Institute for Development and Research in

Banking Technology
Explore, Enable, Excel (Established by Reserve Bank of India)

Volume 20, No. 1

Newsletter, January 2017
Explore, Enable, Excel

From the Director's Desktop...

Happy New Year 2017!!!
W E organized the Banking Technology Excellence
Awards function at IDRBT on July 18, 2016.
Dr. Raghuram Rajan, Governor, Reserve Bank of India
graced the occasion and gave away the awards to the
winning banks. Our publication Banking Technology in
India: Present Status and Future Trends was released by
the Governor.
We have been striving to make the publication very
informative, by including invited articles from the top
technology ocials of banks, IBA and IIBF in addition to
the report prepared by our knowledge partner using the
data obtained as part of the awards process. The other
important publication released during the awards important topics relevant to banking technology and are
function was the Cyber Security Checklist by expected to ll the gap in the skill set in banking industry
Shri R. Gandhi, Deputy Governor, Reserve Bank of India from this year onwards.
and Chairman, IDRBT. We have been receiving feedback
Blockchain Technology (BCT) is being looked closely by
from bankers that the checklist has been quite useful.
academicians, governments and industry in view of its
Taking a cue from the usefulness of the two forums, ability to provide a distributed ledger platform, using
IDRBT has been coordinating CISOs Forum and CIOs which several applications can be designed, developed
Forum, the Institute has mooted the idea of forming a and deployed. The Institute has been in the forefront in
Forum for Analysts in Banks. Accordingly, a preliminary not only studying the features of BCT, but also in its
meeting was conducted on November 16, 2016, wherein adoption to Indian Banking and Financial Sector. In the
important stakeholders from banks have participated. process, the Institute has formed a Working Group to
There has been general appreciation of the initiative of prepare a White Paper detailing all aspects relating to
the Institute to start a forum for Analysts. On the BCT like concept, concerns, global experiences,
occasion of the meeting, a publication of the Institute applicable areas in the Indian scenario and Proof-of-
titled Digital Banking Framework was released by the Concept for a specic case. The White Paper is planned
Chief Guest, Dr. Rajeeva Karandikar, Director, Chennai to be released on January 5, 2017.
Mathematical Institute.
It is the day on which the International Conference on
The other important activities of the Institute included a Distributed Computing and Networking (ICDCN) will be
2-day Conference on Banking Technology for Members inaugurated by Dr. Duvvuri Subbarao, Former Governor,
of Boards of Banks and the 10-day international Reserve Bank of India, along with the release of the
programme on I nformation S ecurity organized in White Paper on BCT. Two workshops on BCT are planned
collaboration with SUNY, Bualo. The Annual IDRBT prior to and during the conference in collaboration with
Doctoral Colloquium (IDC) has been growing as an IIT, Bombay and IBM.
attractive event for doctoral students to show case their
What an exciting way to start the new year!
high quality research work. There has been a very good
response from students of reputed institutes for the IDC Wishing you all a very Happy New Year 2017.
organized during December 8-9, 2016.
The Institute has commenced the one-year Post
Graduate Diploma in Banking Technology (PGDBT)
course from July 2016. The students are exposed to all
(Dr. A. S. Ramasastri)

Fast Forward | January 2017

01

IDRBT Launches Chief Analytics Ocers Forum
A NALYTICS has taken signicant strides in the
Banking Sector by creating huge business potential
yet posing several critical challenges in terms of
implementation. In order to address the common
problems identied in implementing advanced banking
technologies by leveraging Analytics, Dr. A. S. Ramasastri,
Director, IDRBT, put forth the idea of creating a Chief
Analytics Ocers (CAO) Forum.
Taking this idea forward, the Institute launched the
Chief Analytics Ocers (CAO) Forum on November 16,
2016 with the participation of Dr. Rajeeva L. Karandikar,
Director, Chennai Mathematical Institute, and 23
banking executives from various public and private
sector banks.
Speaking on the occasion, the Director, IDRBT
highlighted the role of the Institute in improving
banking technologies and provided a snapshot of the
functioning of the CIO and CISO Forums, which have
become a common platform for the bankers to share,
discuss and resolve the critical issues faced by the banks
in terms of security, implementation of technologies,
etc. The Director also emphasized the role of the Chief
Analytics Ocers in elevating the banks.
The CAO Forum has Working Groups on Data
Governance, Business Process Reengineering for
Analytics, Risk Analytics, Fraud Analytics, Credit
Recovery Analytics, Security Analytics, Operational
Analytics, as well as HR Analytics. The initial focus is to
publish Standards and Frameworks in these areas for the
Banking Sector. The various topics of focus suggested by
the bankers include Data Quality, Data Governance,
Audit Analytics, Infrastructure Analytics, Cost
Analytics, etc.
CAOs come together for the Inaugural CAO Forum Meet at IDRBT
Fast Forward | January 2017
Explore, Enable, Excel
Dr. Rajeeva L. Karandikar delivered the keynote address
on Role of Statistics in the Age of Big Data. He stressed
that in the area of Analytics, domain knowledge and
source of data are of vital importance. He proposed a
new architecture SI layer (Statistical Intelligence) on top
of BI (Business Intelligence) layer and explained how
various models go wrong.
A snapshot of the views shared by various bankers is
presented here under:
Ms. Lalitha Natraj, ICICI Bank, shared how ICICI is
using analytics and how their teams are divided
into horizontals and verticals
Mr. Rajesh Kumar R, HDFC Bank explained the
analytics work in HDFC bank
Mr. Balaji of Andhra Bank focused on how they are
using SQL and R
Mr. R. Bhuvan from Indian Overseas Bank
illustrated how Data Warehouse is built using
Oracle based BI Tools
Mr. Pankaj Mittal of Axis Bank emphasised usage
of analytics in banking and also explained the
need of analytics in paving the bank's way
forward
Mr. Devendra Sharnagat, Kotak Mahindra Bank,
shared that they rst implemented OCRM using
Siebel and also analytics for dashboard creation
Mr. Manas Ranjan Mohanty, State Bank of India
highlighted the drastic changes in the size of data
when the SBI Associates are merged.
Dr. V. Ravi, Professor, IDRBT, elaborated the objectives of
Centre of Excellence in Analytics (CoEA) i.e., to run pilot
projects with banks on ACRM problems and to provide
Continued in Page 25...
02
Explore, Enable, Excel
th
12 IDRBT Banking Technology
Excellence Awards 2015-16
T HE Twelfth edition of the IDRBT Banking
Technology Excellence Awards was held on July 18,
2016. Dr. Raghuram G. Rajan, Governor, Reserve Bank of
India, and Visitor, IDRBT was the Chief Guest. He was
joined by Shri R. Gandhi, Deputy Governor, Reserve
Bank of India, and Chairman, IDRBT.
Dr. A.S. Ramasastri, Director, IDRBT, extended a warm
welcome to all the distinguished dignitaries and focused
attention on the recent achievements of the Institute
including:
Signing MoUs with NIT, Warangal and NIT, Trichy,
for full-time Ph. D. programmes focusing on
Banking Technology
Re g u l a r l y o r g a n i z i n g r e p u t e d r e s e a r c h
conferences with the Fifth International
Conference on Fuzzy and Neural Computing
(FANCCO), organized in December 2015 and the
International Conference on Distributed
Computing and Networking (ICDCN), being
organized in January 2017
Launching the full-time one-year Post Graduate
Diploma in Banking Technology (PGDBT), with
the rst batch commencing from July 04, 2016
Setting up two new Research Centres on Cloud
Computing and Payment Systems
Starting the bi-annual IDRBT Sta Paper Series on
issues of critical relevance to the Indian Banking
and Financial Sector. While the inaugural issue
Dr. Raghuram G Rajan, Governor, RBI and Shri R. Gandhi, Deputy Governor, RBI with Dr. A. S. Ramasastri, Director, IDRBT
during the 12
IDRBT Banking Technology Awards function
03
IMPACT
focused attention on Mobile Banking, the second
issue dealt with Payment Systems
Organizing the IDRBT Banking Application
Contest on April 11, 2016 and the RBI- sponsored
Payment System Innovation Contest on June 24,
2016
Inaugurating the IDRBT BankTech Museum on
April 24, 2016.
Shri R. Gandhi, Deputy Governor, RBI and Chairman,
IDRBT, presented the Opening Remarks, highlighting
the following:
Banking and nance are eminently suitable,
co n t i n u o u s , i n n ov a t i ve a p p l i c a t i o n s o f
technology
The ever-increasing volume of transactions and
the ever-changing customer expectations are the
key dierentiating drivers for leveraging better
technology
Reserve Bank has now constituted a Working
Group on Financial Technology, to fully
understand the new paradigm of FinTech and to
chart out the best way of using it
Technology has thrown challenges and the
following ve need special attention:
w Cyber Security: IT systems of banks are the
prime target for cyber crimes. For safe and
Fast Forward | January 2017
EVENT secure banking, providing safe IT systems are
undeniable requirements. The role of the
Chief Information Security Ocer assumes
importance, especially in keeping continued
vigilance and warranting concerted proactive
protective actions
w New Technologies: Cloud based computing,
blockchain processing technologies and
virtualization of IT systems are a few examples
which hold potential for being used in a big way
w FinTech Companies: The techies have now
grown as FinTech companies and are
emerging as direct competitors. Technology
has dissected the entire value chain of
banking and nance and bundled out the
chunks in innovative ways i.e., they who
intermediate between savers and investors, or
between sender and receiver of funds.
Therefore, banks have to nd ways to co-
operate, co-opt and compete with FinTech
companies
w Payment Revolution: New initiatives in
payment systems need to aim at providing
better customer comfort and ensure that the
systems are safe, thus, resulting in the overall
eciencies including reduced costs to the
common man
w Varied Choices of Technology for Financial
Inclusion: Financial Inclusion is an achievable
reality, and the role of IT is very signicant and
fundamental. Integrating account opening
and KYC related requirements with other
systems such as Aadhaar, allowing use of
funds without actual movement of cash, and
ensuring that the common persons have
access to banking and nancial services at
their doorsteps are key steps forward.
Dr. Raghuram G. Rajan, Governor, Reserve Bank of
India, and Visitor, IDRBT, delivered the Keynote Address
on this special occasion and turned the spotlight on the
following:
Payment Systems are the plumbing of the
nancial system. The Reserve Bank, as the
regulator of payment and settlement systems,
aims to ensure easy accessibility and interoperability
of the payment infrastructure, while ensuring
safety and security of transactions
Fast Forward | January 2017
Non-bank entities are providing innovative
Explore, Enable, Excel
payment products and services, forcing banks to
reect upon their strategy to compete or to
collaborate
Desirable Features of Payment Systems:
w Our regulations governing payment systems
have to be ownership, institution, and
technology-neutral to encourage the most
ecient outcomes
w First, being more open to experimentation at
the early stages of a product or method of
service will be cleared in the peer-to-peer
lending regulations and the need to be more
conscious of the risks to stability as innovations
catch on and expand. This phased approach is
now being called the sand-box approach
elsewhere
w Second preference would be given to
payment platforms that oer broad based
access, rather than that limit access
w Third payment mechanisms should be cheap
and scalable, so that they are suited to our
economy where ticket sizes are small but
transaction volumes huge
w Fourth need for systems that oer security
even to the unsophisticated user, which
requires greater emphasis on transaction
monitoring and identication of suspicious
patterns by the system operator
w Fifth need for an eective process of
consumer redressal that allows speedy and
fair resolution of customer complaints.
Ro l e s a n d Re s p o n s i b i l i t i e s o f B a n k s
Challenges
w Does the bank's vision and strategy take into
account payment services aspects? Are there
adequate human resources to project
requirements and implement them?
w Adopting technology is more than
automation cal ling for eor ts at re-
engineering business processes. There has to
be a conscious evaluation of process
dependencies taking into account customer
experience, security issues, etc., besides
having a long term view of the developments
04
Explore, Enable, Excel
of interoperability within and across systems
w Despite the huge potential, activation rates
and usage levels of various electronic
payment services remain at low levels, though
growth is picking up
w Creating appropriate customer awareness
would not only enable the customers to
choose their mix of payments taking into
account time criticality, security and risk and
the cost involved, but also enable the banks to
optimize their payment product mix
depending upon their customer proles
w Banks have a high level of responsibility when
adopting digital channels not only to ensure
security at the infrastructure level, and to
protect data security and personal privacy at
system level, but to create customer
awareness in security matters.
Issues concerning customer liability and risk
management for electronic payment transactions need
to be addressed.
Awards 2015-16
The IDRBT Banking Technology Excellence Awards is
synonymous with excellence in technology adoption,
upgradation, absorption and innovation. In its twelfth
edition this year, the IDRBT Banking Technology
Excellence Awards, are the benchmark for recognizing
banks, which innovate and explore technology to
improve cost, reach, customer service and eciency.
Pioneering and out-of-the-box approaches in the usage
of technology for improving productivity and
protability are recognized through these awards.
th
Winners of 12 IDRBT Banking Technology Excellence Awards 2015-16, with the Governor, Deputy Governor, RBI and Director, IDRBT
05
IMPACT
As technology evolves and changes, the categories of
awards also undergo changes. Over the past eleven
editions, several categories have been dropped and new
categories introduced. This year, the Institute has
redened quite a few categories so as to reect the
technological changes in the Indian Banking and
Financial Sector.
The Jury for the Twelfth Edition of the IDRBT Banking
Technology Excellence Awards is as under:
Smt Usha Thorat, Former Deputy Governor,
Reserve Bank of India (Chairperson)
Shri M.V. Tanksale, Chief Executive, Indian
Banks' Association
Prof. B.H. Jajoo, Indian Institute of Management,
Ahmedabad
Prof. G. Sivakumar, Indian Institute of
Technology, Bombay
Dr. Santanu Paul, Chief Executive Ocer &
Managing Director, TalentSprint, Hyderabad
Shri Rajesh Doshi, Former Senior Executive
Director, National Securities Depository Limited.
This year, the IDRBT Banking Technology Excellence
Awards, were presented in eight categories to the
Commercial Banks and one categor y each to
Co-operative Banks and Regional Rural Banks. Since the
participating banks vary in terms of size and scale of
business and operations, the banks were classied into
three categories large, mid-size and small, on the basis of
the business they have done to make comparisons and
recognition more meaningful and pragmatic.
Fast Forward | January 2017
EVENT Explore, Enable, Excel

