Banks have been sensitive to security in one form or another since the onset of their existence. Physical security to protect cash, as well as security measures against internal and external fraud, are common topics of discussion in the banking industry. Internet security is no exception.
We employ multiple layers of advanced security tools, including 128-bit encryption, firewalls with 24-hour intrusion detection and trusted operating systems. In addition, before gaining access to any account information, each individual is authenticated by a personal User ID and Personal Identification Number (PIN). Sending pseudo account names rather than your account numbers over the internet provide another line of safety. Each of these is further explained below.
In short, this is coding of information that creates a barrier between systems that can only be crossed with authorized passwords and by creating safe pathways to and from each system.
Our computer system does not connect directly to the Internet. It is isolated from the Internet network via a series of "firewalls." A firewall is a device, both hardware and software related, that controls the access computers on the Internet have to the bank's computer. Use of the firewall allows only authorized traffic to reach the Web Server and provides continuous monitoring of attempts to gain access to our pathways.
Today's authentication methods--used to confirm that it is you, and not someone who has stolen your identity--involve one or more basic "factors":
- • Something the user knows (e.g., password, PIN)
- • Something the user has (e.g., ATM card, smart card or similar items)
- • Something the user is (e.g., biometric characteristic, such as a fingerprint)
Single-factor authentication uses one of these methods; multi-factor authentication uses more than one, and thus is considered to be a more reliable and stronger fraud deterrent.
User ID and PIN provide a secure log-on environment. Your User ID and PIN reside with-in the banks system, where they can never be accessed or downloaded by anyone on the Internet. You will be asked to select your own alphanumeric PIN during your initial log-on. No one else will be able to access your accounts, because only you know your PIN.
Your account numbers never travel over the Internet. Instead your accounts are given Pseudo Account Names that take the place of your account numbers.