SECURITY STATE BANK – ONLINE BANKING SECURITY INFORMATION

Security State Bank is pleased to offer internet banking and bill payment services. Delivering these services requires a solid security framework that protects you and our institution’s data from outside intrusion. We are committed to working with our internet service and communications providers to produce the safest operation environment possible for our customers. The information below summarizes our security framework, which incorporates the latest proven technology. A section also summarizes your responsibilities as a user of the internet banking system with regard to security.

User Level

There are several components of User Level security that ensure the confidentiality of information sent across the public Internet. The first requires your use of fully Secured Socket Layer (SSL) -compliant 128 bit encrypted browser such as Microsoft Internet Explorer 7.0 or higher. SSL is an open protocol that allows a user’s browser to establish a secure channel for communication with our Internet server. SSL utilizes highly effective cryptography techniques between your browser and our server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate which ensures that you are truly communicating with the Online Banking Server and not a third party trying to intercept the transaction.

After a secure connection has been established between your browser and our server, you then provide a valid Access Code and Password to gain access to the services. This information is encrypted, logged by the server forming another complete physical security layer to protect the server’s information, and a request to log on the system is processed. Although SSL utilizes proven cryptography techniques, it is important to protect your Access Code and Password from others. You must follow the Password parameters we specify at the time you sign up for an Internet banking account. Session time-outs and a limit on the number of logon attempts are examples of other security measures in place to ensure that inappropriate activity is prohibited at the User Level.

The Multifactor Authentication uses multiple factors to authenticate users by the Access Code, Password, Pictures and Security Questions that were set up initially by the user. Multifactor Authentication combines the traditional customer Access Code and Password with Machine Forensics to determine the type of computer you are using such personal or public computer. If a user is using a public computer, an additional piece of security information must be provided by the user to authenticate their true identity.

User Responsibilities

While our service provider continues to evaluate and implement the latest improvements in Internet Security technology, users of the Online Banking system also have a responsibility for the security of their information and should always follow the recommendations listed below:

Utilize the latest 128 bit encryption version Microsoft Internet Explorer 7.0 or higher.

Your Password must be kept confidential. You must follow our specific parameters for a Password and change it frequently to ensure that the information cannot be guessed or used by others.

Be sure others are not watching you enter information on the keyboard when using the system.

Never leave your computer unattended while logged on to the Online Banking system. Others may approach your computer and gain access to your account information if you walk away.

Click exit when you are finished using the system to properly end your session. Once a session has been ended, no further transactions can be processed until you log on to the system again.

Close your browser when you are finished, so that others cannot view any account information displayed on your computer.

Keep your computer free of viruses. Use virus protection software to routinely check for a virus on your computer. Never allow a virus to remain on your computer while accessing the online banking system.

Report all crimes to law enforcement officials immediately.

When you follow these simple security measures, your interaction with the online banking system will be completely confidential.

Server Level

The Banking Server is protected using the latest firewall platform. This platform defends against system intrusions and effectively isolates all but approved customer financial requests. The system is monitored 24 hours a day, seven days a week for a wide range of anomalies to determine if attempts are being made to breach our security framework.

Host Level

Once authenticated, the customer is allowed to process authorized internet banking and bill payment transactions using host data. In addition, communication time-outs ensure that the request is received, processed and delivered within a given time frame. Any outside attempt to delay or alter the process will fail. Further Password encryption techniques are implemented at the host level, as well as additional security logging and another complete physical security layer to protect the host information itself.