When you use online banking, you can rest easy knowing that having a safe and secure online and mobile banking environment is our number one priority. We provide the information here to educate you on ways that Monson Savings ensures the security of your account data and log in information.
Privacy and Security
The privacy and security of the communications between you (your computer or mobile device's internet browser) and our servers is ensured using cryptography. Cryptography scrambles data exchanged between your browser and our online banking server. Encryption happens as follows:
- When you go to the sign-on page for online banking, your browser establishes a secure session with our server. This secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption.
- This protocol requires the exchange of what are called public and private keys. Keys are random numbers chosen for that session and are only known between your Internet browser and our online banking server.
- After the keys are exchanged, your browser will use the numbers to scramble (encrypt) the data sent between your browser and our server. Both sides require the keys because the data needs to be de-scrambled (unencrypted) when it is received.
The SSL protocol not only ensures privacy, but also ensures that no other browser can "impersonate" your browser, nor alter any of the data that is transmitted. You can tell whether your browser is in secure mode by looking for a lock symbol at the bottom of your browser window.
The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations that a lock can have. As the number of possible combinations increases, it becomes less likely that anyone or any other computer would be able to match the combination in order to decrypt the message. Internet browsers offer 40-bit or 128-bit encryption. Both result in a large number of combinations, 2 to the 40th and 2 to the 128th power. Our online banking servers require the use of 256-bit encryption to ensure the highest level of security for your data.
An additional level of security is achieved through the use of proxy-based firewalls which route only authorized traffic, your log in attempt and requests for account data, to our online banking servers. These firewalls isolate your account data from the outside world and protect it from all unauthorized traffic.
Effective May 2014, an Extended Validation Certificate (EV) will replace the pass phrase/image feature for access to Internet Banking. The certificate will change the Online Banking website URL address bar to green, providing customers with a visual confirmation that they are on a valid website. Additionally the name FISERV, Inc will appear in a new field to the right of the URL address bar.
Information Collected on the Internet
The law requires parental consent to collect or use information from a child under 13. We do not knowingly collect personal information from children under the age of 13. Please do not provide us with any personal information if you are under the age of 13.
Monson Savings Bank may also collect non-personal information about you or your online activities whenever you visit our web site. We may use standard software to collect non-identifying information about our visitors, such as:
- Date and time our site was accessed
- IP address (A numeric address given to servers connected
- Web browser used
- City, state, and country
The information detailed below may be collected and used to measure the number of visitors (but only in an aggregate and non-personally-identifiable form) to Monson Savings Bank's web sites and web pages, and to help make the web site more useful.
- Use of any financial tools and calculators on our web site
- The dates and times that you access a Monson Savings Bank web site
- the web pages you visit
- If you link to a Monson Savings Bank web site from other web sites, the address(s) of the other web sites
- The types and versions of browser and operating systems you use to access a Monson Savings Bank web site
- The Internet Service Providers ("ISP") and Internet Protocol ("IP") addresses from which you access a Monson Savings Bank web site (an IP address is a number that is automatically assigned to your computer whenever you are surfing the web)
- The actions you try to perform (for example, downloading a document) and whether you are successful
Monson Savings Bank may place "cookies" on your computer when you visit our web site. These are files that enable our web site to recognize return visitors. Cookies are lines of text that are transmitted to your web browser when you click on a link. Your browser stores the information on your hard drive and when you return to that site later, the cookie is transmitted back to the server that originally sent it to you. If you are an online banking customer and you choose to accept your computer as a secure device, a cookie will be placed on the device so you do not have to answer the security questions every time you log in. This is the only information stored and it is only stored on your personal device. Monson Savings Bank does not store any of your personal information in our cookies. The cookies we use are only for site management purposes and do not contain any sensitive information such as your password or account number.
One of the most important security aspects of online banking is ensuring only authorized users log into online banking. We do this by requiring each user to create their own customer ID and password. When you submit your information to log in, it is compared to the data we have in our secure online banking server and either grant or deny you access to your account information. After a number of unsuccessful log in attempts, your account access becomes "locked" and cannot be accessed again until you call us to reinitialize your account. We monitor bad log in attempts to prevent someone from trying to guess your customer ID and password.
Remember, you play a crucial role in preventing unauthorized access to your online banking:
- Never use customer IDs or passwords that are easy to guess, such as:
- Names, addresses, and phone numbers
- Birth dates, social security numbers, etc.
- Never reveal your customer ID and password to anyone
- Do not let others watch you enter your customer ID and password
- Always use the log off button instead of just closing the browser
- Ensure the wireless network you use is password-protected, and choose a strong password and update it frequently for your work and home wireless networks. Likewise, always use a passcode on your mobile phone or tablet to stop an unauthorized user from accessing your device.
- Never respond to text messages, emails or phone calls from companies alleging to be your bank, government officials or business representatives that request your banking ID, account numbers, user name or password. We will NEVER call or e-mail you to ask for this information.
We recommend that you change your customer ID and password periodically by using the appropriate function in the User Options of your online banking.
Monson Savings Bank stands behind the security of our Online Banking product and that is why we offer you this pledge:
You will not be held liable for any funds improperly removed from your account as a result of online theft of your customer ID and password. This especially includes any loss due to the security features of Monson Savings Bank's Online Banking being compromised.
You are, of course, responsible for keeping your customer ID and password, and any other personal financial information, confidential. Monson Savings Bank is not responsible for losses incurred due to the misuse of this confidential information.
If you have additional security questions or need to contact us about stolen information or fraudulent activity, please call 413-267-4646.