How We Maximize Our Online Security
We make use of the following technologies to ensure our transaction security :
- 1.
- Hardened Operating System
Most of the security problems in the Internet are found to be caused by remote access components such as telnet, email, ... etc.
In our NET Banking system, all remote access components are permanently removed.
- 2.
- Intrusion Detection System (IDS)
We also introduced IDS to detect abnormal data traffics sent to our web servers. This strengthens online monitoring of data traffics and prevents abnormal attacks to our web servers
- 3.
- Protocol Filtering
By using firewall, Internet connections are filtered so that unsolicited connections (other than HTTP - Hyper Text Transfer Protocol and HTTPS - Secure Hyper Text Transfer Protocol) are rejected completely to prevent intrusion by hackers.
- 4.
- SSL
Our NET Banking system also adopts the secured socket layer (SSL) protocol to maximizing our security in the area of:
- Authentication - The protocol ensures the identity between the user and server.
- Encryption - The protocol encrypts (by means of a 128-bit encryption key) and scrambles any messages (including User ID, password, transaction details ... etc.) before they are sent over the Internet so that no one can read the contents
- 5.
- Session Management
On each session, our session management components will generate and maintain a random session key for every NET Banking user. The session key will be expired after a certain period of time, and any session key unmatched or expired requires re-logon by the user
- 6.
- RACF (Resources Access Control Facility)
RACF is a security product (created by IBM Ltd.) which can be used to protect all resources with B2 ** level security.
By using this feature, the Web server cannot generate non-internet banking transactions, whereas the Host system cannot generate internet banking from other means.
- The United States Department of Defense has defined seven levels of computer OS security in a document known as the Trusted Computer Standards Evaluation Criteria (nick name "Orange Book"). Different levels are used to define different levels of protection for hardware, software, and stored information. The definition focuses on access control, authentication, auditing and trust levels.
- B2 requires every object and file to be labeled according to its security level, and these labels change dynamically depending on what is being used.
- 7.
- Physical Protection
Every production component is set up inside the production data center, which is physically secured by electronic locks with strict accessing procedures. It achieves the same protection as our mainframe computer. In addition, the data center is controlled and monitored by our professionally trained operation staff 24 hours a day, 7 days a week. (No remote access point will be included in our production setup.)
- 8.
- Additional Encryption
On top of the SSL protection, all information is further encrypted by our state-of-art encryption technologies. Messages sent from the user's PC will not be decrypted until it reaches our host system. This will ensure that no content of information will be appeared along the way of transport throughout the Internet.
NET Services Logon
