The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server.
How Encryption Works
- When visiting online banking’s sign-on page, your browser establishes a secure session with our server.
- The secure session is established using a protocol called Transport Layer Security(TLS) Encryption. This protocol requires the exchange of what are called public and private keys.
- Keys are random numbers chosen for that session and are only known between your browser and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
- Both sides require the keys because they need to descramble (decrypt) messages received. The TLS protocol assures privacy, but also ensures no other website can “impersonate” your financial institution’s website, nor alter information sent.
- To learn whether your browser is in secure mode, look for the secured lock symbol at the bottom of your browser window.
The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations a lock can have. The more possible combinations, the less likely someone could guess the combination to decrypt the message.
For your protection, our servers require the browser to connect at 128-bit encryption (versus the less-secure 40-bit encryption). Users will be unable to access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level.