What does Mountain West Bank recommend for Mobile Banking Security?
How can I download FREE additional security software, Rapport by the security experts at Trusteer, Inc.? What is Rapport security software?
Debit Card Guard is an anti-fraud service that sends text alerts to your mobile phone or other enabled device. When certain types of transactions take place, this added layer of security alerts you to possible fraudulent use of your card.
If you receive a text about a transaction you think is fraudulent, you can reply immediately and your card will be blocked from all further activity. The text alert will also describe how to respond in order to stop the current transaction right from your mobile device.
How it works:
This free service will send you a text alert for your enrolled Mountain West Bank Visa® debit or ATM cards if any of the following events/transactions occur:
- Authorizations over $500 - text message will be sent if an authorization over $500 occurs.
- Five or more authorization sin 24 hours - text message will be sent if five (5) or more approved authorizations take place within a 24 - hour time period.
- Card not Present - text message will be sent for an authorization done via Internet, phone, or other instances where you are not physically present for approval of your card transaction
- Declined Authorizations - text message will be sent for all declined authorizations.
Here's an example of an alert:
Guardian Alert on card 1234 at XYZ Store for $500.00. Reply A1234NO if unauthorized. Reply STOP to cancel alerts.
If you receive this message and the purchase is legitimate, do nothing. If the purchase is fraud, reply "A1234NO" and your card will be blocked. This service can be cancelled anytime by replying with the message "STOP". *
- Enrollment enables the service for one year.
- Prior to expiration, you will be notified and will be able to text a reply to renew.
- Changing mobile service providers may require you to re-enroll your mobile device.
- The cell phone or mobile device must have the ability to send and receive text messages and the use of "short codes" must not be blocked.
- You are responsible for any text messaging fees from your phone or tablet service carrier.
Message and data rates may apply. Enroll for this valuable service today
Firewalls & Routers
Mountain West Bank, Division of Glacier Bank, has implemented a system of firewalls forming a barrier between Mountain West Bank's internal systems and the Internet. All incoming customer information and requests are routed to the firewall, which verifies the source and destination of each piece of information. The firewall modifies the information before delivering it to Mountain West Bank's internal systems. All internal information is protected, keeping the structure of our network secure. We are able to monitor all activity within Online Banking, including logins, logoffs and access violations. This allows for quick identification of any suspicious activity.
Secure Data Storage and Encryption
Confidential information or highly sensitive data is stored securely. We store sensitive data in encrypted form and implement stringent access controls. The following are two common ways to secure sensitive data. Both methods are incorporated into our Mountain West Bank system:
1.) When your information is traveling over the Internet, it is encrypted. Encryption technology disguises information to hide its meaning and enhances confidentiality by restricting information access to only intended users. Encryption-based methods can also be used to verify message authenticity and accuracy. Information is encrypted and decrypted with a cipher and key using special computer hardware or software. Secrecy of the key and complexity of the cipher are crucial for the success of encryption controls. When you initiate an Online Banking session with Mountain West Bank, our web server and your browser will communicate using the Secured Socket Layer (SSL) protocol and 128-bit encryption keys. (Mountain West Bank customers must use a version 4.0 or higher browser that supports Secured Socket Layer for maximum protection.) This means it would be virtually impossible for even a "super computer" to obtain messages and information coded with this technology.
2.) Firewalls are physical devices, software programs, or both enhancing security by monitoring and limiting access to computer facilities. They create a security barrier between two or more networks to protect Mountain West Bank's computer system from unauthorized entry. Filtering routers are incorporated into the firewall system to screen data traffic and direct messages to certain locations.
Federal law provides certain rights to consumers using electronic funds transfer services. See Mountain West Bank's Regulation E Disclosure (Electronic Fund Transfers) to understand your rights and liabilities.
What can I do to increase security?
You can easily provide additional security for your Online Banking transactions. Here are some important suggestions:
1.) Access Online Banking from a version 4.0 or higher browser for maximum security of your transactions.
2.) Keep your Online Banking password secret. Make sure no one is watching you as you enter your password.
3.) Change your Online Banking password frequently.
4.) If you leave your computer unattended while signed-on, your account is at risk. Remember to exit Mountain West Bank Online Banking before leaving your computer. For your protection, Mountain West Bank Online Banking has an auto-logoff set for 10 minutes. After the designated auto-logoff time has passed without activity on your Online Banking, you will be signed off.
5.) Take all possible precautions to keep your computer clean and free from viruses that could be used to capture password keystrokes or affect your hard drive.
Download a FREE additional security software, Rapport, offered by the security experts at Trusteer, Inc.
Will anchor to info below
There are items outside of our control that are your responsibility:
1.) Customer input errors
2.) Customer negligent handling or sharing of Online Banking Account numbers, Passwords / Personal Identification Numbers (PIN) leading to unauthorized access to accounts, and/or unreported theft to Passwords / PIN
3.) Customer's failure to complete the Online Banking session before properly exiting the system and/or leaving the computer unattended
4.) Failure to report known incidents of Password / PIN theft and/or unauthorized Online account access within 2 business days of discovery
How can I detect possible unauthorized transactions?
The best way to stay informed about your account and ensure your records match Mountain West Bank's is to view and reconcile transactions on a timely basis. Be aware of the activity in your account and contact us immediately to report any discrepancies.
The statement displayed through Mountain West Bank Online banking is for information purposes only, and is not equivalent at all times to the official statement information on records. The Mountain West Bank official statement record shall prevail if there is any conflict with information reflected on your Mountain West Bank Online statement.
For your protection, you need to report any discrepancy as soon as it is discovered.
How do I update my browser?
