This Online Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
To begin a session with the bank's server the user must key in an Access ID and a password. Our system, the Online Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor. Your Access ID and password are encrypted during transmission.
For Cash Management customers who utilize the ACH, Wire, and Remote Deposit Capture functionality an additional layer of security is available. The use of Tokens will allow these users single sign-on functionality with the additional level of security token technology provides. A digital code is assigned to the token which is good for short sessions. The pass code on the token is used at sign-on for authentication.
Authentication Image is a feature on the Online Banking system to let customers know they are logging into the official Liberty Bank Online Banking website. The first time a user logs into Online Banking a random system selected photo appears. The customer selects a custom pass phrase to be displayed along with the photo each time the customer logs in.
Security Challenge Questions
To further verify the identification of an Online Banking customer, Liberty Bank has deployed the use of security challenge questions. During the enrollment phase of Online Banking a customer is prompted to answer three challenge questions. These questions will be triggered when a customer attempts to login from a computer in which a recognized digital certificate is not present.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank. Using the above technologies, your Online Banking transactions are secure.
Monitoring Systems and Notifications
We use various monitoring systems to detect suspicious and fraudulent activity. These systems are the "watchdogs" for unusual patterns of activity, such as incorrect password usage. If such activity is detected, the user may be "locked out" and unable to access Online Banking.
Maximize Your Security with the Microsoft Internet Explorer High Encryption Pack
The Internet Explorer High Encryption Pack gives you 128-bit encryption, the highest level of protection possible whenever you use credit cards or make other financial or confidential transactions over the Internet. This site offers upgrades to your existing browser or an entirely new browser if you want.
At Liberty Bank, we are committed to providing our customers with a safe and secure Internet Banking environment. While the bank, along with our service providers, continues to evaluate and implement the latest improvements in Internet security technology, users of our Online Banking services also have responsibility for the security of their information and should always follows our security recommendations.
Access IDs must be a unique combination of 6-19 characters long and should not be your Social Security number or Tax ID number. Passwords must be between 8-16 alphanumeric characters long, are case-sensitive, and must be different from your Access ID. Your password is valid for one year.Â After one year, you'll be required to change your password.
The safety and security of your data is extremely important to us. To ensure the security of your financial information at Liberty Bank, we recommend the following:
Banking Account Protection
When using Online Banking, we strongly recommend that you always "Log Off," use Alerts whenever possible, and enroll in Electronic Statements. Always select "Log Off" when you finish your Online Banking session. If you do not, Online Banking will automatically log you off after 10 minutes of inactivity.
Alerts, sent via email, allow you to monitor specific account activity. Bank-initiated alerts provide added security by advising of any changes within your accounts related to your online security. Optional alerts, set up by you, monitor specific activity such as balance alerts. All alerts can be set up within Online Banking. Contact Liberty Bank immediately if you notice questionable transactions.
Enroll in Electronic Statements to stop receiving paper statements in the mail. This helps to reduce the threat of having your statements stolen out of your mailbox.
Threats to your personal banking account extend to offline banking. To keep your information safe and secure, never write your Personal Identification Number (PIN) on the back of your debit card or on a piece of paper you keep in your purse or wallet. Also, do not use a number that can be found on your personal documents or identification.
Don't reply to emails that ask for your account information, give your account information to phone solicitors or provide your credit or debit card number online unless you are on a website you trust. Your bank will never call or email you for that information - it already has it.
Never keep your bank statements, checks, debit, and credit cards in an unsecured place, such as a glove compartment, where anyone can gain access to them. Be sure to shred all financial documents before throwing them away.
Online banking is a great tool to help small businesses conveniently track financial information, including paying their bills and employees. However, not establishing procedures to secure the credentials they use to access their bank accounts online can increase the liability on its financial transactions. A small business can protect itself by following and implementing a few simple steps within their company.
To keep your information safe and to better protect your accounts businesses should:
Other things a business can do to protect itself:
1. Initiate a "dual control" payment process with your bank and employees. Ensure that all payments are initiated from your bank accounts only after the authorization of two employees. One employee will authorize the creation of the payment file and a second employee will be responsible for authorizing the release of the file. This process should be in place regardless of the type of payment being initiated-including checks, wire transfers, fund transfers, payroll files, ACH (Automated Clearing House) payments, etc.
2. Have dedicated workstations. If possible, restrict the use of certain workstations and laptops to be utilized solely for online banking and payments. For example, a workstation or laptop used for online banking should not be used for web browsing or social networking.
