page top

Online Security Practices

Attention: open in a new window. Print

Our website provides users with a range of security practices.

  1. Firewalls
  2. Encryption
  3. Automatic Time-outs
  4. Incorrect Password Access Lock
  5. Last Login Time Check
  6. One Time Passwords

1. Firewalls

The Credit Union's website and Internet Banking service is protected by sophisticated firewalls with adaptive security algorithms (ASA) which maintain the secure perimeters between the websites and the Internet. This provides full firewall protection that conceals the architecture of the internal networks from the outside world including protection against attacks.

The Credit Union website is hosted with one of Australia's leading managed IT service providers: Rackspace. Further information on the security features of Rackspace's hosting solution can be found at their website www.rackspace.com.au ^

 

 2. Encryption

Whenever you use our Internet Banking service or submit information to us using one of the main online forms available on our website, your information is protected by banking industry standard 128-bit SSL (Secure Socket Layer) encryption. Encryption is a process of scrambling information using random mathematical algorithms ensuring that only the Credit Union can receive this information in an understandable format. SSL is a protocol developed by Netscape that enables a web browser and a web server to communicate securely. Security is provided in two different ways:

  • authenticating the web server to the client using a digital certificate; and
  • encrypting all information sent.

You can identify whether the Internet Banking session is secure or encrypted when you see a padlock in the bottom right corner of your browser window. Clicking on the padlock will also provide you with details on the Security Certificate pertaining to the encrypted session.

You can tell that your Internet Banking Session is encrypted by clicking on the padlock in bottom or the top right of your browser.

Authentication You can be assured that the company that installed the certificate is the true owner of the website.The combination of the Credit Union's SSL-enabled web server and a valid security certificate provides you with three things:

  • Message privacy Using a unique session key, SSL encrypts all information exchanged between your computer and our web server. This ensures that personal information cannot be viewed if intercepted by unauthorised persons.
  • Message integrity The data cannot be tampered with over the Internet.

Data transmission of the Credit Union's main online forms is protected through the application of a SSL certificate provided by Comodo.

A security verification image will be on all our secure forms. This will verify the authenticity and encryption procedures associated with securing your information.

The vast majority of computers use browsers more recent than Internet Explorer 6 or Firefox 2. If your browser is earlier than either of these, to secure the maximum 128 bit encryption provided by the Comodo Web Server Certificate we recommend that you update your browser.The Comodo Web Server Certificate connects at 128 bit, 56 bit or 40 bit depending on your browser's capability.

For more information on Comodo Web Server Certificates go to their site at www.comodo.com.

3. Automatic Time-outs

For your further protection, our Internet Banking system has been set to automatically "log out" after 5 minutes if your banking session remains unattended. This means that should you leave your computer for any reason for longer than 5 minutes whilst conducting an Internet Banking session, the system will end your session to ensure that no-one else can access your personal information in your absence. ^

 4. Incorrect Password Access Lock

After 3 incorrect attempts your Internet Banking service access will be locked. This is to ensure that there is no unauthorised access to your account details.

If your account becomes locked, it will then be necessary to contact us to request that your Internet Banking access be reinstated.

To avoid incorrect password attempts, we strongly recommend that you have a password of your own choosing which will be easy for you to remember.

If you are still experiencing difficulties with your Internet Banking Service or our website, please contact us and we will address any issues during normal business hours. ^

 5. Last Login Time Check

Our Internet Banking system also provides you with information on the date and time of your last session on your welcome screen after you log in. This allows you to check the most recent session each time you use Internet Banking to ensure that nothing is out of the ordinary. ^

 6. One Time Passwords

As part of our commitment to Internet Banking security, the Credit Union has introduced One Time Passwords via Security Token and SMS. This is true "second factor" security that provides an extra level of protection against Internet Banking fraud. Members are required to enter a One Time Password when logging into Internet Banking.

  You might be interested in: