Online Banking Customers
Personal Banking Customers
- Citizens Bank of Edmond will never contact any customer and request electronic banking credentials. If you get a call asking for your credentials, hang up and call us!
Tips to reduce the risk in Internet banking:
- Block cookies on your Web browser: When you surf, hundreds of data points are being collected by the sites you visit. This data gets mashed together to form an integral part of your “digital profile,” which is then sold without your consent to companies around the world. By blocking cookies, you will prevent some of the data collection about you. Yes, you will have to enter passwords more often but it is a smarter way to surf.
- Do not put your full birth date on your social-networking profiles: Identity thieves use birth dates as cornerstones of their craft. If you want your friends to know your birthday, try just the month and day, and leave off the year.
- Do not download Facebook apps from outside the United States: Apps on social networks can access huge amounts of personal information. Some unscrupulous or careless entities collect lots of data and then lose, abuse, or sell it. If the app maker is in the United States, it is probably safer and at least you have recourse if something should go wrong.
- Use multiple usernames and passwords: Keep your usernames and passwords for social networks, online banking, email, and online shopping separate. Having distinct passwords is not enough. If you have the same username across different Web sites, your entire romantic, personal, professional, and e-commerce life can be mapped and re-created with some simple algorithms.
If you have online banking concerns or if something does not look right, contact us at 405-341-6650.
Cash Management Commercial Customers
In addition to tips that can be used by customers with only personal accounts, Cash Management customers should periodically evaluate the possible risks associated with a Cash Management account. Here are some key areas to check:
- Who has access to the Internet banking computer and credentials?
- Is the Internet banking computer(s) secured after normal business hours?
- How often do you change the Internet banking password and who knows the password?
- Is there a firewall active on the computer?
- If you have Cash Management online banking concerns or if something does not look right, contact us at 405-341-6650.
Federal Financial Institutions Examination Council (FFIEC) Online Security Guidance
If you use online banking, mobile banking, or other internet banking as a consumer or as a business, you will be interested to learn that six federal financial industry regulators teamed up recently to make all of your personal and business accounts more secure. New supervisory guidance from the Federal Financial Institutions Examination Council (FFIEC) will help banks strengthen their vigilance and make sure that the person signing into your account is actually you. The supervisory guidance is designed to make online transactions of virtually all types safer and more secure.
Consumer Guidance: Account Authentication & Online Banking
Multi-factor authentication and layered security are helping assure safe internet transactions for banks and their customers.
Business Guidance: Risk Assessment & Layering Security
New financial standards help banks and business account holders make online banking safer and more secure from account hijacking and unauthorized funds transfers.
Understanding the Factors
The authentication process is of vital importance to verify that YOU, and not someone who has stolen your personal identity or hijacked your corporate account, is conducting your online transactions. Authentication generally involves one or more basic factors:
- Something the user knows (e.g., password, PIN)
- Something the user has (e.g., ATM card, smart card)
- Something the user is (e.g., biometric characteristic, such as a fingerprint).
Single factor authentication uses one of these methods; multi-factor authentication uses more than one, and thus is considered a stronger fraud deterrent. When you use your ATM card, for example, you are utilizing multi-factor authentication: Factor number one is something you have, your ATM card; factor number two is something you know, your PIN. To assure your continued security online, your bank uses both single and multi-factor authentication, as well as additional “layered security” measures when appropriate.
Internal Assessments at Citizens Bank of Edmond
The new supervisory guidance offers ways your bank can look for anomalies that could indicate fraud. The goal is to ensure that the level of authentication called for in a particular transaction is appropriate to the transaction’s level of risk. Citizens Bank of Edmond has conducted a comprehensive risk-assessment of its current methods with regards to the following:
- changes in the internal and external threat environment
- changes in the customer base adopting electronic banking
changes in the customer functionality offered through electronic banking; and
actual incidents of security breaches, identity theft, or fraud experienced by the institution or industry.
Whenever increased risk to your transaction security might warrant it, Citizens Bank of Edmond will be able to conduct additional verification procedures, or layers of control, such as:
- Employing customer verification procedures
- Analyzing banking transactions to identify suspicious patterns
- Establishing dollar limits for Cash Management customers that require manual intervention to exceed a preset limit.
Your Protection Under “Reg E”
Banks follow specific rules for electronic transactions issued by the Federal Reserve Board. Known as Regulation E, the rules cover all kinds of situations revolving around transfers made electronically. Under the consumer protections provided under Reg E, you can recover internet banking losses according to how soon you detect and report them.
Here is what the Federal rules require: If you report the losses within two (2) days of receiving your statement, you can be liable for the first $50. After two (2) days, the amount increases to $500. After sixty (60) days, you could be liable for the full amount. These protections can be modified by state law or by policies at Citizens Bank of Edmond, so be sure to ask your personal banker how these protections apply to your particular situation.
Knowing how fraudsters might trick you and understanding the risk is critical to safe online banking. You can take further steps to protect yourself and make your computer safer by installing and regularly updating:
- Anti-virus software
- Anti-malware programs
- Firewalls on your computer
- Operating system patches and updates.
Additional steps include:
- Create strong complex passwords that contain both CAPITAL and small letters, numbers and any allowed special characters.
- If you think you may have visited a website with malware or if you think your computer may be infected with a virus, DO NOT access your online banking or other sensitive logins until you have scanned your computer and know it is clean and virus free.
Layered Security for Increased Security
Layered security is characterized by the use of different controls at different points in a transaction process so that a weakness in one control is generally compensated for by the strength of a different control. An example of layered security might be that you follow one process to log in (user/password), and then give additional information to authorize funds transfers. Layered security can substantially strengthen the overall security of online transactions by protecting sensitive customer information, preventing identity theft, and reducing account takeovers and the resulting financial losses.
Examples of Layered Security for Businesses
For business accounts, layered security can include enhanced controls for system administrators who are granted privileges to set up or change system configurations, and control access privileges and application functions or limitations for their own staff and users. Added layers may include:
- Fraud detection and monitoring systems that include consideration of you transaction history and behavior
- Dual customer authorization through difference access devices
- Transaction value thresholds that restrict the number or amount of transactions for a set time frame
- Internet Protocol (IP) reputation-based tools
- Policies and procedures for addressing customer devices that have been potentially compromised, or for detecting customers who may be facilitating fraud
- Account maintenance controls over activities performed online or through customer service channels.
Recommendations for Business Accounts
- Conduct periodic assessments of internal controls
- Use layered security for system administrators
- Initiate enhanced controls over high-dollar transactions
- Provide increased levels of security as transaction risk increase
If You Have Suspicious Activity
If you notice suspicious activity within your account or experience security-related events (such as loss of token, compromised PIN or Password, phishing email from someone purporting to be from your bank), you can contact anyone at your bank and you will be quickly and courteously guided to the person responsible for such issues.
You can also learn more about online safety and security at these websites: