Just How Secure Is It?
The Business Express Internet banking site ensures that your personal and financial information is handled with care. Any personal or transactional information transmitted between you and our Internet banking system is secure and cannot be read by anyone else. While using the Business Express Internet banking site the integrity of your account information is guaranteed. Transactions from your computer to our system are received without alteration. From a technical point of view a process called encryption is used to achieve security.
How Is Security Achieved?
Westminster Savings Credit Union has a 'firewall' in place that separates the Internet from our internal computer systems and databases. When data is sent from a member's computer via the Internet, it travels through a series of security points so that only authorized transactions enter our computer systems. We ensure that your personal and financial information is protected while in transit between your computer and our Business Express Internet server through the use of industry standard security techniques which include Secure Socket Layers (SSL) and encryption. Access to our member services, financial systems, and databases are strictly managed. Technological and procedural systems are in place to ensure security is not breached. This includes physically securing all of our computer hardware and telecommunications systems. All data is transported using encrypted channels.
What is encryption and how does it work?
Encryption is the process of scrambling data into an unreadable format. It is more secure to transmit encrypted data over the Internet. In the case of the Business Express Internet banking site, data is sent by your browser through an encrypted channel to our secure systems where the message is safely received. Some browsers can create a more secure channel than others, owing to the 'strength' of their encryption. To safeguard your personal and financial information, we only use the strongest channel available-referred to as 128-bit SSL or Secure Socket Layer. If you have a browser that only supports 'weaker' encryption such as 40-bit or 56-bit SSL, you will need to upgrade your browser before using our site.
What is the difference between 40- and 128-bit encryption?
Encryption and decryption is accomplished using a complex mathematical formula called an algorithm. An encrypted message cannot be read unless you have the formula or 'key' to unscramble the message. The longer and more complex the 'key' is, the stronger the encryption. The 40 and 128 refer to the length of the key. Since 128 is longer, than 40, it is more secure. But don't let the relatively small difference in the size of the key fool you. According to Netscape, 128-bit encryption is trillions of times stronger than 40-bit encryption.
Just as you play a vital role in ensuring the security of your home and your possessions, you too share in the responsibility for ensuring that your personal information is adequately protected.
In order for us to ensure that only you are accessing your accounts, we need a unique way of knowing that it's you. Just as the key to your home protects unwanted entry, the Business Express Internet "key"—your unique user ID and password —ensures that only you can access your accounts.
It is your responsibility to ensure that your "key" to the Business Express Internet banking site is protected. Please observe the following security practices:
- Select a password that is easy for you to remember but difficult for others to guess.
- Do not select a password that is easy to guess (such as 12345) or is based on personal information (avoid your birth date, address, phone number, social insurance number, or similar information about your family or friends). Otherwise, someone who knows you can easily guess your password.
- Do not select a part of your PIN (your ATM "key") or another password.
- Keep your user ID and password confidential.
- Do not write your password down or store it in a file on your computer.
- Never disclose your password in a voice or e-mail, and do not disclose it over the phone, especially cellular phones.
- Do not share your user ID or password with anyone else.
- Do not permit anyone to observe you typing in your password.
- Change your password on a regular basis. We suggest every 90–120 days.
- Contact Westminster Savings Credit Union immediately if you suspect someone has gained knowledge of your password.
- Contact Westminster Savings Credit Union immediately if you believe there are errors or omissions in your account.
- Contact Westminster Savings Credit Union immediately if you become aware of any loss, theft, misuse, or unauthorized use.
Protect The Information On Your Computer
While we have provided a secure channel for our Members to communicate with us. Once the information has reached your computer, it's up to you to protect it. To protect your information, you should: Never leave your computer unattended while using our online banking services. Always exit the Business Express Internet banking site using the Logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser. Prevent the browser from caching (storing) the pages that you view by using on the Enhanced Security feature located on the Login screen. We strongly recommend that you use this feature if you are accessing the Business Express Internet banking site from a shared computer, such as at a friends house or through a publicly-accessible computer, such as at a library or airport. Secure or erase files stored on your computer by your browser so others cannot read them. Most browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. These files remain there until erased. Using standard computer utilities or by using your browser feature to "empty" the cache, these files can be erased. You can delete the files using computer utilities or by using the 'empty cache' feature in your Internet browser. (For example, in Netscape Navigator 3.xx you would find this feature in 'Options', 'Network', 'Cache'. In Microsoft Explorer 4.xx you would find this feature in 'View', 'Internet options', 'general' tab.) Disable automatic password-save features in the browsers and software you use to access the Internet. For you security, we suggest that you disable this function by following these simple steps.
- Open Internet Explorer 5.0
- Select 'Tools'
- Scroll Down in 'Tools' and select 'Internet Options'
- In the menu 'Internet Options' select the tab 'Content'
- Under the 'Personal Information' section of 'Content' select the Auto Complete button.
To learn more about browser security, please visit the Netscape and Microsoft web sites. To ensure a safe and secure Internet session, only visit reputable sites. If you visit any questionable web site before Memberdirect 5.0, we recommend you close your browser and restart it before proceeding to Memberdirect 5.0.
Automatic Session Time-outs
In the event that you leave your computer without logging out, the Business Express Internet banking site has been designed to end your session automatically if our system detects that you haven't provided any instructions or used the browser buttons to navigate for several minutes. To restart the session, you will need to provide your user ID and password again.
To communicate with us electronically, we strongly recommend that you use our Contact Us feature. This feature provides a secure channel for sending us comments, questions or instructions. Our replies will then be securely routed back to you and will be filed under the Messages section within the Business Express Internet banking site.
General email is not secure since it passes through many points on its route from you to us. If you are using general email to communicate with us, we strongly recommend that you do not include personal financial information (such as account numbers) within the email as we cannot guarantee its confidentiality on route to us.
When you email us your comments, questions or instructions, you provide us your email address and we use it to correspond with you. We then store your email and our replies to you so that we can refer to them in future. We will not provide your email address to anyone outside of the credit union. We may use your email address to send you information about financial products or services that we think may be of interest to you. If you do not want us to contact you with product information by email, you may tell us so at any time and we will discontinue the practice.
If you have asked us to provide you with information on a regular basis, or if we email you information about our products or services, you may ask us to remove you from the list at any time. We intend to include instructions to unsubscribe from the list in every mailing, and on the site where you originally subscribed to the list.
How Have We Met Our Responsibilities?
We ensure your personal and financial information is protected within our Memberdirect 5.0 banking service, financial systems, and databases. We ensure your personal and financial information is protected while in transit between your computer and our server through the use of industry standard security techniques which include Secure Socket Layers (SSL) and encryption.
Encryption ensures that information in transit between your computer and our server cannot be read (private and confidential) or changed (integrity). We ensure that only individuals who provide the correct user ID and password can access your account information.
For more information on the specific policies and practices that we use to safeguard your personal and financial information, please click here to view our Privacy Statement.