Security & online Privacy
Reporting Online Environment Security Issues
At TERRABANK we go to great lengths to protect your personal information and ensure TERRABANK Online Banking is secure. If you ever doubt the legitimacy of any e-mail claiming to originate from TERRABANK or if you believe you may be the victim of misuse of your personal information in the online environment, please contact firstname.lastname@example.org. You may also contact our Operations Department during business hours at (305) 223-7219.
Visitors to this bank Website remain anonymous. We do not collect identifying information about visitors to our site. We may use standard software to collect non-identifying information about our visitors, such as: Date and time our site was accessed IP address (A numeric address given to servers connected to the Internet) Web browser used City, state, and country The bank uses this information to create summary statistics and to determine the level of interest in information available on our site.
Visitors may elect to provide us with personal information via E-mail or online registration forms. This information is used internally, as appropriate, to handle the sender's request. It is not disseminated or sold to other organizations. Some areas of our Website may use a "cookie" temporarily stored in the visitor's computer memory (RAM) to allow the web server to log the pages you use within the site and to know if you have visited the site before.
Our Online Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity. To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Online Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.
Secure Data Transfer. Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall. Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank. Using the above technologies, your Online Banking transactions are secure.
Improving your own security
TERRABANK Online Banking is Safe and Secure
TERRABANK is committed to protecting your privacy when you visit our website. All information you share with us will be treated with the strictest confidentiality at all times.
Your personal information will not be disclosed outside TERRABANK, except in circumstances advised to you at the time you apply for a product or service.
What you can do
We are committed to ensuring your security and privacy and we take strong security measures to protect your information. However, there are also some important steps you should take as a customer. You can use the information below as a guide to help you protect yourself online.
Change default passwords on network devices
Your home or business networking equipment (such as ADSL modems, Local Area Network (LAN) and Wireless Access Points/Routers), by default, can be visible from the Internet. If you use default passwords, someone may have the ability to access your home or business networking equipment over the Internet and change settings that will compromise or bypass network security. To prevent unauthorized access, you should immediately change the default passwords on all home or business networking equipment.
What can I do to ensure my online account information is safe?
Online security starts with your web browser. You can protect yourself online by using an up-to-date browser with the most recent security updates. To get online access, you will need a browser that uses a minimum 128-bit encryption technology. Currently, to access your TERRABANK Online Banking online accounts, we highly recommend that you use one of the following:
* Microsoft has discontinued support for Windows XP on April 8, 2014. We strongly recommend that this Operating system is not used by our customers.
For maximum security, always use the latest browser version. Beta versions of browsers and operating systems are not recommended or supported. Additionally, if a browser or operating system is no longer supported by the vendor, it is not supported by us.
Below are some additional tips that will help protect your online experience.
- Keep your account information and password confidential
- Don't leave your account information or password in an open area where a passerby might see it
- Before entering personal information on a web site, check that your web session is secure by looking for a small lock symbol in the lower corner of your web browser window. A closed lock indicates the web site you are on is secure. You can also look for the letters "https://" at the beginning of your web site address in your web browser. The "s" means that the web connection is secure
- Never leave your computer screen unattended while in the secure banking area of the site
- Always sign off your online accounts and close your browser if you're going to step away from your computer
- Don't send privileged account information (account number, password, etc.) via e-mail
- Try not to use passwords that incorporate your name, telephone number, address or birth date or those of any close friend or relative
- Change your password monthly; don't reuse the same password for at least one year
- Don't use a password you use for anything else
- Don't use any part of your TERRABANK Card number or account number as your password
- Use a quality anti-virus program as often as possible
- Avoid doing your online banking on public computers (for example, at libraries and Internet cafes)
- Frequently check the most current information about your browser (can be found at your browser's web site) for changes and upgrades
- Regularly check for security updates from your software/browser vendor(s)
Passwords are used by computer systems and web sites to verify your identity. When you sign in to a banking site, you need to provide a password to get access to your accounts. If someone else knows or guesses your password, they can access the same accounts.
Always choose unique passwords that are hard to guess. Longer passwords are more difficult to figure out than shorter passwords, especially if you mix letters and numbers. You should also avoid choosing passwords that are obvious, such as family names, birthdays and telephone numbers that might be easy for others to figure out.
- never share your passwords with others, including family members
- never give your password to a third party such as a payment service provider as this places your financial information at risk
- don't use obvious passwords like your name, names of family members, your address, or any other information that might be found in your purse or wallet
- try to avoid passwords that are real words
- make it difficult for others to guess your password by ensuring it contains a combination of letters and numbers
- avoid using the same password for several accounts or services - you should use a unique password for each web site and purpose
- change your passwords frequently
- if you think someone knows your password, change it immediately.
Remember to Log off
When you are finished banking, remember to log off. We recommend that you clear your browser cache after you log off, or close your browser and re-open it before browsing the Internet. This will ensure that any information that is cached or stored on your computer or in your browser is erased, preventing others from being able to view this information later.
Clear your browser's cache
Your browser cache maintains a copy of web pages that have been viewed recently. Once you have finished banking and have signed off of the TERRABANK Online Banking web site you should clear your browser's cache, especially if you are using a public or shared computer.
