Why are you changing the security standards?
We care deeply about keeping your money safe while providing you with easy access to your accounts. With the continued growth of online banking, there are increased needs for greater security standards to keep you and your money well protected. In addition, the government issued new guidelines in 2011, calling for enhanced security measures for online banking. Thus, we are upgrading our security procedures to provide you with the best protection available. Our new security standards will make it even safer for you to monitor and manage your money while safeguarding against unauthorized access to your accounts.
What are the recommendations and required changes?
Note: Using the answers from your security questions will no longer be a multifactor authorization, "MFA” verification option. You will need to select a new MFA verification method such as a telephone, computer or cell phone.
After providing your username and password, select the MFA verification method of your choice as your phone number, email address and SMS text number have been carried over to the new system. We will immediately send a six-digit access code to your phone (via voice or via SMS text message) or computer (via email) so that you can enter into your computer to complete your login. You can opt to have this computer remembered so you don’t need to repeat this step each time you log in. However, you must obtain a new access code for each computer you use to log in that is not remembered on the system.
How will using multifactor authorization enhance my online banking security?
Multifactor authentication makes it more difficult for phishers and attackers to access your accounts without you knowing it. While this might seem unfamiliar, you actually use it every time you visit an ATM. When you access your account from an ATM, you need both your ATM card (something that you have) and PIN (something that you know).
We’ve implemented the same type of protection by using both your password and your phone/email account to access your online banking account. By doing this, even if an attacker or a phisher manages to steal your password and tries to use it to log in, they would be unsuccessful because they would need your phone or email account as well.
Is there anything I need to do?
The bank already has multifactor authentication in place for your security purposes. As was reflected in earlier in this FAQ, please have a phone, computer or cell phone readily available to re-register your computer. Online banking customers currently using the answers from Security Questions will need to select a new MFA verification option to obtain their six-digit access code
Will I always need to use both my password and my phone/email account from now on?
The first time you attempt to log in from a new computer, you will need to use both your password and the six-digit access code you receive on your phone or email account in order to log in. If you are accessing from a private computer that you personally use, you can opt for the system to remember your computer for future logins.
By doing this, you will not need to repeat the step of obtaining an access code via phone or email account, and you will only need your username and password in the future to log in.
For enhanced security protection, we suggest that you always use both your phone or email account and your password. If you do opt to have your computer remembered, we recommend that you do so only on computers that you can personally own and that have the latest updates and virus protection software installed on them.
How about if I log in from another computer?
The first time you log in from another computer you will need to use both your password and a new phone/email account six-digit access code to log in. However, you can choose to have your new computer/mobile device remembered on the system so you only need your username and password for future access to your account online.