|
|
|
|
|
|
|
|
|
|
|
|
|||
|
|
This Internet Banking
System brings together a combination of industry-approved security
technologies to protect data for the bank and for you, our customer. It
features password-controlled system entry, a VeriSign-issued
Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for
data encryption, and a router loaded with a firewall to regulate the inflow
and outflow of server traffic. Secure Access and
Verifying User Authenticity To begin a session
with the bank's server the user must key in a Log-in ID. In addition, we also
require multifactor authentication with a pass phrase and password. Our
system, the Internet Banking System, uses a "3 strikes and you're
out" lockout mechanism to deter users from repeated login attempts.
After three unsuccessful login attempts, the system locks the user out,
requiring either a designated wait period or a phone call to the bank to
verify the password before re-entry into the system. Upon successful login,
the Digital ID from VeriSign, the experts in
digital identification certificates, authenticates the user's identity and
establishes a secure session with that visitor. Secure Data Transfer Once the server session
is established, the user and the server are in a secured environment. Because
the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server
is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that
travels between the bank and customer is encrypted and can only be decrypted
with the public and private key pair. In short, the bank's server issues a
public key to the end user's browser and creates a temporary private key.
These two keys are the only combination possible for that session. When the
session is complete, the keys expire and the whole process starts over when a
new end user makes a server session. Router and Firewall Requests must filter
through a router and firewall before they are permitted to reach the server.
A router, a piece of hardware, works in conjunction with the firewall, a
piece of software, to block and direct traffic coming to the server. The
configuration begins by disallowing ALL traffic and then opens holes only
when necessary to process acceptable data requests, such as retrieving web
pages or sending customer requests to the bank. Using the above
technologies, your Internet banking transactions are secure.
|
||
