Online Banking Security

One Bank of Tennessee is committed to making Online Banking safe and secure to provide you with peace of mind when you access your account information.

Overview

Online Banking uses several different methods to protect your information. All information within Online Banking uses the SSL (Secure Socket Layer) protocol for transferring data. SSL is encryption that creates a secure environment for the information being transferred between your browser and One Bank of Tennessee. To help protect your privacy while you are using the service, we will sign you out of the Online Banking service after 20 minutes of inactivity.

At a high level, SSL uses public key cryptography to secure transmissions over the Internet. In practice, your browser will send a message via SSL to the bank's server. The bank responds by sending a certificate, which contains the bank's public key. Your browser authenticates the certificate (agrees that the server is One Bank of Tennessee's), then generates a random session key which is used to encrypt data traveling between your browser and the bank's server. This session key is encrypted using the bank's public key and sent back to the server. The bank decrypts this message using its private key, and then uses the session key for the remainder of the communication.

Secure Socket Layer (SSL) protects data in three key ways:

  • Authentication ensures that you are communicating with the correct server. This prevents another device from impersonating One Bank of Tennessee.
  • Encryption scrambles transferred data.
  • Data integrity verifies that the information sent by you to One Bank of Tennessee wasn't altered during the transfer. The system detects if data was added or deleted after you sent the message. If any tampering has occurred, the connection is dropped.

One Bank of Tennessee requires customers to have an additional layer of security when using Internet-based bank products. The Federal Financial Institutions Examination Council (FFIEC) provides guidance that describes authentication methods for Online Banking users. These methods are being put into place to ensure the security of our customers' personal and financial information.

What is Multifactor Authentication?

Multifactor Authentication (MFA) is an authentication method that requires you to provide an additional verification method to gain access to Online Banking.

MFA is an authentication method that adds an extra layer of security to Online Banking by requiring you to provide multiple forms of identification. This makes it more difficult for unauthorized individuals to gain access to your account, even if they have your password.

MFA is implemented by prompting the user to provide a one-time, unique PIN, sent by SMS message or email.

What if I access Online Banking from more than one device?

More than one trusted device can be added so you can bypass multifactor authentication upon later logins.

If your device's operating system or browser is updated, you may be required to provide multifactor authentication again.