Remote Deposit Terms of Use and Procedures



Similar documents
Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

PCI PA - DSS. Point BKX Implementation Guide. Version Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

PCI DSS Requirements - Security Controls and Processes

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

MICROS e7 Credit Card Security Best Practices

Vital Records Electronic Registration System (ERS-II) Technical Resource Guide and Support Procedures

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

SonicWALL PCI 1.1 Implementation Guide

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

DRAFT National Rural Water Association Identity Theft Program Model September 22, 2008

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

Business Mobile Deposit Capture Terms & Conditions

Section 12 MUST BE COMPLETED BY: 4/22

Best Practices Guide to Electronic Banking

Identity Theft Prevention Program Compliance Model

Cyber Self Assessment

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL

Miami University. Payment Card Data Security Policy

Payment Card Industry Self-Assessment Questionnaire

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No.

GFI White Paper PCI-DSS compliance and GFI Software products

A Rackspace White Paper Spring 2010

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

You, your and customer - refers to the person(s) or entity subscribing to or authorized to use Online Banking.

remote deposit guide

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box Phone: Midland, Texas Fax:

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Online Banking Customer Awareness and Education Program

PCI Data Security and Classification Standards Summary

Enforcing PCI Data Security Standard Compliance

IT Service Desk

IT Security Procedure

Payment Card Industry (PCI) Compliance. Management Guidelines

ACCESS TO ACCOUNTS VIA THE INTERNET.

Security. TestOut Modules

Remote Deposit Capture Installation Guide

STRONGER ONLINE SECURITY

Introduction. PCI DSS Overview

Implementation Guide

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

System Management. What are my options for deploying System Management on remote computers?

Payment Card Industry Compliance

Mobile Banking Disclosure Statement

Pearl Echo Installation Checklist

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Did you know your security solution can help with PCI compliance too?

HIPAA Security Alert

Business Merchant Capture Agreement. A. General Terms and Conditions

How To Protect Data From Attack On A Network From A Hacker (Cybersecurity)

Services Agreement. Rev 12/10/08 TC v08 1

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

How To Protect Your Data From Being Stolen

Xerox Mobile Print Cloud

Global Partner Management Notice

Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013

Security aspects of e-tailing. Chapter 7

Chapter 3 Safeguarding Your Network

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

System Security Policy Management: Advanced Audit Tasks

Chapter 15: Computer and Network Security

PA-DSS Implementation Guide for. Sage MAS 90 and 200 ERP. Credit Card Processing

Viterbo University Credit Card Processing & Data Security Procedures and Policy

Catapult PCI Compliance

BUSINESS ONLINE BANKING AGREEMENT

by: Scott Baranowski Community Bank Auditors Group Best Practices in Auditing Record Retention, Safeguarding Paper Documents, GLBA and Privacy

User Guide. Version 3.0 April 2006

General Information. About This Document. MD RES PCI Data Standard November 14, 2007 Page 1 of 19

Supplier Information Security Addendum for GE Restricted Data

Policies and Procedures

Written Information Security Plan (WISP) for. HR Knowledge, Inc. This document has been approved for general distribution.

74% 96 Action Items. Compliance

Project Title slide Project: PCI. Are You At Risk?

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

Information Technology Security Procedures

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire C and Attestation of Compliance

White Paper. BD Assurity Linc Software Security. Overview

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

MIDDLESEX SAVINGS BANK ONLINE BANKING AGREEMENT

FINAL May Guideline on Security Systems for Safeguarding Customer Information

Business Online Banking Client Setup Form

Visa U.S.A Cardholder Information Security Program (CISP) Payment Application Best Practices

Best Practices For Department Server and Enterprise System Checklist

Computer and Network Security Policy

Credit Card Security

Delphi+ System Requirements

INTERNET BANKING AGREEMENT & DISCLOSURE

PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR

Transcription:

