INTERNET SECURITY
ONLINE SECURITY STATEMENT
Keeping member information confidential and secure is a priority at Marine FCU. As a result, we have chosen to implement multiple strategies to ensure that all member information is protected. We employ the latest in industry-standard internet security technology so members can be confident that their transactions are secure when accessing their Marine FCU accounts via MFCU@Home Online Services. Each security component operates as a separate layer of protection, therefore offering another opportunity to deny unauthorized users from accessing sensitive data.
TRANSMISSION SECURITY
When a member accesses MFCU@Home, all information is private and secure. In order to access Marine FCU accounts online, we require the use of secure browsers. We ensure that our connection is secure by utilizing an encryption technology known as 128 – bit SSL [Secure Socket Layer] protocol. This technology alters and scrambles all data before it is sent over the internet. Consequently, if a browser is not 128 – bit encrypted, it will not be able to descramble the information and will remain unable to log on to Marine FCU online account access. This is a precautionary measure to help ensure that all information remains safe. Once a member successfully logs into their MFCU@Home online account the browser will secure the session using this same encryption technology, allowing the member to perform their financial transactions securely.
FIREWALL AND ANTI-VIRUS TECHNOLOGY
The network that houses your online financial information is protected by the latest in anti-virus and firewall technology, which are closely monitored and kept up-to-date. Essentially, a firewall acts as a blockade, keeping unauthorized users from accessing the systems. Keeping our anti-virus and anti-spyware software up to date allows for us to help prevent malicious hackers or information leaks from compromising the integrity of our systems. In addition, our publicly accessible web servers are separate from our online banking servers, therefore making certain that only authorized requests will have access to our most critical information – your finances.
SECURITY ARCHITECTURE
UNIQUE IDENTIFIERS
In order to gain entry into MFCU@Home online account access, members are required to correctly input their member number and password. This is a member identification process – without proper member identification, access to account information is denied.
FAILED LOGIN ATTEMPTS
To prevent unauthorized users from accessing members’ accounts online through brute-force entry, an account will be automatically locked from internet access after 5 incorrect/failed login attempts. The member will have to call to have their online account access unlocked.
TIMEOUT FEATURE
As an additional security measure, our online account access will automatically end your session after a specified period of inactivity. This will log you out of the system and prevent others from accessing a member’s account should they leave their computer unattended with their online account access open. Once the session has expired, a member will be required to log in to get back to their financial information. The length of time before a session timeout can be modified by the member from within the account access, under user options.
INTERNET SECURITY FAQs
Q. WHAT IS DATA ENCRYPTION AND HOW DOES IT KEEP MY PERSONAL INFORMATION SAFE WHEN ONLINE?
A. Encryption is a mathematical process in which data is scrambled. Essentially, the encryption process takes the original information, along with a corresponding key, and mathematically modifies the data, making it unreadable without the presence of a decryption key. If the key is present, then the data can easily be recovered.
There are many different methods of encryption. At Marine FCU, we use 128 bit SSL encryption. This means that there are 2128, or 3,400,000,000,000,000,000,000,000,000,000,000,000,000 possible keys combinations. The key length determines how difficult it would be to reveal encrypted data. Even at our current level of technology, it would take more time to crack a 128 bit key, than what scientist predicts the life of the universe to be. In short, your financial records are safe.
Q. HOW DO I KNOW WHEN I AM ENTERING A SECURED AREA ON THE INTERNET?
A. Before you send any personal information over the internet, there are a couple of quick ways to verify that the site is secured. First, you may receive a pop-up window which notifies you that you are about to enter a secured area. Subsequently, before you leave the secured area you may receive a similar message, warning that you are about to leave the secured area.
If this window does not appear, it may be turned off from within your Internet Explorer Options. If you would like it turned on, open your Internet Explorer browser, at the top of the window click Tools, and choose Options. Select the Advanced tab, and scroll down until you see Security options. Use your mouse to check the option box which states: warn if changing between secure and not secure mode. This will activate these warnings for you.
Another way to verify that you are within a secured area on the Internet is to check the web address located in the address bar at the top of your browser window. If the address begins with https://, then it is a secured site. If the address begins with http://, then the site is not secure. You can also look at the bottom right corner of your browser window, the status bar, to see if there is a padlock icon.
If the lock is closed, like the example above, then the site is secured. If the lock is open, or not present, then the site is not secured. If the lock icon is not present, and you do not see https:// in the address bar, then presume that the site is not secure. If you do not see your status bar, go to your browser menu and click View, and then select Status Bar.
