Rules - PMSBY, PMJJBY, APY
3)Guidelines/Instructions relating to Inland/Foreign Post:
a) Post Office Guide Part - I
b) Post Office Guide Part - II, except Section VII & VIII
c) Domestic foreign Post guidelines issued by Directorate
4) Mail Operations and Money Remittances:
a) Postal Manual Volume V, except Appendix - I
b) Postal Manual Volume VI, Part - I, Chapter - I
c) Postal Manual Volume VI, Part - II, except Telegraphic Money Orders, British & Irish Postal Orders (to be deleted)
d) Postal Manual Volume VI, Part - III, except Appendices
e) Postal Manual Volume VII
f) Guidelines issued by Directorate on Mail Network Optimization Project and Parcel Network Optimization Project.
g) Guidelines issued by Directorate on eMO, iMO, IMTS, MMTS and IFS MO
5) Savings Bank and Savings Certificates:
a) Post Office Savings Bank Manual Volume I, II and III read with SB orders issued by Directorate from time to time
b) Guidelines issued by Directorate from time to time on Core Banking Services
6) Postal Life Insurance and Rural Postal Life Insurance:
a) Guidelines issued by Directorate from time to time on PLI/RPLI and Core Insurance Solution
b) Annual Reports and Book of Information of Department of Posts
7) Information Technology:
a) IT Modernisation Project 2012 and its update
b) Working knowledge on Core Banking Solutions, PLI-CIS, CSI and DARPAN.
8) India Post Payments Bank
9) Preservation and disposal of Postal Records
10) Swachha Bharat
PAPER II
l) Chapter 2 and 6 of General Financial Rules, 20172) CVC guidelines on Public procurement, guidelines and instructions on eProcurement in Government of India
3) Manual on policies and procedures for purchase of goods and services available on website of Ministry of Finance
4) Schedule of Financial Powers of Divisional Heads, Heads of Circle, etc
5) Welfare measures available to Departmental Employees and Gramin Dak Sevak of DoP
6) RTI Act,2015 and RTI Rules,2012
7) Fundamental Rules (FR) and Supplementary Rules (SR)
8) P&T FHB Volume I and Postal FHB Volume II
9) Rules relating Children Education allowance and reimbursement of Tuition fees
l0) CGEGIS Rules, 1980
1l) CCS(GPF) Rules, 1961
l2)Central Services (Medical Attendance) Rules, 1944 and CGHS Guidelines issued by Directorate
13)New Pension Scheme, 2004 and its amendments
I4)CCS Pension Rules, 1972 and its amendments
15)CCS Commutation of Pension Rules, 1981
l6) Postal Manual Volume II, except;
a) Chapter III - Appeals and Petitions,
b) Chapter IV - Personal matters
c) Chapter V - Security Deposits
d) Chapter VII - Forged Counterfeit stamps, defaced postage stamps, coins and currency notes
17) Postal Manual Volume IV Leave, Pension, Gratuities, Dealings on Examination, Recruitment rules of all Cadres and Establishment norms
18) Service Discharge Benefit Scheme, 2010
Paper III
1) Postal Manual Volume II:a) Chapter III - Appeals and Petitions
b) Chapter IV - Personal matters
c) Chapter V - Security Deposits
d) Chapter VII - Forged Counterfeit stamps, defaced postage stamps, coins and currency notes
2) Postal Manual Volume III
3) Postal Manual Volume VIII
4) CCS (Conduct Rules), 1964
5) CCS(CCA) Rules, 1965
6) CCS(Temporary Service) Rules, 1965
7) GDS (Conduct and Engagement) Rules, 2011
8) Brochure on Casual Labourers and instructions on Casual labourer issued by DoP&T from time to time
9) Constitution of India
10) Short title, extent, commencement & definitions of Civil Procedure Code & Criminal Procedure Code:
a) Cr PC: Proclamation for person absconding, attachment of property of person absconding, claims and objections to attachments, release, sale & restoration of attached property
b) Indian Evidence Act: Short title, extent & commencement of the relevancy of the facts
c) Evidence may be given of facts in issue and relevant facts
d) relevance of facts forming part of same transaction,
e) facts which are the occasion,
f) cause or effect of facts in issue, motive, preparation and previous or subsequent conduct.
