Alliance Bank requires three (3) pieces of security information that are only known to you during the enrollment process.
Individual Logon ID and Password
For your protection, so that we may research your request for an account and validate your confidential account information, an individual logon ID will be utilized. You will select your own logon ID during the enrollment process. A temporary computer-generated password will be delivered via the United States Postal Service after the initial account set-up has been completed. You will be prompted to enter your own customized password.
Also for your protection, access to your online account will be disabled should you exceed the allowed number of logon attempts.
Your user password will be authenticated during the log-in process. You may change your user password as often as you like and will be prompted to make such a change periodically. Your logon ID will never change.
For additional security, your PC banking session will be terminated should there be an extended time of inactivity. This will prevent anyone from using your computer if you step away from your desk or office. Once logged off you may simply reauthenticate yourself by entering your password and logon ID at the logon page.
Alliance Bank will not, at any time, ask for your logon password. If anyone calls and requests this information, contact the bank immediately.
Alliance Bank has an approved list of browsers based on their accommodation of specific security requirements.
- Netscape Secured Socket Layer (SSL)
- Netscape Communications developed SSL to ensure private and authenticated communications
Your PC banking session will utilize the SSL to secure the transaction from your browser and the WEB server. Once a secure session is established the data cannot be monitored by other users on the Internet.
The SSL "language" works with all other Internet "languages" so that you are not limited as to its use. A "higher level" application protocol can layer on top of the SSL Protocol transparently. The SSL Protocol can negotiate an encryption algorithm and session key as well as authenticate a server before the application protocol transmits or receives its first byte of data. All of the application protocol data is transmitted encrypted, ensuring privacy.
Encryption is the actual turning of words and numbers into a coded language that can only be read by you and the bank. If the key in the lower left corner of your screen appears filled or "enclosed" in Netscape Navigator and the lock appears solid in Microsoft Explorer, you will know your information is being encrypted. When not in a secure session, Netscape's key appears broken and Microsoft's lock does not appear at all.
A cookie is a way for our secured server to establish a logon or session ID with you each time you authenticate connectivity. We will place a cookie within your browser each time you sign on. Your browser may allow you to accept cookies with or without warning. If you have selected without warning, you will be unaware of this extra security precaution. If you have asked to be warned, simply click on accept.
The cookie allows us to maintain continuity in a series of requests and responses. A cookie is information that the server (actually a CGI application at the server) puts in the HTTP header that accompanies its response to a browser request. The browser can then store this information and send it back in any additional requests related to the whole transaction or series of requests and responses.
This additional precaution prevents your session from being "taken over" if the SSL or encryption failed; either of which extremely unlikely. However, we pride ourselves on the measures taken to protect your information.
Secured Environment-Advanced Firewall Technology
Our mainframe computer system does not connect directly to the internet. It is isolated from the internet network via routers, filters, and a "firewall." A firewall is a device that controls the access that computers on the internet have to the bank's computer. This firewall adheres to the standards set forth by the NCSA (National Computer Security Association). Use of the firewall allows only valid http traffic to reach the Web Server. Further protection is provided by yet another set of firewalls that sit between the web server and the application server.
- State of the art security monitoring software
- Continuous monitoring and auditing of all transactions originating or terminating on our connection to the Internet
- Trusted operation system
Our provider is constantly reviewing the latest in software and hardware technology to provide the best defense possible against intrusion.
SECURITY: Financial Institution
- Existing banking relationship
- Daily maximum number of transactions
- Daily authorization limits
PRIVACY: Children's Information
We respect the privacy of children, and we comply with the Children's Online Privacy Protection Act. We do not knowingly collect or retain personally identifiable information from consumers under the age of thirteen.