The network architecture used to provide First IB’s online banking service was designed by some of the brightest minds in network technology.
First and foremost, the computers storing your actual account information are not linked directly to the Internet. Instead, transactions you initiate online are received by our online banking Web servers, which then route your transaction through firewall servers. Firewall servers act as a traffic cop between segments of our online banking network used to store information, and the public Internet.
While your requests are traveling between your computer and our servers, the privacy of communications is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server.
- When visiting online banking’s sign-on page, your browser establishes a secure session with our server.
- The secure session is established using a protocol called Secure Socket Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys.
- Keys are random numbers chosen for that session and are only known between your browser and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
- Both sides require the keys because they need to descramble (decrypt) messages received. The SSL protocol helps to ensure the information sent is not altered prior to decryption.
The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations a lock can have. The more possible combinations, the less likely someone could guess the combination to decrypt the message. For your protection, our servers require the browser to connect at 128-bit encryption (versus the less-secure 40-bit encryption).
At our data center, there are a number of various access control mechanisms, including intrusion detection and anti-virus, that you cannot see, which monitor for and protect our systems from potential malicious activity. Additionally, our online banking servers are fault-tolerant, and provide for uninterruptible access, even in the event of various types of failures.
We also provide a number of security features in online banking that you can see. For example, online banking will “time out” after a specified period of inactivity. This prevents curious persons from continuing your online banking session if you left your PC unattended without logging out. You may set the timeout period by following the Preferences link in online banking. We recommend that you always sign off (log out) when done banking online.
It is important to verify that only authorized persons log into online banking. This is achieved by verifying your password. (See our tips for creating a strong password.) When you submit your password, it is compared with the password we have stored in our secure data center. We allow you to enter your password incorrectly a limited number of times; too many incorrect passwords will result in the locking of your online banking account until you call us to unlock your access and reset your password.
Business Online Banking: Fraud Prevention Recommendations
First IB recommends its commercial clients consider some best practices while conducting their online banking activities:
- When possible, dedicate a computer to online banking only. Don’t use this computer to surf the Web or check email to avoid exposure to viruses.
- Utilize dual controls for ACH and wires. One token initiates an electronic transaction; another approves the request.
- ACH debit block and filter are available to automatically reject any ACHs that would hit a specific account.
- Check your bank accounts daily using your online banking for any suspicious activity.
- Install firewalls