Online Banking Security
Online Banking uses several different methods to protect your information. All information within Online Banking uses the SSL (Secure Socket Layer) protocol for transferring data. SSL is encryption that creates a secure environment for the information being transferred between your browser and One Bank of Tennessee. To help protect your privacy while you are using the service, we will sign you out of the Online Banking service after 20 minutes of inactivity.
At a high level, SSL uses public key cryptography to secure transmissions over the Internet. In practice, your browser will send a message via SSL to the bank's server. The bank responds by sending a certificate, which contains the bank's public key. Your browser authenticates the certificate (agrees that the server is One Bank of Tennessee's), then generates a random session key which is used to encrypt data traveling between your browser and the bank's server. This session key is encrypted using the bank's public key and sent back to the server. The bank decrypts this message using its private key, and then uses the session key for the remainder of the communication.
Secure Socket Layer (SSL) protects data in three key ways:
- Authentication ensures that you are communicating with the correct server. This prevents another device from impersonating One Bank of Tennessee.
- Encryption scrambles transferred data.
- Data integrity verifies that the information sent by you to One Bank of Tennessee wasn't altered during the transfer. The system detects if data was added or deleted after you sent the message. If any tampering has occurred, the connection is dropped.
One Bank of Tennessee requires customers to have an additional layer of security when using Internet-based bank products. The Federal Financial Institutions Examination Council (FFIEC) provides guidance that describes authentication methods for Online Banking users. These methods are being put into place to ensure the security of our customers' personal and financial information.
What is Enhanced Security?
Enhanced Security is a free and easy way to help verify that it is actually you logging into your One Bank of Tennessee Online Banking account. This new login feature confirms that you are accessing your One Bank of Tennessee online accounts via a device that you previously authorized.
This feature works by requiring two methods to identify that you are the correct user accessing your online accounts. The first method is your user ID and password and the second method is Challenge Questions.
What are "Challenge Questions"?
They are a series of questions presented to you when you log in to Online Banking. You will be asked to answer a random selection of these questions. Your answers should be something difficult for others to guess and easy for you to remember. If you use more than one device to access Online Banking, you will be asked to answer two of these questions to log in.
What if I forgot my Challenge Question answers?
Please call us at (931) 528-5132. Our Online Banking Administrator can reset your Challenge Questions for you. Then you can go online and choose new Challenge Questions and enter your answers.
What if I access Online Banking from more than one device?
More than one trusted device can be added so you can bypass the Challenge Questions upon subsequent logins.
The Enhanced Security feature logs an encrypted device identifier when you mark the device as trusted.
If your device's operating system or browser is updated, you may be required to enter your Challenge Questions again.