Dr. Raghuram G. Rajan, presented the IDRBT Banking Technology Excellence Awards for the year 2015 16, at a very
special function at IDRBT and the winners were:

Award Category Award Winner

Best Bank Award for Use of Technology for Financial Inclusion among Large Banks Union Bank of India
Best Bank Award for Use of Technology for Financial Inclusion among Mid-Size Banks Bank of Maharashtra
Special Mention for Use of Technology for Financial Inclusion among Small Banks Karnataka Bank Ltd.

Best Bank Award for Analytics and Big Data among Large Banks ICICI Bank Ltd.

Best Bank Award for Digital Banking among Large Banks State Bank of India

Best Bank Award for Digital Banking among Mid-Size Banks Andhra Bank

Best Bank Award for Digital Banking among Small Banks The Karur Vysya Bank Ltd.

Best Bank Award for Electronic Payments among Large Banks Bank of India

Best Bank Award for Electronic Payments among Mid-Size Banks Vijaya Bank

Best Bank Award for Electronic Payments among Small Banks South Indian Bank Ltd.

Best Bank Award for Use of Technology for Fraud Prevention and NPA Management HDFC Bank Ltd.
among Large Banks

Best Bank Award for Managing IT Ecosystem among Large Banks Bank of India
Best Bank Award for Managing IT Ecosystem among Mid-Size Banks Andhra Bank

Best Bank Award for Managing IT Ecosystem among Small Banks The Karur Vysya Bank Ltd.
Best Bank Award for Cyber Defence among Large Banks ICICI Bank Ltd.

Best Bank Award for Cyber Defence among Mid-Size Banks Yes Bank Ltd.

Best Bank Award for Cyber Defence among Small Banks RBL Bank Ltd.

Best Bank Award for Innovative Use of Technology among Large Banks State Bank of India

Best Bank Award for Innovative Use of Technology among Mid-Size Banks State Bank of Hyderabad

Best Bank Award for Innovative Use of Technology among Small Banks IndusInd Bank Ltd.

Best Bank Award for Best IT-Enabled Regional Rural Bank Andhra Pradesh Grameena Vikas
Bank

Special Mention for IT-Enabled Co-operative Bank The Karad Urban Co-operative Bank
Ltd.

Dr. Y. V. Reddy, Former Governor, Reserve Bank of India, the top management of the Reserve Bank of India and the
Indian Banking Sector including Managing Director & CEOs, CIOs and IT Chiefs of Public, Private and Foreign Banks
participated in this special function at IDRBT, Hyderabad.