g) facts which need not be proved.
h) Of oral evidence
i) Of documentary evidence
j) Indian Penal Code: General Explanation:
k) of punishments
l) of offences by or relating to public servants
m) of contempts of the lawful authority of public servants
n) of the criminal breach of contract of service
11)Instructions issued by Directorate and DoP&T on maintenance of APAR
l2)Central Administrative Tribunal Act, 19g5
13) Revenue Recovery Act, I 890
l4)Sexual Harassment of Women at Workplace (Prevention, prohibition and
Redressal) Act, 2013
l5)Public Accountant Default Act, 1850
l6)Prevention of Corruption Act, 1988
Paper IV
1) 25 Questions on English language2) 50 questions on Current Affairs (Minimum 10 questions each from field of Indian Economy and polity, Sports, culture & science)
3) 50 questions on Reasoning, Interpersonal Skills, Mental Aptitude, Intelligence and Ethics
4) Noting (approx. 200 words) and Drafting (approx. 200 words) on a given topic [25 marks each]
Leave Arrangement in CSI
The procedure for maintaining the substitute is as below:
The official has to go to his Business Workplace, and go to below path.
Settings >Workflow Settings > Maintain substitute
Then a separate window will open which displays the name of the official. Click on the name of the official and click on the maintain substitute icon at the bottom of the window.
Clicking on the icon will open a new window, where you can give the employee ID of the substitute and search. Enter the employee ID of the substitute and click “Enter”
This will display the name of the substitute. Then double click on the substitute’s name.
This will display the window where we can enter the start and end date of substitution for the official.
After entering those details, check the “Substitution Active” checkbox and click on “Save”.
Now the substitution is active. Close the window by clicking “Enter” icon
The official has to go to his Business Workplace, and go to below path.
Settings >Workflow Settings > Maintain substitute
Then a separate window will open which displays the name of the official. Click on the name of the official and click on the maintain substitute icon at the bottom of the window.
Clicking on the icon will open a new window, where you can give the employee ID of the substitute and search. Enter the employee ID of the substitute and click “Enter”
This will display the name of the substitute. Then double click on the substitute’s name.
This will display the window where we can enter the start and end date of substitution for the official.
After entering those details, check the “Substitution Active” checkbox and click on “Save”.
Now the substitution is active. Close the window by clicking “Enter” icon
Provision of Local Language for engagement to Gramin Dak Sevak Posts
DOP order Provision of Local Language for engagement to Gramin Dak Sevak Posts. Full detail in the pdf below.
Click Here for pdf.
Hope You like this post!
Click Here for pdf.
Hope You like this post!
RBI removes NEFT, RTGS payment charges to push digital transactions
RBI has removed charges for payments via NEFT and RTGS and asked banks to pass on the benefits to customers. This means that payments via NEFT and RTGS would become either free or charges would be drastically reduced. This was announced in the Statement on Developmental and Regulatory Policies, which was released today by the central bank as part of its monetary policy review.
The Reserve Bank levies minimum charges on banks for transactions routed through its Real Time Gross Settlement System (RTGS) meant for large-value instantaneous fund transfers and the National Electronic Funds Transfer (NEFT) System for other fund transfers. Banks, in turn, levy charges on their customers. In order to provide an impetus to digital funds movement, it has been decided to do away with the charges levied by the Reserve Bank for transactions processed in the RTGS and NEFT systems. Banks will be required, in turn, to pass these benefits to their customers. Instructions to banks in this regard will be issued within a week.
1. National Electronic Fund Transfer (NEFT)
NEFT is a payment system facilitating funds transfers from one bank account to another. One can access this service either by using Internet banking or by visiting the bank branch. (Not all bank branches are enabled with this service.)
Once you initiate the transfer, the money reaches the beneficiary account within hours. There is no limit on the minimum or maximum amount you can transfer, however, individual banks may put restrictions on the per transaction amount.
2. Real Time Gross Settlement (RTGS)
This is a facility used for transferring high value amounts. In RTGS, the minimum amount that can be currently transferred is Rs 2 lakh.
You can only transfer funds using RTGS on any working day between Monday and Saturday either via internet banking or bank branch.