Make sure you have anti-virus software
Computer viruses and worms receive a lot of media attention because they can spread quickly and wreak havoc on personal computers and corporate networks. There are various forms of computer viruses on the Internet that target online financial services.
Protect your computer by ensuring you have an anti-virus program installed and that you update it regularly. Most anti-virus programs offer automatic upgrades to help ensure you are always up to date. Viruses can damage your computer, lead to the loss of your files, and some can capture information from your computer and send it across the Internet to other computers.
Do not open attachments to e-mails unless you trust the person or company that sent you the e-mail. Ensure your anti-virus program automatically scans your e-mail attachments for viruses.
Use a personal firewall
Any computer or device connected to the Internet that is not properly protected is vulnerable to hackers. This applies to all cable modem, digital subscribe line (DSL) and dial-up users. The likelihood of a hacker entering your computer increases the longer your computer is on and connected to the Internet.
A personal firewall will help protect your computer. Firewalls create a barrier between your computer and the rest of the Internet. A firewall can be a hardware device, a software application or a combination of the two. Firewalls can prevent hacker attacks and block certain types of data from entering your computer or private network. They can also be set up to alert you if anyone tries to access your system.
Microsoft Windows and Apple MacOS X both include basic personal firewalls, but you must activate them to be effective.
Install security updates
Most personal computers use the Microsoft Windows operating system. The makers of these systems regularly issue security updates to protect against new and emerging threats. You should download and install security updates regularly or configure your operating system to automatically check for new updates.
Windows: To download the latest Microsoft Windows updates, visit “Windows Update”.
MacOS X: Choose "Software Update" from the Apple menu.
Beware of e-mail fraud
The Internet is the most convenient method of doing business but we must always be vigilant and maintain the highest security possible. There are a number of different ways in which you can be targeted by criminals but the newest threats are email fraud, identity theft, phishing and pharming.
Be wary of e-mails that ask for personal information and NEVER provide your personal passwords, personal information numbers or sign in information for TERRABANK Online Banking.
Perpetrators who "phish" for information will try to encourage you to disclose sensitive information such as your password, bank account and credit card numbers, and Personal Identification Numbers (PINs) via seemingly legitimate e-mails or Internet websites. Fraudulent e-mails may be very convincing, and may appear to have been sent by a legitimate and trusted source with which you do business e.g. your bank. Most will come in the form of an e-mail request to "update" or "validate" your financial or personal information. Some of these e-mails will direct you to a fraudulent website for updating your information. Often the website will look very similar to the legitimate website.
Perpetrators who "pharm" for information will do so by hacking into DNS server software. (DNS servers are the giant computers that "run" the Internet). These computer hackers look for any vulnerability in the DNS software through which they can acquire the domain name of a website and re-direct traffic from that website to another fraudulent website.
There are a few simple precautions that you should always remember and follow to protect yourself against fraudulent practices such as 'phishing' and 'pharming':
- NEVER type personal and financial information into a pop-up window, even if it appears to be legitimate. TERRABANK will never request account information in this fashion
- NEVER respond to e-mails asking you to verify information. TERRABANK will never send you an e-mail request to verify your information. If we do have an issue with your records we will contact you in another way
- BE SUSPICIOUS of grammatical or spelling errors. These are usually indications of a fraudulent message
- BEWARE OF suspicious websites. Always be certain that the website you are on is legitimate. If for any reason you suspect that a website is not what it claims to be, leave the website immediately and do not follow any instructions on that website
TERRABANK e-mail best practices
- solicited e-mails that respond to customer requests
- welcome e-mails
- e-mails that have live links to other TERRABANK marketing content, but only written URLs (non-live links) to a website
TERRABANK does not send e-mails:
- asking the customer to provide, confirm or update personal records
- sent from a third party address or link to a third party site except from VSOFT the bank's imaged statement vendor
- containing no information about why a customer is receiving e-mail
- requiring an urgent response
Beware of identity theft
Take steps to protect yourself against identity theft, including protecting your personal information, memorizing your passwords and reporting thefts and losses immediately.
Look for privacy policies on other web sites
General dos and don'ts
- report lost or stolen bank cards immediately and notify any creditors who may be debiting money from you
- check your financial statements for any unauthorized transactions
- destroy cancelled checks and store new checks in a safe place
- sign all credit cards as soon as they are received
- cancel all inactive credit cards
- limit the number of credit/charge cards you own
- destroy pre-approved credit card applications, credit card receipts, bankbooks, bank statements with checks and pay statements
- pay attention to billing cycles and contact your billing company if bills fail to arrive
- review your credit bureau files annually
- leave your computer unattended when your are signed in to your accounts
- keep your bank machine PIN, online/telephone banking password or Social Insurance Number in your wallet
- leave mail lying around
- provide your credit card number to anyone other than a trusted third party
- leave your purse or wallet lying around in public places
- lend credit cards to anyone
- use software that automatically remembers your passwords - someone could take advantage of this if he/she uses your computer