iBanking

Security

  • General security framework built over industry standards for identifying and applying practices for authorization, authentication, cryptography, session management, sensitive data management, infrastructure security, auditing and logging.
  • Authentication: Unique user codes and passwords for Core Banking Access; Password expiration and user disablement; User passwords stored one-way encrypted
  • Authorization: User credentials and privileges validation on every resource and application block; Personal permissions on banking services
  • Session management: Unique session identifiers and secured session details storage; Session lifetime control on every discrete user action
  • Sensitive data management: Sensitive data stored, sent over network and logged in encrypted form Infrastructure security: Secured network infrastructure provided by the Bank; Encrypted traffic between application tiers; SSL where applicable; Securing banking servers
  • Auditing and logging: Full log of user activity; Audit of application activity through all application tiers