Online Security Overview
SchoolsFirst FCU's online banking system provides a secure environment for Members to conduct financial transactions online. We have implemented a number of security measures and procedures, and continue to implement new security technology, to ensure that Membersí financial and personal information is kept safe, secure, and confidential at all times.
Secure Sockets Layer
Through a protocol known as the Secure Sockets Layer, other computers are prevented from eavesdropping by encrypting all data transmitted between our Members and the credit union. Intermediate computers would see each packet of information as a meaningless jumble of bytes. The sending end encrypts, or encodes, the data with one key before it is transmitted. The receiving end decrypts, or decodes, the data with another key. This two-key cryptography scheme was developed by a team of mathematicians at MIT and is currently patented by RSA Data Security, Inc. SchoolsFirst FCU's Members that live in the United States can use browsers that support 128-bit keys. Cracking a 128-bit key would involve trying all 2128 combinations, which would require eons.
The Secure Sockets Layer validates the identity of our site to our Members through the use of a digital certificate. After connecting to our web site in secure mode, our site sends the Member's browser a signed digital certificate, which contains the name of our web server, its public encryption key, the certificate's validity dates, the name of the certification authority that issued the digital certificate to our site, and an un-forgeable digital signature. The digital certificate, which was obtained by SchoolsFirst FCU through a special certification authority, authenticates to our Members that they are indeed connecting to our site.
The Secure Sockets Layer ensures that the data transmitted between our Members and our site has not been tampered with through the use of Message Authentication Codes (MACs). A MAC is based on the actual data itself, similar to a checksum. This provides a quick way for the receiving end to verify that the data wasn't changed enroute.
To support the Secure Sockets Layer, SchoolsFirst FCU Members must use the Netscape Navigator 4.0 or higher browser, the Microsoft Internet Explorer 4.0 or higher browser, or now, America Online version 4.0 or higher.
When you enter the Online Banking area of the web site, encryption is automatically enabled. This is called a secure site. To verify if an internet session is secure, check the key icon at the left corner of Netscape's browser screen. If the key appears intact on a blue background, then encryption is activated. If the key icon appears as a broken key, then encryption is not in use and the current session is not secure. Microsoft Explorer displays a locked padlock in the lower right corner of the screen to indicate a secured site. To view the details of the digital certificate, double-click on the Netscape key icon or the Internet Explorer lock icon.