Fast Forward | January 2017

06
Explore, Enable, Excel
Seminar on Banking Technology for Directors on Bank Boards
I DRBT organized a two-day seminar on Banking
Technology for Directors on Bank Boards on
September 26-27, 2016, to help them appreciate the need
for taking the digital banking journey forward and at the
same time strengthen the preparedness of banks in
cyber defence, in view of the growing threats.
The seminar opened with a keynote address by
Shri. R. Gandhi, Deputy Governor (DG), RBI and
Chairman, IDRBT, read out by Shri. S. Ganesh Kumar,
CGM-in-Charge of DIT, since the DG could not be
present personally due to sudden exigencies. The DG
exhorted the Directors to play an active role in ensuring
strategic alignment of IT and business in banks to pave
the way for improving eciency and eectiveness of
banking operations.
Prof. G. Sivakumar, IIT Bombay, in his talk on IT
Infrastructure Management in Banks: Challenges and
Opportunities highlighted the various options
available for making appropriate technology choices for
banks. He also emphasised the need for board level
encouragement and support for the managements in
banks to tackle the critical problems associated with
sourcing, supply and support of technology-enabled
services and platforms in banking.
Cyber Security Preparedness in Banks was the focus of
intense interaction between the delegates and Smt.
Meena Hemachandra, Executive Director, RBI. She
dwelt at length on the recent circular and guidelines
from RBI in this regard, explained the various
Smt. Meena Hemachandra, Executive Director, RBI,
interacting with Directors of Banks
07
EXECUTIVE
requirements stipulated and the purpose behind these
initiatives. The need for achieving a baseline cyber
security framework and a cyber-crisis management plan
in banks, as early as possible, as envisaged by the RBI was
of paramount importance, she reiterated and requested
the boards to actively help and guide the banks in this
regard.
Dr. Santanu Paul, CEO, TalentSprint, painted a picture of
where the banks are heading with regard to articial
intelligence and robotics. The need for using bots for
improving internal eciency and enhancing customer
experience was demonstrated through the examples of
what is happening already in a number of other
industries and services.
Smt. Shubhalakshmi A. Panse, former CMD of Allahabad
Bank, in her interaction with the delegates on Board
Level Focus on Banking Technology took them through
a guided tour on almost all aspects of board level
decision-making regarding technology alignment,
acquisition, deployment and monitoring. She also listed
out a good number of practical suggestions and useful
tips to help the board members in this important task.
Dr. A. S. Ramasastri, Director, IDRBT, interacted with the
delegates and briefed them on what IDRBT is doing to
promote banking technology adoption, upgradation,
absorption and innovation in India. He also highlighted
the useful and proactive role played by the Research
Centres in IDRBT focusing on Analytics, Mobile Banking,
Cyber Security, Cloud Computing and Aordable
Technologies, in helping banks reduce their lead time in
deploying these technologies and solutions.
The seminar ended with a vote of thanks by
Dr. M.V. Sivakumaran, Faculty, IDRBT.
Fast Forward | January 2017

PROGRAMMES
Fifth International Programme on Information Assurance & Management
C ONTINUING with the initiative to expose the
Indian Banking and Financial Sector to the latest
ideas and innovations in the areas of Information
Assurance and Management, the Institute in
collaboration with the University at Bualo, The State
th
University of New York, organized the 5 International
Programme on Information Assurance and
Management, from August 24 September 03, 2016.
This programme was held in three parts one at IDRBT
(August 24-26, 2016), second at Niagara Falls (August 28
September 01, 2016) and nally at New York City
(September 2-3, 2016).
The programme began at IDRBT with the welcome
address by Dr. A. S. Ramasastri, Director, IDRBT. This was
followed by a session on Cyber Defence for Banks and
Digital Forensics by Dr. B. M. Mehtre, Professor, IDRBT
and Coordinator of the programme. Other sessions
included Recent Advances in Network Security by Prof.
Atul Negi, University of Hyderabad; Securing and
Managing Network Infrastructure to Mitigate Risk by
Mr. Samson Naik, Stock Holding Corporation of India
Ltd.; Mr. Ashutosh Bahuguna, Scientist, CERT-In, on
Cyber Security and Crisis Management Plan; Mobile
Payment Security by Dr. V. N. Sastry, Professor, IDRBT;
and Data Center Management and Metrics by Dr. G. R.
Gangadharan, Associate Professor, IDRBT .
The second part of the programme in the USA was
handled by a mix of faculty from the academia, industry
and practitioners including Dr. Venu Govindaraju, Vice
President for Research and Economic Development,
University at Bualo, who spoke on Turning Excellence
into Impact.
While Mr. Je Murphy, Information Security Program
Manager, University at Bualo, spoke on Security
Architecture; Dr. Anoop Singhal, National Institute of
Standards and Technology, explained the Security
Metrics and Risk Analysis for Enterprise Systems.
Fast Forward | January 2017
Explore, Enable, Excel
Mr. Prakash Samaga, Senior Vice President, First Niagara
Financial Group Inc., presented ways and means for
Fighting against Financial Crime and Prof. Mark Frank,
University at Bualo, spoke on Deception Detection. Dr.
Manish Gupta, Blue Cross Blue Shield, provided a peek
into Cyber Warfare: Monitoring and Alerts, Cyber and
Security: Risks and Mitigation. Mr. Subbu Annaswamy,
Executive Director, Morgan Stanley talked on Strategies
to Stay Safe and Sound Improving Technology Controls
in the Financial Sector. Mr. Scott R. Patronik, Chief,
Special Services Division, Erie County Sheri's Oce
focused on Digital Forensics.
Dr. Varun Chandola, Assistant Professor, University at
Bualo spoke on Anomaly Detection, followed by a
lecture on Strategic Forensics in an Enterprise
Environment by Dr. Catherine Ullman Senior
Information Security Analyst, University at Bualo. The
next session was on Malware by Dr. Aziz Mohaisen,
Assistant Professor, University at Bualo.
The programme also included two panel discussions on:
Key Security Issues for Financial Institutions
and What Can be Done to Mitigate Them? The
panel members included Dr. Anoop Singhal, NIST;
Johan Walp, KPMG; Mr. Corey Amo, Wall Street
AVP/Sr. IS Analyst and Mr. Kevin Thomsen, IBM.
Eective Approaches to Tackling Control
Challenges in the Financial Services. The panel
discussion was moderated by Mr. Subbu
Annaswamy, Executive Director, Morgan Stanley,
NY and the panelists were M/s Brian Barnier,
Value Bridge Advisors; Mr. Khalid Wasti, Partner,
PwC; Mr. Anthony Fanizza, Partner, Deloitte; Mr.
Paul Bateman, Daiwa Capital Markets America;
and Mr. Nigel James, Managing Director, Morgan
Stanley.
The programme had 20 participants and as part of the
programme, they visited the Computer Science
Department and Center for Unied Biometrics and
Sensors, University at Bualo; Yahoo Data Center and
SUNY Global Center, New York.
08
Explore, Enable, Excel

Indian Banks' CIO FORUM

BANKTECH
T HE Third Meeting of the CIO Forum, held on July
1718, 2016, was fully devoted to exploring ways and
means for meeting the compliance requirements in tune
with the circular on Cyber Security issued by the RBI,
recently.
The Director, IDRBT, exhorted the captains of IT in
banking to be proactive by looking for good, innovative
ideas from dierent sources and try to put them to best
use for the benet of banks and their customers. The
wealth of ideas thrown up by the two contests hosted by
IDRBT, the IBAC and the PSIC can be tapped into by the
banks and the promising ideas can be further worked CISO FORUM
upon with the involvement of the contestants
concerned, he advised.
Thereafter, Shri S. Kumar, GM and CIO, Corporation
D URING the last six months, the CISO Forum met
twice on August 18-19, 2016 at IDRBT, Hyderabad
and November 24-25, 2016 at Corporation Bank,
Bank, set the ball rolling by dwelling at length on the RBI Mangalore.
Circular on Cyber Security while outlining what is
already in place in most of the banks and what needs to Meeting on August 18-19, 2016
be put in place, further.
The Director, IDRBT stressed the need for
Dr. Rajarshi Pal, Faculty, IDRBT, then introduced the empanelment of forensic auditors and
Cyber Security Checklist, prepared by a group of information security professionals so that banks
industry experts, bankers and academics. The purpose of can approach them and work out a calendar for
the checklist is to highlight the relevant details that are Cyber Drill and all member banks can participate
to be taken care of in each of the ve major domains, in it
namely, Enterprise Control, Outsourcing Security, for
CISOs discussed various strategies for cyber
eective Cyber Crisis Management Planning. The CIOs
defence to tackle recent attacks, including the
found this checklist very handy and useful for the
latest malware based compromise of SWIFT
immediate task on hand.
messaging system
The CIOs then formed ve groups to focus on the ve
Shri Patrick Kishore, Senior Domain Expert,
major domains identied in the Cyber Security
IDRBT focused attention on the fortress security
Checklist. The groups deliberated on the modalities and
model and how CIA can be implemented to
approaches for implementation in their respective
protect the assets
domains and presented the outcome of their group
discussions to the forum on the next day. While Dr. B.M. Mehtre, Professor, IDRBT
summarized the IDRBT Cyber Security Checklist,
These presentations not only saw many interesting
Shri Lalit Mohan, Senior Domain Expert, IDRBT
details emerge, but also spurred extensive discussions
presented the results of cloud survey organized
and interventions. The meeting provided the much
by IDRBT and Cloud Security Alliance
needed inputs and clarications for complying with the
guidelines on Cyber Security as per the RBI circular. S h r i J a i d e e p S i n g h Ko c h a r, M i c r o s o f t ,
demonstrated various free security tools such as
The two-day meeting, well-attended by over 25 CIOs
Security Compliance Manager, Attack Surface
from various banks, ended with a vote of thanks by
Analyzer, Enhanced Mitigation Experience
Dr. M.V. Sivakumaran, Faculty, IDRBT.
Toolkit, etc.
CISOs from 47 banks participated.

