At Weymouth Bank, we strive to make sure your Internet experience is protected with state-of-the-art security. When you visit our online branch, www.weymouthbank.com (hereinafter “web site”), you should be aware that certain pages are secured by 128-bit encryption technology and other pages are not. Many pages on our web site are transmitted between our web servers and you in an unencrypted format. On the other hand, our online banking and bill payment service (hereinafter "WeymouthBank Online" or "WeymouthBank Business Online©") is maintained on a secure web server and is encrypted to provide you the maximum protection available. You can tell whether your session is secure or not by referring to your Internet Browser software help menu.
Cookies: Some web sites store information in a small text file, called a "cookie," on your hard disk. Our web site does not use web browser cookies for the collection of information. "Session" cookies may be used to maintain information related to your activities while you are on the site. These cookies allow us to remember and recognize you and to help us keep track of your activity, as it relates to your current use of our web site. These cookies expire after 20 minutes of inactivity and never contain any sensitive information.
Web Site Logs: Our web site maintains standard logs that contain information regarding the referring web site you came from, your network address, the type of browser you use, and the identity of your Internet Service Provider. Generally, the type of information collected is aggregate in nature, such as the total number of visitors to our web site and most frequently visited pages. We use this information to determine the overall effectiveness of our web site.
Online Forms and Email: Similar to the analogy noted above, there are some online forms and applications on our web site that are provided in a secure environment and others that are not. Be aware that the Contact Us Form and Site Survey are not secure:. As such, never send us nonpublic personal information such as your social security number, account number or other sensitive information using these forms. On the other hand, some forms, such as the application to sign up for WeymouthBank Online or WeymouthBank Business Online© are provided using secure forms technology. Please read the screen carefully to see whether the form you are using is secure or not.
You should also be aware that if you send us an email through our web site, it is not secure. As such, never send us nonpublic personal information such as your social security number, account number or other sensitive information via E-mail.
Any information collected will only be used to respond to your inquiry or comment and will not be retained unless you so indicate on the form and then we will only use the information to provide you with product and services information.
The following information is specific to our secure online banking and bill payment system known as WeymouthBank Online and WeymouthBank Business Online©. WeymouthBank Online and WeymouthBank Business Online© are designed to provide you with state-of-the-art security every step of the way. To establish a secure platform for financial commerce, we turned to Online Resource Corporation, a leading provider of remote banking, electronic bill payment, and other financial services to the banking industry.
Secure systems are a combination of technology, policies, and people. WeymouthBank Online and WeymouthBank Business Online© are designed with security as a dynamic feature of the product, not an afterthought or add-on. The result is an architecture that utilizes a multi-layered approach to information security, providing safeguards and privacy throughout the process.
Every financial transaction uses multiple layers of security and every layer adds a different technology resulting in a system that is monitored at all times. Layered security means that rather than relying on a single security measure, layers of technology are utilized within the security architecture to distance the potential "hacker" as far as possible from the core of sensitive information and resources. This architecture includes user ID and password, encryption, firewalls, secure web server certification, intrusion detection and internal network systems.
Web Browser and Server Encryption: An important layer of online financial security is the 128-bit Secure Sockets Layer (SSL) encryption between your Internet browser (typically Microsoft Explorer© or Netscape Navigator©) and the Web Servers. SSL is the industry standard that provides secure access to online financial services from anywhere on the Internet using any current Internet browser.
SSL provides a secure channel for data transmission over the Internet ensuring that your data cannot be altered in route. Browsers can also display a certificate to the user about the source of a secure transmission. This assures our customers that they are communicating directly with WeymouthBank Online or WeymouthBank Business Online© and not a third party trying to intercept the transaction on the Internet.
Encryption changes everything that travels across the Internet during your online session (including your password, your bank statement, or instructions to pay a bill) into a string of unrecognizable numbers. Both our web servers and your browser understand the mathematical formulas, called algorithms, which turn your financial information into numeric code, and back again to meaningful information. These algorithms serve as the locks and keys of your account information. While the destination computer and your browser can easily translate this code back to meaningful language, this process is an overwhelming task for unauthorized intruders.
