Customer Awareness & Education

FOR INTERNET BANKING

In the virtual online world in which we live today, you can never be too careful in the protection of your personal information. This includes the confidential information necessary to access Security Bank and Trust Company’s Internet website. To help ensure the safety of your Internet Banking credentials, please be mindful of the following helpful hints concerning Internet Banking.

Online security begins with the authentication process, which is used to confirm that it is you, and not someone who has stolen your identity. Authentication generally involves one or more basic factors:

  • Something the user KNOWS (password/pin)
  • Something the user HAS (ATM/DEBIT card)

Single factor authentication uses one of these methods. Multi-factor authentication uses more than one, and thus is considered a stronger fraud deterrent. When you use your ATM card, for example, you are utilizing multi-factor authentication; Factor number one is something you HAVE (your ATM card) and factor number two is something you KNOW (your PIN). To assure your continued security online, Security Bank and Trust Company uses both single and multi-factor authentication, as well as additional “layered security” measures when appropriate.

Layered security is characterized by the use of different controls at different points in a transaction process so that a weakness in one control is generally compensated for by the strength of a different control. An example of layered security might be that you follow one process to log in (user/password) and then give additional information to authorize funds transfers. Layered security can substantially strengthen the overall security of online transactions by protecting sensitive customer information, preventing identity theft and reducing account takeovers that can result in financial losses.

The purpose of these layers is to allow authentication of customers and detect and respond to suspicious activity related to initial login and then to reconfirm this authentication when further transactions involve the transfer of funds to other parties.

Internal Assessments

The new supervisory guidance from the Federal Financial Institutions Examination Council (FFIEC) offers ways we can look for anomalies that could indicate fraud. The goal is to ensure that the level of authentication called for in a particular transaction is appropriate to the transaction’s level of risk. Accordingly, Security Bank and Trust Company has concluded a comprehensive risk-assessment of its current methods as recommended in this supervisory guidance. These risk assessments consider the following:

  • changes in the internal and external threat environment
  • changes in the customer base adopting electronic banking
  • changes in the customer functionality offered through electronic banking; and
  • actual incidents of security breaches, identity theft, or fraud experienced by Security Bank and Trust Company

Whenever increased risk to your transaction’s security might warrant it, Security Bank and Trust Company will be able to conduct additional verification procedures, or layers of control, such as:

  • Utilizing call back (voice) verification, e-mail approved
  • Analyzing banking transactions to identify suspicious patterns
  • Establishing dollar limits that require manual intervention to exceed a preset limit

Your protections under “REG E”

(Consumer Accounts Only)

Security Bank and Trust Company follows specific rules under Regulation E, issued by the Federal Reserve Board for electronic transfers. These rules cover consumer electronic transfers. Under the consumer protections provided under Reg E, you may be able to recover losses according to how soon you detect and report them. Reg E requires the following:

  • If you tell us within 2 business days after you learn of a loss or theft you can lose no more than $50.
  • If you don’t tell us within 2 business days after you learn of a loss or theft you could lose as much as $500.
  • If your statement shows transfers that you did not make, tell us at once. If you don’t tell us within 60 days after the statement was mailed to you you may not get back any money.

Be sure to ask how these protections apply to your particular situation.

Customer Vigilance: The First Line of Defense

Of course, understanding the risks and knowing how fraudsters might trick you is a critical step in protecting yourself online. You can make your computer safer by installing and regularly updating the following:

  • Anti-Virus software
  • Anti-malware programs
  • Firewalls on your computer
  • Operating system patches and updates

You can also learn more about online safety and security at these websites:

  • www.staysafeonline.org
  • www.ftc.gov
  • www.usa.gov
  • www.idtheft.gov

If you have Suspicions

If you notice suspicious activity within your account or experience security-related events (such as a phishing email from someone purporting to be from Security Bank and Trust Company) you can contact any employee at the bank and report such issues.

Commercial Banking Internet Security

In addition to the information provided, Commercial and Small Business account holders should institute additional measures in order to further protect their online banking, such as:

  • Perform your own annual internal risk assessment and evaluation of all online accounts
  • Establish internal policies regarding employee internet usage
  • Ensure all company computers are equipped with updated antiviral protection software

Business customers (non-consumer) are not protected under Regulation E.

Neither this Institution nor its service providers will contact you via telephone or email requesting personal information, access ID, or your passcode. If you are contacted by anyone requesting this information, please contact us immediately.