This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Certain personal information about visitors to this Web site is being collected by Central Bank, located in Houston, Texas. Personal information is collected from you at the time an application for a loan or deposit account is submitted to the Institution, at the time transactions are conducted through the online banking service, and at the time information is provided by you via e-mail (including the name, e-mail address, and any other information on the e-mail header).
A cookie is a very small text file placed on your hard drive by a web page server. It is your identification card for that server. A cookie can only be read by the server that gave it to you. A cookie's purpose is to tell the server that you returned to that webpage. By configuring your preferences or options in your browser, you determine if and how a cookie will be accepted. In order to use our Online Banking system, you will need to have cookies enabled in your browser.
Messages sent by e-mail may not be secured, may be intercepted by third parties and may not be immediately received by the appropriate department at Central Bank. Please do not use e-mail to send us communications that contain confidential information, which we require in writing or which need our immediate attention. Please call the bank location nearest to you. Be aware that a "receipt" acknowledgement on an e-mail message means only that the message has routed into the Internet, not that the message has been received by Central Bank. Urgent or confidential matters should be addressed via phone or in person. Written authorizations should be provided via U.S. mail or in person.
Web Site Links
The links in this web site will let the user leave Central Bank's site. The linked sites are not under the control of Central Bank, and Central Bank IS NOT RESPONSIBLE FOR THE CONTENT AVAILABLE ON OTHER INTERNET SITES. These links are provided as a convenience to users. Access to any other Internet sites linked to this web site is at the user's own risk. The inclusion of any link does not imply a recommendation or endorsement by Central Bank of the linked site.
Secure Access and Verifying User Authenticity
To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring a phone call to the bank before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
The above technologies provide the highest level of security available for your internet transactions.