We know how important security and confidentiality are to you

Security Infrastructure

Garanti Bank takes a double approach to ensure the security and confidentiality of data and transactions.

To ensure the security of the hardware, software, and network infrastructure that make up our service platform, we use network products whose security has been thoroughly tested under many different conditions.

Data traffic security

The security of the data traffic between our customers and the bank is achieved by means of four separate but interdependent processes:

  • Authentication:
  • Authorization:
  • Non-Repudiation:
  • Data Protection:

The first two are important in that they ensure that only authorized customers are able to perform transactions. Before a users enter the online branch they must first pass through a number of security checks:

Customer ID: A number that uniquely identifies each Garanti Bank customer.

PIN: A six-digit personal identification number that a user specifies the first time he enters the online branch.

Password: A second key word that the user also specifies the first time he enters the online branch.

Before a customer can perform any transactions on the online branch, he must successfully pass through all three security checks.

If they wish, customers may use Çiframatic instead to generate one-time passwords with which to enter the online branch.

The third process, non-repudiation, is a contractual responsibility between the customer and the bank that is incurred under the agreement that is signed when applying for Garanti Online services.

The fourth process, data protection, is concerned with ensuring the integrity and confidentiality of data. Traffic between user and branch is encrypted and its integrity and confidentiality are protected by the use of the Secure Sockets Layer (SSL) protocol. The SSL protocol is one that is widely supported by web servers and browsers and it absolutely ensures that data sent via SSL can only be decrypted at the address to which it is specifically being sent. Before being sent, data is automatically encrypted in such a way that it can only be decrypted by the intended recipient. Verification takes place at both ends of the connection and in this way the integrity and confidentiality of the data and associated transactions are protected. The strength of the encryption method employed in data transmission depends on the length of the encrypting key that is used. Key length is extremely important to data protection and in the SSL protocol, 40 and 128-bit length keys are used. In 128-bit encryption, there are 2128 (3.40 * 1038, a 39-digit number) possible keys, which means that breaking the key is unfeasible in terms of time or cost.

Main Page

Copyright © 2010, Garanti Bank