Internet Banking Solution
By Integrated Digital Systems
Banking Anytime, Anywhere
• Internet Banking has become an essential service in the
banking sector. Using their PC, corporate and individual
clients will be able to get account information and post
their transactions easily and on the spot.
• You will now be able to provide the same services
provided on location for your clients in the comfort of
their home, shorten waiting line, and decrease the cost of
IDS Internet Banking System
• IDS e-Banking allows your corporate and individual clients to benefit from informational
and transactional services provided by your bank using their PC and Internet connection
regardless of time and location.
• The system is secure, user-friendly, and enables bank clients to perform all operations
– Cash management
– Wire transfers
– Bill presentment and payment
– Balance inquiries
– Funds transfers
– Downloading transaction information
– Loan applications
– Investment activity
– Other value-added services
• The system is composed of the following four modules:
– Internet Banking (User and Corporate Banking)
– Internet Banking Administration
– Customer Inquiry System
– Customer Inquiry System Administration
– Proxies for Mediation Services
The application security tests are modeled along the methodologies
specified by the Open Web Applications Security Project
(OWASP). OWASP has rated the Top Ten Vulnerabilities found in
web applications worldwide:
• Un-validated Parameters
• Broken Access Control
• Broken Account and Session Management
• Cross-Site Scripting (XSS) Flaws
• Buffer Overflows
• Command Injection Flaws
• Error Handling Problems
• Insecure Use of Cryptography
• Remote Administration Flaws
• Web and Application Server Mis-configuration
The application was tested and proven safe against all the above
vulnerabilities. It also uses Secure Socket Layer technology.
• The user interface is the • Click to View:
environment using which bank – Individual Banking
clients can access and manage
their accounts through the – Corporate Banking
Internet. – IB Administrator
– Customer Inquiry System
• The following screenshots – Customer Inquiry
were taken from the Administrator
Commercial Bank of Kuwait
website, designed and – Proxy for Mediation Services
developed by IDS.
Individual and Corporate Use
View in this Section:
– Website Homepage
– First Time Registration
– Session Log
– Portfolio Display
– Display Account Details
– Download Statement
– Transfer History
– Beneficiary Accounts
– SWIFT Transfers
– Bill Payment
Users of the online banking system need to have a User ID and
Password for security purposes. In case the client is using the
system for the first time, he has to set up his account for future
First Time Registration
During new user registration, the client should provide his
account number, and a pin number provided by the bank. He
also has to set a user ID and Password, and agree to the Terms
User can edit his profile’s information: Name, Address, Phone
User Session Log shows the user the dates and times when he
accessed the pages of the internet banking system.
The previous page displays a consolidated view of the client’s assets and liabilities
at the bank.
At the top of the page, the system displays the total assets and the total liabilities
in the same currency.
In the details of the Assets accounts the system displays the following for each
- Account Number
- Account Type
- Available Balance (balance available for withdrawal or other
- Current Balance (real balance)
The Liabilities section shows Credit Card accounts and Loan accounts.
In the Credit Card section, user can view the account number, credit card type,
currency, limit amount, outstanding amount, and available limit.
In the Loans section, the user can view loan amount, balance, installments, and
past due amounts.
Display Account Details (Credit Card)
From the Portfolio page, the user can click on any account to
view its details. Here, credit card account information is
available to the user. He can check his limit amount and his
unbilled transactions for a month or for a date range he
specifies. Similarly, user can view loan, fixed deposits, foreign
currency accounts, and other.
Download Account Statement
User can download an Excel sheet containing account
information. User can define the account and the period for
which the statement will be issued.
User is able to transfer amounts from an account to another
(own and third party). He has to specify the debit and the
credit accounts, the amount, the currency, and the effective
date of the transfer.
After entering the required information to perform the transfer,
the user is required to confirm the transfer operation. Balance
amounts and other relevant information are displayed.
When the transfer is confirmed, the system issues a
confirmation page containing all transfer information that the
user can keep for future reference.
The user can view his transfer transactions history with
information about the date, amount, account numbers, and the
status of each transfer.
The user is able to keep a directory of accounts to which
he usually performs transfer operations. The user can
select an account number, currency, and a description.
In order to use the SWIFT transfers function of the system, the
client has to register his nickname, bank name, and other
The SWIFT transfer form where the user should enter the
account to be debited, the name of the beneficiary, the amount
of the transfer, and other details.
For a number of companies defined by the bank, the user can
pay his bills using the internet banking interface.
