PMA Financial Network, LLC, and its affiliates, has recognized the need to balance access of use against an appropriate level of security in the design and implementation of our e-commerce tools. Please read the following to learn more about the technology and the steps we’ve taken to create a site that makes doing business with us online more secure and convenient.
Security
We employ firewalls and user authentication systems, where appropriate (e.g., passwords and user identification numbers) on our Internet systems to assure the security of data. A firewall is a combination of hardware and software that operates as a selective barrier to let only authorized traffic through to computer systems. The firewall protects both the computer systems and the information stored on them. PMA’s computer systems also generate system and application activity logs, which are reviewed regularly for anomalies and discrepancies, which are investigated thoroughly.
Online Access Security (If Applicable)
- In order to access specific systems, you must provide a user identification number and password. For your added protection, your password must be at least 6 characters in length, is case sensitive, and may include letters, numbers, and other keyboard characters.
- Online access will be terminated after three unsuccessful logon attempts.
To prevent unauthorized access to your data via computer, we use a timeout feature, which means that your sessions will be automatically terminated after 15 minutes of inactivity. If you would like to continue after this point in time, you simply log on again. - We use the latest industry standard encryption technology, Secured Socket Layer (SSL), to protect private information transferred from your computer.
What is SSL?
SSL stands for Secured Socket Layer. It is a technology developed by Netscape and adopted by all vendors producing Web-related software. It is used to establish a connection between your computer and our server. SSL allows you to transmit information in an encrypted manner, so all data transmitted between the server and your computer will be completely encrypted even while traveling across multiple networks.
Encryption is achieved through an electronic scrambling technology that uses “keys” to encrypt and decrypt the data. Basically, the information is scrambled for data transmission and can be reassembled in its original format only by someone who has the correct “key”. Each party has a private “key” that no one can access, and a public “key” that can be passed back and forth among the parties. Information encrypted with a public “key” can be decrypted only with the associated private key. In other words, the information you see is encrypted using our public “key”. It can only be decrypted by us using our private “key”. The same goes for the information we send to your computer, i.e., we will encrypt it using your public “key”, but only you can decrypt it using the private “key” that you alone hold. To further enhance security, these “keys” are established at the beginning of your secure session and are used for that session only. The “keys” for each secure session are established and retired automatically by the SSL program; it is not necessary for you to learn to operate an encryption program.
Encryption
PMA, using the industry standard SSL encryption, provides maximum encryption key length (up to 128 bits) allowed by your browser when transmitting your information. When we talk about encryption, such as 40-bit encryption or 128-bit encryption, we’re referring to the lengths of the “keys” used to encrypt and decrypt data. The longer the key, the more secure the encrypted data. You could think of the key as a password, without which you can’t decode a message. Basically, a 128-bit is like a 16-character password (and virtually impossible to decode). 40-bit encryption uses “keys” that are only five characters long and are is no longer considered secure.
Browser Security
To establish a secure session with our site, your browser must be SSL compliant. You’ll need a Web browser such as Microsoft Internet Explorer or Mozilla Firefox. (Most modern browsers support SSL and 128-bit encryption.) When going to a secure site you should notice an “s” has been added to the end of the http in the address bar, ie (https://www). Once the secure site has loaded you should also notice an icon either near the address bar or on the bottom of the browser window to show you are on a secure site. This is typically depicted by a picture of a closed lock. Depending on your browser you should be able to right click or double click the icon of the lock to view the SSL certificate information on the site you are viewing. This will tell you which certificate issuing company verified the owner’s information and issued the certificate.