How to Set Up Secure File Transfers with Bank of America

This blog post shares some tips on how to set up secure file transfer with Bank of America based on our experience assisting customers with this process. Bank of America often requires its customers and partners to exchange files over the Internet using software that conforms to industry standards for file encryption and transmission.

Different departments within Bank of America support a range of technical options, but the combination of PGP for file encryption and secure FTP for file transfer is one of the combinations most broadly supported by Bank of America.  We have used PGP and secure FTP in our example below.

All Diplomat Managed File Transfer products allow you to automate jobs that use PGP for file encryption/decryption and secure FTP for file transfer. The following example is based on our entry-level product Diplomat MFT Basic Edition. If you need more features, like email notifications when files are sent or the ability to execute encryption and file transfer jobs from a command line request, you can get a recommendation of which Diplomat MFT Edition fits your needs.

Step 1: Receive technical information from Bank of America

Bank of America creates and sends its clients the following information needed to encrypt and transfer files.

Hostname / IP Address:  Location of the secure FTP server managed by Bank of America.

Port Number:  Port number to connect to the secure FTP server.

Username:  Username of your secure FTP account created by Bank of America.

Password:  Password for your secure FTP account created by Bank of America.

Directory:  Directory that you need to read files from or write files to. You may not need this setting if the secure FTP account is already set up to default to the desired directory.

PGP Public Key:  A text file containing Bank of America’s public PGP key.

Step 2: Install Diplomat MFT Basic Edition.

Install Diplomat MFT Basic Edition in a central location on your network. During the installation, you will be prompted for a network username and password that will be used by Diplomat Basic Edition when file transfer jobs are executed.


The network identity needs to have privileges that allow it to read files from source locations and write files to destination locations. When you complete the installation, you can confirm the network identity is associated with Diplomat Basic Edition by checking the service properties of the Diplomat MFT 64 service under Administrative Tools.

View a video on how to associate a network identity with Diplomat Basic Edition>>


Step 3: Import the Bank of America public PGP key.

Diplomat Client Home PageSave the file containing Bank of America’s public key in the C:/ProgramData/Coviant Software/Diplomat-j/keys directory.  You can read more on how to use PGP keys.

Open the Diplomat MFT Client which will be used to enter all the settings for your file transfer job.



In the Diplomat Client, select Keys > OpenPGP Keys > Import Public Keys to import Bank of America’s public PGP key. Browse to the file you just saved in the C:/ProgramData/Coviant Software/Diplomat-j/keys directory.

The default Key ID in Diplomat is the User ID from the public key. You can override the default Key Name by typing over the User ID in the Key Name field. Click OK.

View a video on how to import PGP keys into Diplomat Basic Edition>>


Step 4: Create a job to PGP encrypt and send files to Bank of America.


In the Diplomat Client, create a new transaction by selecting Transactions > Create Outbound Transaction. Enter the Transaction ID you would like to see displayed in the left-hand navigation.

In the File Information panel, enter the name of the file that you would like to encrypt. You can use wildcards to select more than one file. Select overwrite, if you want the file encryption job to overwrite existing files on Bank of America’s secure FTP server.

View a video on how to create a new outbound transaction in Diplomat Basic Edition>>


Step 5: Set source and destination file transfer parameters.

Each Diplomat transaction has a Source Partner Profile and a Destination Partner Profile. In this example, source files are picked up from the local network and written to Bank of America’s secure FTP server.


In the Source Partner Profile panel, select Local Network for Transport Type and enter the location of the file that you would like to pick up (e.g., C:/BankOfAmerica).

In the Destination Partner Profile panel, select SFTP for Transport Type, then enter the login information received from Bank of America.  You can change the Transport Type to use either FTPS or SFTP.


Step 6: Enter PGP encryption parameters.


In the File Handling panel, check the PGP Encrypt checkbox. Use the drop down to select Bank of America’s key from the list.

If you are encrypting a text file, select ASCII as the source file format. The destination file format is automatically set to Binary.

View a video on how to enter PGP encryption parameters>>



Step 7: Run a test outbound job.

video-image1-playCheck that the file encryption and transfer job is set up correctly by selecting the Run Now button in the Job Schedule panel. You can watch the execution of the job in a pop-up window.

View a video on how to set test PGP encryption jobs using Run Now>>



Step 8: Schedule encryption and file transfer jobs.

In the Job Schedule panel, select the when you want file transfer jobs to execute. Once the job is scheduled to run automatically, you will not have a pop-up window to view job status. To check job completion status, go to File > Logs and select the log file covering the time when the job ran. Then, filter the log file to find the exact entries for the job that you ran. Also, Diplomat MFT Standard Edition provides email notifications when jobs run and DIplomat MFT Enterprise Edition includes a real-time job monitor.