WeymouthBank Online and WeymouthBank Business Online© require the use of 128-bit encryption for all financial transactions. For users who login with a browser that has only 40-bit encryption, server encryption is provided. Server encryption will accept the message from a 40-bit browser and start a 128-bit encrypted session from the server end. This ensures that all your transactions have the strongest level of encryption.
It is also important to verify that only authorized customers log into our system. This is achieved by verifying your User ID and password. When you submit your User ID and password, the server responds by comparing your encrypted information against encoded data stored in a secure data center (this is called authentication). Our system allows you to enter your password incorrectly three times. If you enter your password incorrectly three times, your online banking account will be locked. "Bad-login" attempts are monitored and recorded to detect any suspicious activity (i.e., someone trying to guess your password).
Our standards are high; if the session isn't secure enough, it cannot be used to conduct transactions. You know when a session is encrypted by looking for the padlock or key icons (pictures) in the lower portion of your browser. If, for any reason, the secure session link is broken, the online session automatically terminates.
Firewalls: A firewall provides a layer of security that selectively permits or blocks traffic between the Internet and WeymouthBank Online or WeymouthBank Business Online©. Only messages from an authenticated customer are allowed access beyond this point. All other traffic from the Internet is rejected.
Internal Network Systems: WeymouthBank Online and WeymouthBank Business Online’s© Internal Network Systems are designed to ensure that transaction systems are never directly connected to the Internet. This means that once your transaction request has been received and accepted by our web server, it is transferred over a separate secure network to the host. This is the same secure network that we have used for decades.
Customer Responsibilities: Internet security does not rely on technology alone. Without your participation, all the security systems and technology in the world are worthless.
Make sure that no one is physically watching you when entering your password. Never leave your computer unattended while you are logged into WeymouthBank Online or WeymouthBank Business Online© because anyone with access to your computer can gain access to your accounts. Lastly, always be sure to completely exit the browser when you have completed your session.
You play a crucial role in preventing others from logging on to your account. Treat your User ID and password for online accounts with the same care as an ATM and PIN or Credit Card. Never use passwords that are easy to guess. Examples of bad passwords are: birth dates, first names, pet names, addresses, phone numbers, social security numbers, etc. Never reveal your password to another person, and you should periodically change your password.
You should also be aware that criminals are becoming increasingly sophisticated, using the Internet and other means to bilk billions of dollars every year. One of the scams to be aware of is "PHISHING". Phishing is when a financial scammer sends a pretext Email to unsuspecting recipients. These recipients may think that the Email is from us about an urgent problem with your account requiring your immediate response or the account will be lost. The Email or its links will look like the bank’s web site and may ask you to “verify” your social security, account numbers or passwords or it may attach "spyware" to your computer. Spyware can record keystrokes such as user names and passwords for the scammers to use at a later date. Weymouth Bank will never ask you for confidential information (i.e. your social security number or account numbers) through an unencrypted, unsecure Email. If you receive an Email purportedly from us, do not respond online. Call us to report the Email.
SPOOFING is also a common vulnerability that can occur when you make a mistake or a misspelling while typing in the bank’s Email address. The site where you are directed may look like our website, but it is not. Any information that you enter on a “spoofed” site can be stolen and used to gain access to your accounts. Be sure that the address you type is correct before you press the enter button.
If you spot suspicious activity about or on our website, report it to us immediately. You can also report it to the FBI or Secret Service. You should also check your statements each month and report any irregularities to us as soon as possible.
Preventive maintenance of your personal computer is also an effective way to protect your online security. Periodically, you should check to make sure your operating system, anti-virus software, Internet browser and personal firewall software are up to date. This can easily be accomplished by visiting the software vendor’s web site to see if upgrades or patches have been released that address known security vulnerabilities. Best of all these upgrades and patches are usually free!
|© 2013 Weymouth Bank, All Rights Reserved|