Security Policy Secure Sockets Layer (SSL) Encryption
Internet Account Access server (www.southcentralcu.org)
Using cryptography ensures the privacy of the communications between you (your browser) and our server. Cryptography simply scrambles messages exchanged between your Internet browser and our Internet, your browser establishes a secure session with our server. The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption.
The SSL protocol requires the exchange of what are called public and private keys. Keys are random numbers chosen for that session and are only known between your browser and our server. After the keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server. Both sides require the keys because they need to de-scramble (decrypt) the messages when they are received.
The SSL protocol, not only ensures privacy, but also ensures that no other browser can "impersonate" your browser, nor alter any of the information sent. You can tell whether your browser is in secure mode by looking for the secured lock symbol at the bottom of your browser window. You will also know you are in the secure site by the https:// designation in the location bar of your web browser.
Today’s browsers offer 128-bit encryption. All result in a very large number of possible combinations. Our Internet Provider’s servers are compatible with these encryption levels, however they recommend the use of 128-bit capable browsers for the highest level of security. Members accessing their account from international countries will be limited to 40-bit encryption due to international standards.
Your Browser’s Encryption Level
Follow these steps to determine the level of encryption that your browser supports.
In Netscape, go to a secure page then click on View in the main menu, then on Page Info. The level of encryption should be shown under Security.
In Internet Explorer, go to Help then About Internet Explorer. Some information will appear, including Cipher Strength (encryption level). To determine the security of a Web page within a frame, use the right mouse button to click inside the frame, click Properties on the menu that appears.
Obtaining a Secure Connection
The use of SSL requires that you have an SSL compatible browser. While older browser versions may support SSL sessions, South Central Credit Union recommends using the following browsers to access our web site.
. Windows and Unix operating systems: Minimum browser requirements: Netscape 4.7 or later or Microsoft Internet Explorer 4.01 or later.
. Macintosh: Minimum browser requirements: Netscape 4.7 or later or Microsoft Internet Explorer 4.01 or later.
Personal Identification Number (PIN)
South Central Credit Union is dedicated to providing alternative financial options with stringent security measures to protect our members. Our online Account Access solution is dedicated to providing you privacy and protection.
So, it is also important to verify that only authorized persons’ log into your Account Access account. This is achieved by verifying your PIN. When you enter your PIN at the login screen, it is compared with the PIN we have stored in our Internet Provider’s secure server.
Note: You play a crucial role in preventing others from logging on to your account. Never use a PIN that can easily be determined. All Pin numbers for this service will be 4 numerical digits. You can and should periodically change your PIN from the Change PIN button in Account Access.
South Central Credit Union is dedicated to providing alternative credit union options with stringent security measures for our members. We have your privacy, protection, and piece of mind at the forefront of our online Internet Account Access solution.
Since you will have the capability to print account information displayed on your computer screen, remember to secure this information in the same manner as your normal credit union statements and receipts.
It is important to point out that the computers that store your actual account information are not hooked up to the Internet. The requests you make through the Internet are handled by our Internet Provider’s servers, which retrieve the information you requested from their mainframe via a proxy-based firewall server. All incoming IP (internet protocol) traffic is actually addressed to the firewall, which only allows authorized information to flow into the credit union’s servers. This firewall server acts as the go-between when you conduct transactions on our online Internet Account Access computers, which are secured as discussed earlier.
To protect the accuracy of data and guard against unanticipated threats, standard data processing practices are employed for regular backup of data. This includes archiving and off-site storage, computer virus protection and identification as part of our formal disaster recovery plan. This plan includes regular testing as well as a business resumption plan in the event of a disaster. We will also institute data processing auditing practices to regularly review processes for appropriate access to member data and other standard security objectives. Our Internet Provider has processes, which also protect against unauthorized access. Our Internet Provider will permit only authorized employees who are trained in the proper handling of member information to have access to SCCU’s members.
Our goal is to provide you with the best financial products and services available. Our commitment is to protect your privacy in all situations and to work closely with members to meet their needs.