Account Profile Management
User can add accounts to his profile and give each account a
• View in this section:
– One-to-Many Transfers
– Many-to-One Transfers
– Payroll Management
– Order Checkbook
Corporate User Interface
• In addition to the previously demonstrated features, the
system offers corporate users many additional features.
• These features include:
– One to Many transfers
– Many to One transfers
– Payroll Management of Corporation Employees
Using the One to Many transfers page, the user can select a
Debit Account, from which he can transfer amounts he specifies
to an unlimited number of Credit Accounts.
Using the Many to One transfers page, the user can select a
Credit Account, from which he can transfer amounts he
specifies to an unlimited number of Debit Accounts.
Payroll Session Setup
• In “Session Parameter” a company’s accountant can set up the payroll by:
– Selecting the Debit Account from which to pay salaries
– Selecting the accounts to which salaries will be transferred (user is able to
upload a list existing on a file on his PC, or downloading accounts)
– Entering the maximum amount allowed to be paid to each account
– Creating the new session
– Going to “Payroll Page”
In the Payroll page, the user enters the amounts to be paid to
each account. When the user clicks on “Submit”, he is
notified that the session will be processed.
In the “Session Log” page, the user can view the history of his
sessions, and the status of each session. When the user clicks
on the session, a page containing session details is opened.
Corporate users can order checkbooks using the website by
entering account number, number of checkbooks required, and
the name and e-mail of the authorized representative.
Internet Banking Administrator
• The Internet Banking Administrator system allows bank administrators
(depending on their rights) to manage IB website settings, set different
kinds of transfer limits, define special rate days, control user status, and
edit administrators rights.
• The internet banking administrator system allows bank administrator to:
– Enable/disable the Internet Banking site.
– Lock/Unlock Internet Banking user, logout user, delete user.
– Set user and general fund transfer limits.
– Authorize SWIFT beneficiary account numbers.
– Edit special rate days.
– Activate/Deactivate special exchange rates.
– Issue treasury report for IB fund transfers.
– Issue administrator audit report.
– Edit country name for credit card transactions.
– View session log for an Internet Banking user.
– Set default session timeout for Internet Banking users.
– Manage administrator site users and rights.
Manage Users and Users’ Rights
Using this screen, the system administrator specifies the users of the
IB system and their rights. User Rights allow or prohibit a user from
viewing or using certain features or system screens and information.
User Status Control
Here the administrator can disable or delete a specific user
or make a group of users log out. This is used in case abuse
Set Transfer Limits
The administrator can specify for accounts of his choice the
maximum allowed amount per transaction, per day, and per
Manage Site Controls
• Administrator can set:
– Session time out: the time elapsed before an idle logged
in user is logged out by the system
– Transfer limit per transaction, per day, and per month
– Enable week end rate
– Enable holiday special rate
– Consider Ramadan Special Work Hours
Customer Inquiry System
• The customer information system is used by bank tellers to view
account balances and statements of bank clients by entering one of
the client's account numbers or the CIF number of the client.
• The CIS uses the same interface as the Internet Banking interface
• The systems allows bank teller to:
– View the portfolio of the client's accounts and credit cards.
– View account details and query statements over different
periods of time.
– Download statements in different formats.
• The CIS Administrator system is used by bank
administrators to manage users of the CIS system.
• The systems allows bank administrators to:
– Manage CIS Admin users and rights.
– Manage CIS users and rights.
– Issue audit reports
Proxy for Mediation Services
• The Tr0909 Proxy is a system that allows mediation between different fund transfer
services in the bank and the core data of the bank on the Mainframe.
Communication with the mainframe is based on a TCP/IP messaging system. The
proxy validates incoming messages for the following conditions:
– Service availability
– Allowed originating IP address
– Correct message format
– Correct Hashing
– Correct message timing
• After validation, the proxy sends the message to the mainframe and waits for a
response from the mainframe or for another transfer message. Every message in the
queue has its own identification number so that, when the proxy get the answer to
a message from the mainframe, it returns the result to the originating application
with success or failure and the reason in case of failure.
• Parties using this proxy include Fund Transfer through Internet Banking, Fund
Transfer through IVR banking, Labor payments, Bill Payments, etc.
Integrated Digital Systems
Lebanon Offices: Kuwait Offices
Bir Hassan, Embassy of Morocco
Str., Al Zahraa’ Bldg. P.O. Box: 27927 Safat, 13001
P.O. Box 25/95 Ghobeiry, Lebanon Kuwait
Tel.&Fax: 01859501 Tel.: +9654718187
IDS Homepage E-mail us for more Information