Best Practices Guide to Electronic Banking



Similar documents
Business ebanking Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Customer Awareness and Education Program

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Remote Deposit Quick Start Guide

Online Cash Manager Security Guide

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Payment Fraud and Risk Management

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library

Safe Practices for Online Banking

Protecting Yourself from Identity Theft

Frequently Asked Questions

Protecting your business from fraud

Your security is our priority

Learn to protect yourself from Identity Theft. First National Bank can help.

Enhanced Security for Online Banking

Malware & Botnets. Botnets

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank

Security Guidelines and Best Practices for Internet Banking for Precision and Cash Management for Precision. Best Practices Guide

Business Online Banking & Bill Pay Guide to Getting Started

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

CAPITAL PERSPECTIVES DECEMBER 2012

Personal Online Banking & Bill Pay. Guide to Getting Started

Information Security Awareness

Security Bank of California Internet Banking Security Awareness

Corporate Account Take Over (CATO) Guide

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Security Guidelines and Best Practices for Retail Online and Business Online

Corporate Account Takeover & Information Security Awareness

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Corporate Account Takeover & Information Security Awareness. Customer Training

Chapter 15: Computer and Network Security

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

Business Identity Fraud Prevention Checklist

Tips for Banking Online Safely

Your Digital Dollars Online & Mobile Banking

Online Cash Management Security: Beyond the User Login

Cathay Business Online Banking Quick Guide

Why is a strong password important?

MOBILE BANKING USER GUIDE

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness

Internet Safety & Awareness. Dan Tomlinson 02/23/2013

Identity Theft Protection

Retail/Consumer Client. Internet Banking Awareness and Education Program

Remote Deposit Terms of Use and Procedures

Securing your credit *

HomeNet. Gateway User Guide

Fraud Prevention Tips

National Cyber Security Month 2015: Daily Security Awareness Tips

Desktop and Laptop Security Policy

Deutsche Bank db easynet. Secure method of use of the db easynet e-banking system

Infocomm Sec rity is incomplete without U Be aware,

NATIONAL CYBER SECURITY AWARENESS MONTH

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

ecommercial SAT ecommercial Security Awareness Training Version 3.0

Don t Fall Victim to Cybercrime:

Phishing for Fraud: Don't Let your Company Get Hooked!

& INTERNET FRAUD

Electronic Fraud Awareness Advisory

Security Tips You are here: Home» Security Tips

Keeping your financial and personal information secure is one of our most important responsibilities.

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No.

F-Secure Mobile Security for Business. Getting Started Guide

Fraud Trends. HSBCnet Online Security Controls PUBLIC

General Security Best Practices

MOBILE BANKING. Why should I use Mobile Banking?

E Commerce and Internet Security

Airnet-Student is a new and improved wireless network that is being made available to all Staffordshire University students.

Why you need. McAfee. Multi Acess PARTNER SERVICES

Business Online Banking Quick Users Guide

Online Services User Guide

SAO Remote Access POLICY

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Cathay Business Online Banking

How To Help Protect Yourself From Identity Theft

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure

10 Quick Tips to Mobile Security

9 Simple steps to secure your Wi-Fi Network.

Basic Computer Security Part 2

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Mobile Banking FAQ Page 1 of 9

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Deter, Detect, Defend

HUNTINGTON BUSINESS SECURITY SUITE USER GUIDE

SAFE ONLINE BANKING. Online Banking, Data Security You. Your Partnership for Safe Online Banking

Boston University Security Awareness. What you need to know to keep information safe and secure

Fraud Information and Security

High Speed Internet - User Guide. Welcome to. your world.

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

Introduction. PCI DSS Overview

Contents Security Centre

Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online.

Corporate Account Takeover & Information Security Awareness

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

Samsung KNOX User Guide KNOX for Consumers Edition

Transcription:

Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have relied upon Electronic Banking. As Online Banking and Mobile Banking usage increases, so will the instances of fraud. Therefore, the need for controls to minimize risks and to prevent and detect fraudulent activity is critical. Below is a Best Practices Guide that can protect you against fraud associated with Electronic Banking. User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special characters. Change your password frequently. The Bank requires password changes at least once a year. Never share username and password information with third-party providers. Bank employees will not, under any circumstance, ask for this information via telephone or email. If this information is needed we will ask you to come to one of our convenient locations. Avoid using an automatic login feature that saves usernames and passwords. Page 1 of 7

General Guidelines Do not use public or other unsecured computers for logging into Online Banking. Check your last login date/time every time you log in. Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution. View transfer history available through viewing account activity information. Whenever possible, use Bill Pay instead of checks to limit account number dissemination exposure and to obtain better electronic record keeping. Take advantage of and regularly view system alerts; examples include: Balance alerts Transfer alerts Password change alerts ACH Alerts (for cash management users) Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles. Whenever possible, register your computer to avoid having to re-enter challenge questions and other authentication information with each login. Review historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data. Never leave a computer unattended while using Online Banking. Never conduct banking transactions while multiple browsers are open on your computer. If you notice any suspicious account activity or experience any issues with Online Banking you may contact the E-Banking Dept. at 318-357-3741. If your mobile device is lost or stolen you can disable or deactivate the device by logging in to the Mobile Banking Center, found under administration tab on your Online Banking page. You can contact your mobile carrier to disable the mobile device or you can contact a representative at City Bank & Trust Co. Page 2 of 7

