For site security purposes and to ensure that services remain available to all users, computer systems of Bank of Sacramento and its Service Providers employ policies to monitor network traffic to identify unauthorized attempts to upload, access or change information, or otherwise cause damage.
Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals evidence of possible abuse or criminal activity, such evidence may be provided to appropriate law enforcement officials.
Unauthorized attempts to upload, access or change information on this web site and unauthorized attempts to sign on to Bank of Sacramento's Online Banking are strictly prohibited and may be punishable by law under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sections 1001 and 1030.
Internet Banking Security Statement
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a Digicert High Assurance CA-3 issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with the bank's server the user must key in a Login ID and password, as well as verify other secure details, in order to establish an authorized identity. The Internet Banking System uses an account lockout mechanism to deter users from repeated malicious login attempts. In the case of a lockout, before re-entry into the system the user must contact the Bank directly to ensure proper authentication. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 256-bit secure server by Digicert High Assurance CA-3, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
Using the above technologies, your Internet banking transactions are secure.