Customer Information Policy and Security Statement
Customer Information Policy - Important information about our procedures for opening a new account
In accordance with Section 326 of the USA Patriot Act signed October 26, 2001, Community Bank is required to obtain a copy of the documents used in identifying our new account customers and in identifying signatory individuals added to an existing or new account. In some cases, identification will be requested for those individuals banking with the bank prior to the effective date of the customer identification requirements because original documentation was not obtained with the opening of the account, or the bank is unable to form a reasonable belief that it knows the identity of the existing customer. In all cases protection of our customer's identity and confidentiality is the Bank's pledge to you.
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring phone call to the bank to reset the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible fors that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
Using the above technologies, your Internet banking transactions are secure.
Multi Factor Authentication (MFA)
Community Bank is working hard to secure our online banking services so that our customers have the confidence that their information is being protected.
Community Bank is proud to deliver the highest level of security for our internet banking customers.
Within the next few months, Community Bank will be adding an additional layer of security that will change the way you log into our internet banking service. These changes will provide even greater levels of protection against fraudulent attacks such as phishing, spoofing, key logging and identify theft. All users will be required to select challenge questions and answers, select a unique image and create a personal description for the image that is only known by you. Each time you log in thereafter, the image will appear to verify to you that you are on Community Bank’s website before entering your password. You will not have to select a new password during this process.
The final level of the new security is the authentication of your computer. Community Bank has the ability to recognize the computer or computers from which you usually log on. If our system detects a suspicious login due to an unfamiliar computer, it will automatically present you with challenge questions that were previously selected.
ONCE THE NEW LAYERS OF SECURITY ARE IN PLACE, GETTING STARTED IS EASY!
Step 1: Login using your access ID.
Step 2: Select a picture from the image library.
Step 3: Create a personal description (PassMark phrase) to the image.
Step 4: Select your challenge questions and provide your answers.
Step 5: Select whether to register this computer.
Note: Only register personal computers that you frequently use and are not available for public use.
The next time you log onto our internet banking service, Community Bank will recognize you and display the image and personal description (PassMark phrase) you selected.”