Appendix B: Glossary

D  E  F  G  H  I  K  L  M  N  P  R  S  T  U  V  W  

D

Digital certificate - The electronic equivalent of an ID card that authenticates the originator of a digital signature.

Direct data feed - A process used by information aggregators to gather information directly from a website operator rather than copying it from a displayed webpage.

E

E-Banking - The remote delivery of new and traditional banking products and services through electronic delivery channels.

E-mail server - A computer that manages e-mail traffic.

Encryption - A data security technique used to protect information from unauthorized inspection or alteration. Information is encoded so that data appears as a meaningless string of letters and symbols during delivery or transmission. Upon receipt, the information is decoded using an encryption key.

F

Firewall - A hardware or software link in a network that relays only data packets clearly intended and authorized to reach the other side.

Framing - A frame is an area of a webpage that scrolls independently of the rest of the webpage. Framing generally refers to the use of a standard frame containing information (like company name and navigation bars) that remains on the screen while the user moves around the text in another frame.

G

Gateway server - A computer (server) that connects a private network to the private network of a servicer or other business.

H

Hacker - An individual who attempts to break into a computer without authorization.

Hardening - The process of securing a computer's administrative functions or inactivating those features not needed for the computer's intended business purpose.

Hash Totals - A numerical summation of one or more corresponding fields of a file that would not ordinarily be summed. Typically used to detect when changes in electronic information have occurred.

Hosting - See "Website Hosting".

Hyperlink - An item on a webpage that, when selected, transfers the user directly to another location in a hypertext document or to another webpage, perhaps on a different machine. Also simply called a "link."

Hypertext Markup Language (HTML) - A set of codes that can be inserted into text files to indicate special typefaces, inserted images, and links to other hypertext documents.

I

Interface - Computer programs that translate information from one system or application into a format required for use by another system or application.

Internet - The global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link billions of devices worldwide.

Internet service provider (ISP) - A company that provides its customers with access to the Internet (e.g., AT&T, Verizon, CenturyLink).

Interoperability standards/protocols - Commonly agreed on standards that enable different computers or programs to share information. Example: HTTP (Hypertext Transfer Protocol) is a standard method of publishing information as hypertext in HTML format on the Internet.

K

Kiosk - A publicly accessible computer terminal that permits customers to directly communicate with the financial institution via a network.

L

Legacy systems - A term commonly used to refer to existing computers systems and applications with which new systems or applications must exchange information.

Lockout - The action of temporarily revoking network or application access privileges, normally due to repeated unsuccessful logon attempts.

M

Mnemonic - A symbol or expression that can help someone remember something. For example, the phrase "Hello! My name is Bill. I'm 9 years old." might help an individual remember a secure 10-character password of "H!MniBI9yo."

N

Network administrator - The individual responsible for the installation, management, and control of a network.

Network diagram - A description of any kind of locality in terms of its physical layout. In the context of communication networks, a topology describes pictorially the configuration or arrangement of a network, including its nodes and connecting communication lines.

P

Passwords - A secret sequence of characters that is used as a means of authentication.

Patching - Software code that replaces or updates other code. Frequently patches are used to correct security flaws.

Penetration test - The process of using approved, qualified personnel to conduct real-world attacks against a system to identify and correct security weaknesses before they are discovered and exploited by others.

Personal digital assistant (PDA) - A pocket-sized, special-purpose personal computer that lacks a conventional keyboard.

Phishing - A digital form of social engineering that uses authentic-looking—but bogus—e-mail to request information from users or direct them to fake websites that request information.

Pop-up box - A dialog box that automatically appears when a person accesses a webpage.

Private key infrastructure (PKI) - The use of public key cryptography in which each customer has a key pair (e.g., a unique electronic value called a public key and a mathematically-related private key). The private key is used to encrypt (sign) a message that can only be decrypted by the cor-responding public key or to decrypt a message previously encrypted with the public key. The public key is used to decrypt a message previously encrypted (signed) using an individual's private key or to encrypt a message so that it can only be decrypted (read) using the intended recipient's private key.

Proxy server - An Internet server that controls client computers' access to the Internet. Using a proxy server, a company can stop employees from accessing undesirable websites, improve performance by storing webpages locally, and hide the internal network's identity so monitoring is difficult for external users.

Public key - See "PKI".

R

Repudiation - The denial by one of the parties to a transaction of participation in all or part of that transaction or of the content of the communication.

Router - A hardware device that connects two or more networks and routes incoming data packets to the appropriate network.

S

Script - A file containing active content; for example, commands or instructions to be executed by the computer.

Secure Socket Layer (SSL) - A protocol that is used to transmit private documents through the Internet.

Server - A computer or other device that manages a network service. An example is a print server, which is a device that manages network printing.

Smart cards - A card with an embedded computer chip on which information can be stored and processed.

Sreen scraping - A process used by information aggregators to gather information from a customer's website, whereby the aggregator accesses the target site by logging in as the customer, electronically reads and copies selected information from the displayed webpage(s), then redisplays the information on the aggregator's site. The process is analogous to "scraping" the information off the computer screen.

Suspicious activity report (SAR) - Reports required to be filed by the Bank Secrecy Act when a financial institution identifies or suspects fraudulent activity.

T

Token - A small device with an embedded computer chip that can be used to store and transmit electronic information. A soft token is a software-based token.

Topology - See "Network diagram".

U

Uniform Resource Locator (URL) - Abbreviation for "Uniform (or Universal) Resource Locator." A way of specifying the location of publicly available information on the Internet, in the form: protocol://machine:port number/filename. Often the port number and/or filename are unnecessary.

V

Virtual Mall - An Internet website offering products and services from multiple vendors or suppliers.

Virtual private network (VPN) - A computer network that uses public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network.

Virus - Malicious code that replicates itself within a computer.

W

Weblinking - The use of hyperlinks to direct users to webpages of other entities.

Website - A webpage or set of webpages designed, presented, and linked together to form a logical information resource and/or transaction initiation function.

Website hosting - The service of providing ongoing support and monitoring of an Internet-addressable computer that stores webpages and processes transactions initiated over the Internet.

Wireless application protocol (WAP) - A data transmission standard to deliver wireless markup language (WML) content.

Wireless gateway server - A computer (server) that transmits messages between a computer network and a cellular telephone or other wireless access device.

Wireless phone - See "Cellular Telephone".

Worm - A self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is primarily because of security vulnerabilities on the target computers.


 

Previous Section
Appendix A: Examination Procedures
Next Section
Appendix C: Laws, Regulations, and Guidance