Metrobank Physical Security

ATM BANKING SECURITY

ATM Machines employed the following security controls: ATM keypad covers
and fraud device inhibitors attached to the card slots. Metrobank already identified the
related threats that needed to be prevented and protected from such as ATM
Skimming, Card Jamming/Tapping and Cash Trapping which makes them easier to
control ATM banking control system.
ONLINE BANKING SECURITY
To secure transactions and privacy and exchange of any information, the
following are the standards, infrastructure and procedures:
Computer Virus Protection- up-to-date virus protection software that
protects network system from computer viruses.
Firewalls- To protect the system from risks of unauthorized electronic
activity (spoofing, hacking, phishing, denial of service) Metrobank
employs an integrated firewall system over our existing network
backbone. This allows to accept legitimate transactions and reject
illegitimate ones.
Secured Transmissions- using 128-bit Secured Socket Layer (SSL)
encryption on all online transactions. This is the highest type of
encryption currently used by all IBS (Internet Banking System)
networks. Encryption is a communications process that scrambles
private information to prevent unauthorized access as information is
being transmitted between the client's PC and the Bank's server.
Authentication and Digital Certification- Authentication is a means of
verifying the identity of all parties communicating over the Internet.
Metrobank uses a range of technologies such as Verisign digital
certificates, user passwords and a Challenge-Response Authentication
technique to ensure that during a secured Internet banking session, the
parties involved are authentic and authorized.
Message Integrity- As the Internet is the communications medium over
which transactions are sent to and from the Bank, a message
authentication code technology is in place to ensure that the
transactions that are sent are not tampered with.
Monitoring and Log Control- Non-reputability means that the sender or
receiver of a transaction done through the Internet is duly authorized
and its validity cannot be denied. Metrobank ensures non-repudiation
 through the extensive use of transactional audit trails and
comprehensive transaction logging.
Automatic log-out feature- Metrobank systems have an automatic log-
out feature that is activated when customers computer is left idle for
20 minutes. It is necessary for the customers to repeat the log-in
procedure to continue using the system. This feature promotes the
practice of properly logging-out from a system to prevent unauthorized
access. A summary of your executed transaction/s is sent to customers
registered email address after logging out.
Customer ID and Password- Metrobank assigns each user a unique
Customer ID and password to access Metrobankdirect.

MOBILE BANKING SECURITY

To secure, customers mobile banking activities, Metrobank protects it by the
usage of MPIN to initiate transactions.
PHONE BANKING SECURITY
Metrobank offers Phone Banking facility for Phone Banking Pin to initiate
transactions.

Bonde, Jonnabeth A.
Dela Cruz, Rielsen Gel A.
Dela Rosa, Herlyn Bey B.