Fifth Third Bank values your business and the trust you have placed in us. We take the security of your accounts and confidential information very seriously and employ a variety of tools, techniques, and processes to help protect them.
Fifth Third monitors the constantly changing security landscape to identify and evaluate possible threats against Fifth Third’s computer systems and employs various technologies to help protect against those possible threats.
- Encryption
All online activity involving transactions or the transfer of confidential customer information is encrypted from the time it leaves your computer until it enters our systems. Encryption is the process of transforming information into an indiscernible coded message. Information transmitted while accessing account information over the Internet or submitting an online application is encrypted using Secure Sockets Layer (SSL) Technology. SSL Technology, a state-of-the-art encryption process developed by Netscape Communications Corporation, prevents data from being read if intercepted during transmission.
This process utilizes a unique mathematical formula or “key” to encrypt your information. Encryption strength is measured by the length of the “key” used to encrypt the data. Longer “keys” provide more effective encryption. Browsers generally offer two levels of encryption strength:
- 40-Bit Encryption Key (International Grade Encryption) measures 240 possible keys.
- 128-Bit Encryption Key (Domestic Grade Encryption) measures 2128 possible keys.
When using the Internet, look for the letter “s” at the end of “https” at the beginning of the URL address (e.g. https://direct.53.com) before entering any confidential information. The “s” indicates that the site is secure.
- Digital Certificate
A Digital ID is an electronic fingerprint bonded to the “keys” used to encrypt information transmitted over the Internet. Referred to as a Digital Certificate, the unique identifier substantiates Fifth Third Bank’s identity to your browser.
Fifth Third Bank is registered with the certificate authority, VeriSign, and has obtained digital certificates for www.53.com and its sub-domains. To check the validity of the site’s certificate and authenticity, please click the VeriSign seal.
- Authentication
With the growing use of online banking, it is important for us to continue providing additional layers of protection to ensure the security of your transactions. Three security layers include:
- User IDs and Passwords provide the first line of security to protect your information. Password distribution is controlled systematically with the initial temporary password sent to the user’s email address designated by the client’s System Administrator. Initial passwords are temporary and must be changed upon first use. Users are required to change their password every 30 days.
- Risk-Based Authentication monitors login risks and prompts a user with their pre-defined identification questions in cases where the login risk is above a certain threshold. Risk-based authentication watches for uncharacteristic or unusual login behavior such as logging in from a new location, a different time zone, different Internet Service Provider, etc. If anything “out of the ordinary” is detected, you may be prompted to answer identification questions. This helps us ensure that it is you who is accessing your account.
- Go ID is our token-based authentication required for all users with payments capabilities (e.g., ACH or Wire Transfers). When logging into your account, you will be prompted to enter a six-digit code provided on your Go ID token along with your user ID and password. This additional level of security will help to strengthen your online banking experience.
Managing the security of your token device is important to maintaining a secure banking environment. The following are best practice recommendations.