Foundation Bank is constantly developing and implementing security enhancements to ensure the integrity of our Online Banking system. Our goal is to protect the confidentiality of your account and personal data and comply with all applicable banking regulations relating to the safeguarding of your data. The use, collection and retention of client information is detailed in our Privacy Policy; however, there are certain topics related specifically to online banking we would like to share with you.
Foundation Bank Security Measures
Every effort is made to ensure that your account information is protected from unauthorized access. These efforts include:
| • |
All Online Banking data transmitted to us is encrypted. Encryption is the process of transforming information into an indiscernible coded message. When you click on “Login”, we encrypt your Online Banking ID and PIN using Secure Sockets Layer (SSL) technology. This secure connection is established before your Online Banking User ID and PIN are transmitted and maintained for the duration of your Online Banking session. |
| • |
After your initial login, we require you to change your Online Banking PIN before any transactions can be requested. |
| • |
The date of last access to the Online Banking system is displayed after login so you can verify that no one else has logged into your Online Banking Account. |
| • |
Online Banking sessions have a time-out limit requiring you to login again after a period of inactivity to prevent unauthorized access to your session. |
| • |
PIN guessing is deterred with a lock-out feature. Our system will automatically lock-out a user when an incorrect PIN is entered multiple consecutive times. |
| • |
Account numbers are not visible through Online Banking unless you choose to display the account number through the “Pseudo Name” function. |
| • |
We have implemented an Identity Verification Feature which provides an additional layer of security by getting to know your typical and characteristic Online Banking behavior. If atypical behavior is detected you will be prompted to verify your identity. |
| • |
We have implemented a personal Watermark feature to appear during the login process for your assurance that you are on the authentic Foundation Bank Online Banking site. |
| • |
Read our privacy policy. |
Security Guidelines
The following information can help you keep your confidential information safe while using our Online Banking system. In addition to the safeguards that Foundation Bank has put into place, being an educated client is your best defense.
Personal Computer Security Guidelines
| • |
Use a current Internet browser with 128-bit encryption that supports secure and private transactions. |
| • |
Consider using the built-in security features that are provided with your Internet browser instead of disabling them. |
| • |
Use a software or hardware firewall to protect your computer from network intrusion. |
| • |
Use anti-spyware and anti-virus software to detect new threats.
|
| • |
Maintain and run updated anti-virus, firewall, browser, anti-spyware, and security software on your computer. |
| • |
If your computer is on a wireless network (home or public), ensure that the router settings are secure, (encrypted). Using scanning devices, individuals can intercept unencrypted signals and view or obtain your information. |
| • |
Use caution when downloading files, installing software, or opening e-mail attachments from unverified or unknown sources. Many of these files contain spyware or key-logging programs that can send information back to a malicious site. |
| • |
Be suspicious of emails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as User’s ID, passwords, PIN codes and similar information. Opening file attachments or clicking on Web links in suspicious emails could expose the system to malicious code that could hijack your computer. |
| • |
We recommend clearing the browser cache before starting an Online Banking session in order to eliminate copies of web pages that have been stored on the hard drive. |
| • |
Properly dispose of old computers and ensure all sensitive information is removed from the hard drive. Reformatting the hard drive may not be sufficient – use specialized software to erase information. |
Additional Computer Security Guidelines for Businesses
| • |
Carry out all Online Banking activities from a hardened and completely locked down computer system. |
| • |
Install a dedicated, actively managed firewall, especially if you have a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers. |
| • |
Prohibit the use of “shared” User ID’s and PIN’s for Online Banking. |
| • |
Install well known and supported anti-virus and desktop firewall software on all computer systems. Look for names you know and read independent reviews of all products you use. |
| • |
Ensure computers are patched regularly, particularly operating systems and key applications with security patches. It is highly recommended to sign up for automatic operating system updates for the operating system and many non-operating system applications. |
