Security Statement

  1. Security Statement

Security

Statement

This Online Services brings together a combination of industry-approved security technologies to protect data for IFA and for you, our customer. It features password-controlled system entry, a Comodo-issued Digital ID for our server, Secure Sockets Layer (SSL) protocol for data encryption, and a router , firewall and IDS/IPS to regulate the inflow and outflow of server traffic.

 

SECURE ACCESS AND VERIFYING USER AUTHENTICITY

 

To begin a session with our server the user must key in a Log-in ID and a password. Our system, the Online Services, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts.

 

After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the IFA to verify the password before re-entry into the system. Upon successful login, the Digital ID from Comodo, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.

 

SECURE DATA TRANSFER

 

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by Comodo, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol.

 

With SSL, data that travels between the IFA and customer is encrypted and can only be decrypted with the public and private key pair. In short, our server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

 

ROUTER AND FIREWALL

 

Requests must filter through a router, firewall and IDS/IPS before they are permitted to reach the server. A router, firewall, and IDS/IPS works in conjunction to block and direct traffic coming to the server.

 

The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the IFA.

 

Using the above technologies, your Internet banking transactions are secure.