First Bank Richmond, NA hereafter referred to as the Bank, is required under the Bank Protection Act of 1968 to comply with Regulation H by establishing written administrative security procedures. The procedures will protect and discourage robbers, burglaries, and larcenies and to protect the safety of its employees, and assist in the identification and prosecution of person(s) who commit such acts.
The Security Officer, as designated by the Board of Directors, is responsible for preparing the required banking office administrative security procedures including requirements for security devices, procedures for selecting, testing, operating and maintaining the security devices; procedures for opening and closing for business; procedures for safekeeping cash and securities; procedures in the event of a crime; and an annual employee training program. The Security Officer shall report annually to the Board of Directors on the implementation, administration, and effectiveness of the Security program.
The Board of Directors shall annually approve the bank maximum cash exposure as recommended by the Security Officer.
Each banking office and department manager or supervisor is responsible for complying with the banking office administrative security procedures.
Revised: September 2003
Our website brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features a VeriSign-issued Digital ID for the bank’s Internet Service Provider hosting our website, Secure Sockets Layer (SSL) protocol for data encryption, and a router and firewall to regulate the inflow and outflow of server traffic.
Secure Data Transfer
Once a server session is established on an https secure page, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Secure forms must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
Using the above technologies, your Internet loan application and check reorder transactions are secure.
Revised: September 2003