Our Internet banking security standards

Just how secure is it?

Our Internet banking service offers you the best security currently available in a commercial environment. This means your privacy and confidentiality are assured. Any personal or transactional information transmitted between you and Envision is secure and cannot be read by anyone else. With our Internet banking service the integrity of the information you send is guaranteed. Transactions and communications from members are received without alteration.

How is security achieved?

Access to our member services and financial systems and databases is strictly managed. Technological and procedural systems are in place to ensure security is not breached. This includes physically securing all of our computer hardware and telecommunications systems. And just as you play a vital role in ensuring the security of your home and your possessions, you too share in the responsibility for the security of our Internet banking service.

What is Biometric Authentication?

Due to the sensitive nature of managing users for our Business members, biometric fingerprint devices are used to authenticate the identity of these users. Users of our Internet banking service must have a Windows or Internet Explorer platform in order to use our biometrics login system. The biometric fingerprint authentication system provides positive user authentication equal to a 60-character password. The authentication process is as follows:

• A user accesses the login page, clicks on Biometric Login and enters his or her user ID. The system will prompt the user for a fingerprint scan.
• The user scans his or her fingerprint on the scanning device provided to the user by Envision.
• The system authenticates the user against the user's ID and fingerprint. If the user is authenticated, the system will display the Summary page.

Users who are not authenticated, that is, their fingerprint and user ID do not match the one stored on the system, are considered invalid. If the user attempts to access the system three times, the user ID will be locked out and only an Envision representative will be able to unlock the user's ID.

What are my responsibilities?

It is very important that you protect your Personal Access Code (PAC). The confidentiality of your PAC ensures that you alone are allowed access to your accounts. Here are some tips for protecting your PAC:

• Select a PAC that is easy for you to remember but difficult for others to guess.
• Do not select a PAC that is easy to guess (such as 12345) or is based on personal information (avoid your birth date, address, phone number, social insurance number, or similar information about your family or friends). Otherwise, someone who knows you can easily guess your password.
• Do not select a part of your PIN (your ATM "key") or another password.
• Keep your PAC confidential.
• Do not write your PAC down or store it in a file on your computer.
• Never disclose your PAC in a voice or e-mail, and do not disclose it over the phone, especially cellular phones.
• Do not share your PAC with anyone else.
• Do not permit anyone to observe you typing in your PAC.
• Change your PAC on a regular basis. We suggest every 90-120 days.
• Contact Envision immediately if you suspect someone has gained knowledge of your PAC.
• Contact Envision immediately if you believe there are errors or omissions in your account.
• Contact Envision immediately if you become aware of any loss, theft, misuse, or unauthorized use.

It is also very important to protect the information on your personal computer. We have provided a secure method for our members to communicate with us. Once the information has reached your PC, it's up to you to protect it.

You should:

• Never leave your PC unattended while using our home banking services. Always exit our home banking services and your Internet browser if you step away from your PC.
• Your Internet browser software may retain information you entered in the Login screen and elsewhere until you exit the browser. Secure or erase files stored on your PC by your Internet browser so others cannot read them. Most Internet browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. The files remain there until they are erased. The files can be deleted using standard PC utilities or by using your browser feature to "empty" the cache. In Netscape Navigator, this is available in the Options, Network, Cache screen. In Internet Explorer 5.xx this is available in the View, Internet Options, General Screen.
• Disable automatic password save features in your Internet browser and software that you use to access your Internet Service Provider.
• Install and use a quality anti-virus program. As new viruses are created each and every day, be sure to update your anti-virus program often.
• Install and use a personal firewall on your computer to ensure others cannot access your computer through the Internet.
• Install new security patches, as soon as your operating system and Internet browser manufacturers make them available.

Select a browser that provides the most protection

To access our Internet banking service you will need an Internet browser that supports 128-bit encryption. We have chosen 128-bit encryption as our standard as it is the strongest publicly available encryption protection today.

Our Internet banking service can be accessed by:

• 128-bit versions of Netscape Communicator (4.7 or higher. 6.0 is not supported)
• 128-bit versions of Microsoft Internet Explorer (5.0 or higher)

• 128-bit versions of Microsoft Internet Explorer (5.0 or higher)
• 128-bit versions of Netscape Navigator (4.08 or higher)
• 128-bit versions of Netscape Communicator (4.7 or higher)

How have we met our responsibilities?

We ensure your personal and financial information is protected within our in-house member service and financial systems and databases.

We ensure your personal and financial information is protected while in transit between your PC and our home banking server through the use of industry standard security techniques, which include Secure Socket Layers (SSL) and encryption.

Encryption ensures that information in transit between your PC and our home banking server cannot be read (private and confidential) or changed (integrity). We ensure that only individuals who provide the correct Personal Access Code (PAC) can access your account information.

For your protection, our Internet banking service has been designed to lock your session automatically if there has been no activity for 2 minutes. Therefore if our system detects that you haven't provided any instructions or used the browser buttons to navigate within our Internet banking system for 2 minutes, the session will automatically be locked and you will need to provide your account number and Personal Access Code again to conduct further transactions. After 4 minutes of no activity, the connection will end and you will need to Login again.

Our Internet banking system uses a technique called a "cookie" to maintain a connection with you. A cookie is a small amount of information, stored on your PC in an encrypted form that is intermittently sent to and from our Internet banking server.

The cookie provides us with information that enables us to ensure that each request for information really came from you and that we deliver the information only to you. The cookie also lets us know when to time-out your connection as explained above.