(NEW) Changes to Internet Banking Secure Login Process
On June 16, 2014, Internet Banking security was enhanced
to strengthen the Multi-factor Authentication (MFA) process. Based on research on MFA
and fraud risk mitigation, the authentication process for Internet Banking users
was modified by reducing the number of opportunities to correctly answer security
challenge questions and increasing password strength criteria.
Formerly, users select three security challenge questions to be presented during MFA,
and had up to three opportunities to correctly answer those questions. As of June 16,
2014, the new process provides users with three opportunities to correctly answer one
of their identified security challenge questions. Users who do not correctly answer
their security challenge question will be locked out of Internet Banking, and only
the Independent Farmers Bank can unlock or reset the MFA.
In the past, password strength criteria was six characters containing at least one letter,
one number, and one special character. Password strength criteria has been updated as follows:
- Password must contain:
- At least Eight Characters consisting of at least:
- 1 Upper-case Letter
- 1 Lower-case Letter
- 1 Number
- 1 Special Character, such as (!@#$%^&*?)
Users who do not correctly enter their password after three attempts will be locked out
of Internet Banking, and only the Independent Farmers Bank can unlock or reset the password.
Security Standards and Requirements
Independent Farmers Bank safeguards information according to established security standards and procedures in order to keep your financial information secure and confidential. In addition, we continually assess new technology for protecting information and have external vendors perform regular audits of our system. The result is a "distributed security" network, one that ensures protection throughout the banking process.
Distributed security means that, rather than rely on one security measure, Independent Farmers Bank uses many lines of defense to protect your account information, including encryption, firewalls, timed log off, virus protection, and a secure login process. Whether you're enrolling online for Internet Banking, transferring money or paying your bills, you can depend on your accounts and your account information being safe.
Independent Farmers Bank uses 128-bit Secured Socket Layer (SSL) encryption for customer online transactions, the highest level of security available. Each session uses a unique master key to encrypt messages. Encryption is a communications process that scrambles private information to prevent unauthorized access as information is being transmitted between your browser and IFB Internet Banking. Once you sign off, the master key used for that session becomes useless, since it is only good for one session.
Before you are able to login to IFB Internet Banking, you must be using an Internet browser that supports 128-bit SSL encryption.
Browsers compatible with IFB Internet Banking include:
- Internet Explorer 6.0 or greater
- Mozilla Firefox 3.0 or greater
Top of Page
Independent Farmers Bank's computer system does not connect directly to the Internet, as every system that interacts with the Internet is at risk of attack from hackers. To protect our systems that interact with the Internet, we use firewall technology to prevent unauthorized access. A firewall is a system that blocks unauthorized interactive access from individuals or other networks.
In addition, we use outside security experts to attempt unauthorized entry, both internally and externally, to ensure our systems are secure. We also monitor our systems for unauthorized entries, and log any such attempts.
Users of Internet Banking should have a firewall in place to keep their personal computers secure. Windows XP and Vista contain software firewalls that are usually turned on by default. Users of DSL, Wireless Internet, or Satellite Internet may also have hardware firewalls in place (many DSL routers also function as firewalls). If you are unsure, contact your Internet Service Provider or a reputable PC repair shop. They can make recommendations.
Timed Log Off
There is a 10-minute time limit on any Internet Banking screen, regardless of keystrokes. If 10 minutes has elapsed on your current screen, or you forget to log off, IFB Internet Banking does it for you by ending your current banking session automatically. Once the account session has been terminated, no one will be able to access your secure information. You will be returned to the login screen on your next selection, and will need to log back in with your User ID and Password to access your IFB Internet Banking Service.
Top of Page
Computer Virus Protection
We use sophisticated tools to detect and prevent computer viruses and malware from entering the bank's computer network systems.
Users of Internet Banking should have anti-virus protection installed on their personal computers in order to detect and prevent computer viruses or malware from entering their systems. If your computer is infected, compromise of confidential information is possible. Contact a reputable PC repair shop or your ISP for recommendations on appropriate anti-virus and anti-malware software.
IFB Internet Banking uses Dual Authentication for the secure login process.
All information is sent via a 128-bit SSL encrypted session. Upon enrollment,
you will be asked to create a unique User ID and password. You will also be asked
to answer a set of questions that will function as a security challenge. For added
security, Independent Farmers Bank does not have access to your password. After 3 (three)
incorrect attempts at your password or three incorrect attempts at your security question,
your account will be locked-out: you will need to
contact Independent Farmers Bank to have it reset.
Independent Farmers Bank takes numerous steps to keep your accounts and personal information secure, but you also play a role in maintaining the security of your banking information. Here's what you can do:
Protect the confidentiality of your User ID and Password!