The Reserve Bank levies minimum charges on banks for transactions routed through its Real Time Gross Settlement System (RTGS) meant for large-value instantaneous fund transfers and the National Electronic Funds Transfer (NEFT) System for other fund transfers. Banks, in turn, levy charges on their customers. In order to provide an impetus to digital funds movement, it has been decided to do away with the charges levied by the Reserve Bank for transactions processed in the RTGS and NEFT systems. Banks will be required, in turn, to pass these benefits to their customers. Instructions to banks in this regard will be issued within a week.
1. National Electronic Fund Transfer (NEFT)
NEFT is a payment system facilitating funds transfers from one bank account to another. One can access this service either by using Internet banking or by visiting the bank branch. (Not all bank branches are enabled with this service.)
Once you initiate the transfer, the money reaches the beneficiary account within hours. There is no limit on the minimum or maximum amount you can transfer, however, individual banks may put restrictions on the per transaction amount.
2. Real Time Gross Settlement (RTGS)
This is a facility used for transferring high value amounts. In RTGS, the minimum amount that can be currently transferred is Rs 2 lakh.
You can only transfer funds using RTGS on any working day between Monday and Saturday either via internet banking or bank branch.
OBC Creamy and non creamy layer -How to get OBC certificate ?
What is OBC?
Other Backward Class (OBC) is a collective term used by the Government of India to classify castes which are socially and educationally disadvantaged. It is one of several official classifications of the population of India, along with Scheduled Castes and Scheduled Tribes (SCs and STs).
How do I know if I belong to OBC or not ?
The link below will help you decide if you belong to BC (Backward class) community. Further ,BC is classified into creamy layer and non creamy layer. If you belong to Non creamy layer ,then you belong to OBC.
http://www.ncbc.nic.in/User_Panel/CentralListStateView.aspx
Professional class means doctor, lawyer, management consultant , artist, film actor, engineer, architect, sportsperson, media professional , etc. If the Gross annual income is less than 6 lakhs and wealth is above exemption limit , you shall be treated as “CREAMY LAYER”.
Note -For computation of gross annual income, do not include ‘Income from salaries and income from agricultural land’
Question: I belong to non creamy layer. How do I get certificate for the UPSC exam ?
Ans : OBC certificate along with ‘non creamy layer’ mention has to be obtained from the local Tahsildar.
Question : What is the validity period of my OBC certificate ?
Ans: OBC certificate consist of two parts - first part indicate that the concerned person belongs to the community listed as OBC and second part indicate that candidate does not fall in the creamy layer while the OBC status of a candidate may change only when the community of the concerned candidates is removed from the OBC list, his her creamy layer status may change any time. In view of it, it is not possible to determine a fixed validity period for the OBC certificate.
Other Backward Class (OBC) is a collective term used by the Government of India to classify castes which are socially and educationally disadvantaged. It is one of several official classifications of the population of India, along with Scheduled Castes and Scheduled Tribes (SCs and STs).
How do I know if I belong to OBC or not ?
The link below will help you decide if you belong to BC (Backward class) community. Further ,BC is classified into creamy layer and non creamy layer. If you belong to Non creamy layer ,then you belong to OBC.
http://www.ncbc.nic.in/User_Panel/CentralListStateView.aspx
What is Creamy layer ?
The term creamy layer was first coined by Justice Krishna Iyer in 1975 in State of Kerala vs NM Thomas case, wherein he observed that the benefits of reservation are snatched away by the top creamy layer of the 'backward' caste or class, thus keeping the weakest among the weak always weak.
They are not eligible for government sponsored benefits in education and employment.
In UPSC, there are separate cutoffs for the General category and OBC category .The cutoff of the OBC category is slightly lower than the General Cutoff.
The candidates belonging to creamy layer are taken under “General Category’
Please Note -The creamy layer is only applicable in the case of Other Backward Castes and not applicable on other group like SC or ST.
Who belongs to Creamy layer ?
For children of persons in civil services, please note that the below list belongs to creamy layer
Important Note:-
1. If you belong to creamy layer because of the above conditions ,you will continue to fall in creamy layer even after your parents retire from service.
2. YOUR INCOME/STATUS DOES NOT MATTER. Creamy layer is based on the status of your parents and has nothing to do with your income/status nor the status/income of your spouse.