Remote Deposit Terms of Use and Procedures Use of American National Bank Fox Cities (Bank) Remote Deposit service is subject to the following Terms of Use and Procedures. Bank reserves the right to update the Terms of Use and Procedures at any time without notice. General Bank personnel may come to the user s place of business to monitor compliance with the Terms of Use and Procedures and applicable law. The Business agrees to use a scanner model and type that has been provided by the Bank. The Business must have at least one checking account at the Bank, be an Online Business Banking user, have a valid email address, and sign the Remote Deposit Agreement. The system can be used to send check images for deposit only to accounts designated in the Remote Deposit Agreement. Changes in daily deposit limit, related entities, and users can be made only by the Remote Deposit Authorized Representatives designated in the Remote Deposit Agreement. Business will limit remote deposit access to their accounts to the users identified in the Remote Deposit Agreement. The bank is not obligated to monitor transactions through the system to determine if they are made on behalf of the Business. Processing Days Monday through Friday, excluding holidays. Non Processing Days (Holidays) When holiday falls on a Sunday, the following Monday is a non-processing day. New Year s Day Martin Luther King Jr. Birthday President s Day Memorial Day Independence Day Labor Day Columbus Day Veteran s Day Thanksgiving Day Christmas Day Cut Off Time Deposits successfully submitted prior to 8PM on a processing day are posted to your account the same business day. Deposits submitted after 8PM on a processing day or a non-processing day will be posted the next business day. Service Availability Remote Check Deposit is available 24 hours a day, 7 days a week, including weekends and holidays. Page 1 of 5

Service Unavailability Notify the Bank as soon as possible if the Remote Check Deposit is not available. During the time that the service is unavailable you may make deposits physically at the Bank. Deposit Verification The Deposit Detail Report will tell you the status of the deposit. If the status does not say submitted, deposit has not been received by the bank. The report will state the checking account number, the deposit total, and a listing of the checks deposited. Call the Bank as soon as possible if there are any discrepancies or if you do not receive the report. Workstation Requirements Business is responsible, at its expense, for procuring and maintaining communications & computer equipment and connections according to the following workstation requirements: Disk Space 10 GB of available disk space on the system drive recommended Hardware 2.0 GHz (or higher) processor recommended 2 GB of RAM (or higher) recommended Operating System Microsoft Windows Vista 32 Bit OR Microsoft Windows XP Service Pack 2 Software Microsoft Internet Explorer 6.0 or 7.0 Service Pack 1 Appropriate Ranger Device Driver varies depending on the scanner in use. Important Notes: The PC on which Branch Source Capture is installed must be defined as a trusted site on the workstation. (https://sco-web.ufsdata.com) User must be a Local Administrator on the PC Internet connection/wired Ethernet Network Interface Card connection/dsl, ASDL, Cable, T-1 (with Internet access of 1.5 megabits per second (MBPS) connection or higher)internet access If client PC must connect to the Internet through a corporate firewall, the firewall must be configured to allow HTTPS requests (port 443) to the Merchant Capture web server and receive corresponding HTTPS responses. This is a secure Internet connection over port 443 using 128 bit encryption. If a proxy server is being used, it may need to be configured to allow access for the Merchant Capture application. Workstation and Scanner Security Restrict physical access to workstation and scanner. Locate workstation and scanner, where feasible, in an area that has restricted traffic flow. Ideally, the equipment would be in an office with access by only those authorized to access the application. Secure Check and Report Storage and Destruction Secure checks prior to, during, and post scanning and transmission. If the scanning process is interrupted, the checks should be secured physically and the user logged out of the application. Once the Page 2 of 5

