What is this authentication method/approach called?
SiteKey is the feature name that many banks call it and should be able to be searched for under that name. It adds minimal if any security. Anything that your server can present to the user, a man in the middle can act as if they were the client and get the same information. SiteKey (which is likely what your bank calls it) is not secure and doesn't add meaningful security.
It can actually be harmful as it may give users a false sense of security and make them ignore otherwise good indicators such as SSL indicators because the "secure" image or phrase is there. My general recommendation is do not use such flawed mechanisms as they can do more harm than good.
It's called knowledge-based authentication, and it's used to authenticate the remote server. Common authentication tokens are words and pictures.
One point I would make is that it's a bad idea to give out the authentication token only after being given a non-secret piece of information such as a username. An attacker could target a single user by simply putting their username into the page, or even via an iframe
or similar remote fetching mechanism. Instead, it's best to ask the user to provide a weak authentication token (e.g. 4-digit pin), then provide the secret, then ask for the strong authentication token (e.g. password). This makes the mechanism much safer.