Subscribe:

Sunday 11 September 2011

Multi-level protection to ensure security of online transactions


Using advanced EV SSL server certificate and establishing SSL encrypted safety passageway

The EV SSL server certificate used by our website is a certificate issued in accordance with strict global authentication standards and has higher security than ordinary SSL certificates, so it’s used to protect the user against online transactions with banks not rigorously authenticated, addressing the growing online fraud, and guarding against phishing websites.

The EV SSL certificate is compatible with the regular SSL certificate. If a customer uses a browser of IE6 edition or below, the EV SSL certificate will be treated as a regular SSL certificate. If a customer uses a browser of IE7 or IE8 edition to visit a website protected by the EV SSL certificate, a green address bar will appear in the browser and the unit name of the website, and the issuer of the certificate will recursively appear in the security status bar on the right of the address bar, while in case of other SSL certificates the address bar still remain in white.

In the IE7 or IE8 browser, a green address bar will appear in a website encrypted with the EV SSL certificate telling the user that the website they are visiting has been rigorously authenticated. These new interface features can be directly displayed to convince customers that they are visiting their intended website rather than a fake website.

If you log in to CGB online banking and the address bar does not become green, you can click and download the root certificate.

Advanced encryption technology

We use the state-of-the-art SSL128-bit encryption technology to ensure the confidentiality of your information during the transmission between your computer and our bank. Once the information is encrypted, only the specified receiver can read it.

Dual Identity Authentication

We use the state-of-the-art SSL128-bit encryption technology to ensure the confidentiality of your information during the transmission between your computer and our bank. Once the information is encrypted, only the specified receiver can read it.

If the username and password registered through our online banking system is one of the keys for you to log in to the system, the digital certificate is another key for you to log in to our online banking system for account transactions, and the Key Shield provided by our bank is used to protect this key. When you download and save your digital certificate into the Key Shield, you can use it as the lawful and valid certificate for fund transfer between accounts through the online banking system. Due to its uniqueness and irreproducibility, you just need to keep the Key Shield properly and then even if your account number and password are disclosed accidentally, no one can impersonate you and transfer your fund from your account.

Password Security Protection

For the common version of personal online banking, you need to enter the login password in order to log in to our online banking system. To prevent others from stealing your username and making malicious login attempts, if the login password is entered incorrectly for three consecutive times, the system will suspend this account for thirty minutes. If the password is entered incorrectly for ten consecutively times, the system will lock the account. Then you need to go to any CGB outlet under the branch that holds the online banking account to defreeze it before you can use the online banking services again.

Customers of the certificate-based version of personal online banking and those of the corporate online banking system need to enter two passwords in order to log in to our online banking system, namely, the Key Shield password and the login password. If the Key Shield password is entered incorrectly for ten consecutive times, the Key Shield will be automatically locked. In this case, personal customers need to go to any CGB outlet under the branch that holds the online banking account to restore the certificate, and corporate customers need to go to the CGB outlet that holds the online banking account to restore the certificate.

Transaction Interface Time Control

When you are using our online banking system, we monitor the system all the time to see if it works properly. If you open the transaction interface and do not perform any operation for a specific period of time, the system will automatically exit and prompt you to log in to the online banking system again so as to avoid the risk that may be caused when you need to stay away from the computer for a long time but forget to exit the transaction interface.

Transaction Limit Control

To ensure your fund safety, customers of the common version of personal online banking are not allowed to conduct transactions such as making large-sum online payment and transferring money to accounts other than their own for remittance, but are allowed to transfer money between accounts under the same name and make small-sum online payment. When signing up for the transfer service between accounts under the same name, you can go to the counter of a CGB outlet to specify the transfer limit. If you do not specify it, there will be no limit. When making the small-sum online payment, you can set the payment limit by yourself through online banking, but the per-transaction amount cannot exceed RMB 500, and the per-day accumulated amount cannot exceed RMB 1,500. A credit card account is also subject to its own credit line.

Customers of the certificate-based version of personal online banking can freely set the maximum per-transaction online payment amount, maximum per-day accumulated online payment amount, maximum per-transaction outgoing amount and maximum per-day accumulated number of outgoing transfers. If you do not specify these, the system will assume that you do not set any limit for the above transactions. A credit card account is also subject to its own credit line.

No comments:

Post a Comment