How digital forensics helps the Banking Sector | By Manan Ghadawala

How digital forensics helps the Banking Sector

This age of information has transformed almost every industry, and the same goes for the banking sector. Criminals now are turning more towards technology to attack institutions and steal funds. In the UK, for instance, cybercrime now accounts for over 50% of total crimes in the country. This is a massive percentage. Even the FBI reports that physical robberies are slowly giving way to digital robberies through hacking. Firewalls and preventions are sometimes proving not enough for such attacks. 

Now, it is only too easy for hackers to break into bank databases, steal customer information, send links to customers requesting sensitive information, which most customers will part with since they trust their banks, and commit digital robbery. And even if you stop one attack, another will rise as digital literacy is increasing every day. People are getting tech-savvy while criminals are getting more expertized in cracking codes and breaking down firewalls. Similarly, as banking goes digital, banks now understand that they would need to put cybersecurity preventions in place. Digital forensics is one such mechanism to stop and conduct Fraud investigation.  

A Case Study

Imagine this hypothetical situation where digital forensics plays a huge part in solving fraud in a banking institution.

The sales manager at Bank X gives his boss notice of 4 weeks. Some days after he leaves, Bank X receives multiple complaints from their clients that they are getting emails from an unknown email account wanting sensitive banking details that they entrusted to Bank X. A digital forensics agency is instantly hired to look for evidence on A’s personal computer on the insistence of his former boss, who suspects A. During briefing, the agency recommends that the PC be examined for proof for anything A may have copied from the business servers to any removable external device during the 4 weeks he was still working in Bank X. 

Every byte and bit on the PC’s disk is collected and conserved using robust procedures as employed by the agency. The information is then carefully, and several deleted files and data have recovered that show what date and time the email data was created while A was using the PC. 

The meticulous analysis also shows that in the last 3 days of A’s notice, 1 Microsoft Access file and 1 MYOB data were copied to USB drives. The detailed audit and records are given to Bank X, and proper counsels are held with legal advisors from the company, and a police complaint is filed under cyber-security laws. 

Phases in Digital Forensics

Generally, digital forensic has a goal to determine digital evidence for bank account investigation or fraud investigation. Investigations usually use both digital and physical evidence with scientific ways to reach to conclusions. Digital forensics is used extensively in any case where a computer was used to attack; thus, the importance increases when it is used in the banking sector. 

Considering the case study, there are three phases in digital forensics:

  • Acquisition

This phase saves the digital system’s state so you can later evaluate it. In the physical world, this would be fingerprints, photographs, tire patterns, or blood samples from crime scenes. Like in forensic pathology, digital forensic scientists are not sure which data is going to be a digital proof, so they need to save everything, no matter what is its value. Most of the times, the unallocated and designated spaces of hard disks are copied (commonly named image). Tools are applied in this phase to copy information from the storage device of the suspect’s to a trusted computer. These tools should not modify the suspect device a lot when copying the data.

  • Analysis

This phase takes the acquired information and analyzes it to determine evidence. There are primarily three evidence categories:

  • Inculpatory Evidence

Evidence that establishes a given theory—evidence collected that backs up the investigation’s leading theory.

  • Exculpatory Evidence

Evidence that opposes a given theory—evidence gathered that provides a different approach than the one hypothesized.

  • Tampering Evidence

Evidence that cannot be connected to any opinion but displays the system that was tampered to avoid identification. During this phase, files and directory contents are examined, and deleted content is recovered. This method in this phase is used to develop resolutions based on the found evidence


This phase, though based solely on law and policy, are distinctive for each context. This phase exhibits the recommendations and identical evidence from investigations. In bank account investigation, the conference typically involves extensive counsel, social support, and administrators. Corporate law and privacy laws prescribe what is exhibited.


Digital attacks are a new menace surfacing in the banking industry these days and Forensic Protecting Your Business in the Banking is the way to prevent cybercriminals these days.

Author Bio:

Manan Ghadawala is the founder of 21Twelve Interactive which is one of the best mobile app development company in India and the USA. He is an idealistic leader with a lively management style and thrives raising the company’s growth with his talents. He is an astounding business professional with astonishing knowledge and applies artful tactics to reach those imaginary skies for his clients. His company is also recognized by the Top Mobile App Development Companies. Follow him on Twitter | Facebook | LinkedIn

July 11, 2019
Notify of
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013