This site chose VeriSign SSL for secure e-commerce and confidential communications.
ABOUT SSL CERTIFICATES  

Online Banking, provides a channel for information delivery to our customers. This channel must have controls in place to limit exposure to unauthorized access of account information. First Financial Bank has partnered with a couple of key companies that are known as "experts" in delivering Internet content and private information securely over the Internet. These companies have developed a secure interface to eliminate exposure to unauthorized access of account information.
Controls to limit exposure and unauthorized access to account information can be identified in three primary areas: Access, Network, and Processing. A summary of these controls are as follows:

Access Controls - Access controls manage the customer's ability to gain access to account information and/or perform transaction activity.

  • Password Protection: Online Banking requires a six-to-eight digit alpha and/or numeric password.
  • Access: To obtain access to First Financial Bank's online banking, the account holder must enter the user selected password. Passwords can be changed by the account holder at any time once logged in to online banking but still must meet the minimum standards.
  • Five Invalid Log-ins: Internet Account Access is denied after five consecutive invalid log-ins and can only be reactivated when the account holder has contacted First Financial Bank. Invalid log in attempts are reported to First Financial Bank.
  • Time-Out Feature: A "Time-Out" feature ensures that Account Access will automatically shut down after a designated period of inactivity; however the account holder has the ability to determine the length of inactivity before Account Access shuts off through the User's Options module of the Online Banking platform. The default setting for time out is five minutes for the online banking platform
  • Exit: When an account holder is finished with his/her Online Banking transactions the EXIT button on the Online Banking Interface will log the user out of the system. Exiting online banking will clear any cookies on the computer related to the online banking session
  • Cache Security: All Internet Banking transactions are written in a Common Gateway Interface (CGI) file format. By design, the CGI format cannot be saved in a cache file. This ensures that no one can view an account holder's account information by accessing the cache file on the PC.

Network Controls - Network Controls are in place to manage the flow of information.

Network Controls between the end user and the Online Banking platform:

  • SSL Protocol: All Online Banking transactions use the Secure Sockets Layer (SSL) protocol. SSL is a set of formal rules describing how to transmit data to provide encrypted communications over the Internet. SSL protocol utilizes public-key cryptography to ensure privacy for the data moving between the user's browser and the web server hosting the Online Banking platform. This protocol allows for the transfer of digitally signed certificates for authentication procedures, and provides message integrity ensuring the data cannot be altered enroute. By convention, the URLs for the Web pages that require an SSL connection start with https://, instead of http://. SSL protection is used when you see the yellow lock either at the bottom of the browser or at the top of the browser (depending on the type of browser you are using).
  • Public-Key Cryptography: Public-key cryptography is used for encryption and server authentication. Encrypted messages provide protection against anyone eavesdropping; even if the information is intercepted, it is unreadable. Authentication identifies the origin of the information and that it has not been altered. Authentication also provides an extremely valuable tool in network security: verification of the identity of an individual. When an account holder wants to initiate a transaction, the browser is used to send a secure message via SSL to First Financial Bank's web server. First Financial Bank's web server responds by sending a certificate that contains First Financial Bank's public key. The browser authenticates the certificate, then generates a session key which is used to encrypt data traveling between the account holder's browser and the web server. The session key is encrypted using First Financial Bank's public key, and sent back to the web server. First Financial Bank's web server decrypts this message using the private key, and then uses the session key for the remainder of the communication. This method assures account holders they are actually communicating with First Financial Bank's web server, and not a third party who is attempting to intercept the transaction request.
  • Secure Network: All Online Banking traffic must pass through a firewall, and two filtering/screening routers. Traffic through the firewall is processed to a special proxy system, which operates similar to a filtering/screen router and verifies format, source and destination of each information packet. The proxy then changes the IP address of the packet and delivers it to the appropriate site within our network. This protects inside addresses from outside access and makes the structure of the Online Banking networks invisible to outside observers.
  • Frame Relay: The security architecture for Online Banking utilizes a private encrypted Frame Relay network to access First Financial Bank's live database of customer information. This approach prevents First Financial Bank's live database from being accessed through the Internet, thereby reducing the threat of unauthorized users.
  • Unique Addressing: Specific terminal addresses are used to establish a connection between the Online Banking servers and the customer information database. This allows First Financial Bank to securely control all data transmitted through these terminal addresses.

Processing Controls - Processing Controls are in place to manage the processing of transactions or the request for information. In addition, they identify controls in place to manage the end users ability to get to information stored in the customer information database.

  • Host Processing Controls: Before an account can receive information, a number of controls must be set in the customer information database system to allow account access.

Account Setup - Before First Financial Bank's customers can view account information or conduct transaction activity over the Internet, a link must be established on the customer's record. This link activates the customer as "Online Banking" enabled and allows account information to be displayed to the customer via the Internet. This ensures that all customers do not automatically have access to their account information, but must register for it.

 

 

©2006 First Financial Bank. Privacy Policy and Terms & Conditions.

 

 

 

    Checking Options
    Savings Alternatives
    Loan Solutions
    Credit Cards
    Online Cash Management
    Merchant Services
    Treasury Management Services
    Insurance Planning Solutions
    Insurance FAQ
    Business Solutions
    Personal Solutions
    Request A Quote
    Our Insurance Team
    Online Banking and Bill Payment
    Checking Options
    Savings Alternatives
    Personal Loan Solutions
    Pay Your Mortgage
    Mortgage Loans
    Credit Cards
    Financial Calculators
    Convenience Services
    Financial Coaching
    Expert Experience
    Private Banking
    Wealth & Investment Planning
    Retirement Planning Services
    Trust
    Trust Reporter

 

 

   1
   2
   3
   Activities
   Grants
   Employee Involvement
   New Item
   Openings
   Benefits
   Item 1