SHARP BancSystems utilizes the latest computer and security technology to ensure
that all customer account information remains secure and accurate. There are two
components of SHARP BancSystems, the SHARP BancSystems Controller that resides at
the bank and the SHARP BancSystems Server Network which resides in a secure location
and implement strict security controls.
SHARP BancSystems maintains controls for the way in which a customer may access
accounts. These controls are maintained through settings on the host software, downloaded
to Core System, and within the Core System interface. Restrictions may be placed
on account access and transfer rights. SHARP BancSystems adheres to these restrictions
on the SHARP BancSystems Server Network and then verifies them on SHARP BancSystems
A customer is only allowed to access account information on SHARP BancSystems with
a valid login consisting of a customer ID and 6 to 15 alpha numeric password. Only
customers who have been enabled for SHARP BancSystems will be allowed access and
the only data for these customers will be transferred to the SHARP BancSystems Server
Network. After three simultaneous invalid password entries for a customer, access
will be disabled for the customer preventing unauthorized access by a third party.
Once disabled, only bank personnel may re-enable access through the SHARP BancSystems
All communication between the customer and SHARP BancSystems Server Network are
conducted using the Secure Socket Lay (SSL) protocol. SSL provides data encryption,
server authentication, and message integrity for the entire banking session. This
assures that somebody will not be able to eavesdrop on the session, that the customer
is connected with the SHARP BancSystems Server Network and not an imposter, and
that all information received will be accurate. Additional information on SSL may
be found at.
Account information is transferred from the SHARP BancSystems Controller to the
SHARP BancSystems Server Network via the AudioTel Virtual Private Network (AVPN).
AVPN is a secure private communication channel established over the public Internet.
All data transmitted on AVPN is encrypted using keys known only to SHARP BancSystems
Controller and the SHARP BancSystems Server Network. A large private key is used
to establish this secure connection. Once this private key has been exchanged, a
128-bit session key is generated and used only for the remainder of the current
session. After a secure SHARP BancSystems Controller connection has been established,
the SHARP BancSystems Server Network authenticates the SHARP BancSystems Controller
with a unique Bank ID. These methods insure that all conversions are private between
known parties and may not be intercepted or repeated.
The SHARP BancSystems Server Network is comprised of several components including
a Firewall, Screening Router, Proxy Server, Web Server and Database Server. The
Firewall and Screening Router work in tandem ensuring that only authorized request
are allowed to reach the Web Server. Any suspicious activity will result in access
being denied and is logged for later review. The Proxy Server acts as an intermediary
between the Web Server and the Internet. All requests are passed to the Web Server
on behalf of the client and back to the client on behalf of the Web Server. This
ensures that access directly to the Web Server is not possible, significantly reducing
the possibility of unauthorized access. The Database Server, where all account information
is stored, is only accessible through request made by the Web Server. Access to
account information is only allowed through the Web Server Banking interface.