scanning process is complete and the files have been transmitted, the checks should be stored in a secure (under lock and key) location under dual control until they are destroyed. Checks are to be shredded, (dual control recommended), after a reasonable period of time, but not less than 60 days. An audit log that records the date of destruction, batch numbers, and initials of those performing the shredding should be maintained. The detailed reports retrieved from the SCO system should be kept either secured with the checks or in a secured file on the computer. They contain sensitive information that must be handled securely. The detailed reports need to be destroyed, if physical, and removed from the system, if electronic, after 60 days. The detailed reports must be kept and destroyed in the same manner as the checks. 1. Store all original checks in a safe or lockbox, accessible only by authorized personnel. 2. Do not store customer account information, photocopies, or private information in files that are accessible by non-authorized personnel. 3. Maintain a filing system that easily identifies any missing checks. Suggestions: a. Store a paper copy of each deposit receipt with the original checks. b. Store the checks in chronological order. c. Maintain an accurate count of checks you have stored at any time. 4. Use a cross cut paper shredder on site or hire a third part service for the secure destruction of checks. 5. Use a locked or secure trash bin for the disposal of shredded checks. Your Operational Responsibilities 1. Maintaining at least one checking account at the Bank eligible for the receipt of deposits. 2. Performing initial installation procedures as described in the Remote Deposit Installation Instructions. 3. Using the system only for internal business purposes. 4. Preserving the confidentiality of any User ID, Password, or other authentication method provided by the bank. 5. Preventing the use of the system by unauthorized persons. 6. Installing and implementing any changes and upgrades to the system as required by the Bank. 7. Ensuring the equipment is clean and operating properly at all times. 8. Inspecting and verifying the quality of the images of the front and back of the original checks and that the image contains all endorsement from the original check. 9. Depositing checks that are in US dollars and are drawn on or payable through a US financial institution. 10. Depositing checks through the system that have not been previously presented and paid. 11. Entering the correct dollar amount of each check image. The software will read and automatically fill in the check amount in most cases. 12. Ensuring the MICR line information from the original check is accurately scanned, entered, or repaired for each check image. 13. Ensuring each deposit is in balance before it is submitted to the Bank. 14. In the event of a lost, mistaken, unusable, or fraudulent electronic check image, cooperating fully with the Bank in providing information about the image. 15. Maintaining control over and securely storing the original checks that have been electronically submitted to the Bank. Recommended Workstation & Network Security To achieve logical security, it may be necessary to engage an outside network consultant to configure network and workstation security. Page 3 of 5

Install and maintain a firewall on the network. Consideration should be given to installing a personal firewall on the workstation or enabling the Windows firewall if using a Windows operating system. The firewall should be configured to disallow traffic from untrusted networks and restrict inbound and outbound Internet traffic. Direct public access must be prohibited. The firewall should be kept up to date and monitored. Ensure the firewall has audit logging capabilities. Install and maintain anti-virus and anti-spyware tools on the workstation. The tools should be capable of generating audit logs and kept up to date. If wireless networks are deployed, ensure that wired equivalent privacy (WEP) is enabled, default service set identifier (SSID) broadcasts are disabled, and vendor default settings are changed. WiFi protected access (WPA and WPA2) encryption and authentication should also be enabled. Restrict use of peer to peer (P2P) networks and file sharing capabilities. Restrict remote access. If remote software is installed ensure it is secure or prohibit installation PC Anyware, GoToMyPC, etc. Do not allow outside software to be loaded on the workstation. Restrict or prohibit Internet downloads. Vendor supplied default system passwords must be changed. This includes Windows and RDC application software. Ensure that each user of the system has their own ID and password. Log on credentials should never be shared since it negates any audit trail. Strong password parameters are encouraged. Minimum length of 8 characters and including alpha/numeric and special characters for both the network and RDC application is recommended. Passwords should not be associated with any commonly known personal identification, such as social security numbers, address, date of birth, names of children. Passwords should expire within 30 to 60 days. Network settings should log users off after 10 minutes of inactivity. Ideally the workstation should have a password protected screen saver enabled. Consider multi-factor authentication by installing biometric readers. Network and workstations should have the latest vendor supplied security patches installed. Industry practice is to install relevant security patches within one month of release (or sooner, following testing to ensure interoperability [Windows updates should be researched prior to installation]); however, anti-virus, anti-spyware, and firewall definitions should be automatically installed immediately upon release. Establish a process to identify newly discovered security vulnerabilities: subscribe to alert services available on the Internet and run an automated application on the network to identify vulnerabilities. Consider annual penetration testing. Limit Internet access and restrict webmail access for added protection against potential viruses, Trojans, and key loggers. Review system event logs and user activity logs, especially those with administrator profiles. Page 4 of 5

Maintain system backups. Consider segregation of duties between initial scanning of items, edits to images, and transmission of the files. At a minimum, a review of all manual adjustments to check images should be reviewed by someone other than the person making the changes to ensure accuracy. Caring for the Scanner Scanners should be placed at least 18 inches from other electronic equipment. Do not insert checks that could damage the scanner, such as stapled checks. Use compressed air to frequently clean the scanner. This eliminates dust and paper fragments that may damage the scanner. If your scanner fails to operate, call 920-739-1040 for assistance. Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information