- Before you can use the Service, you must obtain a User ID and Password. Our online enrollment form permits you to select a User ID of your choice. For security purposes, each User ID must be unique, be at least 6 characters long, and contain a combination of at least one alpha character, and one number or special character.
- After your Internet Banking enrollment, you will be issued a one-time 16-character password. You will use this password along with your User ID to gain initial entry to your account. Once logged on, you will be required to change your password. The password is case sensitive, must be at least 6 characters long (the longer the more secure), and contain at least 4 alpha characters, 1 number and 1 special character. If you do not meet the password requirements, you will receive an error and must try a different password. Because your password will permit entry into the IFB Internet Banking Service and allow transfers to be made from/to your accounts, you agree to keep your password confidential.
Create a good password and keep it a secret!
- Creating a good password and keeping it a secret is essential to keeping your account secure. As you are responsible for what occurs with your User ID, it is strongly recommended that you follow these guidelines to prevent someone from obtaining your password and abusing your account:
- Make your password unique to you and change it regularly. By default, the Internet Banking system will require you to change it every 180 days.
- You should never use a password that would be easy for others who know you to guess, or one that a common password cracking utility could find (e.g., your name, address, anniversary, common dictionary words, or sequential numbers, letters or special characters - abc123!@#)
- Memorize your password. Your online password authenticates you when you begin an Internet Banking session. You should memorize this password and never write it down anywhere or reveal it to anyone.
- Do not share your password with anyone. Sharing your User ID and password with another gives access to your account, giving that individual authority to use your name in a transaction.
- Do not say your password out loud.
Log off when you are not using Internet Banking
- We recommend Internet Banking users complete online transactions and log off before visiting other sites or turning off their PCs. We also suggest they do not visit other sites when logged on to the Internet Banking Service.
- In addition, you may not always be at your own computer when you bank online. Therefore, it's important to log off when you're finished banking. If you forget to do so, IFB Internet Banking automatically times-out after 10 minutes of inactivity. Using public computers for Internet Banking is highly insecure and is not recommended.
Use a current version of your Internet browser
- As mentioned above, Internet Explorer 6.0 or greater or Mozilla Firefox 3.0 or greater are recommended for use with Internet Banking to ensure optimum security.
However, if you choose not to use one of these browsers, please be sure your browser complies with industry security standards, such as Secure Socket Layer (SSL). In addition, we recommend the following to maintain the security of your Internet Banking Service:
- Use your browser's built-in security features. Choosing certain security settings and options will help protect the privacy of your accounts and personal information.
- Always update your browser when new versions are released. They often include new security features.
- Check your browser for built in safety features that you may or may not elect to use.
Ensure your information is secure:
- Sending sensitive information such as your social security number, account number, or other personal data over the Internet can be dangerous. You should validate the reputation of the company you are doing business with and communicate over a "secure" means of transmission. Before sending private information on the Internet, make sure you are using a "secured" connection.
- When you sign in to Internet Banking from the Independent Farmers Bank web site, your user ID and password are sent over the Internet from your computer to the Internet Banking servers using Secure Socket Layer (SSL) technology. SSL encrypts your personal information before it leaves your computer, ensuring that no one else can read it.
After you log in, you can check that your Internet Banking session is secure in two ways:
- Look for the small padlock icon usually located in the lower right hand corner of your Web browser window. A closed, or locked, padlock indicates a secure connection. For Internet Explorer 7, it is located in the address bar. The full address will display in green, with the name “Precision Computer Systems Inc [US]” next to the padlock.
- Look for the letters "https://" at the beginning of the Web site address or URL in your Web browser. The "s" means secure.
In addition, we suggest you do not keep sensitive information on any of your hard drives, and keep financial data on a removable disk or CD in a secure location.
You are responsible for keeping your online password, account numbers, personal identification information, and other account data confidential:
- Do not give or disclose any part of your User ID and Password to anyone. Bank employees will request your User ID when accessing your account profile, but should never ask for your Password.
- Do not have your account information, including your computer screen, out in an open area accessible by others.
- Do not send your User ID and Password or account information over any public or general e-mail system.
- Do not release any personal information on the phone, in the mail, or over the Internet unless you initiate the contact or are certain you know whom you're dealing with.
- Contact us immediately if there are charges on your account you don't recognize.
- Do not leave your computer unattended while you are connected to the Internet Banking Service.
- Be sure to log off of the Internet Banking Service when you have completed your session. If you forget to log off and there has been no activity for 10 minutes, Independent Farmers Bank will automatically end the session. After your service has "timed-out," you will need to log back on with your User ID and Password.
Top of Page