Online Banking Security

Our Online Banking system uses many lines of defense to protect your account information. From authentication, SSL, exclusive encryption software, high-end firewalls, and automatic sign-off, your information is always safe -- it’s like having a bank vault online.


SSL

SSL stands for "Secure Socket Layer." This technology allows users to establish sessions with secure Internet sites - meaning they have minimal risk of external violation. Once inside the Online Banking site, our use of SSL technology keeps you and your account information secure.

Encryption

Encryption turns meaningful words and phrases into coded language. Everything that you do during your Online Banking session becomes a string of unrecognizable numbers before crossing the Internet. Your account information will read as gibberish to everyone but you and our financial institution. All of your Online Banking sessions will be encrypted. We employ the strongest forms of cryptography that are commercially available for use over the Internet.


We take numerous steps to keep your account information secure. However, you must take precautions as well. Follow these tips to increase your online security:

General Computer/Network Security

  • Update your software frequently to ensure you have the latest security patches. This includes your computer’s operating system and other installed software (e.g. Web Browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.).
  • Automate software updates, when the software supports it, to ensure updates are not overlooked.
  • Maintain active and up-to-date antivirus protection provided by a reputable vendor. Schedule regular scans of your computer in addition to real-time scanning.
  • If you suspect your computer is infected with malware, discontinue using it for banking, shopping, or other activities involving sensitive information. Use security software and/or professional help to find and remove malware.
  • Use firewalls on your local network to add another layer of protection for all the devices that connect through the firewall (e.g. PCs, smartphones, and tablets).
  • Password-protect your computer network (wired or wireless). Log off or lock your computer when not in use.

General Online Security

  • Never click on suspicious links in emails, tweets, posts, or online advertising. Links can take you to a different web site than their labels indicate. Typing an address in your browser instead of clicking a link in an email is a safer alternative.
  • Only give sensitive information to web sites using encryption so your information is protected as it travels across the Internet. Verify the web address begins with “https://” (the “s” is for secure) rather than just “http://.” Some browsers also display a closed padlock.
  • Do not trust sites with certificate warnings or errors. These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
  • Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information when possible.
  • Always “sign out” or “log off” of password protected web sites when finished to prevent unauthorized access. Simply closing the browser window may not actually end your session.
  • Be cautious of unsolicited phone calls, emails, or texts directing you to a web site or requesting sensitive information.

Password Best Practices

  • Create a unique password for all the different systems you use. If you don’t, then one breach leaves all your accounts vulnerable.
  • Never share your password over the phone, in texts, by email, or in person. If you are asked for your password, it’s probably a scam.
  • Use unpredictable passwords with a combination of lowercase letters, capital letters, numbers, and special characters.
  • The longer the password, the tougher it is to crack. Use a password with at least eight characters. Every additional character exponentially strengthens a password.
  • Avoid using obvious passwords such as
    • your name
    • your business name
    • family member names
    • your username
    • birthdates
    • dictionary words
  • Choose a password you can remember without writing it down. If you do choose to write it down, store it in a secure location.

Cumberland Security Bank and Your Log-In Credentials

We will never call, email or otherwise contact you to request your access ID, password, or other log-in credentials for the online services we offer.  If you receive such a request, do not provide any information.  Contact us at (606) 679-9361 to report the incident. We may, however, request your access ID, social security number or other personal information to verify your identity if you contact us requesting assistance with online services.

Reporting Suspicious Activity

If you see suspicious activity on your account(s) or have received a suspicious call, email, letter or other similar contact regarding your relationship to Cumberland Security Bank, call (606) 679-9361 or visit your local branch.

Consumer Protection – Regulation E

Regulation E provides rules for error resolution and unauthorized transactions for electronic fund transfers, which includes most transactions processed online. In addition, it establishes limits to your financial liability for unauthorized electronic fund transfers. These limits, however, are directly related to the timeliness of your detection and reporting of issues to Cumberland Security Bank. For this reason, we encourage you to immediately review your account statements and to regularly monitor your account activity online.

The "Electronic Fund Transfers" disclosure provided to you at the time of account opening provides detailed information. We will provide to you, upon request, a free printed copy of this disclosure.

Note: Regulation E does not apply to business accounts.

Additional Information for Business Users of Online Services

Due to their size and frequency, business transactions are inherently more risky than consumer transactions.  In recent years, there has been an increase in the number of online corporate account takeovers and unauthorized online fund transfers involving business accounts.

Recently, small- to medium-sized businesses have been primary targets as cyber criminals have recognized that the security controls they have in place are not as robust as those of larger businesses.  Analysis indicates enhanced controls over administrative access and functions related to business accounts and layered security using multiple and independent controls would help to reduce these types of crime.

Recommended enhanced controls for businesses:

  • Perform a periodic risk assessment and an evaluation of the effectiveness of the controls in place to minimize the risks of online transaction processing.
  • Business customers should understand the security features of the software and web sites they utilize and take advantage of these features.  Segregation of duties—the process of separating duties so no one person can perform all steps of a transaction—is an example of a very important security feature.

Copyright 1998-2013. All rights reserved. Cumberland Security Bank, 107 South Main Street, Somerset, KY 42501 | 606-679-9361