Tips to Protect Online Payments & Account Data Take advantage of transaction limits. Establish limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. When you have completed a transaction, ensure you log off to close the connection with the financial organization's computer. Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies. Reconcile by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis. Account Transfer Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. Review historical and audit reports regularly to confirm transaction activity. Utilize available alerts for funds transfer activity. Protections provided under Regulation E Electronic Funds Transfer Act: Customers should review their monthly account statement for possible errors with electronic funds transfers as they would with any other type of transaction. Should a customer notice that there has been an error in an electronic fund transfer relating to their account certain steps must be taken. Please note that Regulation E is only applicable to retail (non-commercial) customers. Under the Act the Customer must: Write or call the financial institution immediately if possible. You may contact our E-Banking Dept. at 318-357-3741. Page 3 of 7

Must be no later than 60 days after we sent you the first statement containing the error or problem Give us your name and account number Explain the error or the transfer you are unsure about, the type, dollar amount and date Under the Act the bank must: Promptly investigate the error and correct any error. If this takes more than 10 business days to do this. The bank will re-credit your account for the amount you think is in error. Must notify you of the results of investigation: o If there was error correct it or make re-credit final o If no error explanation in writing, notify customer of deducted recredit Below are specific guidelines for our Commercial Online Banking customers: City Bank & Trust Company suggests that commercial online banking customers perform a related risk assessment and controls evaluation periodically to mitigate risks associated with Online Banking. ACH (Automated Clearing House Batches) Use pre-notification transactions to verify that account numbers within your ACH payments are correct. Use limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. Review transaction reporting regularly to confirm transaction activity. Utilize available alerts for ACH activity. Page 4 of 7

Administrative Users Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses. Dedicate and limit the number of computers used to complete online banking transactions; do not allow Internet browsing or e-mail exchange and ensure these computers are equipped with latest versions and patches of both antivirus and anti-spyware software. Delete online user IDs as part of the exit procedure when employees leave your company. Assign dual system administrators for online cash management services. Use multiple approvals for monetary transactions and require separate entry and approval users. Establish transaction dollar limits for employees who initiate and approve online payments such as ACH batches, wire transfers, and account transfers. Tips to Avoid Phishing, Spyware and Malware Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as usernames, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer. Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e- mail. If an e-mail claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate. Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product. Page 5 of 7

Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software. Ensure computers are patched regularly, particularly operating system and key application with security patches. Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers. Check your settings and select, at least, a medium level of security for your browsers. Clear the browser cache before starting an online banking session in order to eliminate copies of Web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's preferences menu. Tips to Protect Mobile Banking Users Modify the phone s settings so that only messages from authorized numbers are allowed. Place a password on the device to keep it securely locked after timing out. Add the City Bank & Trust short codes and customer service phone number to your contacts and only initiate SMS and phone calls from your contact list. Do not reply to SMS messages that do not exist in your contact list. Do not click on links in SMS messages unless you initiated the SMS conversation with City Bank & Trust. Do not call phone numbers not in your contact list. If you are unsure about a phone number, you may text Help to the short code and compare the phone numbers. Only call the numbers in your Help response or in your contact list to avoid vishing. Bookmark the City Bank & Trust mobile web site and only use this bookmark to access the site to avoid phishing. Avoid using unsecured, public Wi-Fi networks to access financial accounts with mobile devices. Always use your cellular network when conducting mobile financial services. Only download apps from stores, such as Apple & Android, that are submitted and branded by City Bank & Trust. Page 6 of 7

Finally, know that bank employees will not ask users to provide confidential information over an email or SMS message. Be aware of the security threats that come with mobile banking: o o o Phising: Luring unsuspecting customers to provide sensitive personal information or downloading malware through an email. SmiShing: A contraction of SMS and phising, in which criminals pose as a FI and use SMS in an attempt to gain access to confidential account information. Vishing: A contraction of voice and phising, in which victims are tricked into disclosing sensitive personal information through a phone call or voice response unit. Tips for Wireless Network Management Wireless networks can provide an unintended open door to your business network. Unless a valid business reason exists for wireless network use, it is recommended that all wireless networks be disabled. If a wireless network is to be used for legitimate business purposes, it is recommended that wireless networks be secured as follows: Change the wireless network hardware (router /access point) administrative password from the factory default to a complex password. Save the password in a secure location as it will be needed to make future changes to the device. Disable remote administration of the wireless network hardware (router / access point). If possible, disable broadcasting the network SSID. If your device offers WPA encryption, secure your wireless network by enabling WPA encryption of the wireless network. If your device does not support WPA encryption, enable WEP encryption. If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware. Every computer network card is assigned a unique MAC address. MAC filtering will only allow computers with permitted MAC addresses access to the wireless network. Page 7 of 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information