Fast Forward | January 2017

09
 Explore, Enable, Excel

FORUMS
Meeting on November 24-25, 2016
Shri Gopal Murli Bhagat, Executive Director,
Corporation Bank, welcomed the Forum
The Director, IDRBT set the agenda for
deliberation on following key points: Recent card
data compromise in India; setting up task force
for major security breaches to ensure that the
escalation of frauds do not take place; measures
to increase usefulness of IB-CART to banks; VAPT
for IB-CART; empanelment of Security Auditors
with the help of CISO Forum Shri Bharat Panchal, NPCI explained the case of
Shri Anjibabu, Corporation Bank, shared his views card data compromise in detail
on Onion Layered Security Incidents and Shri Babu K., RSA, discussed about advanced
emphasised on the importance of studying the machine learning capabilities to identify
pattern of logs to detect anomalies and to potential threats
conduct proper root-cause analysis of the events
in this context Shri Tarique Ansari, Palo Alto Networks,
explained the modus operandi of few recent
Prof. B. M. Mehtre, Professor, IDRBT, presented a malware attacks
th
summary report of the 7 Cyber Drill
Shri Kunal Pande, KPMG highlighted the
Dr. Rajarshi Pal, Assistant Professor, IDRBT, importance of following points in the context of
presented the latest developments of IB-CART recent cyber-attacks threat intelligence, cyber
Shri V. S. Mahesh, AGM, IDRBT presented security drills, establishing baseline, appropriate
information about recent card data compromise management oversight and team, adequate and
in India and highlighted the importance of the properly deployed technology, Intelligent and
following proper auditing of ATMs and quick response capability
switches; protection of ATMs from malwares and CISOs suggested that IDRBT share the list of tools
skimming devices; vigilance on sta members capable of successfully detecting cyber attacks
who handle critical infrastructure and also deliver selected crucial information
through SMS
CISOs from 34 banks attended the meet.

CISOs of various banks at IDRBT for the CISO Forum meet

Fast Forward | January 2017

10
Explore, Enable, Excel

Sixth IDRBT Doctoral Colloquium

T HE Annual IDRBT Doctoral Colloquium is an

initiative aimed at forming a network of technology
researchers, sharing knowledge and exploring emerging
areas of research in various domains of technology. This
year, the Institute organized the Sixth IDRBT Doctoral
Colloquium on December 08-09, 2016, wherein 12
research scholars from reputed institutions like IISc., ISI,
IITs, IIMs, IIITs presented their research.
The Colloquium was inaugurated by Prof. Chin-Teng Lin,
Distinguished Professor, University Technology of
Sydney, Australia. In his inaugural address, Prof. Lin
spoke on Type-1 Fuzzy-Neural-Networks to Type-2
Fuzzy-Neural-Networks and stressed on the following:
Many investigators have developed novel
algorithms based on computational intelligence
(CI) technologies to monitor, maintain, or track
the human cognitive states and operating
performance
LATEST
How to utilize the main Bio-ndings and CI
techniques (Bio-CI) to develop the monitoring
and feedback systems
Real-life applications of BCI on various aspects
including clinics, homecare, personnel training,
or even computer gaming.
Dr. A. S. Ramasastri, Director, IDRBT, focused attention
on the importance of collaboration, the opportunities it
brings and the immense possibilities that exist for
research and innovation in the Indian FinTech Sector.
The details of the scholars and the topic of their
presentation are as under:

S. No. The Topic The Scholar Institution

On Kernel Density Estimation and Dimensionality Reduction for
1 Sreevani ISI Kolkata
Pattern Recognition

Object Tracking in Complex Environments like Camouage and

2 Ajoy Mondal ISI Kolkata
Occlusion
3 Analysis of Mixed, Correlated and Heterogeneous Data Yogalakshmi Jayabal IIIT Bangalore
Classication of Human Actions using Pose-Based Features and
4 Earnest Paul Ijjina IIT Hyderabad
Stacked Auto Encoder

5 Predicting Amendments via Right to Information Query Analysis Nayantara Kotoky IIT Guwahati

6 Renarrating Web for Better Web Accessibility Gollapudi VRJ Sai Prasad IIIT Hyderabad

A Heterogeneous Network based Tag Recommendation

7 Suman Kalyan Maity IIT Kharagpur
Framework on Stack Overow

8 Linked Data Enrichment using Pattern Extraction Subhashree S IIT Madras

9 A Closer Look into DHCP Starvation Attack in Wireless Networks Nikhil Tripathi IIT Indore

10 Keep it Concurrent and Correct Suvam Mukherjee IISc Bangalore

Unsupervised Parallel Clustering Algorithms with Mixed Data

11 Urvashi Prakash Shukla MNIT Jaipur
Approach for Credit Card Scoring

A Rough Set Approach to Find Cohesive Subgroups in Financial

12 Samrat Gupta IIM Lucknow
Credit Networks

Fast Forward | January 2017

11

RESEARCH
Inaugural Address by Prof. Chin-Teng Lin
Awards and Evaluation
The Jury for the Sixth IDRBT Doctoral Colloquium
consisted of:
Prof. Shalabh Bhatnagar, Indian Institute of
Science, Bangalore
Prof. Bala Subramanian, Indian Institute of
Technology, Roorkee
Prof. Panduranga Rao, Indian Institute of
Technology, Hyderabad.
The Jury evaluated the paper presentations on the
parameters of Originality, Depth of Work (Modelling,
Design, Experimentation, Results), Technical Content
(Models, Optimization, Technologies, Analysis),
Presentation (PPTs, Graphs, Explanations, Language,
Clarity), Relevance (Applicability, Modernism) and
Correctness of Work (Correct, Complete, Gaps).
Winners of the Sixth IDC along with the Jury, Director, IDRBT and Colloquium Coordinators
Fast Forward | January 2017
Explore, Enable, Excel
And the Winners were:
A Joint First-Second Prize was shared among three
research scholars which carried a reward of Rs. 50, 000/-
and a citation each.
Mr. Ajoy Mondal, Indian Statistical Institute,
Kolkata, for his contribution entitled Object
Tr a c k i n g i n C o m p l e x E n v i r o n m e n t l i k e
Camouage and Occlusion
Mr. Earnest Paul Ijjina, Indian Institute of
Technology Hyderabad for his contribution
entitled Classication of Human Actions Using
Pose-based Features and Stacked Auto Encoder
Mr. Suvam Mukherjee, Indian Institute of
Science Bangalore, for his contribution entitled
Keep it Concurrent and Correct".
Third Prize: Mr. Samrat Gupta, Indian Institute of
Management, Lucknow, for his contribution entitled A
Rough Set Approach to Find Cohesive Subgroups in
rd
Financial Credit Networks. The 3 prize carried a reward
of INR 35,000/- a citation.
The Colloquium , now emerging as the preferred
platform for technology researchers in India to
demonstrate and discuss their research ideas and get
invaluable feedback, was coordinated by Dr. N. V.
Narendra Kumar and Dr. Nagesh. S. Bhattu, Faculty,
IDRBT.
12
Explore, Enable, Excel

Mobile Banking through USSD NEW

T HE Centre for Mobile Banking, IDRBT, has prepared
a user guide on Mobile Banking through USSD.
The objective of this user guide is to create more
awareness of usage of USSD based Mobile Banking and
Mobile Payments amongst public and contribute to
make India progress faster in digital payments. The user
guide was released on the Institute's website on Cyber Security Checklist
December 08, 2016.

Digital Banking Framework

D IGITAL Banking is the new paradigm that oers
considerable benets to banks in terms of
increasing productivity and protability. It is dicult to
dene exactly what digital banking is and to say when
any bank has become totally digital. It is equally dicult
for an individual bank to make an assessment of itself,
draw plans and take necessary steps to attain the status
of a digital bank. It is in this context that a need was felt
to provide a framework that can help banks in their
eorts to move towards digital banking.
The framework presents a holistic way of dening and
designing a digital bank. It provides goals, maps and
signposts in the digital banking journey and comprises
of various denitions of a digital bank, overview of
distinct functions/dimensions of digital bank. The
framework is expected to help banks in their eorts to
go digital.
Dr. Rajeeva L. Karandikar, Director, Chennai
Mathematical Institute released the Digital Banking
Framework on November 16, 2016.
Dr. Rajeeva L. Karandikar releasing the
Digital Banking Framework
Shri R. Gandhi releasing the Cyber Security Checklist
C YBER Security is a major concern across the Indian
B a n k i n g a n d Fi n a n c i a l S e c t o r. T h e C h i e f
Information Security Ocers and Chief Information
Ocers of Banks during their regular forum meetings at
IDRBT have been sharing the changing challenges being
faced by banks in tackling Cyber Crimes.
In the Gyan Sangam, an annual retreat of Heads of Public
Sector Banks along with the top ocials of the
Government of India and the Reserve Bank of India, held
on March 4-5, 2016, the sub-group on Technology
identied Cyber Security as critical for the Indian
Banking and Financial Sector and expressed the need for
a Cyber Security Checklist.
Accordingly, IDRBT formed an Expert Group with
members from banks, industry and academia to prepare
the Cyber Security Checklist. This checklist is expected
to help banks in identifying the gaps, if any, in their Cyber
Security systems and address them, and also help the
board level sub-committees on Risk Management and
Information Security in monitoring the cyber defence
preparedness of the banks.
Shri R. Gandhi, Deputy Governor, RBI and Chairman,
IDRBT, released the Cyber Security Checklist on July 18,
2016.

