To protect your app users’ accounts from unauthorized access to sensitive transactional data, we’ve provided a way to protect account access beyond usernames and passwords. Two-factor authentication (2FA) adds an additional layer of security by requiring the app user to enter a time-based, one-time password that is delivered to them through our integration with Authy upon signing in to your apps.
By enabling 2FA, we can enable high-risk actions in your apps and require the end user to enter their password to complete the actions. 2FA helps honor the guidelines set by the Federal Financial Institutions Examination Council to implement a layered security program for consumer account access, business account access, and administrative tooling.
We offer a variety of online security features:
SECURE TOKENS
For added security, secure tokens are available with the use of Business Online Banking. Business customers with ACH, Wires or Remote Deposit services are required to utilize secure tokens, however tokens are available upon request for any Business customer interested in an additional layer of security. (Fees may apply.) Secure tokens are issued and assigned to specific Business Online Banking access IDs and any active Users. Any active token users, online access is not granted until successful entry of a user’s ID, password and access code displaying on the assigned token once requested via Cash Manager.
AUTO LOGOFF
Users should immediately exit Online Banking when finished, however for added security, sessions will be automatically terminated after a period of inactivity to protect customer accounts and details.
DAILY MONITORING
Online Banking activity is monitored. Activity deemed out of routine for a customer, or trends of suspicious activity are detected and evaluated. When appropriate, customers are contacted to confirm if specified Online Banking activity is genuine. For security and account protection, blocks may be placed on Online Banking access until the unusual activity is verified.
ONE TIME PASSCODES
Additional user authentication may be required for certain higher risk Online Banking transactions. One time passcodes via text message will prompt immediately upon entry of a risk identified transaction to further protect customer accounts. Failure to enter the generated passcode will cancel the requested transaction.
ACCOUNT ACTIVITY ALERT MESSAGES
Customers should consistently monitor their account balances and activity. To make this even easier, we offer a variety of alert notifications. Customers select which notifications to activate, along with their desired method(s) of receiving notifications. Notifications may be generated to customers via email, text message or upon next Online Banking login session.