3. Eligibility regarding government employee is based upon his level, and not his salary. Example –If your parents are earning 7 lakhs and they are below group B officers ,you will still come under ‘NON CREAMY LAYER.’
For children of PUBLIC SECTOR UNDERTAKINGS/PRIVATE SECTOR:-
The criteria prescribed for determining ereamy layer status of sons and daughtcrs of persons in Goverment service mutatis mutandis applies to the sons and daughters of persons holding equivalent or comparable posts in PSUs, banks, Insurance Organisadons, Universities etc and also holding equivalent or comparable posts and positions under private employment.
If you are not able to establish equivalence vis-à-vis government jobs,then
Compute the income of your parents from salaries and income from other sources separately.(Income from other sources excludes salaries and agricultural land)
Income from Salaries(FOR 3 CONSECUTIVE YEARS)
|
Income from other sources(FOR 3 CONSECUTIVE YEARS)
|
STATUS
|
More than 6 lakhs
|
More than 6 lakhs
|
CREAMY LAYER
|
Less than 6 lakhs
|
More than 6 lakhs
|
CREAMY LAYER
|
More than 6 lakhs
|
Less than 6lakhs
|
CREAMY LAYER
|
Less than 6 lakhs
|
Less than 6 lakhs
|
NON CREAMY LAYER
|
FOR CHILDREN OF “PROFESSIONAL CLASS AND THOSE ENGAGED IN TRADE AND INDUSTRY “
Professional class means doctor, lawyer, management consultant , artist, film actor, engineer, architect, sportsperson, media professional , etc. If the Gross annual income is less than 6 lakhs and wealth is above exemption limit , you shall be treated as “CREAMY LAYER”.
Note -For computation of gross annual income, do not include ‘Income from salaries and income from agricultural land’
Question: I belong to non creamy layer. How do I get certificate for the UPSC exam ?
Ans : OBC certificate along with ‘non creamy layer’ mention has to be obtained from the local Tahsildar.
Question : What is the validity period of my OBC certificate ?
Ans: OBC certificate consist of two parts - first part indicate that the concerned person belongs to the community listed as OBC and second part indicate that candidate does not fall in the creamy layer while the OBC status of a candidate may change only when the community of the concerned candidates is removed from the OBC list, his her creamy layer status may change any time. In view of it, it is not possible to determine a fixed validity period for the OBC certificate.
Friday, September 7, 2018
Analysis: India Post Payment Bank: Postmen as Bankers
The new India Post Payments Bank will take banking to the doorstep by using India's mammoth network of post offices. Postmen will perform digital transactions on their phones. That's raising concern among security leaders, who recommend adopting defense-in-depth security.
The new bank is designed to serve a largely low-income population with little banking experience, muchless experience with mobile or online technology. So these customers are particularly vulnerable to social engineering.
"They are most prone to threats, including remote exploits (network-based attacks), phishing, ransomware and cyber-espionage," says Aditya Khullar, technical leader-cybersecurity at Paytm, a e-commerce payment system and digital wallet company. "Malicious users may attempt unauthorized access through hand-held devices, too."
As a result, many security practitioners recommend the bank implement new, strong authentication methods and develop a security team.
Banking Service for the 'Unbanked'
India Post Payments Bank is incorporated as a public sector company under the Department of Posts with 100 percent government equity; it's governed by the Reserve Bank of India.
IPPB, under the ministry of communications, enables three lakh postmen and Grameen Dak Sewaks, or postmasters, to digitally deliver financial services.
At the launch in Delhi this week, Prime Minister Narendra Modi said: "The growing pace of technology in communication threw a challenge, and we used technology as a base to turn that challenge into an opportunity to convert postmen into bankers delivering financial services to the rural sector."
IPPB will be available through 650 branches and 3,250 access points immediately, scaling to all 1.55 lakh post offices by December 2018.
IPPB accepts deposits up to Rs 1 lakh and offers remittance services, mobile payments/transfers/purchases, debit cards, internet banking and third-party fund transfers.
Communications Minister Manoj Sinha says deposits above Rs. 1 lakh will be automatically converted into post office savings accounts. "The bank is permitted to link around Rs. 17-crore postal savings bank accounts with its own setup, including 1.4 lakh bank branches, nearly 50,000 of them in villages, which face a challenge reaching the 'unbanked'," Sinha says.
