Linux in Banking

Mr. Shoham tells us how his company set up an Internet banking system using Linux for a bank in Western Canada.

M-Tech is a computer security products and services company based in Calgary, Alberta, Canada. This article describes our experience developing an Internet banking system for a major financial institution in Western Canada. Since it discusses the computer security infrastructure of this organization, they have asked that we not name them explicitly here. The system is now in production, and allows thousands of users to make financial transactions on-line.

This article will describe:

  • What components are needed to build an Internet banking system

  • How Linux made developing the Internet banking system easier

  • The deployment of Linux servers as key components of the final system

What is Internet Banking?

Internet banking may be defined as any system that gives customers of a financial institution the ability to execute financial transactions across the Internet. Since the connection between the customer and the financial institution is electronic, we are limited to transactions that do not require the exchange of money or documents. What remains are the following:

  • Funds transfers

  • Account balance and history inquiries

  • Bill payments

  • Loan applications

  • Retrieving information about services, branch locations, etc.

  • Sending feedback to the financial institution

While a given Internet banking system might not support every one of these features, it is possible to implement any of them. Internet banking is basically a user-friendly, secure and distributed user interface to existing banking systems. With this in mind, we were hired to do the following:

  • Design and deploy a network and application infrastructure to support the new application.

  • Help implement a WWW-based user interface in Java.

  • Help integrate the new system with existing business logic in our customer's mainframe.

Functionality

As outlined earlier, the Internet banking system must be able to support any transaction type where an exchange of physical items (such as cash) is not required. Since the set of possible transactions will evolve, it should be easy to extend the system to support new transaction types.

User Interface

The application is intended for use by thousands of users, many of whom have limited experience with computers. Accordingly, the user interface should be suitable for people whose computer skills consist only of having access to a computer, knowing how to start a WWW browser and how to type in a URL.

Additional requirements for the Internet banking system we were hired to construct are:

  • Different groups in our customer's organization must be able to easily implement different user interfaces to the application with different graphics, advertising and menus.

  • Our customer must be able to customize and extend the system's functionality in the future.

Security

By far, the most important feature of an Internet banking system is that it should do no harm. In particular, the system must ensure that:

  • The existing “backend” (a mainframe used to process transactions) should be invulnerable to attack. Most importantly, it must not be vulnerable to denial-of-service attacks.

  • A third party, connected to the network somewhere between the user on the Internet and the Internet banking system on our client's network, should find it impossible to decipher or alter the communication between those points.

  • Users should be authenticated using as reliable a mechanism as economically feasible.

As a general rule, the system should be as safe, both for the user and the financial institution, as transactions made by the user in a bank branch.

Hardware

When deployed, the system consists of four physical components:

  1. Client workstations, which include a WWW browser with Java and SSL capabilities

  2. One or more firewall systems to protect the Internet banking servers against external assault

  3. One or more application gateways: the Java user interface applet is downloaded from these and must communicate with the backend through them.

  4. A backend transaction processing system: for most financial institutions, including our customer, an IBM mainframe is used.

______________________

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState