Security

• Why has the log on process changed?
• Why am I being asked to answer security questions when I log in?
• How do I avoid answering the security questions every time I log in?
• What is a personal message?
• Does the web site use cookies to gather information about me or my PC?
• Can I remove cookies from my PC?
• How secure is 24 Hour Banker Online?
• What can I do to protect my accounts and personal information while I am banking online?
• What are your password security requirements?
• What if I think someone may know my User ID or Password?
• What is encryption?
• How is encryption used, and how does it relate to me?
• How do I know if my banking session is encrypted?
• What is cache?
• How can I check for cache on my computer?
• Do you cache my information?
• Can I use the back button?
• What level of encryption protection does 24 Hour Banker Online support?
• How secure are my accounts and transactions?
• How do Web sites collect information?
• Where does my information go when I provide it online?
• What are cookies? Can I get rid of them?
• Why should I accept cookies?
• How do I accept cookies?
• What is spamming?
• What can I do if my credit card number or other personal information is being used fraudulently?

Why has the log on process changed?

We are providing more protection for you during the log in process.  We have added an additional layer of security (besides a password) that is stored in a cookie in your browser. Note: Your internet browser must allow first-party cookies. Our web site will look for this cookie when you log in as additional assurance that your password has not been stolen and is being used from a different computer.

Why am I being asked to answer security questions when I log in?

We require you to provide answers to security questions to help identify you in certain situations. There are a few reasons why you are asked to answer security questions when logging into your account.

1. You are a new user and need to enroll your account online for the first time.
2. You are manually deleting your cookies.
3. You have your PC security software on a very high setting that deletes 'first party' cookies. Most PC security software deletes only 'third party' cookies, but the setting can be changed to include 'first party'.
4. You are using a different browser or PC each time you go to the web site.
   
   

How do I avoid answering the security questions every time I log in?

Depending on the situation, you can:

1. When manually deleting cookies, be careful not to delete our cookie.
2. Change the setting on your PC security software to delete only third party cookies, or add our cookie to the 'safe cookie' list.
3. Log on to our web site from browsers that you have already set up with our cookie.
   
   

What is a personal message?

Upon enrolling your account you will create a personal message. Look for this message each time you log in! A fraudulent site will not have access to this information, so it will be missing. Beware of broken links where your personal message should be. If you get a broken link, type our web address directly into your browser address line and try again.

Does the web site use cookies to gather information about me or my PC?

No. The cookie is used to help identify you at login, but does not gather information about your PC or look at any information on your PC.

Only our web site can read our cookie. It is used only at login, and is not used to track your activities on the Internet.

Our cookie contains only an encrypted numeric identifier with some anti-tamper content, and does not track any of the information on the web pages or any transactions you do. The cookie is unaware of the transaction, it's type, amount and does not store any personal information about you.

Can I remove cookies from my PC?

Yes. Most PC security software will allow you to remove cookies. Note that after you delete our cookie, if you log in from the same browser again, you will be prompted to answer your security questions.

How secure is 24 Hour Banker Online?

• With 24 Hour Banker Online, customer information and account data is protected by several state-of-the-art safety features: firewalls, data encryption and Password verification.
• Your User ID and Password are known only by you, so only you can access your accounts. Your software provider and Washington County Bank do NOT know your Password. 24 Hour Banker Online will not send any account information to your computer unless your unique User ID and Password are entered correctly.
• Your secure session will automatically terminate if you do not conduct transactions for 10 minutes. If this happens, you will have to logon again to access your accounts.

What can I do to protect my accounts and personal information while I am banking online?

• Memorize your User ID and Password. It is essential that you do not reveal your User ID and Password to anyone! We also recommend that you do not use easily verifiable information such as birth dates, social security numbers and addresses when selecting your Password and User ID.
• Frequently change your Password. You can easily change your Password online in the Update Information section.
• Completely sign off after each online session. For security purposes, 24 Hour Banker Online will automatically sign you off after 10 minutes of inactivity.

What are your password security requirements?

It is important to create a password that is secure yet easy to remember. For more secure passwords, avoid using common words, family names or birth dates. 

The use of varied characters such as numbers, capital letters and lower case letters will increase the strength of your password. Passwords must be an 8-20 letter and number combination containing upper and lower case letters with no special characters or spaces.

Our Password Strength Meter assists you in creating a more secure password for your online account. As you type, the Password Strength Meter will display the strength level of your password: Weak, Moderate or Strong.Your password must meet the Moderate or Strong level to be accepted for online account access.

What if I think someone may know my User ID or Password?

If you believe that someone else knows your User ID or Password, please call an Online Representative immediately at 1 (877) 251-4363, to assist you in changing your information. Also, you can change your Password online in the Update Information section. We suggest that you change your Password at least once a month for added security.

What is encryption?

Encryption is the encoding of a file in order to protect its contents. This entails a word or a group of words essentially written in a secret code language - a language that is useless to anyone but you and your bank, to protect that message from unwanted viewing or tampering. The term "encryption" is a computer-age extension of the term "cryptic," which means something being hidden or mysterious.

How is encryption used, and how does it relate to me?

Encryption, in all of its forms, is a major reason why we can offer you 24 Hour Banker Online. Basic encryption involves the transmission of data from one party to another. The sender encodes the data by scrambling it, then sends it on. The receiver must decode the data with the correct "decoder" in order to read and use it. Your computer, as well as our computer system, recognizes the mathematical formulas of the encrypted messages during transactions. The more powerful computer system you possess on your end, the higher level or grade of encryption you can use. There are two types of encryption that you should be familiar with - domestic grade and international grade - when deciding how you will do your remote or PC banking. Domestic grade encryption, also called 128-bit encryption, is a much faster and more powerful form of encryption. On the other end of the spectrum would be 40-bit, or international grade, encryption. The 40-bit means that there are two to the 40th power of possible keys that could access your account information, but only one that could be used per Internet banking transaction. This essentially means that the chances of cracking the code for a particular transaction in 40-bit encryption are very, very small. The 128-bit encryption requires more computer processing power than 40-bit encryption but is more secure. In fact, 128-bit encryption is 309,485,009,821,345,068,724,781,056 times more powerful than 40-bit encryption.

How do I know if my banking session is encrypted?

You can determine when encryption is being used on the site by looking at the following icons on your browser. You can also verify that you are in a secured site when you see https:// in the address line. Microsoft Internet Explorer displays these icons in the lower right corner of your browser. Netscape Navigator's icons are in the lower left corner, and Netscape Communicator displays the icon on the top toolbar.

Browser Encrypted Not Encrypted Microsoft Internet Explorer No icon Netscape Navigator or Communicator

With Netscape Communicator 4.6 or later, you can double click on the security icon to obtain more security information about the site you are viewing.

What is cache?

Cache is a temporary holding place in your computer (a.k.a. memory). As you visit Internet sites, certain pieces of the page (graphics, etc.) can be stored in cache. Depending on you browser settings, your browser may look for pieces of the page to be stored in cache as you are reviewing Internet sites.

How can I check for cache on my computer?

Internet Explorer:

• Select the Tools option from the top menu bar within your Internet Explorer browser.
• Select Internet Options from the drop-down list.
• A new window will appear, select the tab titled General at the top of this new window. (This may already be the default selection as you enter Internet Options.)
• In the section titled Temporary Internet files, click on the Settings button.
• In the Setting dialog box, click on the View Files button.
• Here you can view all the files that have been cached on your system by Internet Explorer.
• If you would like to delete these fields or some of the files, you may do so by highlighting each item to delete and pressing the delete button on your keyboard. To delete all cache, select Edit from the menu bar and Select All, then press delete.

Note: This will only delete cache files accessed through your Internet Explorer browser. If you have more than one type of browser on your computer, there may be other cache files in different folders of your hard drive. If there are any cookies stored, a warning will appear asking if you are sure you want to delete the selected cookies. Selecting "Yes" will delete any selected cookies stored for various Internet sites. More information on cookies can be found in additional FAQs below.

Netscape:

• Find the Preferences option from the top menu bar within your Netscape browser. This may be listed under View or Edit, depending on which version of Netscape is being used.
• A new window will appear, select Advanced from the left menu of the window. This will expand and display the Advanced list of options.
• Select cache from the Advanced drop down list. Cache information will appear on the right side of the window. In this area you can designate where cache will be stored, memory cache size, and disk cache size. You may also clear memory cache or disk cache. Netscape does not allow you to open the cache folder from this window, but if you would like to view cache, this window will provide information as to where your cache is currently stored.
• To view the cache files you must open the file folder on your computer's hard drive using the designated path currently listed in the Disk Cache Folder.
• For Microsoft Windows users this can be accomplished by highlighting the Disk Cache Folder file name, right click your mouse and select Copy. Select Find from your start menu. Select Files or Folders, then right click the mouse and Paste the file name into the Named field of the Find dialog box. Then press the Find Now button. This will display a list of all files in the Netscape cache folder.

Note: Deleting these files will only delete cache files accessed through your Netscape browser. If you have more than one type of browser on your system, there may be other cache files in different folders of your hard drive. If there are any cookies stored, a warning will appear asking if you are sure you want to delete the selected cookies. Selecting "Yes" will delete any selected cookies stored for various Internet sites. More information about cookies can be found in additional FAQs below.

Do you cache my information?

No. A cache is a stored file on your computer's hard drive. When dealing with sensitive and secure data, we do not want the computer to store the information on your hard drive.

Can I use the back button?

When using the back button on a non-secure site, a cache, or a file stored on your computer's hard drive, is created. On some secure sites, the back button is disabled. On other secure sites, the back button can be used, but instead of caching information, it allows the system to pull your information from the site's secure server. On Washington County Bank's secure site, we do not cache information, but allow our customers to access their data again by using the back button.

