All information within Core Bank’s website uses the SSL (Secure Socket Layer) protocol for transferring data. SSL is encryption that creates a secure environment for the information being transferred between your browser and Core Bank.
At a high level, SSL uses public key cryptography to secure transmissions over the Internet. In practice, your browser will send a message via SSL to the Bank’s server. The Bank responds by sending a certificate, which contains the Bank’s public key. Your browser authenticates the certificate (agrees that the server is in fact Core Bank’s), and then generates a random session key which is used to encrypt data traveling between your browser and the Bank’s server. This session key is encrypted using the Bank’s public key and sent back to the server. The Bank decrypts this message using its private key, and then uses the session key for the remainder of the communication. SSL protects data in three key ways:
- Authentication ensures that you are communicating with the correct server. This prevents another computer from impersonating Core Bank.
- Encryption scrambles transferred data.
- Data integrity verifies that the information sent by you to Core Bank wasn’t altered during the transfer. The system detects if data was added or deleted after you sent the message. If any tampering has occurred, the connection is dropped.