Security in Question
Suresh Sethi, managing director and CEO of India Post Payment Bank, says in an interview with Livemint: "There is a lot of focus in ensuring all RBI guidelines regarding establishing the bank are met, including creating the right customer-facing processes and compliance with end-of-day balances."
He adds: "We are giving postmen smartphones, on which a mobile agent app will be installed, and a biometric authentication device, all connected on a real-time basis with our core banking system. It will meet stringent RBI guidelines to ensure each transaction is online. We've invested in very high-end technology capability for ensuring our applications are simple, intuitive and leveraging RBI's payment and settlement system, which makes them affordable and helps take interoperable services to the last mile."
Singapore-based Tom Wills, director of Ontrack Advisory Pte. Ltd., a security consulting firm, says the new bank will face the same threats all banks face. "However, its new remote service delivery model using mobile devices carried by postmen needs special attention; it's practically guaranteed that fraud will be attempted from day one," he says.
"Biometric authentication will provide protection against hacking and many types of identity fraud, though not against social engineering (fraudsters persuading a legitimate user to send them money). No system in the world is able to stop that because it's a human, not technical, attack."
Dharshan Shanthamurthy, founder & CEO at SISA Infosecurity Pvt. Ltd., a payment specialist firm, says: "Regarding postal payments services, if biometric authentication is placed as an additional factor, not as a primary factor, it can contain fraud risks, as payment infrastructure is a very lucrative target for fraudsters."
The biggest challenge, says Mudit Rastogi, senior vice president-India and APAC at Aujas Networks, a managed service provider, is delegating responsibility for delivering services to those who are not technology savvy. The handheld devices that are critical endpoints for banking are prone to fraud, he adds.
K.K. Mookhey, CEO at Network Intelligence, a cybersecurity consulting firm, expects IPPB will face risks different from other banks, particularly if the networks of the post office and for banking transactions are not segregated.
Building in Security
IPPB will not require the use of debit cards. Instead, it will rely on issuing new QR (Quick-Response) cards that use biometric authentication, not passwords or PINs.
IPPB has already launched its app, which can be used for mobile banking and opening an Aadhaar-based account without visiting a post office, according to Live Mint.
Mookhey argues that IPPB needs to appoint a CISO to drive governance and implement a proper organizational structure for policy and process adoption. "It's a green field project, so it's easier to build security by design and ideally design the security architecture to address network, operating system, database and application security," he says.
Khullar believes IPPB should focus on ensuring defense-in-depth as it builds the infrastructure. "Known as layered security or layered defense, it describes the practice of combining multiple mitigating security controls to protect resources and data," he says.
Rastogi supports Khullar's argument for a layered security model with multifactor authentication which would help in establishing a secure transaction through handhelds.
"IPPB should have an in-house cybersecurity team ... to enable thwarting attacks/exploits proactively," Khullar recommends.
Ideally, IPPB should use multimodal biometrics, Khullar says, using more than one characteristic feature, such as fingerprint and facial recognition, or capturing multiple sets of the same trait through different sensors, enabling stronger, foolproof authentication. "Combining individual measurements - called biometric-fusion - increases robustness," he says.
Ontrack's Wills says IPPB should build a security ecosystem, segregating the bank network into back-end and front-end. "The back-end, operated within the bank's enterprise IT environment, will be secured just like any other bank back-end," he says. "The front-end is what's new, with mobile devices being carried by Grameen Dak Sewaks and postmen.
"Special attention must be paid to securing transactions and sensitive personal data across the global system for mobile communication and mobile network, and in the devices themselves. Transaction security here is addressed by biometric + QR code reading process, and, I would assume, encryption of transaction data as it travels across the network. Security of the device itself is not discussed, but it must consist of access controls (usually a PIN) plus addressing the special requirements of mobile application security, such as preventing fake apps from being created and downloaded and preventing any malware on the device from accessing the mobile app."
Subscribe to:
Posts (Atom)
-
Directorate has issued the revised Postal Manual VI part III (Provisional) till the final implementation of IT Modernization Project. [ C... -
Solved Questions – LGO Exam held on dated 15.09.2013 1. Rs.675/- amount to Rs.837 in four years at simple interest. If the interest rat...