3. Use robust authentication methods and vendors. Make sure your bank allows for "Multi-Factor Authentication." This means that you need more than just a username and password to access your account. Liberty Bank does use Multi-Factor Authentication.
4. Update virus protection and security software. Ensure that all anti-spyware, anti-malware, and security software and mechanisms are robust and up-to-date for all computer workstations and laptops used for online banking and payments. Also, implement a process to periodically confirm they remain up-to-date. Security patches are often available via automatic updates.
5. Reconcile accounts daily. Monitor and reconcile accounts daily against expected credits and withdrawals. If you see any kind of unexpected activity on your account, notify your financial institution immediately.
For more information on how to practice good Internet safety and security habits for your business follow this link to the US Chamber of Commerce article titled Internet Security - Essentials for Business.
Identity theft is one of today's fastest-growing crimes. Identity theft occurs when someone steals your personal information and identification. They may open credit card accounts, apply for loans, rent apartments, or purchase phone services- all in your name. In many cases, they request address changes so you never see the bills for their activity. These impersonators spend your money as quickly as possible.
Most identity theft victims never know they have been taken advantage of until they apply for a loan or receive a call from a collection agency. Clearing your name and the effects of identity theft can be a nightmare and take a great deal of time. You can spend months or even years re-establishing your creditworthiness.
Store personal information in a safe place. Shred financial information, bank checks, credit card offers or pre-approved credit applications, and credit card receipts before discarding them in the trash.
Don't release personal information. Never disclose account numbers, social security numbers, or credit card numbers over the phone or email unless you know the person or organization you're dealing with.
Guard against mail theft. Deposit outgoing mail into a secure, official U.S. Postal Service collection box. Promptly remove incoming mail after it has been delivered.
Monitor account information and billing statements. Know your billing cycles and review monthly statements for unauthorized charges or withdrawals. Missing statements could indicate that someone has filed a change of address notice to divert your mail to his or her address. Consider turning off your paper bank statements and receiving statements online.
Obtain and review copies of your credit report. Order copies of your credit report yearly to check for inaccuracies and fraudulent use of your accounts. Visit AnnualCreditReport.com or call 877.322.8228 to request a free credit report from the three nationwide consumer credit reporting companies:
Notify the Credit Bureau. Contact one of the three credit bureau's fraud departments. The one you contact will notify the other two. Request that a "fraud alert" be placed in your file, as well as a victim's statement asking that creditors call you before opening any new accounts or changing any existing accounts. To report fraud:
Request a copy of your credit report. Credit reports are free to fraud victims.
Notify financial institutions. Call the financial institution where the fraud occurred.
Open new accounts and have affected accounts closed.
Have new PINs and passwords issued.
Consider contacting other financial institutions where you may have accounts.
File a police report with your local police department. Ask for a copy of the report, or at the very least record the date, time, and number of the report; the location of the department; and the name of the officer taking the report.
Call the Federal Trade Commission. The FTC's toll-free "Identity Theft Hotline" is 877-438-4338 and their website is http://www.ftc.gov/bcp/edu/microsites/idtheft/. A Consumer ID Theft Complaint Form can be obtained and completed.
Report any suspected stolen mail. Contact your local postal inspector and check the post office for unauthorized change of address requests.
Keep a record of events. Write down everyone you contacted. Record the time, title, and phone number of each person you spoke to. Also, note the substance of what was discussed and any report, case, or reference numbers. Keep copies of any reports or affidavits you send and any letters or information you receive.
Internet "phishing" scams are one of the fastest-growing frauds today. Basically, the scam uses "spam" (unsolicited email) to bait consumers into disclosing sensitive personal information such as social security numbers, credit card numbers, personal identification numbers, passwords, and other private information.
These unsolicited emails give the appearance of being from legitimate businesses. In fact, fraudsters usually pick a business that the potential victim actually does business with. The fraudsters tell the email recipients they need to "update" or "validate" their billing information to keep their accounts active.
To help set the hook, they even direct their potential victims to a website that imitates the look of the legitimate website with logos, colors, and designs to match. The consumers then submit their information to the impostor, who then uses the personal data to commit identity theft.
It is Liberty Bank’s policy to not send confidential account information through email because it is not encrypted and is not a secure form of communication. You should never enter private, personal information in a form that was sent to you via email.
Liberty Bank will never request a customer's personal, confidential information (bank card number, account number, social security number, personal identification number, or password) through email (or telephone contact). If you should ever receive an email (or telephone call) requesting your personal confidential information that appears to be from Liberty Bank, do not respond to the email (or telephone call) and contact us immediately at 417-888-3000.
