Customer Protection

Identity Theft

More and more of our personal business is done online. We shop, bank, pay our bills, stay in touch with friends and family. It's no wonder we've all become more aware of computer-related scams to steal our personal information.

But OMNIBANK wants to remind you to be on the lookout for tried and true methods of identity theft and check or credit card fraud.

• Do not give out personal information such as passwords, account number, social security numbers over the phone or through the mail unless you initiated the call or you know who you're dealing with personally
• Only carry the minimum amount of identifying information and the fewest credit cards on your person

This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

SECURE ACCESS AND VERIFYING USER AUTHENTICITY

To begin a session with the bank's server the user must key in a log-in ID and a password. Our system, the Internet Banking System, uses a "three strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session for that visitor.

SECURE DATA TRANSFER

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

ROUTER AND FIREWALL

Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

Using the above technologies, your Internet banking transactions are secure.

• Pay attention to your billing cycles and contact OMNIBANK or your credit card company if you do not receive your statements when expected
• Guard your mail from theft. Deposit bill payment envelopes in a post office collection box or at the local post office whenever possible and remove incoming mail, as soon as possible
• Protect your PINs and passwords. Avoid using easily available information like your mother's maiden name, your birth date, the last four digits of your social security number, your phone number, etc
• Check your bank and credit card statements to make sure all charges, checks, or withdrawals were authorized
• Store personal information in a safe place and shred old credit card receipts, ATM receipts, account statements, unused credit card offers, etc. before throwing them away

As always, OMNIBANK is committed to your financial well-being. If you have any questions, contact your local branch.