E-Central CU » Security Center Multi-Factor Authentication

Multi-Factor Authentication

New Internet Banking Logon Procedure
Beginning in 2007, we will be implementing a multi-factor authentication log-on procedure. This new procedure will help protect your account from fraudulent activities and "Phishing" attempts.

What is Multi-Factor Authentication?
Multi-Factor Authentication (MFA) is a security enhancement to our Internet Banking service, Central@net, whereby you will be required to authenticate yourself via several security levels (instead of just entering your Member Number and Password) before you can access your accounts.

In order to access your accounts you must successfully pass the following:

Correctly inputting your Member Number or Nickname (why)
Correctly inputting the system generated random security code (why)
Correctly answer one of the security questions you created during the enrollment process (only required if attempting to log-on from an unregistered computer) (why)
Correctly inputting your Internet Banking Password. A graphical keyboard is optionally available for added protection. (why)
Verifying the Personalized Security Text Image as established by you in the enrollment process (why)

How do I enroll?
The first time you log-on into Internet Banking after final implementation you will be required to enroll before you can access your accounts. During the enrollment process, you will be asked to select/create unique security questions for which you will provide your own answers.

In addition, you will be asked to create a unique security code that will be superimposed over a graphic, which will be displayed as a Security Text Image every time you access Internet Banking.

Do I have to enroll?
Yes. All Central@net using Members will have to enroll.

What does “registering” a computer mean?
When you register a computer during the enrollment process, a “cookie” will be placed on the registered computer. The “cookie” is used only for identification purposes and does NOT collect information. When you log-on from a registered computer, you will NOT be required to answer one of the security questions that you created during the enrollment process.

Why would I want to “register” or “not register” a computer?
A non-registered computer will be required to answer one of the personal security questions that you created during the enrollment process.

We recommend that you only register computers that you deem safe and private, such as your computer at home. If you prefer the convenience of avoiding the personal security question each time you log-on, then register the computer.

Can I “unregister” a computer?
Yes. In the Maintenance Section (Security sub-section), you can elect to unregister a computer.

Can I have a Nickname?
Yes. When you enroll, you can add a Nickname as an alternative to remembering your Member Number.

Will I still have access to all the same accounts online?
Yes. This process only affects how you login, not your Internet Banking accounts.

Will my Bill Payer settings change?
No, All pre-setup settings within your Internet Banking session will remain the same.

WHY ANSWERS

Correctly inputting your Member Number or Nickname
Why – One of the first layers of authentication. A Nickname can be used as an alternative to memorizing your Member Number.

Correctly inputting the system generated random security code
Why – The system generated random security code verifies that a human is viewing and entering the code. This new feature adds an additional layer of security intended to prevent or impede automated attacks also known as “brute force” attacks.

Correctly answer one of the security questions you created during the enrollment process (only required if attempting to log-on from an unregistered computer)
Why – This new feature adds an additional layer of authentication, thus making it more difficult for a hacker to access your accounts from an unregistered computer.

For even higher protection, you can create your own questions and answers.

Correctly inputting your Internet Banking password using a graphical keyboard
Why – The graphical keyboard is an option (no charge) that helps deter trojan and viral based keystroke-loggers from capturing your Password via keystrokes when you enter it on the keyboard. Remember: Your Password is case sensitive. Contact a member services rep if you want to activate it.

Verifying the Security Text Image as established by you in the enrollment process (displayed over a graphic so the code itself cannot be “scraped” from the screen)
Why – The Security Text Image validates the authenticity of Central@net and helps prevent Phishing attempts against you. A Phishing scam is whereby a criminal will send you an official-looking email that appears to be from E-Central or any other financial institution with the purpose to rob you of your personal banking information.

When you log into Central@net you will see the Security Text Image with a watermark logo behind it. If the Security Text Image is not displayed or not the same as you created during the enrollment process, then you know the site is not legitimate.

back to Security Center page


	Multi-Factor Authentication New Internet Banking Logon Procedure Beginning in 2007, we will be implementing a multi-factor authentication log-on procedure. This new procedure will help protect your account from fraudulent activities and "Phishing" attempts. What is Multi-Factor Authentication? Multi-Factor Authentication (MFA) is a security enhancement to our Internet Banking service, Central@net, whereby you will be required to authenticate yourself via several security levels (instead of just entering your Member Number and Password) before you can access your accounts. In order to access your accounts you must successfully pass the following: Correctly inputting your Member Number or Nickname (why) Correctly inputting the system generated random security code (why) Correctly answer one of the security questions you created during the enrollment process (only required if attempting to log-on from an unregistered computer) (why) Correctly inputting your Internet Banking Password. A graphical keyboard is optionally available for added protection. (why) Verifying the Personalized Security Text Image as established by you in the enrollment process (why) How do I enroll? The first time you log-on into Internet Banking after final implementation you will be required to enroll before you can access your accounts. During the enrollment process, you will be asked to select/create unique security questions for which you will provide your own answers. In addition, you will be asked to create a unique security code that will be superimposed over a graphic, which will be displayed as a Security Text Image every time you access Internet Banking. Do I have to enroll? Yes. All Central@net using Members will have to enroll. What does “registering” a computer mean? When you register a computer during the enrollment process, a “cookie” will be placed on the registered computer. The “cookie” is used only for identification purposes and does NOT collect information. When you log-on from a registered computer, you will NOT be required to answer one of the security questions that you created during the enrollment process. Why would I want to “register” or “not register” a computer? A non-registered computer will be required to answer one of the personal security questions that you created during the enrollment process. We recommend that you only register computers that you deem safe and private, such as your computer at home. If you prefer the convenience of avoiding the personal security question each time you log-on, then register the computer. Can I “unregister” a computer? Yes. In the Maintenance Section (Security sub-section), you can elect to unregister a computer. Can I have a Nickname? Yes. When you enroll, you can add a Nickname as an alternative to remembering your Member Number. Will I still have access to all the same accounts online? Yes. This process only affects how you login, not your Internet Banking accounts. Will my Bill Payer settings change? No, All pre-setup settings within your Internet Banking session will remain the same. WHY ANSWERS Correctly inputting your Member Number or Nickname Why – One of the first layers of authentication. A Nickname can be used as an alternative to memorizing your Member Number. Correctly inputting the system generated random security code Why – The system generated random security code verifies that a human is viewing and entering the code. This new feature adds an additional layer of security intended to prevent or impede automated attacks also known as “brute force” attacks. Correctly answer one of the security questions you created during the enrollment process (only required if attempting to log-on from an unregistered computer) Why – This new feature adds an additional layer of authentication, thus making it more difficult for a hacker to access your accounts from an unregistered computer. For even higher protection, you can create your own questions and answers. Correctly inputting your Internet Banking password using a graphical keyboard Why – The graphical keyboard is an option (no charge) that helps deter trojan and viral based keystroke-loggers from capturing your Password via keystrokes when you enter it on the keyboard. Remember: Your Password is case sensitive. Contact a member services rep if you want to activate it. Verifying the Security Text Image as established by you in the enrollment process (displayed over a graphic so the code itself cannot be “scraped” from the screen) Why – The Security Text Image validates the authenticity of Central@net and helps prevent Phishing attempts against you. A Phishing scam is whereby a criminal will send you an official-looking email that appears to be from E-Central or any other financial institution with the purpose to rob you of your personal banking information. When you log into Central@net you will see the Security Text Image with a watermark logo behind it. If the Security Text Image is not displayed or not the same as you created during the enrollment process, then you know the site is not legitimate. back to Security Center page