Main Navigation

• 
• 
• 
• 
• 
• 
• 
• 

Online Banking Security FAQs

Q I'm concerned about security. How does Central Bank help protect my accounts online?
A Security features that are built into the Online Banking system include:

• Automatic timeout: your Online Banking session will timeout after 5 minutes. You may choose a different time period through User Options.
• Password: you choose your own password when you register online as a first time user.
• Enhanced Login Security: added security to prevent unauthorized access to your Online Banking information.
• Lockout: in order to help prevent unauthorized access, an account is locked from online access after 5 unsuccessful logon attempts.
• Sign Off button: you should always end each Online Banking session using the Sign Off button.

Q What can I do to help keep my account secure?
A Here are some steps that can help provide online security for your account:

• Do not share your Online Banking password with anyone.
• Change your password often.
• A Central Bank employee will never need to know your password, and you should never furnish it to someone claiming to represent Central Bank.
• You should always exit from Online Banking as soon as you finish your Online Banking session. Never walk away from your computer with your account information on the screen. You should click the "Sign Off" button, which will clear your information from the browser and not simply close the browser window.
• After five unsuccessful logon attempts (incorrect password and/or User ID), you will be locked out of Online Banking.

Q What if I forget my password? How do I get a new one?
If my account is locked, how can I regain access to Online Banking?
A You may be able to reset your password online using our Online Banking Password Reset form. In order for you to be able to do so, you will need to know the answers to your Forgotten Password Verification information, which you chose either at the time you registered your original Online Banking Password, or as you submitted the information through the Online Banking "User Options" screen.

Q What if I want to change my password?
A If you would like to change your password, once you enter Online Banking, choose "User Options" to select a new password. For security purposes, it is recommended that you change your passwords on a regular basis.

Q My password does not work. What do I do?
A If you know your password, make sure to check your CAPS LOCK key. Passwords are case-sensitive, so make sure that you enter it EXACTLY as you did when you registered online as a first time user. Make sure that your User ID is entered correctly. If you are still unable to access Online Banking, please contact the Online Banking Center at (617) 629-4351 or (617) 629-4383.

About our Online Banking system security

The privacy of the communications between you (your browser) and our servers is ensured using encryption. Encryption scrambles messages exchanged between your browser and our online banking server. Encryption happens as follows: When you go to the sign-on page for online banking, your browser establishes a secure session with our server. The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys. Keys are random numbers chosen for that session and are only known between your browser and our server. After the keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server. Both sides require the keys because they need to de-scramble (decrypt) the messages when they are received. The SSL protocol not only ensures privacy, but also ensures that no other web site can "impersonate" our financial institution's web site, nor alter any of the information sent. You can tell whether your browser is in secure mode by looking for the secured lock symbol at the bottom of your browser window.

The numbers used as encryption keys are analogous to combination locks. The strength of encryption is based on the number of possible combinations that a lock can have. As the number of possible combinations grows, it becomes less likely that anyone would be able to guess the combination in order to decrypt the message. Today's browsers offer 40-bit encryption, or 128-bit encryption. Although both result in a large number of possible combinations (240 and 2128 respectively), for your protection, our servers require the browser to connect at 128-bit encryption. Users will be unable access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level in order to access online banking functions.

We provide a number of additional security features in online banking. Online banking will "timeout" after a specified period of inactivity. This prevents curious persons from continuing your online banking session in case you have left your PC unattended without logging out. You may set the timeout period in the User Options screen of online banking. However, we recommend that you always sign-off (log out) when you are done with your online banking. The network architecture used to provide the online banking service was designed by the brightest minds in network technology. While the architecture is too complex to explain here, it is important to point out that the computers that store your actual account information are not hooked up to the internet. The transactions that you initiate through the internet are received by our online banking web servers. These web servers route your transaction through firewall servers, which act as a traffic cop between segments of our online banking network used to store information, and the public internet. This configuration isolates the publicly accessible web servers from data stored on our online banking servers and ensures that only authorized requests are processed. Various access control mechanisms, including intrusion detection and anti-virus, monitor for and protect our systems from potential malicious activity. Additionally, our online banking servers are fault-tolerant, and provide for uninterruptible access, even in the event of various types of failures.

Equal Housing Lender - Member FDIC - Member SIF This is a private computer system which is restricted to authorized individuals. Actual or attempted unauthorized use of this computer system will result in criminal and/or civil prosecution. We reserve the rights to view, monitor and record activity on the system without notice or permission. Any information obtained by monitoring, reviewing or recording is subject to review by law enforcement organizations in connection with the investigation or prosecution of possible criminal activity on the system. Please exit the system immediately if you are not an authorized user of this system or do not consent to continued monitoring. ©2004 Central Bank. All rights reserved.

Central Bank   ·   399 Highland Avenue, Somerville, Massachusetts 02144   ·   617-628-4000   ·   www.centralbk.com