The security methods employed by Vault for safe and secure online transactions over the Internet include the security protocols accepted and approved in general by the banking and software development industries. Acceptance and use conforming to these standards assist in providing authentication, privacy, and message integrity to ensure that sensitive and confidential information remains secure.
Vault utilizes Secure Sockets Layer (SSL) which is the de-facto standard for secure communications over the Internet. It offers security features to assist in safeguarding the channel between a customer’s PC and your institution’s server systems. SSL also provides server authentication, data encryption, and assurance of message integrity.
Vault also utilizes digital certificates for server authentication. Authentication enables the recipient of a message to verify the identity of the sender. Digital certificates are issued by a trusted party, known as a certificate authority, which verifies the identity of the sender. VeriSign, the industry leading certificate authority, will operate as the certificate authority for these certificates.
EncryptionEncryption helps to safeguard a message so that it can only be read by the intended recipient. SSL provides for encrypted data transmission using a variety of strong symmetric encryption algorithms and key sizes. Only the intended recipient of your message has the key to decrypt it into clear text.
Message integrity
Message integrity assures the recipient of a message that the message was not altered after it left the sender. SSL provides message integrity by way of a message authentication code, which is computed using a cryptographically secure hash function.
Each financial institution can determine how to implement these and other security features that are available for online transactions over the Internet.
To learn more about these protocols and standards visit:
Secure Sockets Layer (SSL)
http://en.wikipedia.org/wiki/SSL
Public Key Certificates
http://en.wikipedia.org/wiki/Digital_certificates
Encryption
http://en.wikipedia.org/wiki/Encryption
Message or Data Integrity
http://en.wikipedia.org/wiki/Message_integrity