If you are not using a version 4.0 or higher, please contact your browser vendor for upgrade information and technical assistance.
E-Mail is not secure
Online Banking transactions are encrypted, but e-mail is not. Customers are encouraged not to send sensitive information over an e-mail system. If you have any questions about our Mountain West Bank Security Statement, please contact us at 765-0284 or 800-641-5401, or send us an e-mail, at firstname.lastname@example.org.
- Visit Online Onguard to keep up on current information regarding fraud.
Rapport is a security software application that provides online transaction protection and protection from online identity theft for consumers. You can use Rapport to protect your web browser sessions with any website that contains private or personal information. Examples include:
- Online bank accounts
- Mutual fund accounts
- Online brokerage accounts
- Email (such as Hotmail, Yahoo! Mail, and Gmail)
- Social networking sites (such as Facebook, Myspace, Orkut, and Linkedin)
- Insurance applications
- Personal medical information
- Online merchants (such as eBay, Amazon, Walmart.com, and Target.com)
Rapport is entirely transparent and does not require you to change the way you work or sign into these websites. It does not require any configuration or maintenance; you simply install and browse safely. Rapport further protects specific identities and sessions. Mountain West Bank has arranged for you to be able to download this software for FREE.
Trusteer Rapport protects you against the following threats:
A Keylogger is a malicious software that resides unnoticed inside your computer. The keylogger records keystrokes (i.e. each time you type something on the keyboard) and then sends this information to the attacker. By grabbing your sign-in credentials and other sensitive information and sending them to the attacker, keyloggers enable the attacker to sign into your accounts. Rapport encrypts your keystrokes and prevents keyloggers from reading sensitive information.
Malicious Browser Add-ons
Browser add-ons (e.g. toolbars, BHOs, plug-ins) control everything that happens inside your browser. A malicious add-on is capable of reading sensitive information such as your sign-in credentials and passing them to the attacker. It can also generate transactions on your behalf, such as transferring money from your account to the attacker's account. Rapport prevents unauthorized browser add-ons from reading sensitive information and tampering with your transactions.
A malicious program can connect to your browser and control everything that happens inside your browser. Such a program is capable of reading sensitive information (such as your sign-in credentials) and passing them to the attacker. It can also generate transactions on your behalf, such as transferring money from your account to the attacker's account. Rapport prevents programs from connecting to the browser, reading sensitive information and tampering with your transactions while your are logged into protected websites.
This malware takes screen shots and sends them to the attacker. Screen shots can include your account details, balance, and even credentials, if the website uses keypads in the login page. Rapport prevents taking screen shots while you are connected to protected websites.
This malware steals your session parameters with a specific website and sends this information to the attacker. These session parameters can then be used by the attacker to take over your session with the website and to bypass the authentication process that is required to log into the website. Rapport prevents access to session parameters while you are connected to protected websites.
A phishing attack is when the attacker builds a website that looks exactly like a website you know and trust (for example your bank's website). The attacker then convinces you to visit this website (for example by sending you a fraudulent email). When you arrive at the fraudulent website you mistakenly believe that this is the real website. As soon as you try to sign into this fraudulent website the attacker grabs your sign-in credentials and can now use them to sign into the genuine website on your behalf.
To protect you against phishing attacks Rapport learns the password (and sometimes even the username) you use with protected websites. Rapport then warns you each time you use the password or the username on a different website. Using this warning you can immediately understand that you are on the wrong website and prevent the password from being submitted.
Pharming or DNS Spoofing
A pharming or DNS spoofing attack is when the attacker causes your computer to go to fraudulent website each time you type a real website's address in the browser's address bar. The attack achieves this using various techniques such as infecting your desktop with malware or by compromising servers in your ISP's network. Once you arrive at the fraudulent website and try to sign in, the attacker grabs your sign-in credentials and can now sign into the genuine website on your behalf. To protect you against pharming attacks Rapport verifies the IP address and the SSL certificate of the website each time you connect to a protected website. If the verification fails, Rapport terminates the connection and establishes a new connection to the real website.
- Just like your personal computer, your mobile device needs attention to ensure your information is safe and secure. The following are recommendations to help protect you and your mobile device.
Protect your information
- Keep your mobile banking username and password private
- Verify you're on a secure site before you log in. For any website that requires personal information, look for "https" in the Web address, which signifies more security than "http".
- If you received mobile banking text messages from your financial institution, take the "short code" (a special telephone number used to send and receive text messages) that identifies the bank and add it to your device's contact list. That way, you won't be fooled if you receive a text from an unknown number that purports to be your bank asking for personal information. When added to your contact list, the short code should pop up with an identifying name.
- Many devices have the ability to access local Wi-Fi spots for the Internet, but if you're on a public network, your data may not be secure. Use your mobile provider's network instead. If you're in an area where that's not possible, use a password-protected, closed Wi-Fi network--perhaps one in your own home. If you're in doubt about how secure your network is, it may be best to skip mobile banking tasks until you can get a more secure environment.
Protect Your Mobile Devices
- If your mobile device supports a password or PIN to restrict access, you should use one. This prevents someone being able to access your device without first getting past your PIN or pass code.
- Invest in an antivirus application for your mobile device to help protect you when downloading apps or mobile content.
- Keep your mobile device and applications up to date. Generally you will receive notification as updates are available.
- To help prevent unauthorized access in the event your phone is lost or stolen, never set the app, web or client-text service to automatically log into your account.
- Review options available on your device for additional security. Contact your mobile service provider for information about your specific device. They may also have additional recommendations.
If your device is lost or stolen, immediately:
- Contact your service provider to stop service
- Contact the bank.