1. Never click on links in unexpected email. If you get an email that warns you, with little or no notice, that an account of yours will be shut down or suspended unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the legitimate company cited in the email using a telephone number or web address you know as genuine. Always type in the web address to the website in the internet browser.
2. Make sure you are using a secure internet connection. Before submitting confidential information via the internet, make sure that the connection to the website is secure. First, look at the address bar at the top of your browser. If the website address begins with "https://", then you have established a secure connection. If it begins with "http://", the connection is unsecured. Second, look for a "lock" icon in your browser's status bar (bottom corner of your browser). The lock verifies that your connection to the website is secure.
3. Install updated anti-virus and anti-spyware software. Both viruses and spyware can leave your computer vulnerable to attack and intrusion. Anti-virus and anti-spyware software will keep your computer safe from malicious software that might have installed itself or tried to install itself onto your computer. Anti-virus and anti-spyware software is especially important if you are using a broadband internet connection like DSL, cable, or satellite.
4. Install a firewall. A firewall will prevent attacks on your computer from the internet by determining if a requested connection is malicious. A firewall is especially important if you are using a broadband internet connection like DSL, cable, or satellite.
5. Keep your internet browser, anti-virus, anti-spyware, and firewall up to date. Visit the manufacturer's website regularly and check for software and security upgrades.
6. Avoid emailing personal and/or financial information. Email systems are not encrypted and therefore emails should not contain confidential information.
7. Open emails only from known senders. You shouldn't open emails from a sender which is not known to you. Be especially careful about opening an email with an attachment. We advise that you shouldn't open attachments unless you are confident that you can trust the source.
Pharming is a newer and more advanced technique than Phishing. In this scheme, people are redirected from a legitimate web site to a malicious one that appears similar, both in form and content, to the original site. Once on this site, thieves will attempt to collect personal information such as login names and passwords.
Ways to Detect Pharming
When you visit a web site to make a purchase or access account information, take a moment to double check that the following safety indicators show up.
Ways to Defend Against Pharming
A Trojan horse is a program that installs malicious code that is hidden or harmless until an action, such as clicking a link, is executed. Once this code is launched, the hacker may be able to capture keystrokes to gather passwords or other confidential information. Trojan horses are often spread through email or are embedded in web pages. Attackers often will include Trojan horses with other viruses, spyware, and worms into "free" downloads, such as screensavers.
Ways to Detect Trojan Horses
Ways to Defend Against Trojan Horses
Spyware is malicious software that is loaded onto your computer without your knowledge or permission with the intent of collecting information about you. This information can be anything from the web sites you visit to sensitive personal information including login names and passwords.
How to Detect Spyware
How to Defend Against Spyware
In compliance with the Unlawful Internet Gambling Enforcement Act of 2006 (UIGEA), and implementing regulations (Regulation GG), certain transactions are prohibited within your accounts. Liberty Bank is required to notify business accounts of this prohibition.
Unlawful internet gambling is defined in UIGEA as placing, receiving, or otherwise knowingly transmitting a bet or wager by any means which involves the use, at least in part, of the internet where such bet or wager is unlawful under any applicable federal or state law in the state or tribal lands in which the bet or wager is initiated, received, or otherwise made.
Unlawful internet gambling transactions are prohibited from being processed through your account. We may block or reject such transactions. Further, we may block or close any account which we believe is in receipt of such transactions. Liberty Bank will not knowingly open accounts for individuals or businesses engaged in any internet gambling business.
This regulation applies to all Liberty Bank customers and this notice serves as your disclosure.
Free annual credit reports are available through the following three credit reporting agencies (Equifax, Experian and Trans Union) at (877) 322-8228 or may be ordered online at www.annualcreditreport.com or by completing the Annual Credit Report Request form, available at http://www.ftc.gov/bcp/edu/microsites/freereports/index.shtml and mailing it to:
Annual Credit Report Request Service
PO BOX 105281
Atlanta, GA 30348-5281
Consumers must utilize the contact information listed above to request the free copies. Consumers who contact the reporting agencies directly will be charged for their credit reports.
How do I dispute inaccurate information on my credit report?
You must contact EACH of the three credit reporting companies at the following address or phone numbers:
PO BOX 105873
Atlanta, GA 30348
Phone: (800) 685-1111 or (800) 977-2493
|Experian Consumer Assistance
PO BOX 2104
Allan, TX 75013-2104
Phone: (888) 397-3742
|Transunion Consumer Disclosure Center
PO BOX 1000
Chester, PA 19022
Phone: (800) 888-4213