High level of information security protection is provided by all the parts of the Internet Banking system from protecting the servers and the website of the Bank to authorization and encryption of the payment documents of the customer.
It uses the following actions:
The Internet Banking server authentication: to provide protection against attacks on the Bank Web server, spoofing or modification of its content by using the SSL protocol and X.509 standard public certificate key from the Thawte international certification centre.
The Internet Banking system customers authentication: the multi-factor user authentication technology based on secret cryptographic keys stored on dedicated hardware key information medium (USB-Token type) is used as well as the use of one-time passwords (OTP) available as an additional factor.
The data encryption: confidentiality of the data exchange between the clients and the Internet banking server through the Internet is provided via the secure network SSL protocol, the possibility of an interception and unauthorized reading of the payment and other information is excluded.
The payment documents authorization: the electronic digital algorythm signature ensures the authenticity and integrity of electronic payment documents. Integrated cryptographic protection certified according to the requirements of the current legislation of Ukraine are used for verification or formation of the digital signature to the Internet Banking system.
To increase the information security level the IP filtering (customized for each client restriction list of IP addresses that are allowed to connect with the Bank server), SMS notification (informational messages about events in the Internet Banking system on customer's behalf), OTP password confirmation of single payment can be used additionally.
Using the client-side increased system security level based on hardware tokens is a prerequisite for connecting to the Internet banking system.