What level of encryption protection does 24 Hour Banker Online support?

All transmission of customer information through direct access is encrypted using 128-bit encryption technology.

How secure are my accounts and transactions?

Protecting the privacy and security of your confidential financial information is our first priority. 24 Hour Banker Online provides end-to-end encryption to secure transactions while in transit. Your accounts are also protected with a Password known only to you. Only you can access your accounts and authorize payment. To gain a greater level of protection, we recommend changing your password(s) on a regular basis and not using birth dates, first or last names, or other documented numbers or letters that may be easy to locate. Only you know your private Password, so you can be confident that your data is secure. Your Password is NOT known to your software provider or 24 Hour Banker Online.

How do Web sites collect information?

Information can be collected in several ways, but typically "personally identifiable information" (information that can be traced to a single user) isn't gathered on a widespread basis. Most information collected online is "usage data," or data limited to where an individual visits within a site and/or how much time is spent at a particular site. Online services, for example, may track sign-on and sign-off times for billing purposes. Individual Web sites (whether companies or individuals) may gather certain kinds of information about you when you visit their site. Many sites limit information gathering to broad usage statistics. Some Web site operators may collect information about you through your e-mail address, the means by which you connect to their site, by the use of "cookies" or voluntary questions directed at users.

Where does my information go when I provide it online?

You can reasonably assume that some level of information tracking will be done when you logon to the Internet. But unless a site or service provider posts its information gathering and dissemination practices, it's up to you to inquire about them. It's also up to you to decide whether you want to provide your name, mailing address, phone number or any other personal information if a Web site asks you to register.

What are cookies? Can I get rid of them?

Some Web sites transfer a file, often referred to as a "cookie," to your computer's hard drive, which enables them to track your activities on their site. While a code in the cookie file allows a site to label you as a particular user, it doesn't reveal your real name and address unless you've provided the site with such information or set up preferences in your browser to do so automatically. Newer versions of browser software enable you to decide whether you want to receive cookie files, and some programs notify you when a Web site is about to deposit a cookie file. To check whether cookie files have been placed on your computer, look for a hard drive file called "cookies.txt" if you have an IBM compatible PC or "magic cookies" if you have a Macintosh. You can delete these files from your hard drive. There are also utility software programs, called "cookie cutters" or "anonymizers" that allow you to edit cookie files selectively within Web browsers.

Note that after you delete our cookie, if you log in from the same browser again, you will be prompted to answer your security questions.

Why should I accept cookies?

Your browser must accept cookies in order to access 24 Hour Banker Online. 24 Hour Banker Online uses a cookie to maintain authentication between our application server and your browser. The cookie holds a key, which is used to verify customer authentication. This ensures that we are maintaining a secure connection. If your browser does not accept cookies, we are unable to maintain authentication between your browser and our application.

How do I accept cookies?

Your browser must be configured to accept cookies.

Internet Explorer:

• Select the Tools option from the top toolbar within your Internet Explorer browser.
• Select Internet Options from the drop-down list.
• A new window will appear, select the tab titled Security at the top of this new window.
• Click on the button titled Custom Level.
• Scroll to the section titled Cookies.
• Select Enable for the following options:
  -Allow Cookies that are stored on your computer.
  -Allow per-session Cookies (not stored).

Netscape:

• Find the Preferences option from the top toolbar within your Netscape browser. This may be listed under View or Edit, depending on which version of Netscape is being used.
• A new window will appear, select Advanced from the left menu of the window. This will expand and display the Advanced list of options.
• Select Cookies from this list. This will be your top option.
• On the right side of the window, you will see a section titled Cookie Acceptance Policy. Depending on which browser version you have you will see an option that reads:"enable all cookies" or "accept all cookies". Select this option.

What is spamming?

Spamming is the practice of sending unsolicited electronic mail to many users simultaneously. The e-mail message itself is referred to as "spam."

What can I do if my credit card number or other personal information is being used fraudulently?

To prevent credit card misuse, don't give out your credit card number online unless you know and trust the requesting Web site, or are assured that proper security protocols are in place. To ensure security, your credit card number should be encrypted using the latest software technology. Don't believe a Web site that tells you that your information doesn't need to be encrypted, and contact companies providing the encryption technology to check whether it's actually being used as advertised.

If your credit card or personal information is being used fraudulently, immediately contact (by phone and in writing) your card issuers and all creditors with whom your credit card number or name has been used, or may be used. Also contact the fraud units of the three major credit reporting companies: Experian (www.experian.com), Equifax (www.equifax.com), and TransUnion (www.transunion.com). Request that your credit report be flagged for potential or actual fraud, and inquire about attaching a "victim's statement" to your report.

Beyond the initial reporting steps, there are many avenues available for dealing with or obtaining information about the varied aspects of credit card or identity theft. Two primary resources are US Government Consumer Identity Theft site (www.consumer.gov/idtheft) and the Federal Trade Commission web site (www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm).

Return to top