Fast Forward | January 2017

13
 Explore, Enable, Excel

PUBLICATIONS
Book on Banking Technology in
India: Present Status and
Future Trends
F OR over a decade, the Institute has been evaluating
and presenting the IDRBT Banking Technology
Excellence Awards. In the process, we have been closely
watching the developments in the adoption of
technology by banks and attempting to share insights
with all by bringing out a book every year. Workshop on Application of
We enhanced the book last year by publishing invited Blockchain Technology in
articles from banking professionals, in addition to the
status of technology adoption based on the information Banking and Finance
furnished by the banks as part of the awards process.
While continuing the invited articles and the status of
the technology adoption; this year, we have included a
T HE Institute is working in the area of blockchain
technology so as to explore the possibilities of its
adoption in banking, payments and other nancial
section by the Knowledge Partner for this year's Banking
applications. Taking forward this work, the Institute
Technology Awards, Deloitte, on what they see as future
organized a one-day Workshop on Application of
trends in Banking Technology.
Blockchain Technology in Banking and Financial Sector
The book, containing contributions from the top on August 19, 2016.
management of Indian Banks' Association, Indian
Senior ocials from RBI, NPCI, CCIL, IBA and banks
Institute of Banking and Finance, IT Heads of seven
along with experts from academia and industry
Public and Private Sector Banks, a Foreign Bank, the
participated and deliberated on the implementation
Knowledge Partner, Deloitte, and a section on IDRBT
strategies, concerns, issues and use-cases of blockchain
Banking Technology Excellence Awards 2015 2016:
technology in the Banking and Financial Sector.
Who won and why?, is evolving into a useful document
detailing the present status and dwelling on future While Dr. Sourav Sen Gupta from Indian Statistical
trends in Banking Technology in India, with glimpses of Institute focused attention on the principles of
global scenario. Blockchain Technology; Shri Deepak Hoshing of Infosys,
presented use cases on storing documents on
Dr. Raghuram G. Rajan released the Book on Banking
Blockchain and Dr. Dilip Krishnaswamy, IBM Research
Technology in India: Present Status & Future Trends on
Labs, spoke on Hyperledger an open source project on
July 18, 2016.
a BCT platform.
Towards the end of the workshop, a Working Group with
representatives from RBI, IDRBT, ISI, NPCI, CCIL, IBA
and a few banks & IT companies was formed to prepare a
white paper on application of Blockchain Technology in
relevant areas of banking and nance in India. The white
paper is expected to be released in January 2017. It was
also agreed to conduct a PoC with active participation
from IDRBT, NPCI and a few banks.
The next two workshops on Blockchain Technology are
Dr. Raghuram G. Rajan releasing the Book on Banking scheduled during January 2-4, 2017 along with IIT
Technology in India: Present Status and Future Trends Bombay and on January 7, 2017 as part of ICDCN 2017.

Fast Forward | January 2017

14
Explore, Enable, Excel

Project Trainees 2016 NETWORKING

T HE IDRBT Project Trainee Scheme oers new avenues for bright youngsters pursuing their Graduation and Post
Graduation from premier Institutions to carry out projects on various aspects of Banking Technology. This
scheme provides an ideal opportunity to put ideas into action and in the last eight years, over 250 students have
carried out projects. This year, 27 students carried out some interesting projects, the details of which are presented
below:

Text Mining Financial News Impact on Indian

Stock Markets
Deliverables
Dataset of news articles for seven major
Rishabh Miglani companies in Indian nancial markets
Integrated M.Sc. (Mathematics and
Computing) III Year A predictive model based on LIWC feature scores
IIT Kharagpur using GMDH, GRNN and other implemented
Guide: Dr. V. Ravi Machine Learning Techniques

Description Comparative analysis of results on extracted

company datasets by various feature selection
Financial time series analysis has emerged as one of the processes.
important topics of interest over time. The proposed
model in this study uses only textual data in the form of
published news articles to prepare a model ecient Development of Graphical User Interface for
enough to predict stock prices in the Indian nancial R Users in Banking Technology
markets. This approach involves the following steps: 1.
Extraction of news articles and historical stock prices
corresponding to companies in Indian stock market; 2.
Processing of extracted news documents using LIWC
(Linguistic Inquiry and Word Count) tool; and 3. &
Preparation of a model solely on the basis of these
semantic textual features. Dierent models like SVR,
QRRF, GMDH, GRNN, RPART, RF and MLP were tested to
obtain relevant results in the prediction analysis. It was Pavan Srikar Akella Anugu Vishwatej Reddy
observed that GMDH and GRNN showed better results
as compared to other machine learning techniques. B. Tech. (ECE) III Year
ISM Dhanbad
Objectives Guide: Dr. V. Ravi
To prepare a predictive model for nancial Description
forecasting using qualitative textual data, without
any use of quantitative numerical data available in The Graphical User Interface (GUI) was developed using
the form of historical prices Python and R programming languages. Python was used
for creating the GUI using the 'PyQt4' module and the
Compare the results of prediction accuracy with
whole back end process was done using R. The Python
application of various models including SVR, QRRF,
module 'rpy2' was used for accessing R environment from
GMDH, GRNN, RPART, RF and MLP using statistical
Python. The 'Qt Designer' enabled us to create the GUI by
error measures MAPE and NRMSE.
its widget drag and drop UI designing feature and the
'PyQt4' module converts the UI into python code for
generating the UI.

Fast Forward | January 2017

15
 Explore, Enable, Excel

GENNEXT Deliverables
We tested and analyzed Zeus toolkit and Snort IDS for
botnet detection. The performance of Snort IDS was
evaluated on CTU-13 datasets. The CTU-13 contains 13
datasets of dierent botnets. The overall eciency of the
Objectives present Snort rules for botnet detection is 70% for all
For data analysis, bankers would require in-depth datasets, but for some datasets like BOTNET-44, 47, and
knowledge of programming languages to 49 is very less. The Snort rules are revised and tested on
implement data analysis algorithms for huge data the same datasets. These revised rules contain the new
To develop a GUI for R language users in banking
botnet signatures that was not present in old Snort rules.
technology with basic knowledge of statistics and Because of the addition of new signatures, the botnet
no knowledge of programming languages. detection eciency improved up to 80% and was a
signicant improvement in datasets like BOTNET 44, 47
Deliverables and 49.
A GUI for R users in the banking domain, which is
free from any programming Anti-Forensics Analysis of File Wiping Tools
The GUI has been included with the basic data
mining tasks like basic Classication Techniques, K-
means Clustering, Association Rule Mining,
Multiple Linear Regression. Narendra Panwar
MS (Cyber Security) Final Year
Botnet Detection Tools and Techniques: A Review Sardar Patel University of Police Security
and Criminal Justice, Jodhpur
Guide: Dr. B. M. Mehtre
Description
Kanchan Bhale This study deals with the scope of Anti-Forensics (AF)
Summer Research Fellowship tools and verication of three Anti-Forensics File Wiping
Indian Academy of Sciences, Bangalore Tools. Anti-Forensics is a collection of tools and
Guide: Dr. B. M. Mehtre techniques to counter the forensics process and to
frustrate the forensics investigation. Anti-Forensics tools
Description are either used for privacy or to avoid forensics
Botnet detection techniques are broadly based on either investigation. In this research, we have tested three AF
setting up of a honeypot to collect bot binaries or le wiping tools namely, Eraser, File Shredder and R-
developing intrusion detection system IDS. The IDS Wipe and Clean and examined the Anti-Forensics
identies botnet trac by monitoring network and qualities of these tools.
system logs. It can be based on anomaly behavior or Objectives
signature or DNS. The NetFlow analyzer is a popular tool
for detecting botnet anomaly based detection. The Snort, To identify whether Eraser, File Shredder and R-Wipe
Suricata, ntop and BotHunter are the other tools which and Clean tools are better Anti-Forensics tools or not,
are based on signatures of botnet. The DNS based botnet and to nd out les artifact after wiping the les using
trac is monitored by Wireshark. The BotMiner tool uses these tools.
clustering algorithm to detect botnet. Zeus toolkit is Deliverables
popular among hackers' community for analysis of
All the three tools which we have tested are not
botnet internals.
entirely AF, they leave some le related artifacts in
Objectives the system
To analyze and test botnet detection tools and
techniques.

