Security Statement

At Shelby County State Bank we understand the importance of customer security. Protecting your confidential financial information is our number one priority. Shelby County State Bank maintains strict standards of security designed to ensure a secure exchange of information with our customers.

 

As part of our commitment, customer information and account data is protected by multiple security protocols: firewalls, data encryption and a verifiable Password. Shelby County State Bank provides end-to-end encryption to secure transactions while in transit. Encryption technology transmits information sent over the Internet by encoding the transmitted data. A firewall is designed to protect information stored in our computer systems from unauthorized entry.

 

Your account information is also protected with a Password known only to you. Your Password must be used to access your accounts and authorize payments. Only you know your private Password, so you can be confident that your data is secure if you do not provide your Password to someone else. You will know when you're in a safe environment when a "locked" icon is displayed at the bottom of the screen or https:// will appear in the address line. To gain a greater level of protection, we recommend that you memorize and keep your Password secret, change your Password on a regular basis and not use birth dates, first or last names, or other documented numbers or letters that may be easy to locate. If you must write down your Password, keep it in a safe place.

 

Although we provide a secure e-mail system directly from our site which uses data encryption to help protect your communications with us, we strongly urge you not to e-mail confidential information (such as social security numbers, account numbers, mother's maiden name, annual income, source of income, etc.) to us.

 

In addition, Shelby County State Bank's strict security standards require all browsers that are used to access account information to have 128-bit encryption. Use of 128-bit encryption technology is one of the most secure forms of encryption currently available for commercial use on the Internet.

 

This Security Statement is a constant reminder to our customers that the security of their personal information is always of utmost concern.

 

How secure is 24 Hour Banker Online?
What can I do to protect my accounts and personal information while I am banking online?
What if I think someone may know my User ID or Password?
What is encryption?
Do you cache my information?
Can I use the back button?
How is encryption used, and how does it relate to me?
What level of encryption protection does 24 Hour Banker Online support?
How secure are my accounts and transactions?
How do Web sites collect information?
Where does my information go when I provide it online?
What are cookies? Can I get rid of them?
What is spamming?
What can I do if my card number or other personal information is being used fraudulently?
What is phishing?
How do I protect myself against phishing?

 

How secure is 24 Hour Banker Online?

• With 24 Hour Banker Online, customer information and account data is protected by several state-of-the-art safety features: firewalls, data encryption and Password verification.
• Your User ID and Password are known only by you, so only you can access your accounts. Your software provider and Shelby County State Bank do NOT know your Password. 24 Hour Banker Online will not send any account information to your computer unless your unique User ID and Password are entered correctly.
• Your secure session will automatically terminate if you do not conduct transactions for 10 minutes. If this happens, you will have to logon again to access your accounts.

 

What can I do to protect my accounts and personal information while I am banking online?

• Memorize your User ID and Password. It is essential that you do not reveal your User ID and Password to anyone! We also recommend that you do not use easily verifiable information such as birth dates, social security numbers and addresses when selecting your Password and User ID.
• Frequently change your Password. You can easily change your Password online from the Logon page.
• Completely sign off after each online session. For security purposes, 24 Hour Banker Online will automatically sign you off after 10 minutes of inactivity.

 

What if I think someone may know my User ID or Password?
If you believe that someone else knows your User ID or Password, please call our Online Representatives immediately at 1 (877) 251-4363 24 hours a day, 7 days a week to assist you in changing your information. If you have a smartOne Gift Card or smartOne Pay Card please contact one of our representatives at the toll-free number provided on the card carrier or on the back of the card to assist you. Also, you can change your Password online from the Logon page. We suggest that you change your Password at least once a month for added security.

 

What is encryption?
Encryption is the encoding of a file in order to protect its contents. This entails a word or a group of words essentially written in a secret code language — a language that is useless to anyone but you and your bank, to protect that message from unwanted viewing or tampering. The term "encryption" is a computer-age extension of the term "cryptic," which means something being hidden or mysterious.

 

Do you cache my information?
No. A cache is a stored file on your computer's hard drive. When dealing with sensitive and secure data, we do not want the computer to store the information on your hard drive.

 

Can I use the back button?
When using the back button on a non-secure site, a cache, or a file stored on your computer's hard drive, is created. On some secure sites, the back button is disabled. On other secure sites, the back button can be used, but instead of caching information, it allows the system to pull your information from the site's secure server. On 24 Hour Banker Online, we do not cache information, but allow our customers to access their data again by using the back button.

