DEBARPAN DAN BENGAL INSTITUTE OF TECHNOLOGY SUVOJYOTI SINHA RAY BENGAL INSTITUTE OF TECHNOLOGY ARPAN LOHO BENGAL INSTITUTE OF TECHNOLOGY JOYDEEP GOSWAMI BENGAL INSTITUTE OF TECHNOLOGY
Online Banking System 1
ACKNOWLEDGEMENT We would like to take this opportunity to express our gratitude and thank those who directly as well as indirectly have helped us in the completion of this project. Thanks to our mentors, Mr. Arpan Kumar Saha and Ms. Oyindrila Dutta, for providing constant support and guidance. Without their assistance and valuable advice the project would not have been in its present form. We are all indebted to our family members for their priceless affection and support. Online Banking System 2
Oriens Infotech Pvt. Ltd
CERTIFICATE This is to certify that this project ONLINE BANKING SYSTEM BASED ON ASP.NET USING C# is bona fide record of work done at ORIENS INFOTECH PVT LTD by the following group members, NAME UNIV. ROLL NO. INSTITUTE DEBARPAN DAN 12100110014 BENGAL INSTITUTE OF TECHNOLOGY SUVOJYOTI SINHA RAY 12100111003 BENGAL INSTITUTE OF TECHNOLOGY ARPAN LOHO 12100110045 BENGAL INSTITUTE OF TECHNOLOGY JOYDEEP GOSWAMI 12100111015 BENGAL INSTITUTE OF TECHNOLOGY
under our guidance & supervision and submitted in partial fulfillment of the requirements of the summer training 2013, conducted between 17-06-2013 and 30-06-2013.
(Signature of project mentor) (Signature of project mentor) Ms. Oyidrila Dutta Mr. Arpan Kumar Saha
(Signature of Training in Charge) Mr. Ishan Ghosh ORIENS INFOTECH PVT. LTD. Online Banking System 3
ABSTRACT The main aim of the project is to create an online banking application to allow customers of a bank to perform their financial transactions check their account balances and view their details online and to allow administrators of the bank to perform major administrative duties including approving new account proposals, checking account information, updating customer details, etc.
Online Banking System 4
INTRODUCTION
ABOUT ONLINE BANKING Online banking (or Internet banking or E-banking) allows customers of a financial institution to conduct financial transactions on a secure website operated by the institution, which can be a retail or virtual bank, credit union or building society. To access a financial institution's online banking facility, a customer having personal Internet access must register with the institution for the service, and set up some password (under various names) for customer verification. To access online banking, the customer would go to the financial institution's website, and enter the online banking facility using the customer number and password. Some financial institutions have set up additional security steps for access, but there is no consistency to the approach adopted. Features Online banking facilities offered by various financial institutions have many features and capabilities in common, but also have some that are application specific. The common features fall broadly into several categories: A bank customer can perform some non-transactional tasks through online banking, including - viewing account balances viewing recent transactions downloading bank statements, for example in PDF format ordering cheque books Bank customers can transact banking tasks through online banking, including - Funds transfers between the customer's linked accounts Paying third parties, including bill payments and telegraphic/wire transfers Online Banking System 5
Investment purchase or sale Loan applications and transactions, such as repayments of enrollments
Management of multiple users having varying levels of authority Transaction approvals
Security Security of a customer's financial information is very important, without which online banking could not operate. Financial institutions have set up various security processes to reduce the risk of unauthorized online access to a customer's records, but there is no consistency to the various approaches adopted. Though single password authentication is still in use, it by itself is not considered secure enough for online banking in some countries. Basically there are two different security methods in use for online banking: The PIN/TAN system where the PIN represents a password, used for the login and TANs representing one-time passwords to authenticate transactions. Signature based online banking where all transactions are signed and encrypted digitally. The Keys for the signature generation and encryption can be stored on smartcards or any memory medium, depending on the concrete implementation.
Breach Most of the attacks on online banking used today are based on deceiving the user to steal login data and valid TANs. Two well known examples for those attacks are phishing and pharming. Cross-site scripting and keylogger/Trojan horses can also be used to steal login information. Online Banking System 6
The most recent kind of attack is the so-called Man in the Browser attack, where a Trojan horse permits a remote attacker to modify the destination account number and also the amount.