Fast Forward | January 2017

16
Explore, Enable, Excel
A report shows detailed forensics examination
results of the system after wiping les using these
three tools
Components of ideal Anti-Forensics le wiping
tool.
Collecting Threat Intelligence from Tor
Tarun Trivedi
MS (Cyber Security) Final Year
Sardar Patel University of Police
Security and Criminal Justice, Jodhpur
Guide: Dr. B. M. Mehtre
Description
We have developed the tool for extracting the keywords
from the onion sites using Tor proxy. Our tool collects all
the keywords related to attacks such as hacking, tracing,
tracking, bandwidth, etc., from the onion sites. After
collecting keywords, our tool identies URLs of onion
sites whenever the keywords are found. Once URLs are
extracted, we send an e-mail to the owner of the onion
site as a client. The onion site owner replied to the mail
and was received as an e-mail header. Finally, we have
located the geographical location of the site and IP as
well from the e-mail header.
Objectives
This application is useful for intelligence agencies who
are collecting threats and evidence to monitor and
conduct surveillance on the activity in the hidden dark
web. We use this technique to prevent the DDoS attack,
SYN ood attack, and Snier attack. It also helps to
detect attacks which was done in the past like website
attack, e-mail hacking, social account hacking and money
fraud.
Deliverables
We monitored and eavesdropped on onion site,
where attackers comment and blog about future
attacks
We predicted the type of attack possible in the
near future.
17
Security Apps on Android Platform: An Evaluation
Vikas Yadav
MS (Cyber Security) II Year
Sardar Patel University of Police
Security and Criminal Justice, Jodhpur
Guide: Dr. B. M. Mehtre
Description
The popularity of Security Apps has increased the
dependency of the users on these apps. Essentially,
Security Apps claim complete protection for the devices
on par with traditional PC Security Tools. This study
evaluates Security Apps to validate their claims against
well-known OS-level vulnerabilities on dierent Android
OS versions. Apart from this, we introduced a Privacy-
Sensitive String Analyzer (PssA), a Python-based script,
which is capable of analyzing apps' source code and nd
privacy related sensitive strings in application source
code.
Deliverables
We have identied two issues in Security Apps, including
insucient permission documentation and eectiveness
of Security Apps against OS-Level attacks on unpatched
Android OS versions.
Multi-Layer Intrusion Detection and Prevention
System: A New Approach
Vikash Kumar Saini
MS (Cyber Security)
Sardar Patel University of Police
Security and Criminal Justice, Jodhpur
Guide: Dr. B. M. Mehtre
Description
The study focusses on detection and prevention of
network attacks. A multi-layer architecture is proposed
for intrusion detection and prevention. Two devices
(Snort, Suricata) are used in this scheme. Multi-layer
architecture is based on the signatures as well as
anomaly based detection and prevention mechanisms. A
decision-making process is implemented in the
architecture. Intrusions and data ood attacks are
detected and blocked by the proposed design. On the
Fast Forward | January 2017

basis of test results, it is clear that the proposed
architecture gives better performance compared to
individual (single) unit of IDS/IPS. It also collects
dropped packets for analysis. This can be used for
prediction and prevention of new attacks. Thus, the
proposed architecture gives enhanced security to the
network.
Objectives
There is a possibility of bypassing single-level (IDS/IPS)
security by using intrusions. Therefore, a new
architecture is proposed for detecting and preventing
intrusions.
Deliverables
We have implemented and tested multi-layer scheme
using the combination of Snort and Suricata. It is
observed that Snort detects and prevents more
intrusions as compared to Suricata.
Copy Move Forgery Detection Using
Key-Points Structure
Vinod Parihar
MS (Cyber Security) Final Year
Sardar Patel University of Police
Security and Criminal Justice, Jodhpur
Guide: Dr. B. M. Mehtre
Description
Modication of information of an image is an easy task
due to increasing number of image editing tools and
techniques. This leads to widespread usage of forged
images for various purposes intently and unintently. In
copy-move image forgery, a region of an image is copied
and pasted on the same image. In this study, a Copy Move
Forgery Detection (CMFD) method is proposed, which
works well for geometric based attacks like translation,
rotation and scaling. This method is based on keypoint
structure. Another method is also proposed for CMFD
which is based on Texture feature (Localized Angular
Phase (LAP) feature).
Objectives
To detect all types of geometric based attacks like
translation, rotation and scaling in copy-move
forgery
Fast Forward | January 2017
Explore, Enable, Excel
To detect all types of post-operation based attacks
like noise, blurring, compression, etc., in copy-
move forgery.
Deliverables
We have implemented a tool (Desktop application) for
CMFD which can detect geometric-based attack like
translation, rotation (degree range 0 to 330) and scaling
(size range 0.5 to 2).
An Automated Tool for Vulnerability
Assessment of HTTPS Web Applications
Anand Ramesh
B. Tech. (Avionics) II Year
Indian Academy of Sciences, Bangalore
Guide: Dr. B. M. Mehtre
Description
This study proposes an ecient method to assess the
vulnerability of HTTPS web applications. We have
developed a completely automated tool using Python,
which can be used to conduct Vulnerability Assessment
on web applications which use HTTPS protocol. This tool
is user-friendly and no technical knowledge is required to
use the tool. It is developed in such a way that it is open to
further development and new functionalities can be
easily added in the form of modules. The tool successfully
establishes connection with SSL servers. The test was
conducted on both local and remote servers. Web
applications were analyzed and vulnerabilities found.
Objectives
To develop a test web application (HTTP)
Manual test of various attacks on the web
application
Conversion of the test web application to HTTPS
Development of an automated tool to analyze the
vulnerabilities in HTTPS application
Testing of the tool on various web applications.
Deliverables
A basic web application which simulates banking
environment
A completely automated tool for the vulnerability
assessment of HTTPS web application.
18
Explore, Enable, Excel
Cancellable Fingerprint Templates
Bulusu Amrutha Lakshmi
B. Tech. (ECE) III Year
NIT Raipur
Guide: Dr. M.V.N.K. Prasad
Description
Cancellable ngerprint templates are generated using
minutiae vicinity decomposition. It involves forming
minutiae vicinities based on Euclidean distance and
nding the local invariant features of the triangles
formed from the vicinities. The feature matrix, thus
generated is converted into a bit string and bloom lter is
applied to the string.
Objectives
To generate cancellable ngerprint templates in a
method which is feasible and enhances irreversibility,
performance and security.
Deliverables
Cancellable ngerprint templates will be generated from
the above proposed method.
Particle Swarm Optimisation based Virtual
Machines Scheduling Algorithm using MapReduce
R. Sai Pranav
B. Tech. (CSE) III Year
VIT University, Chennai
Guide: Dr. G. R. Gangadharan
Description
Generally, the virtual machine (VM) placement issue is
considered as a NP Hard Problem inferring that an
optimal arrangement cannot be found in deterministic
polynomial time. In literature, near optimal solutions are
achieved using soft computing approaches. This study
focusses on the implementation of a Particle Swarm
Optimisation (PSO) based VM scheduling algorithm
which schedules the virtual machines after checking with
the existing load (minimum) of the existing host.
19
Objectives
To implement the PSO-based VM scheduling algorithm
using MapReduce Framework.
Deliverables
Developed a model for optimal scheduling of Virtual
Machines using Particle Swarm Optimisation in
MapReduce environment.
Public Key Encryption for Peer-to-Peer
Communication
Giryraj Mahesh
B.Tech. (ECE) III Year
Gitam University, Hyderabad
Guide: Dr. G. R. Gangadharan
Description
Peer-to-peer systems are now ubiquitous. But the
problems faced in peer-to-peer system varies with
respect to many parameters such as the users in the
network, network trac, the type of overlay network, the
type of cryptographic protocol, etc. This report is a
survey of Public Key Encryption system. We studied
various identity based encryption protocols with respect
to dierent trust models and addressed the problems. A
public key encryption has been proposed which uses the
concept of Die Hellman Key Exchange and Shamir's
secret sharing. A code for encrypting a 4-digit integer
message has been executed.
Objectives
To study various types of Public Key Based Encryptions to
analyze the most suitable encryption for various trust
models in a peer-to-peer communication system.
Deliverables
Three dierent identity based encryption protocols
have been stated with respect to dierent trust
models for peer-to-peer communication
A public key encryption has been proposed which
uses the concept of Die Hellman Key Exchange
and Shamir's secret sharing
Code for implementing for a 4-digit integer
message has been executed for the above
mentioned public key encryption.
Fast Forward | January 2017