Q. I CONNECT TO THE INTERNET THROUGH A HIGH-SPEED CONNECTION [cable, DSL, satellite]; DO I NEED ANY ADDED SECURITY?
A. As with any connection, you can never go wrong by having Anti-virus and firewall protection, but with high-speed internet connections it is even more important! High-speed internet connections are always connected to the internet. If you leave your computer on and connected to the modem, there is always a potential for others to access the data you have stored on your hard drive, without you ever being aware that it happened. We recommend that you do purchase a reputable antivirus software package. In addition, the use of a firewall also dramatically decreases the chance of somebody illicitly accessing your information.
Once you have the necessary security software, you must keep it updated! Frequently check for new updates and security patches for your Operating System [i.e. Windows or OSX] along with updating you antivirus and firewall software.
If you are interested in extra protection consider installing spyware blocker and removal programs. Not only is spyware a resource hog and drastically slows down your computer, it also tracks your computer/internet usage, and sends that information on to unknown destinations over the internet. Without your knowledge, spyware can compile lists of all of the web addresses you have visited recently, pull your email addresses, and generally find out quite a bit of information about you and your computer usage. The information these programs collect then gets sent out to companies who use this info to spam you, sell it to other companies who will spam you, or release personal information about you. Some anti-spyware and spyware removal programs include Lavasoft's Ad-Aware, Spy-bot, and spyware Doctor.
Q. WHAT DO I DO IF I HAVE ALREADY GIVEN MY PERSONAL INFORMATION OUT TO A SUSPICIOUS SOURCE?
A. 1. Contact all of your financial institutions with accounts that may have been compromised. The sooner you do this, the better they will be able to protect your accounts. Contact the institution that you believed was forged. If you had received a suspicious email, create a new mail message and copy the entire suspect email, paste it into the new message, and send it to them. Do not use the forward option because this format will exclude the information that they need to help track the perpetrator. This will help them better protect their members, and possibly locate the individual responsible for the scam.
2. Contact the IFCC [Internet Fraud Complaint Center]. This is a partnership between the FBI and the National White Collar Crime Center, and they work world wide with law enforcement to identify the perpetrators of the scam. If you feel that your information has been compromised or stolen, contact the Federal Trade Commission. They can work with you to help minimize any damages.
3. After you have reported the incident, go through and change all online account passwords. Do this as soon as possible. Also, frequently check all statements and account activity and report any unauthorized transactions.
Q. WHAT CAN I DO IF MY INFORMATION HAS DEFINITELY BEEN STOLEN?
A. 1. Contact all of the institutions with accounts that have been affected. You will have to close those accounts. Contact the credit bureaus and place a 'Fraud Alert' on your credit report. Make sure you get a copy of your report [it's free for identity theft victims]. You can also request that no new credit be taken out in your name without your explicit permission. When you make the aforementioned requests, do so in writing, and keep a copy for yourself. You may consider getting the copies post-stamped, and sending the original request via certified mail for documentation purposes. Keep very good records of the entire incident - this will only help minimize loss and potentially recover any loss in the future.
- Equifax (800) 525-6285
- Experian (888) 397-3742
- TransUnion (800) 680-7289
2. Contact the Federal Trade Commission. You can call their toll-free hotline at (877) ID-THEFT or (877) 438-4338. Their counselors will be able to guide you through the recovery process.
3. - File a report with your local police department.
OTHER TIPS:
Do not enter personal information into a pop-up window. A common technique to steal information is to send a fake email, and have the user click a link from within an email. This link launches the pop-up window which will ultimately send any of the information entered into the form, to an unsafe destination. These windows may look authentic, and may even be labeled similarly to that of the intended site, but it is a fake. Reputable companies and financial institutions will NEVER request personal information through an email. To close pop up windows like this, only click on the x in the right top corner to close them; if you click anywhere else, you may have unexpected results. Frequently, the close or cancel buttons on these windows will not operate as you would expect, and by clicking on them you may still be compromising your information.
Keep your computer updated! This includes your operating system, antivirus software, firewall software, internet browser, etc. You can manually update your machine, or you can schedule updates. Only update your software through manufacture updates. Windows has a great support system, and once at microsoft.com, you computer will be inspected for all the necessary updates and security packs needed. A quick and easy way to update your windows is to click on your Start menu, and select Windows Updates. Updates from windows will automatically give you the option of downloading security fixes for Internet Explorer. The process is quick and easy, and well worth the time to ensure better security.
IMPORTANT INFORMATION
Important Contact Information
To order your report, call: 800-685-1111 or write:
To order your report, call: 888-EXPERIAN (397-3742) or write:
To report fraud, call: 800-680-7289 and write:
|
Informational Articles |
*These article require Adobe Acrobat PDF Reader
-
MFCU@Home FAQs & Information