Online Banking Security Guidelines
| • |
Exit from Foundation Bank Online Banking as soon as you finish your banking activities. Never walk away from your computer with your account information on the screen. |
| • |
While using a computer in public places beware of “shoulder surfers” who may be trying to intercept your PIN or account information. |
| • |
Beware of fraudulent e-mails or websites known as “phishing” or “web-spoofing” schemes that appear to be from Foundation Bank or other legitimate sites. Always go directly to Foundation Bank’s website by typing www.foundationbank.com directly into the browser address bar. Never click on unverified links in e-mails, in pop-up ads, or on other unknown sites. These emails and links may ask for personal information or redirect you to illegitimate sites that look like Foundation Bank’s site or appear to have the Foundation Bank URL address in the browser address bar. |
| • |
Be suspicious of any e-mail that asks for personal information, requests your authentication, or indicates a problem with your Foundation Bank account. If you receive an email like this, DO NOT REPLY by e-mail. Instead call Foundation Bank at 425-691-5000 to notify us of the fraudulent e-mail. Foundation Bank does not request personal or account information from clients via e-mail or pop-up windows. |
| • |
Only use trustworthy computers. Shared public computers like those in airport lounges, internet cafes, public libraries, and hotel lobbies could be connected to keystroke loggers or infected with password-stealing viruses. Do not use them to access Online Banking or other websites containing confidential information about you. |
| • |
Your Online Banking PIN is the key to your Online Banking account and your personal and financial information. Here are some tips to keeping your PIN secure: |
| |
| * |
Create a strong and unique Online Banking PIN by making it as long and complex as possible with a combination of uppercase and lowercase letters, numbers, and symbols. Refrain from using predictable sequences of characters such as “1234” or “abcd”. Do not use your Online Banking ID in your PIN. |
| * |
Do not use words that can be found in a dictionary or information related to you such as your birth date, address, names of family members, etc. |
| * |
Disable any “AutoComplete” or similar features on any computer you use for Online Banking. |
| * |
Do not write down your PIN. |
| * |
Do not share your Online Banking PIN with anyone, including Foundation Bank associates. Your Online Banking ID and PIN are assigned to you and verify who you are when you begin an Online Banking session with Foundation Bank. |
| * |
If you feel that your Online Banking ID and/or PIN have been stolen or compromised, change your PIN online and notify Foundation Bank immediately at 425-691-5000. |
| * |
Change your PIN on a regular basis. We recommend changing your PIN every 60 to 90 days. |
| * |
Do not use the same PIN for various websites. |
| * |
Never e-mail your PIN or respond to an e-mailed request for your PIN or other confidential information. We will never ask you to submit confidential information in an e-mail. |
|
Email Security Guidelines
| • |
Question suspicious emails. We will never send you an email asking for your online ID or passcode. |
| • |
If you receive an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it. |
| • |
If you think you may have provided personal or account information in response to a fraudulent email or website, report the fraud immediately, change your passcodes, and monitor your account activity frequently. |
| • |
Avoid clicking on links provided in emails. It is always better to type the address into your browser. |
| • |
Open email attachments only if you know the sender. It is best to scan attachments with your anti-virus software prior to opening. |
| • |
Most computer files have filename extensions, such as ".doc" for documents or ".jpg" for images. Any file that appears to have a double extension, like "heythere.doc.pif" is extremely likely to be a dangerous file and should never be opened. |
| • |
Never open email attachments that have file endings of .exe, .pif, or .vbs. These are file extensions for executables, and are commonly dangerous files. |
| • |
Be careful and selective before providing your email address to a questionable website. Sharing your email address makes you more likely to receive fraudulent emails. |
| • |
Confirm the validity of all requests for sensitive personal, financial, or account information, particularly if they are made with an urgent or threatening tone. |
| • |
Confirm requests for personal or account information by going to the company's website directly. Open a new browser window, type the Web address, and check to see if you must actually perform any activity that an email may be asking you to do, such as change a passcode. |
|
