Security Policy

The Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a monitored firewall to regulate the inflow and outflow of traffic.

Secure Access and Verifying User Authenticity

To begin a session with the bank's server the user must enter a user name and a password. Our system uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to release the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor. No one from the bank will ever ask for your password. Protecting your personal password is important to the security of your account.

Secure Data Transfer

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. When an encrypted message is sent, the sending and receiving computers each generate a code based on the message content. If even a single character in the message content is altered en route, the receiving computer will generate a different code, and then alert the recipient that the message is not legitimate. All exchanges of encrypted code occur within seconds, and require no action by the consumer. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible to decode a message or data for that session. When the session is complete, the keys expire and the whole process starts over when a new end user establishes a server session.

128-bit SSL encryption is the world's most powerful. 128-bit SSL encryption has never been broken: according to RSA Labs, it would take a trillion-trillion years to crack using today's technology.

Router and Firewall

Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as a request to reach Internet Banking. This firewall meets or exceeds all the standards set by the National Computer Security Association.

Security Reviews

We continuously monitor and audit all incoming and outgoing transactions to the Internet. We operate in accordance with all the rules and regulations of banking and bank security as set forth by banking regulators. The bank has created an internal review process to continually ensure the highest level of web-trust available for security on the Internet.

E-mail Communication

For your protection, we recommend that you do not e-mail account numbers, cash & check card numbers, passwords, or other critical financial information. If you need to refer to a particular account, only include the last four digits in your e-mail. We cannot guarantee the security of standard e-mail communication.

With the above technologies and procedures, your Internet Banking transactions are secure. If you have any questions about Internet security, please contact us in person, by phone, or e-mail our technical support department.