FirstNet brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with FirstNet the user must key in a password. FirstNet uses a five attempt limit to deter users from repeated login attempts. After five unsuccessful login attempts, the system locks the user out, requiring a phone call to the bank to reset the password. Upon successful login, FirstNet uses SSL version 3 (Secure Sockets Layer) to provide a security "handshake" that is used to initiate the TCP/IP connection. This handshake results in the client and server agreeing on the level of security they will use, and fulfills any authentication requirements for the connection.
Secure Data Transfer/Encryption
To start a transaction, the customer uses his browser to send a secure message
via SSL to the bank. The bank responds by sending a certificate which contains
the bank's public key.The browser authenticates the certificate, then generates a session key which used to encrypt data traveling between the customer's browser and the bank server. The session key is encrypted using the bank's public key, and sent back to the bank. The bank decrypts this message using its private key, and then uses the session key for the remainder of the communication. By exchanging messages using the public/private key pair, the customer can be assured they are actually communicating with the bank, not a third party trying to intercept the transaction.
Information Privacy: Firewalls and Filtering Routers
Finally, once requests arrive at the bank, the server is protected by a system of filtering routers and firewalls, which form a barrier between the outside Internet and the internal bank network. The filtering router verifies the source and destination of each network packet, and determines whether or not to let the packet through. Access is denied if the packet is not directed at a specific, available service.
New advances in security technology are happening daily, and First National is committed to ensuring that it provides the highest level of privacy and safety for bank customers.
If you have any questions, please feel free to contact us.