Countermeasures There exist several countermeasures which try to avoid attacks. Digital certificates are used against phishing and pharming, the use of class-3 card readers is a measure to avoid manipulation of transactions by the software in signature based online banking variants. To protect their systems against Trojan horses, users should use virus scanners and be careful with downloaded software or e-mail attachments.
Online Banking System 7
METHODOLOGY
TOOLS, PLATFORM/LANGUAGES USED
SELECTED SOFTWARE
Microsoft.NET Framework The .NET Framework is a new computing platform that simplifies application development in the highly distributed environment of the Internet. The .NET Framework is designed to fulfill the following objectives: To provide a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but Internet-distributed, or executed remotely. To provide a code-execution environment that minimizes software deployment and versioning conflicts. To provide a code-execution environment that guarantees safe execution of code, including code created by an unknown or semi-trusted third party. To provide a code-execution environment that eliminates the performance problems of scripted or interpreted environments. To make the developer experience consistent across widely varying types of applications, such as Windows-based applications and Web-based applications. To build all communication on industry standards to ensure that code based on the .NET Framework can integrate with any other code. The .NET Framework has two main components: the common language runtime and the .NET Framework class library. The common language runtime is the foundation of the .NET Framework. You can think of the runtime as an agent that manages code at execution time, providing core services such as memory management, thread management, and remoting, while also enforcing strict type safety and other forms of code accuracy that ensure Online Banking System 8
security and robustness. In fact, the concept of code management is a fundamental principle of the runtime. Code that targets the runtime is known as managed code, while code that does not target the runtime is known as unmanaged code. The class library, the other main component of the .NET Framework, is a comprehensive, object-oriented collection of reusable types that you can use to develop applications ranging from traditional command- line or graphical user interface (GUI) applications to applications based on the latest innovations provided by ASP.NET, such as Web Forms and XML Web services. Active Server Pages.NET ASP.NET is a programming framework built on the common language runtime that can be used on a server to build powerful Web applications. ASP.NET offers several important advantages over previous Web development models: Enhanced Performance: ASP.NET is compiled common language runtime code running on the server. Unlike its interpreted predecessors, ASP.NET can take advantage of early binding, just-in-time compilation, native optimization, and caching services right out of the box. This amounts to dramatically better performance before you ever write a line of code. World-Class Tool Support. A rich toolbox and designer in the Visual Studio integrated development environment complement the ASP.NET framework. WYSIWYG editing, drag- and-drop server controls, and automatic deployment are just a few of the features this powerful tool provides. Power and Flexibility. Because ASP.NET is based on the common language runtime, the power and flexibility of that entire platform is available to Web application developers. The .NET Framework class library, Messaging, and Data Access solutions are all seamlessly accessible from the Web. ASP.NET is also language-independent, so you can choose the language that best applies to your application or partition your application across many languages. Further, common language runtime interoperability guarantees that your existing investment in COM-based development is preserved when migrating to ASP.NET. Online Banking System 9
Simplicity. ASP.NET makes it easy to perform common tasks, from simple form submission and client authentication to deployment and site configuration. For example, the ASP.NET page framework allows you to build user interfaces that cleanly separate application logic from presentation code and to handle events in a simple, Visual Basic - like forms processing model. Additionally, the common language runtime simplifies development, with managed code services such as automatic reference counting and garbage collection. Manageability. ASP.NET employs a text-based, hierarchical configuration system, which simplifies applying settings to your server environment and Web applications. Because configuration information is stored as plain text, new settings may be applied without the aid of local administration tools. This "zero local administration" philosophy extends to deploying ASP.NET Framework applications as well. An ASP.NET Framework application is deployed to a server simply by copying the necessary files to the server. No server restart is required, even to deploy or replace running compiled code. Scalability and Availability. ASP.NET has been designed with scalability in mind, with features specifically tailored to improve performance in clustered and multiprocessor environments. Further, processes are closely monitored and managed by the ASP.NET runtime, so that if one misbehaves (leaks, deadlocks), a new process can be created in its place, which helps keep your application constantly available to handle requests. Customizability and Extensibility. ASP.NET delivers a well-factored architecture that allows developers to "plug- in" their code at the appropriate level. In fact, it is possible to extend or replace any subcomponent of the ASP.NET runtime with your own custom-written component. Implementing custom authentication or state services has never been easier.