QoS-Aware Web Service Composition
Rishi Yadav
Integrated Dual Degree (CSE) III Year
IIT (BHU), Varanasi
Guide: Dr. G. R. Gangadharan
Description
In web service composition, QoS is an important
criterion to focus on, because it fullls the non-functional
requirements of composition. In this study, we used
'Canonical Correlation Analysis (CCA)', which analyzes
correlation extent between two sets of variables. We
used this method in our algorithm to nd out optimal
service composition from a service plan.
Objectives
To nd out optimal web service composition from a
service plan of dierent tasks, each having a number of
candidate services.
Deliverables
A novel approach to nd out an optimal web service
composition, considering all the transactional properties
and QoS metric values at a time.
A Detailed and Practical Analysis of Various Tools
for Visualization of Geographic Information in
Banking Sector
& spatial queries
K. L. Harsha Vardhan S. Geetha Reddy
B. Tech. (CSE) IV Year
JNTU, Hyderabad
Guide: Dr. N. Raghu Kisore
Description
The aim of this study is to build a visualization platform
for performing geospatial analytics and sharing the
results with various stakeholders bank customers, bank
ocials and government entities. To the bank customer,
the data visualization tool provides a means to search for
Fast Forward | January 2017
Explore, Enable, Excel
closest ATMs and bank branches and also obtain
information about the bank such as services available,
IFSC code and working hours. We used mapping tools like
Quantum Geographic Information System (QGIS),
QGIS2WEB.
The second part of the project was to identify the best
open source tool for visualization of geospatial data. For
this, the map containing the information had to be
published on the web with the help of some publishing
software or plug-in like QGIS2WEB XAMPP along with
MySQL. In the last part, an idea of mobile-based
application was proposed to provide specic user-
oriented information based on his/her current location
and other preferences related to him/her.
Objectives
To empirically analyze data visualization tools for
geographic data and then recommend the most
suitable one which provides a mechanism for
To practically analyze the various tools for
visualization of geographic data and then
recommend the most suitable one which provides
the entire query-related facilities.
Deliverables
After detailed analysis, we concluded that QGIS is the
best tool for the visualization of data on a desktop. On
the other hand, various options are available for
publishing the map on the web. For instance, a XAMPP
server congured with PostgreSQL (spatial database)
along with QGIS2WEB is the best choice for a stable and
systematic visualization application capable of handling
data.
20
Explore, Enable, Excel
Prediction-error Expansion based Reversible
Watermarking using Quad-tree Decomposition
Aniruddha Rao
M. E. (Embedded Systems) II Year
BITS-Pilani, Hyderabad
Guide: Dr. Rajarshi Pal
Description
This study aims to exploit the feature of quad-tree
decomposition to divide the image into homogeneous
regions. The basic objective of reversible data hiding is to
make slightest modications in the cover media for
embedding the watermark and at the same time ensure
that the recovery does not aect the delity of the cover
image. The embedding distortion is minimum when data
is embedded in smoother regions of the image. This study
exploits the idea by considering each of the
homogeneous blocks as a separate image and embeds
data in each block using the existing PVO-based mapping
scheme in two dimensions.
Objectives
To develop a new scheme of reversible data hiding that
aims to outperform existing schemes.
Deliverables
Proposed a new scheme of reversible data hiding
Compared the proposed scheme with the existing
schemes of reversible data hiding. The scheme
outperforms the existing schemes. The maximum
gain in PSNR values is typically 2 dB.
Ecient and Revocable Threshold Multi-Authority
Access Control System in Public Cloud Storage
Maheswara Reddy Chennuru
B. Tech. (CSE) IV Year
ISM Dhanbad
Guide: Dr. P. Syam Kumar
Description
This study designs an ecient and revocable data access
control scheme for multi-authority cloud storage
21
systems by combining threshold secret sharing (k, n) and
proxy re-encryption techniques. In our method, multiple
authorities co-exist and each authority is able to issue
attributes independently and attribute revocation
method can eciently achieve both forward and
backward security.
Objectives
To improve security and eciency in public cloud
storage systems, give data owners more direct
control on their access policies, and to
accommodate many data contributors and data
users to access the data in cloud
To design an ecient and ne-grained data access
control system for public cloud systems
To deal with the shortcomings of multi-authority
attribute systems by introducing threshold secret
sharing mechanism
To eciently revoke users from the current
system while minimizing the impact on the
remaining legitimate users.
Deliverables
Designed a full-edged CP-ABE by introducing threshold
secret sharing mechanism and ecient revocation
mechanism for ecient and secure data storage and
retrieval in public cloud storage.
A Privacy-Preserving Multi-keyword Ranked Search
Scheme over Encrypted Cloud Data using MIR-tree
Sonu Pratap Singh Gurjar
Integrated Dual Degree (CSE) III Year
IIT (BHU), Varanasi
Guide: Dr. P. Syam Kumar
Description
Privacy preservation and data integrity are the main
concerns which restrict users from outsourcing their
sensitive data. In this study, a privacy preserving multi-
keyword ranked search scheme over encrypted cloud
data along with data integrity using MIR-tree is
developed.
Objectives
To nd out an optimal veriable search scheme, over the
Fast Forward | January 2017

large data collection, to provide ecient search result
authentication technique, by considering privacy
preservation and integrity of result data.
Deliverables
This approach increases the condence level of the users
to outsource their sensitive data on the cloud server, and
retrieve it securely without disclosing any information.
Enabling Cloud Storage Security based on
Rateless Codes
Parth Pahariya
Integrated Dual Degree (CSE) III Year
IIT (BHU), Varanasi
Guide: Dr. P. Syam Kumar
Description
We proposed rateless code based cloud to ensure the
Condentiality, Integrity and Availability of data. We
modied the rateless codes for improving the reliability
and security in cloud. First, the scheme encrypts the data
blocks into ciphertext, then proxy encodes it using
rateless codes and stores redundancy blocks into random
cloud storage servers. Then, TPA uses parity check matrix
to check the integrity of codewords. Finally, the user
decodes the data using OFG algorithm for data retrieval
and the security and performance of the system is
analyzed.
Objectives
To increase the data storage security in cloud such as
Condentiality, Integrity and Availability with minimum
computation overheads.
Deliverables
A noble secure protocol based on rateless code for cloud
storage system with parity check matrix for integrity
check and encryption for securing the data.
Fast Forward | January 2017
Explore, Enable, Excel
Security of Wi-Fi Direct in Android based Devices
Morampudi Reshma Chowdary
B. Tech. (CSE) III Year
ISM Dhanbad
Guide: Dr. Rajib Ranjan Maiti
Description
We investigated the security of Wi-Fi Direct Protocol
used in Android based devices by checking whether
Denial-of-Service (DoS) attack vulnerability is present in
this protocol. We mimic a DoS attacker and launch the
attack on dierent versions of Android which has Wi-Fi
Direct feature.
Objectives
To study the vulnerabilities present in Wi-Fi Direct
Protocol and to check if the versions of the Android
devices that implement Wi-Fi direct are secured.
Deliverables
Using Wi-Fi Direct in Android version 4.4.4 or
earlier may not be safe as it is seen to be
vulnerable to Denial-of-Service attack. In fact, it
may cause severe harm as the attack reboots the
device when launched appropriately
However, Android version 5.1.1 or higher is not
v u l n e r a b l e t o D e n i a l - o f- S e r v i c e a t t a c k
irrespective of whether the corresponding device
communicates with a vulnerable Wi-Fi Direct
enabled device or not.
Investigating the Quality of VoIP Trac Over
IPv6 Enabled Network
Borra Sahithi
B. Tech. (CSE) III Year
ISM Dhanbad
Guide: Dr. Rajib Ranjan Maiti
Description
We investigated the quality of VoIP trac sent over a
network that use either IPv4 or IPv6 with the help of
network simulation using OPNET Modeler 14.5 simulator.
22
Explore, Enable, Excel
We built a network scenario where a set of handsets
(both cal ling and cal led) are connected to a
wired/wireless switch which is in turn connected to a
router, and the routers in calling and called sides are
connected through internet with default conguration
present in the simulator. We used a set of performance
metrics like end-to-end delay, voice jitter, packet delay
variation, mean opinion score, trac delivery ratio
available in the simulator.
Objectives
To investigate the feasibility of availing the
services of VoIP over IPv6 enabled network
To evaluate the performance gain in IPv6 for the
same.
Deliverables
A detailed project report on the performance
measurement of VoIP over IPv6 and IPv4 enabled
networks. The measurement is made over both wired and
wireless networks.
Sparse Aspect Rating Model for Sentiment
Summarization
Agni Besh Chauhan
B. Tech. (CSE) III Year
IIT Patna
Guide: Dr. S. Nagesh Bhattu
Description
This study deals with rigorous analysis of review data
crawled from various sources to deliver aspect
segmented sentiment. It tackles the latent aspect mining
problem in an unsupervised manner by considering the
user and item side information of review text for
modeling of aspect generation leading to improvement
on the accuracy and reliability of predicted aspect
ratings. The task investigated here takes a collection of
review text in banking domain as input with overall
numerical rating; and with the goal of discovering a set of
aspect and predict ratings on each aspect for each review
by applying unsupervised machine learning techniques.
Objectives
To investigate aspect mining problem that aims to deliver
opinion based summarization of text reviews in nancial
23
domain. Our goal is to derive the hidden aspect which has
been discussed in the text data. Further, we retrieve the
aspect intensity with which the user emphasis on a given
aspect in the review and give a score to each aspect.
Deliverables
An algorithm to retrieve aspect-based intrinsic
information for analysis of service quality of banks
and other public entities
A prepared review dataset of banking domain by
crawling from web sources.
File Transfer API: An Interface between SFMS
and CBS
&
Pranavi Jalapati Satya Naraparaju
B. Tech. (CSE) II Year
JNTU, Hyderabad
Guide: Shri G. Raghuraj
Description
This study proposes an interface between the SFMS
(Structured Financial Messaging System) and CBS (Core
Banking System) which invokes two primary functions of
the SFMS Bank API namely 'Send' and 'Receive'
messages. The message sent can either be in a le format
or a string structure. The received message has to be in a
string structure which is a requirement of the SFMS.
After an authorised activation of the interface server, it
dynamically connects to the SFMS server using the port
specied at the client end. The interface supports
multiple le transfer averting network congestion. The
server acknowledges successful transfer and reports a
NAK (Negative Acknowledgment) otherwise. On
receiving a positive acknowledgment, the les at the
parent location are deleted to avoid redundancy.
Moreover, all the transactions and login activity is logged
using a database for accountability.
Objectives
Transfer multiple les and push messages across
SFMS and CBS avoiding manual intervention
Fast Forward | January 2017

