The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server.
How Encryption Works
- When visiting online banking's sign-on page, your browser establishes a secure session with our server.
- The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys.
- Keys are random numbers chosen for that session and are only known between your browser and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
- Both sides require the keys because they need to descramble (decrypt) messages received. The SSL protocol assures privacy, but also ensures no other website can "impersonate" your financial institution's website, nor alter information sent.
- To learn whether your browser is in secure mode, look for the secured lock symbol at the bottom of your browser window.
The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations a lock can have. The more possible combinations, the less likely someone could guess the combination to decrypt the message.
For your protection, our servers require the browser to connect at 128-bit encryption (versus the less-secure 40-bit encryption). Users will be unable to access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level.
To determine if your browser supports 128-bit encryption:
- Click "Help" in the toolbar of your Internet browser
- Click on "About [browser name]"
- A pop-up box or window will appear.
- For Internet Explorer: next to "Cipher strength" you should see "128-bit"
- For Netscape: you should see "This version supports high-grade (128-bit) security with RSA Public Key Cryptography"
If your browser does not support 128-bit encryption, you must upgrade to continue to access the website's secure pages.
Firefox and Safari browsers and DI
July 2005 --
1. Firefox and Safari - Encryption levels
Both browsers recently designated as supported for use with DI products, Firefox 1.0 and Safari 1.2, use strong 128-bit encryption when accessing secure sites, to ensure safe and secure transmittal of private data such as account and payment information.
2. Firefox and Safari - How end users can determine which levels of encryption they have
A. Firefox - In Firefox, this option is not visible until connected to a site. Negotiation occurs between the client browser and the server at run-time. To view the encryption level being used while connected to a specific secure site, you can do the following:
- Click to the 'Tools' menu
- Select 'Page Info'
- Click the 'Security' tab
Or: double-click the yellow 'lock' icon in the lower right corner of the screen while connected to a secure site.
B. Safari - The Safari browser displays a 'lock' icon at the top right corner of the browser window when you're viewing a secure (https://) site. This symbol is absent when viewing an unsecured (http://) site. Safari can use both 40-bit and 128-bit "strong" encryption; the website determines which level of encryption is used at a given time.
Other browsers that support 128-bit encryption also may work. More information on some common browsers is available via these links: