Security
Leading the way on your behalf.
The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server.
New to Online Banking? Register Now
Our most rewarding checking account puts your money to work for you.
Buying a new or used car has never been so easy.
We have the resources you need to help you achieve financial freedom
We believe everyone deserves a champion, and we want to be your financial champion for life.
The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server.
When visiting online banking's sign-on page, your browser establishes a secure session with our server.
The secure session is established using a protocol called Transport Layer Security(TLS) Encryption. This protocol requires the exchange of what are called public and private keys.
Keys are random numbers chosen for that session and are only known between your browser and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
Both sides require the keys because they need to descramble (decrypt) messages received. The TLS protocol assures privacy but also ensures no other website can "impersonate" your financial institution's website, nor alter information sent.
To learn whether your browser is in secure mode, look for the secured lock symbol at the bottom of your browser window.
The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations a lock can have. The more possible combinations, the less likely someone could guess the combination to decrypt the message.
For your protection, our servers require the browser to connect at 128-bit encryption (versus the less-secure 40-bit encryption). Users will be unable to access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level.
To determine if your browser supports 128-bit encryption:
It is important to verify that only authorized persons log into online banking. This is achieved by verifying your password. When you submit your password, it is compared with the password we have stored in our secure data center.
We allow you to enter your password incorrectly a limited number of times; too many incorrect passwords will result in the locking of your online banking account until you call us to reinitialize the account. We monitor and record "bad-login" attempts to detect any suspicious activity (i.e., someone trying to guess your password).
You play a crucial role in preventing others from logging on to your account. Never use easy-to-guess passwords. Examples:
Never reveal your password to another person. You should periodically change your password in the User Option screen of online banking.
The network architecture used to provide the online banking service was designed by the brightest minds in network technology. The architecture is too complex to explain here, but it is important to convey that the computers storing your actual account information are not linked directly to the Internet.
This configuration isolates the publicly accessible Web servers from data stored on our online banking servers and ensures only authorized requests are processed.
Various access control mechanisms, including intrusion detection and anti-virus, monitor for and protect our systems from potential malicious activity. Additionally, our online banking servers are fault-tolerant, and provide for uninterruptible access, even in the event of various types of failures.
We provide a number of additional security features in online banking. For example, online banking will "timeout" after a specified period of inactivity. This prevents curious persons from continuing your online banking session if you left your PC unattended without logging out. You may set the timeout period in online banking's User Options screen. We recommend that you always sign off (log out) when done banking online.
Phishing (FISH.ing) pp. Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information. -phisher n.
Example Citations:
Phishing is the term coined by hackers who imitate legitimate companies in email messages to entice people to share passwords or credit-card numbers. Recent victims include Bank of America, Best Buy and eBay, where people were directed to Web pages that looked nearly identical to the companies' sites.
Spoofing is pretending to be something it is not, whether an email, website, etc.
We suggest reporting "phishing" or "spoofed" emails to the following groups:
When forwarding spoofed messages, always include the entire original email with its original header information intact.
Notify the Internet Crime Complaint Center (IC3) of the FBI by filing a complaint on their website: www.ic3.gov/complaint/default.aspx.
If you have given out your credit or debit or ATM card information:
If the statements show any unauthorized charges, it's best to send a letter to the card issuer via regular mail (keep a copy for yourself) describing each questionable charge.
Your maximum liability under federal law for unauthorized use of your credit card is $50 (many financial services companies have different policies so be sure to check with each of them). If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized use; in general, you may only be liable for a very small amount but always check with your card company for their exact policy.
Some phishing attacks use viruses and/or 'Trojan Horses' to install programs called "key loggers" on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, usernames, and passwords, Social Security Numbers, etc.
If this happens, it's likely you may not be aware of it.
To minimize this risk, you should:
Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have given out this kind of information to a phisher, you should do the following:
Still have questions? Visit our Help Center.
This is a link to an external site. Click CONTINUE to visit the content