Log the details of all the transaction attempts
along with the login activity
Delete the les at the parent directory once they
are successfully transferred in order to avoid
redundancy.
Deliverables
An API (Application Programme Interface) which pushes
multiple les and messages across SFMS and CBS and
logs the transfers attempted and login activity.
MIS Module for Issue of Digital Certicate and
Application Tracker
G T Rohit Krishna Raghavendra
B. Tech. (CSE) III Year
Shiv Nadar University
Guide: Shri V. S. Mahesh
Description
MIS module for Issue of Digital Certicate helps in
maintaining customer transactions viz., bank-wise
credits, TDS deducted by customers and types of digital
certicates issued to the customers. Service Tax
component is derived. The reports module helps in
generating daily, monthly, quarterly and other periodic
reports. Information with respect to transactions viz.
customer-wise transactions, etc., can be generated.
In the Application and Correspondence Tracker, details of
applications received for issue of certicate are captured
and various stages encompassing the life cycle of issuing
of digital certicate is captured to enable ecient
delivery to the customer and also ensures controls in
place for the department. Similarly, audit reports
received by the department can also be updated
customer-wise for further follow-up.
Objectives
To maint ain customer transactions viz.,
organisation-wise credits, TDS deducted by
customers and types of digital certicates issued
to customers
To capture the details of applications received by
the department for issue of and various stages
encompassing the lifecycle of issuing of digital
certicate so as to enable ecient delivery to the
Fast Forward | January 2017
Explore, Enable, Excel
customer and also ensures controls.
Deliverables
MIS Module for Issue of Digital Certicate
Application and Correspondence Tracker.
MIS Module for Issue of Digital Certicate and
Application Tracker
Sai Krishnan T
B.E. (CSE) III Year
Osmania University
Guide: Shri S. Lalit Mohan
Description
The aim of the study is to build a search engine for banks,
for searching information related to the domain of
Information Security. We have made use of the open
source cloud environment called OpenStack for
managing the nodes. The crawler is used to crawl through
the web and collect the necessary information. Once the
information has been retrieved, ranking algorithms were
used to rank the web pages and machine learning tools so
that the search engine will be learning automatically.
Finally, a user interface needs to be created for the user to
enter their query and access the information.
Objectives
To create a domain-specic search engine than being
generic and the domain dealt here is Information
Security.
Deliverables
Have successfully set up the OpenStack cloud
environment up and running on the Ubuntu 14.04
servers, and are able to run the Apache Nutch crawler
image using a Docker container.
24
Explore, Enable, Excel
Inaugural Batch of Post Graduate
Diploma in Banking Technology
Gets Going
T HE Inaugural batch of the Institutes Post Graduate
Di p l o m a i n B a n k i n g Te c h n o l o g y ( P G D BT )
commenced on July 04, 2016. This Post Graduate
Diploma in Banking Technology is a unique programme
designed to provide the Indian Banking and Financial
Sector, on a regular basis, a pool of talented
professionals with technology expertise to strongly
support their technology deployment initiatives.
The PGDBT is a full-time regular one year programme,
spread over four terms, that provides essential learning
inputs on technology implementation, integration and
management to both directly selected candidates as
well as practicing bankers, so as to enable them to meet
the changing technology requirements of the Banking
Sector. The programme focuses on present technologies
as well as emerging technologies that can contribute to
the growth of banks.
The inaugural batch of candidates have completed their
rst two terms and their placement process is on.
Almost half of the batch has already been placed and all
the remaining students are expected to be placed well-
before they complete even their third term.
Admissions to the second batch of the PGDBT
programme would be announced by February 2017 and
interested candidates may visit the Institute's website at
www.idrbt.ac.in for details.
25
...Continued from Page 02
consultancy on these projects. He briefed about the use
of the software available in CoEA SAS Enterprise Miner
and IBM SPSS Modeler, KNIME, Rapid Miner, the recent
development of R User Interface for Banking Analytics
(RUIBA). He explained the work done in CoEA especially
in the development of Algorithms/Architectures in
Data/Text/Web Mining, Evolutionary/Fuzzy/Neuro/
Soft Computing, Global/Multi Criteria Optimization,
Time Series Data Mining, Social Media Analytics, Big
Data Analytics, Statistical Machine Learning.
Dr. Nagesh B. Sristy, Assistant Professor, IDRBT, spoke
on the importance of Analytics and Data Warehouse and
briey explained the related tools and techniques.
COMING UP
Second IDRBT Banking Application
Contest
T HE popularity of App or Application Software has
grown tremendously in recent years, with people
across nations, irrespective of age and gender, getting
hooked to the Apps culture.
Responding to this new habit, Indian banks too have been
building Apps, but the requirements of customers and
banks may not be met only by the internal teams of
banks. Moreover, Apps are an area where there are
talented individuals, geeks and small companies, who are
working with great passion, and there is a need to tap
these apps for the benet of the banking sector.
In order to provide a boost to developing Apps and
bring out the innovations happening in the area of Apps
which could be useful for the Indian Banking and
Financial Sector, the Institute started organizing the
national level Annual IDRBT Banking Application
Contest (IBAC) in 2016 and the rst IBAC was held on
April 11, 2016.
Since new apps are being developed frequently, there is a
need to tap them quickly to benet the banking sector.
Accordingly, the Institute has announced the Second
IDRBT Annual Banking Application Contest on April 07,
2017. Please visit www.idrbt.ac.in for details.
Fast Forward | January 2017
FORTHCOMING PROGRAMMES
JANUARY 2017
Migrating to IPv6 09 11
Cyber Defence for Banks 09 13
R for Analytics 17 20
Data Centre Management 18 20
Trends and Technologies in Mobile Banking 23 24
IT Vendor Management 23 25
IT for Functional Executives in Banks 30 01
Digital Forensics for Banks 30 03
FEBRUARY 2017
Big Data Analytics for Banks 01 04
Emerging Trends on Operational DBMS for Banks 06 10
Banking Technologies 06 10
Cloud Adoption in Banks 13 17
Network Security 13 17
Data Quality 20 21
Payment Systems 20 22
Mobile App Development for Banks 27 03
SFMS Platform for LCs, BGs, RTGS & NEFT 27 03
MARCH 2017
Registration Authority Operations 02 03
Secure Coding Practices 06 10
Information Systems Control & Audit 20 24
APRIL 2017
Social Media Analytics for Banks 17 21
Technologies for Financial Inclusion 24 26
Website Security 24 26
MAY 2017
Mobile Security and Mobile Application Testing 01 03
Payment Systems 01 03
SFMS Platform for LCs, BGs, RTGS & NEFT 01 05
Registration Authority Operations 08 09
Data Warehousing for CRM & Analytics 15 18
Security Operations Centre 15 19
Digital Forensics for Banks 15 19
Migrating to IPv6 22 24
Emerging Authentication Techniques for Banks 22 24
Virtualization and Cloud Computing 22 26
JUNE 2017
Open Source Technologies 05 07
Fraud Analytics 12 16
Big Data & Cloud Computing Challenges 19 23
Network Security 19 23
SFMS Platform for LCs, BGs, RTGS & NEFT 19 23
Technologies for Financial Inclusion 27 29
Mobile Governance and Mobile Cloud Services 28 29
Design of Secure Enterprise LAN 28 30
Published by:

Explore, Enable, Excel

Institute for Development and Research in Banking Technology

(Established by Reserve Bank of India)

Castle Hills, Road No. 1, Masab Tank, Hyderabad - 500 057, India.
EPABX : +91 - 40 - 2329 4999, Fax : +91 - 40 - 23535157
Web : www.idrbt.ac.in E-mail : publisher@idrbt.ac.in