Print Disclosure

Personal Online Security Guarantee


The convenience of banking through the Internet is sometimes overshadowed by concerns that your private account information could fall into the wrong hands. At First Interstate Bank, security is our top priority. To this end, we have a firewall between the Internet and our clients’ information preventing unauthorized access and we only communicate through web browsers that support the latest encryption. As a final security measure, we encrypt all data communications using state-of-the-art encryption technology.


We are so confident in our security measures that we guarantee you will be covered against 100% of losses for any funds improperly removed from your accounts due to a breach of our security measures, as long as you fulfill your responsibilities as a client. This guarantee does not apply to small business, commercial, or other non-personal accounts and does not cover compromise of your technology or transactions by persons to whom you disclose your online Access Credentials, such as user IDs and passwords.

Client Responsibility

As you would expect, our security measures are only effective if clients fulfill their responsibilities as outlined in the terms and conditions of our online and mobile banking agreements. For example, our guarantee does not cover losses resulting from the following:

Remember, you can contact us by call the Client Contact Center at 1-855-342-3400 (M-F 7:30am – 7pm and Sat 10am – 2pm MST) to report any unauthorized event.

Transport Layer Security (TLS)

Transport Layer Security (TLS) provides a way for your browser to ensure you are in fact logging on to the First Interstate Bank server and not a site that is attempting to impersonate our server. Before you log on to the First Interstate Bank server, TLS sends our public key to your browser program. TLS lets your browser verify the identity of our server by viewing the site's certificate. A certificate is a way of associating a public key to a name.

Data Encryption

Once TLS has authenticated the server, your browser and our server will create an individual symmetric key. This key will allow our server to communicate with your browser through encrypted transmissions of data. The symmetric key is valid for a single use only. If you log out and log in again at another time, the server and your browser will create a new unique symmetric key.

Message Authentication Code

With all data between our server and your browser scrambled, no outside party can understand our communications, though it is still possible to intercept a message. To verify that a message has not been tampered with, TLS uses a Message Authentication Code (MAC). A MAC is a piece of data that is derived using pieces of the symmetric key and the message itself. Your browser will always check the MAC before decoding a message from our server. If the message from our server is not authentic, the MAC will not compute correctly, and your browser will alert you of a possible security breach. The chances of someone decrypting and re-encrypting a message and providing a correct MAC are next to impossible using the latest encryption.

If you have any other questions about our Personal Online Security Guarantee, please contact us.

Print Disclosure