Online Banking System 10
Security. With built in Windows authentication and per-application configuration, you can be assured that your applications are secure. Language Support The Microsoft .NET Platform currently offers built-in support for three languages: C#, Visual Basic, and JAVAScript.
SQL SERVER 2000 Microsoft SQL Server 2000 is a set of components that work together to meet the data storage and analysis needs of the largest Web sites and enterprise data processing systems. The topics in SQL Server Architecture describe how the various components work together to manage data effectively. Microsoft SQL Server 2000 features include: Internet Integration. The SQL Server 2000 database engine includes integrated XML support. It also has the scalability, availability, and security features required to operate as the data storage component of the largest Web sites. The SQL Server 2000 programming model is integrated with the Windows DNA architecture for developing Web applications, and SQL Server 2000 supports features such as English Query and the Microsoft Search Service to incorporate user-friendly queries and powerful search capabilities in Web applications. Scalability and Availability. The same database engine can be used across platforms ranging from laptop computers running Microsoft Windows 98 through large, multiprocessor servers running Microsoft Windows 2000 Data Center Edition. SQL Server 2000 Enterprise Edition supports features such as federated servers, indexed views, Online Banking System 11
and large memory support that allow it to scale to the performance levels required by the largest Web sites. Enterprise-Level Database Features. The SQL Server 2000 relational database engine supports the features required to support demanding data processing environments. The database engine protects data integrity while minimizing the overhead of managing thousands of users concurrently modifying the database. SQL Server 2000 distributed queries allow you to reference data from multiple sources as if it were a part of a SQL Server 2000 database, while at the same time, the distributed transaction support protects the integrity of any updates of the distributed data. Replication allows you to also maintain multiple copies of data, while ensuring that the separate copies remain synchronized. You can replicate a set of data to multiple, mobile, disconnected users, have them work autonomously, and then merge their modifications back to the publisher. Ease of installation, deployment, and use. SQL Server 2000 includes a set of administrative and development tools that improve upon the process of installing, deploying, managing, and using SQL Server across several sites. SQL Server 2000 also supports a standards-based programming model integrated with the Windows DNA, making the use of SQL Server databases and data warehouses a seamless part of building powerful and scalable systems. These features allow you to rapidly deliver SQL Server applications that customers can implement with a minimum of installation and administrative overhead. Data warehousing. SQL Server 2000 includes tools for extracting and analyzing summary data for online analytical processing. SQL Server also includes tools for visually designing databases and analyzing data using English-based questions.
Online Banking System 12
C#
C# is a multi-paradigm programming language encompassing strong typing, imperative, declarative, functional, procedural, generic, object-oriented (class- based), and component-oriented programming disciplines. It was developed by Microsoft within its .NET initiative and later approved as a standard by Ecma (ECMA-334) and ISO (ISO/IEC 23270:2006). C# is one of the programming languages designed for the Common Language Infrastructure. C# is intended to be a simple, modern, general-purpose, object-oriented programming language. The most recent version is C# 5.0, which was released on August 15, 2012.
