skip to main content
  • Hide How we measure Online Banking security

    Online Banking uses several different methods to protect your information.

    All information within Online Banking uses the SSL (Secure Socket Layer) protocol for transferring data. SSL is encryption that creates a secure environment for the information being transferred between your browser and Bank of America.

    At a high level, SSL uses public key cryptography to secure transmissions over the Internet. In practice, your browser will send a message via SSL to the bank’s server. The bank responds by sending a certificate, which contains the bank’s public key. Your browser authenticates the certificate (agrees that the server is in fact Bank of America), then generates a random session key which is used to encrypt data traveling between your browser and the bank’s server. This session key is encrypted using the bank’s public key and sent back to the server. The bank decrypts this message using its private key, and then uses the session key for the remainder of the communication.

    Secure Socket Layer (SSL) protects data in three key ways:

    • Authentication ensures that you are communicating with the correct server. This prevents another computer from impersonating Bank of America.
    • Encryption scrambles transferred data.
    • Data integrity verifies that the information sent by you to Bank of America wasn’t altered during the transfer. The system detects if data was added or deleted after you sent the message. If any tampering has occurred, the connection is dropped.
  • Show Reset your passcode

    If you forget your Online Banking passcode you can reset it. Create a new passcode.

  • Show Free and secure SiteKey service

    SiteKey helps prevent unauthorized access to your accounts while reassuring you that you’re at the valid Bank of America website and not a phony look-alike site. You’ll come across SiteKey as a standard security checkpoint every time you sign in to Online Banking, whether you’re using your home computer or your mobile device. Your SiteKey requires that you recognize three parts: 1) an image; 2) an image title; and 3) three challenge questions that are kept secret between you and Bank of America. All three parts can be answered only by you so no one else can sign in to your Online Banking account(s) except you.

    Specifically, a cookie is placed on your device when you sign up for our SiteKey service. The cookie contains a randomly generated, unique number used as an identifier. When you sign in after that, your Web browser sends us this cookie, which lets us know that you’re using your own device. The cookie is visible only to the Online Banking site at Bank of America and does not contain any personal information. With SiteKey in place, you can access Online Banking from any number of computers and still have the same SiteKey checkpoints and protections.

    We uphold your privacy and security in other ways as well, letting you limit what we share about you except as required by law for certain situations. Learn more about privacy and security.

  • Show Computer equipment and software required for Online Banking

    You need a computer, modem, Internet access and one of the following recommended Internet browsers:

    For Windows 98, NT, 2000, ME, XP, Vista, Win 7 or Win 8

    • Microsoft Internet Explorer 7.0 and higher
    • Firefox 3 and higher
    • Chrome 3.0 and higher

    For Macintosh using OS 10.x

    • Safari 3.0 and higher
    • Firefox 3 and higher
    • Chrome 3.0 and higher
  • Show Using Online Banking outside the United States

    You can use Online Banking from anywhere in the world as long as you have a connection to the Internet and a supported Internet browser with the exception of countries sanctioned by the Office of Foreign Assets Control (OFAC), such as Burma/ Myanmar, Cuba, Iran, Libya, North Korea, Sudan, Syria and any others that may be identified from time to time by OFAC.