To assure your continued security
online, Health Systems Credit Union uses both single and multi-factor authentication, as well as additional "layered security" measures
LAYERED SECURITY FOR INCREASED SAFETY
Layered security is characterized by the use of different controls
at different points in a transaction process so that a weakness in one control is generally compensated for by the strength
of a different control. An example of layered security might be that you follow one process to log in (user/password), and then
give additional information to authorize funds transfer.
Layered security can substantially strengthen the overall secu rity
of online transactions....protecting sensitive member information, preventing identity theft, and reducing account takeovers and the
resulting financial losses.
The purpose of these layers is to allow your credit union to authenticate members and detect
and respond to suspicious activity related to initial login and then to reconfirm this authentication when further transactions involve
the transfer of funds to other parties.
INTERNAL ASSESSMENTS AT YOUR CREDIT UNION
* On the back-end, the new supervisory
guidance offers ways your credit union can look for anomalies which could indicate fraud. The goal is to ensure that the level
of authentication called for in a particular transaction is appropriate to the transaction's level of risk. Accordingly,
your credit union has concluded a comprehensive risk-assessment of its current methods as recommended in this supervisory guidance.
risk assessments consider, for example:
* changes in the internal and external threat environment
* changes in the member
base adopting electronic banking
* changes in the member functionality offered through electronic banking; and
* actual incidents of
security breaches, identity theft, or fraud experienced by the
institution or industry.
Whenever increased risk to
your transaction security might warrant it, the credit union will be able to conduct additional verification procedures, or layers
of control, such as:
* Utilizing call-back (voice) verification, e-mail approval, or cell phone-based identification.
member verification procedures
* Analyzing banking transactions to identify suspicious patterns. For example, that could mean
flagging a transaction in which a member who
normally pays $10,000 a month to five different vendors suddenly
pays $100,000 to a completely new vendor.
* Establishing dollar limits which require manual intervention to exceed a preset limit.
PROTECTION UNDER "REG E"
Credit Unions follow specific rules for electronic transactions issued by the Federal Reserve Board.
Known as Regulation E, the rules cover all kinds of situations revolving around transfers made electronically. Under the consumer
protections provided under Reg E, you can recover internet banking losses according to how soon you detect and report them.
is what the Federal rules require: If you report the losses within two days of receiving your statement, you can be
liable for the first $50. After two days, the amount increases to $500. After 60 days, you could be legally liable
for the full amount. These protections can be modified by state law or by policies at your credit union, so be sure to
ask your credit union how these protections apply to your particular situation.
THE FIRST LINE OF DEFENSE
course, understanding the risks and knowing how you might be tricked is a critical step in protecting yourself online. You can
make your computer safer by installing and updating regularly your:
* Anti-virus software
* Anti-malware programs
* Firewalls on your computer
Operating system patches and updates
You can also learn more about online safety and security at these websites:
YOU HAVE SUSPICIONS
If you notice suspicious activity within your account or experience security-related events (such as Phishing
email from someone claiming to be from Health Systems Credit Union), you can contact the credit union for information.