ONLINE STOCK TRADING

Online stock trading is very old concept for big institutions who tradethru private networks owned by Reuter's "Instinet" and a system called"Posit" since 1969.
But It become internet based for lay men only in late 90s.
Funny, that actually idea was first time used by a company making Beercalled "WIT beer" to help its shareholders trade its shares. Thats how "WITCapital" was born which is considered pioneer of this concept. It was mademainstream and household name by a offshot of Charles Schwab & Co called eSchwab which is used by millions of people in USA. Lot of NRI's i know playin US stock market even when they come to India for holidays via websiteof eSchwabe.
There are other serious players like E*trade, DATEK online etc. All thiscompanies ask you to start account with US $5000 and you can buy and sellstock using this funds. They also issue you a check book which you can useto make payments from this account. Or use their ATM card to withdraw cash from your stock trading account.
Today practically every big name brokerage firm offers online strock tradingas it reduces their costs. Earlier they had army of brokers on phone withclients executing trade, now that is done by computers accepting orders fromclients directly. This firm now offer human access to high networth accounts, and to rest at charge per trade. (e.g if web based trade will cost you $10per 1000 shares, human assisted trade will set you back by $40 or more).
In last 2 year in India we have seen lot of developments in this, good andbad, successful and not so successful. ICICI webtrade, Sharekhan areconsidered biggest brands in this arena. ICICI webtrade is particularly veryattractive to users as it combines 3 segments of transactions , i.e., bankaccount , demat account and stock trading account. ICICI being the owner of all the three services they are all very well integrated.. Other player's have tieups with Banks and Depository's but its not same as seeing all three in one webpage.
Frauds in this area were non existant in 2000 as it was still new for most ofindians. But in year 2001 and now 2002 we have been seeing perils of webbased stock trading and banking.
One thing which potential client should pay attention to is, agreement withbroker, how it defines risks of hacking and who bears it. In USA for webbanking and online stock trading risks are usually borne by company/bank andnot client. Companies have insurance coverage and that helps consumers moveon to online trade (companies save lot of money by not having human talkingto you, compared to this, fraud insurance cost is almost negligible).
But in India, because of tendency of consumers of not looking at agreementscarefully and companies also believe in passing all costs/risks toconsumbers and retain profits for themselves. Hence most online bankaccounts and stock trading accounts agreements clearly mention thatbank/broker is not liable for any loss leading from hacking of the account.In this situation smart person would avoid using this services. Brokers andBanks benefit tremendously when you use them via web and not call them onphone, but most people are not aware of this, they try to create impressionas if they re doing "favour" to us when offering us web based bank/brokerageaccount access.
In 1997 when ICICI BANK launched web banking they were charging Rs.1000 foraccess thru web from their account holders and new accounts, and "waiving"this charge for select few customers. Common sense would tell you that everytime 30 people access web for ICICI banks, ICICI BANK has to employ one lessperson in its call centre. Now this kind of charges don't exist but stillthey make it sound as if its "free" as favour.
Hacking on stock trading account happens in two ways.
1) When server of stock broker is hacked into by outsider or employee andthey insert trades of shares/security on account of clients, there byexposing client to loss of his balanace in his/her account. To prevent this, broker has to implement state of art security policy and security measureslike best available firewall, keeping main database computer behind firewallnot accesible from outside internet and having only one or two key senioremployees access to this database. And their verification should not be justby password but use of biometric authentication is must.
Also having outside experts doing ragular audit of system and network isgood idea to find out weaknesses before hacker finds them. Lot of young CAs in India nowspecialize in IT audit and have CISA certification apart from being CA.
2) Keylogger. If hacker installs a software called "keylogger" on client pc,it copies to a file , every keystroke typed on that pc. And at regularinterval without clients knowledge that file is sent via email on internetto hacker. Hacker learns all username/account id and passwords of clientwhen client uses this pc for accessing his bank, demat and stock tradingaccounts.
Once this is done, hacker can go to any cybercafe and use this accounts toempty balances (cybercafe so that authorities can't track him down via IPaddress which will reveal his identity if he does from his home or officepc).
There are ways to prevent this from happening. One should not use computersto access accounts which are not trusted (like don't use cybercafe, or otherpeople's computers for accessing net based bank/brokerages). When you buy apc, buy it without Operating System and install OS (windows 2000 or XP) onyour own. If computer comes pre loaded with OS it may have Keyloggerinstalled by engineers of supplier.
Use OS like WinXP or Windows 2000 which will not allow anyone to access pcwithout proper authorization. Don't use Windows98 or 95 which doesn't haveany security measures built into it.
Use firewall like "Zone Alarm Pro" to detect any suspiceous software sendingout data to outside world (like keylogger sending out email to hacker).
Keep antivirus software (like Norton Antivirus 2002) updated everyday todetect new trojon viruses which do job of keylogger. Viruses now routinlycome as attachment to email and don't need use to click on attachmentanymore. They just execute themselves from outlook express email software.
All above are best one can do today, but in few months in year 2002 you willsee banks and brokers using Biometric security features which cannot behacked by hackers. It will use your thumb print or retina scan of your eyes asmethod of establishing your identity and not require you to use anypasswords on keyboard. One may have to look in lense of scanner provided orput thumb on small device which will transmit thumb impression to brokerssystems over net and verify if its really you using that account.