The privacy of the communications between you (your browser) and our servers is ensured using encryption. Encryption scrambles messages exchanged between your browser and our online banking server. Encryption happens as follows: When you go to the sign-on page for online banking, your browser establishes a secure session with our server. The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys. Keys are random numbers chosen for that session and are only known between your browser and our server. After the keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server. Both sides require the keys because they need to de-scramble (decrypt) the messages when they are received. The SSL protocol not only ensures privacy, but also ensures that no other website can “impersonate” your Financial Institution’s website, nor alter any of the information sent. You can tell whether your browser is in secure mode by looking for the secured lock symbol at the bottom of your browser window.
Security and Browser Support
We provide a number of additional security features in online banking. Online banking will “timeout” after a specified period of inactivity. This is designed to prevent potential fraudulent activity from continuing your online banking session in case you have left your PC unattended without logging out. However, we recommend that you always sign-off (log out) when you are done with your online banking. it is important to point out that the computers that store your actual account information are not connected to the Internet. Our online banking Web servers receive the transactions that you initiate through the Internet. These Web servers route your transaction through firewall servers, which act as a traffic cop between segments of our online banking network used to store information, and the public Internet. This configuration isolates the publicly accessible Web servers from data stored on our online banking servers and ensures that only authorized requests are processed. Various access control mechanisms, including intrusion detection and anti-virus, monitor for and protect our systems from potential malicious activity. Additionally, our online banking servers are fault-tolerant, and provide for uninterrupted access, even in the event of various types of failures.
Our online banking platform supports the following browsers:
- Internet Explorer – Version 9 or above
- Mozilla Firefox – Version 25 or above
- Google Chrome – Version 31 or above
- Safari – Version 5 or above
- Android Default Browser and Chrome Android – Version 2.3 or above
- Mobile Safari for iOS devices iOS – Version 6 or above
The numbers used as encryption keys are analogous to combination locks. The strength of encryption is based on the number of possible combinations that a lock can have. As the number of possible combinations grows, it becomes less likely that anyone would be able to guess the combination in order to decrypt the message. Today’s browsers offer 40-bit encryption, or 128-bit encryption. Although both result in a large number of possible combinations (240 and 2128 respectively), for your protection, our servers require the browser to connect at 128-bit encryption. Users will be unable to access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level in order to access online banking functions.
If your browser does not support 128-bit encryption, you will need to upgrade to a browser that does in order to continue to access secure pages of the website.
It is also important to verify that only authorized persons log into online banking. This is achieved by verifying your password. When you submit your password, it is compared with the password we have stored in our secure data center. We allow you to enter your password incorrectly a limited number of times. If you enter your password incorrectly too many times, your online banking account will be locked until you call us to reinitialize the account. We monitor and record “bad-login” attempts to detect any suspicious activity (i.e., someone trying to guess your password). You play a crucial role in preventing others from logging on to your account. Never use passwords that are easy to guess. Examples of bad passwords are: Birth dates, first names, pet names, addresses, phone numbers, social security numbers, etc. Never reveal your password to another person. You should periodically change your password in online banking.