Business services photo

Security Changes

On June 3, 2013 all CenterBank internet banking customers will need to be aware of the following changes. These changes will be security features to add an extra layer of protection to our customer’s online banking experience.

 

 

What is changing?

Passwords

¨      Online banking password strength was changed in May and the requirements will not be changing again….however:

 

Customers will be asked to answer additional security questions

¨      We want to store 3 questions and answers

 

1. In today’s version if a customer’s security answer is compromised it’s the only question we can draw from

2. With three questions the system will randomly pick a question to be answered

Why?

With rotation of questions we are lowering the likelihood of fraudsters being able to log-in or change customer information

 

v  Customer will be asked to answer 1 security question if:

¨      Retail and Commercial users

Account Functions

1.       Adding an external account

2.       Changing an address

3.       Updating an email address

4.       Reordering checks

5.       Changing their passcode

6.       Changing the security questions

7.       If a session times out and they want to perform any of the items above

8.       If a customer uses an IP address (computer)they normally do not use

Why?

We made this change because these are more sensitive pieces of information that fraudsters use to take over an account

v Commercial users only

1. Cash management services

1.       ACH

2.       Wire Transfer

3.       Positive Pay

4.       Sub-user administration

5.       If a session times out and they want to perform any of the items above

Why?

We made this change because these particular functions require a higher level of authentication per regulators

 

v  Reminders for customers

¨      Email verification – every 180 days there will be a pop-up box asking customers to verify their email address

¨      Security questions – every 180 days there will be a pop-up box letting customers know it may be a good idea to change their security questions

¨      Passcodes – every 90 days there will be a pop-up box letting retail customers know it may be a good idea to change their password

Why?

We all know it is a good idea to change passcodes and security questions but we rarely do.  If we send a reminder it may click with the customer to make the changes

 

v  Account numbers will be masked online

¨      Currently customers see their full account number when they log-in

¨      Going forward customers will only see the last 4 digits of their account number when they log-in

¨      Full account numbers will be available in user services or if they utilize E Statements via ESafe

 

Why?

This is being changed because fraudsters like to shoulder surf and with full account numbers we weren’t making this form of fraud difficult – there are other fraud trends like “evil twin” or “packet sniffers” we want to help prevent

 

How are we communicating this?

·         In Bank communication – We need to tell our customers to be looking for these changes

·         Statement Messages – May and June cycles

·         Internet Banking banners –Information on these changes will be on our homepage