Key Features of C#
Simple : It simplifies C++ by eliminating irksome operators such as ->, : : and pointers. Consistent : It supports a unified type system which eliminates the problem of varying ranges of integer types. All types are treated as object and developers can extend the type system simply and easily. Modern : It supports, Automatic garbage collection, modern approach to debugging, rich intrinsic model for error handling, decimal data type for financial application and robust security model. Object-Oriented: It supports all the three tenets of object-oriented system, namely Encapsulation, Inheritance and Polymorphism. Type-Safe : Type safety promotes robust programs, C# incorporates a number of type-safe measures: All dynamically allocated object and arrays are initialized to zero. Use of any uninitialized variables produces an error message by the compilers Access to array is range checked and warned if it goes out-of-bounds. C# does not permit unsafe casts. Online Banking System 13
C# enforces overflow checking in arithmetics operation. Reference parameters that are passed are type-safe. C# supports automatic garbage collection. Versionable: Making new versions of software modules work with the existing applications is known as versioning with the help of new and override keywords, with this support, a programmer can guarantee that his new class library will maintain binary compatibility with the existing client application. Compatible : C# enforces the .NET common language specification and therefore allows interoperation with other .NET language. Flexible : Although C# does not support pointers we may declare certain classes and methods as unsafe and then use pointers to manipulates them. These codes are not type-safe. Inter-Operability : C# provides support for using COM objects, no matter what language was used to author them. C# also supports a special feature that enables a program to call out any native API.
Online Banking System 14
REQUIREMENT SPECIFICATION
DOMAIN DESCRIPTION
Online banking basically allows us to be able to do everything that we can in your regular banking institution, only with the benefit that we can do it all, right from the convenience of your own home. Not only is this great because we can be comfortable and have peace of mind knowing that we can keep track ourselves of all our banking issues, but as well it allows for more ease because we never have to worry about rushing out and making it to the bank. The main players of this system are the Administrator and the User.
PROBLEM DEFINITION With the problems and limitations associated with manual banking procedures as witnessed in most parastatals today, complied with the problems associated with the existing application programs even much more in the presence of serious technological advances aimed at improving information system. These are the activities aimed at throwing light upon the need for improvement in accounting activities and means of achieving its efficiency, effectiveness, reliability and success promising future through computer invention. Online banking identifies a particular set of technological solutions for the development and the distribution of financial services, which rely upon the open architecture of the internet. With the implementation of an online banking system, the banks maintain a direct relationship with the end users via the web and are able to provide a personal characterization to the interface, by offering additional customized services.
Online Banking System 15
FUNCTIONAL REQUIREMENTS Functionalities to be implemented by any user (no login required): View Bank Profile Learn about career opportunities associated with the bank. Learn about support and facilities provided by the bank. Apply for a new account with the bank. Functionalities to be implemented by the customer (before executing any of these activities customer must login to the system):
View personal and accounts details: Customer can see his/her account and personal details. View Branch Details: Customer can see the branch details. Bill Payments: Customer can pay his/her bills. Transfer Funds: Customer can transfer some amount from one of his /her account to another persons account within the same branch. Viewing transactions: Customer can view his/her transaction history. Reset password: Customer can reset his/her password. Request to send password to registered email ID: In case a customer forgets his/her password he/she can request to send the current password to the registered email ID. . Functionalities to be implemented by the administrator (before executing any of these activities administrator must login to system):
View personal details: Customer can see his/her personal details. View Branch Details: Customer can see the branch details. Approve New Account Proposals: Administrator can approve proposals for new accounts. Update Customer Details: Administrator can view and update certain details of all customers of his branch. View Transactions: Administrator can view all transactions of his branch.
Online Banking System 16
HARDWARE/SOFTWARE REQUIREMENTS:
HARDWARE REQUIREMENTS: Client side: Intel Processor core 2 duo CPU E7200@ 2.53 GHz. RAM 1GB and above, Hard Disk 40GB and above, colour monitor, keyboard, mouse. Server side: Intel Processor core 2 duo CPU E7200@ 2.53 GHz. RAM 1GB and above, Hard Disk 40GB and above, colour monitor, keyboard, mouse.