 

How is encryption used, and how does it relate to me?
Encryption, in all of its forms, is a major reason why we can offer you 24 Hour Banker Online. Basic encryption involves the transmission of data from one party to another. The sender encodes the data by scrambling it, then sends it on. The receiver must decode the data with the correct "decoder" in order to read and use it. Your computer, as well as our computer system, recognizes the mathematical formulas of the encrypted messages during transactions. The more powerful computer system you possess on your end, the higher level or grade of encryption you can use. There are two types of encryption that you should be familiar with - domestic grade and international grade - when deciding how you will do your remote or PC banking. Domestic grade encryption, also called 128-bit encryption, is a much faster and more powerful form of encryption. On the other end of the spectrum would be 40-bit, or international grade, encryption. The 40-bit means that there are two to the 40th power of possible keys that could access your account information, but only one that could be used per Internet banking transaction. This essentially means that the chances of cracking the code for a particular transaction in 40-bit encryption are very, very small. The 128-bit encryption requires more computer processing power than 40-bit encryption but is more secure. In fact, 128-bit encryption is 309,485,009,821,345,068,724,781,056 times more powerful than 40-bit encryption.

 

What level of encryption protection does 24 Hour Banker Online support?
All transmission of customer information through direct access is encrypted using 128-bit encryption technology.

 

How secure are my accounts and transactions?
Protecting the privacy and security of your confidential financial information is our No. 1 priority. 24 Hour Banker Online provides end-to-end encryption to secure transactions while in transit. Your accounts are also protected with a Password known only to you. Only you can access your accounts and authorize payment. To gain a greater level of protection, we recommend changing your password(s) on a regular basis and not using birth dates, first or last names, or other documented numbers or letters that may be easy to locate. Only you know your private Password, so you can be confident that your data is secure. Your Password is NOT known to your software provider or 24 Hour Banker Online.

 

How do Web sites collect information?
Information can be collected in several ways, but typically "personally identifiable information" (information that can be traced to a single user) isn't gathered on a widespread basis. Most information collected online is "usage data," or data limited to where an individual visits within a site and/or how much time is spent at a particular site. Online services, for example, may track sign-on and sign-off times for billing purposes. Individual Web sites (whether companies or individuals) may gather certain kinds of information about you when you visit their site. Many sites limit information gathering to broad usage statistics. Some Web site operators may collect information about you through your e-mail address, the means by which you connect to their site, by the use of "cookies" or voluntary questions directed at users.

 

Where does my information go when I provide it online?
You can reasonably assume that some level of information tracking will be done when you logon to the Internet. But unless a site or service provider posts its information gathering and dissemination practices, it's up to you to inquire about them. It's also up to you to decide whether you want to provide your name, mailing address, phone number or any other personal information if a Web site asks you to register.

 

What are cookies? Can I get rid of them?
Some Web sites transfer a file, often referred to as a "cookie," to your computer's hard drive, which enables them to track your activities on their site. While a code in the cookie file allows a site to label you as a particular user, it doesn't reveal your real name and address unless you've provided the site with such information or set up preferences in your browser to do so automatically. Newer versions of browser software enable you to decide whether you want to receive cookie files, and some programs notify you when a Web site is about to deposit a cookie file. To check whether cookie files have been placed on your computer, look for a hard drive file called "cookies.txt" if you have an IBM compatible PC or "magic cookies" if you have a Macintosh. You can delete these files from your hard drive. There are also utility software programs, called "cookie cutters" or "anonymizers" that allow you to edit cookie files selectively within Web browsers.

 

What is spamming?
Spamming is the practice of sending unsolicited electronic mail to many users simultaneously. The e-mail message itself is referred to as "spam".

 

What can I do if my card number or other personal information is being used fraudulently?
To prevent card misuse, don't give out your card number online unless you know and trust the requesting Web site, or are assured that proper security measures are in place. To ensure security, your card number should be encrypted using the latest software technology. Don't believe a Web site that tells you that your information doesn't need to be encrypted and contact companies providing the encryption technology to check whether it's actually being used as advertised. If your card or personal information is being used fraudulently, immediately contact (by phone and in writing) your card issuers and all creditors with whom your card number or name has been used or may be used. Also contact the fraud units of the three major credit reporting companies: Experian (formerly TRW), Equifax and TransUnion. Request that your credit report be flagged for potential or actual fraud, and inquire about attaching a "victim's statement" to your report. Beyond the initial reporting steps, there are many avenues available for dealing with or obtaining information about the varied aspects of card or identity theft. Two primary resources are CALPIRG (www.pirg.org/calpirg; 1-800-533-4449) and the Privacy Rights Clearinghouse (www.privacyrights.org; 1-619-298-3396).

 

What is phishing?
Phishing is a fraudulent e-mail scam that uses spam to attempt to get consumers to disclose or verify their account numbers, personal identification numbers (PIN), social security numbers, passwords, or other sensitive information. This e-mail typically resembles an e-mail from a familiar company and may have a similar internet address to that company in the text; however, it will usually have a couple of letters transposed.

 

How do I protect myself against phishing?
In an effort to protect yourself, use caution when applying for items via e-mail. Be sure to verify the internet address and check to see if the site is secure before you enter any personal data. If you receive an e-mail from Shelby County State Bank that looks suspicious please call to verify that we sent it to you.

                                                                                   Rev 08/05