Personal Online Banking
The convenience of banking through the internet is sometimes overshadowed by concerns that our private account information could fall into the wrong hands. At Willamette Valley Bank, security is the top priority. To this end we have a firewall between the internet and our client information preventing unauthorized access as well as only communicating through web browsers that support Secure Socket Layer (SSL) 3.0 or higher. As a final security measure we encrypt all data communications using state of the art encryption technology and Message Authentication Code (MAC).
At Willamette Valley Bank we are so confident in our security measures that we guarantee you will be covered 100% for any funds improperly removed from your accounts while we are handling your transactions. We will reimburse you for any unauthorized online removal of funds from your accounts provided it is not the result of client irresponsibility.
As you would expect, there are some things outside of our control that constitute client responsibility. Our guarantee does not cover the following:
Secure Sockets Layer (SSL)
Secure Sockets Layer 3.0 provides a way for your browser to ensure that you are in fact logging on to the Willamette Valley Bank server and not a site that is attempting to impersonate our server. Before you log on to the Willamette Valley Bank server it sends our public key to your browser program. SSL lets your browser verify the identity of our server by viewing the site’s certificate. A certificate is a way of associating a public key to a name.
Once SSL has authenticated the server, your browser and our server will create an individual symmetric key. This key will allow our server to communicate with your browser through encrypted transmissions of data. The symmetric key is valid for a single use only. If you log out and log in again at another time the server and your browser will create a new unique symmetric key.
Message Authentication Code
With all data between our server and your browser scrambled, no outside party can understand our communications, though it is still possible to intercept a message. To verify that a message has not been tampered with, SSL uses a message authentication code (MAC). A MAC is a piece of data that is derived using pieces of the symmetric key and the message itself. Your browser will always check the MAC before decoding a message from our server. If the message from our server is not authentic, the MAC will not compute correctly and your browser will alert you of a possible security breach. The chances of someone encrypting a message and providing a correct MAC are next to impossible, about 1 in 18,000,000,000,000,000,000 using 128-bit encryption.
|Copyright 2008 Willamette Valley Bank|