SOFTWARE REQUIREMENTS: Client side: Browser: Chrome, Firefox, Internet Explorer Server side: Web Server: Apache Web Technology: ASP Database: My SQL
Online Banking System 17
SYSTEM DESIGN
DATA FLOW DIAGRAM Online Banking System 18
ENTITY RELATIONSHIP DIAGRAM
Online Banking System 19
UNIFIED MODELING LANGUAGE USE CASE DIAGRAM
CUSTOMER ADMIN LOG IN VIEW CUSTOMER, ACCOUNT, BRANCH DETAILS PAY BILLS TRANSFER FUNDS UPDATE CUSTOMER, ACCOUNT, BRANCH DETAILS VIEW ADMIN DETAILS VIEW APPROVE NEW A/C APPLY FOR INTERNET BANKING APPLY FOR NEW A/C VISITOR Online Banking System 20
CLASS DIAGRAM
Online Banking System 21
TABLE STRUCTURE
CUSTOMER TABLE ATTRIBUTE DATA TYPE ALLOW NULLS id Varchar(8) NO f_name Varchar(50) NO m_name Varchar(20) YES l_lname Varchar(50) NO Phone_no Varchar(50) NO Address Varchar(MAX) YES Dob Date NO Email Varchar(50) NO Branch_name Varchar(50) NO Branch_no Varchar(3) NO State Varchar(50) NO Proposal date Varchar(50) YES Ac_type Varchar(MAX) YES pan Varchar(50) YES intbank bit NO
ADMIN TABLE ATTRIBUTE DATA TYPE ALLOW NULLS Id Varchar(8) NO f_name Varchar(50) YES m_name Varchar(10) YES m_name Varchar(50) NO Designation Varchar(10) NO Email Varchar(50) NO Phone Varchar(50) NO Branch_name Varchar(50) NO Branch_no Varchar(50) NO Online Banking System 22
BRANCH TABLE ATTRIBUTE DATA TYPE ALLOW NULLS branch_id Varchar(3) NO branch_name Varchar(20) NO address Varchar(50) NO phone_no Varchar(15) NO autoid int YES
ACCOUNT TABLE ATTRIBUTE DATA TYPE ALLOW NULLS account_no Varchar(8) NO balance decimal(18,2) NO type Varchar(15) NO branch_no Varchar(3) NO debit-no Varchar(10) YES pin Varchar(6) YES
TRANSACTION TABLE ATTRIBUTE DATA TYPE ALLOW NULLS id int NO account-no Varchar(8) NO date Varchar(50) YES time Varchar(50) YES dest_name Varchar(20) YES dest_no Varchar(20) NO amount Decimal NO status bit NO
Online Banking System 23
REGISTER TABLE ATTRIBUTE DATA TYPE ALLOW NULLS id Varchar(8) NO password Varchar(15) NO email Varchar(40) NO
NEW PROPOSAL TABLE ATTRIBUTE DATA TYPE ALLOW NULLS id Varchar(8) NO f_name Varchar(50) NO m_name Varchar(20) YES l_name Varchar(50) NO address Varchar(70) YES phone_no Varchar(50) NO dob Varchar(50) NO email Varchar(50) NO branch_name Varchar(50) NO branch_no Varchar(3) NO state Varchar(50) NO proposal_date Varchar(50) YES
Online Banking System 24
SNAPSHOTS
Online Banking System 25
FUTURE ENHANCEMENTS AND LIMITS Today, online banking services are quite varied. One of the best features of online banking is putting the user in control. The user controls all bill paying, transfers, and investments from home. There are other features, though of online banking. One of these is increased accessibility to your account information. Users of online banking services can access their account information from anywhere in the world! This is particularly helpful for businesses. In our endeavor, we hope to further include the following features in our system:
Loans Account closing Mini statement Crash Recovery SMS/email alerts Global transactions Mobile banking Improved security Online Banking System 26
CONCLUSION The project titled as was deeply studied and analyzed to design the code and implement with various testing methods was done under the guidance of experienced project guides. The solution developed is free from all bugs and executable with all different modules to the utmost satisfaction of the client. All the current requirements and possibilities have been taken care during this project time .We feel that the solution provided now will suit to all the needs of various clients in the same industry but also we dont rule the possibilities of further upgrading of the solution with the new and advance technologies and further additional requirements of the clients.
Online Banking System 27
BIBLIOGRAPHY
BOOKS REFERRED: Database System Concepts, Fifth Edition, Abraham Silberschatz, Henry F. Korth, S. Sudarahan, McGraw Hill.
WEBSITES REFERRED: Wikipedia : en.wikipedia.org/ StackOverflow : stackoverflow.com/ ASP.NET forums : forums.asp.net/