Threat Analysis of Software Agents in Online Banking and Payments

Abstract

Software agents are the delegated subcontractors essential to connect the end-user to the bank and payment providers in a distributed service offering. This paper evaluates the key role that the different software agent types play to facilitate collaboration between clients and banks to perform online transactions. It highlights the threats and imminent risks that these software agents introduce in the chain as well as how these threats affect the trust relationship between principals. The discussed threats and resulting risks suggest vulnerabilities in the current software agent model which are beyond the bank and end user’s control. Both principals, the client and the service provider, are open to potential legal, security, quality of service, confidentiality and privacy compromises which influence the overarching trust relationship. There is resounding literature to illustrate advances that have been made to address the exposed challenges. However, a gap of misfortune remains where the software agent can act on its own accord exposing the contracting principals to internal and externally engineered threats thus tainting the trust relationship between these parties.