Digital Banking Security
Protecting You & Your Account
Your visit to our online banking site is safe and secure. We employ a "layered approach" of multiple barriers between your account information and the outside world rather than just a single level of security. We utilize measures such as two-factor authentication, encryption, firewalls, intrusion prevention systems, and around-the-clock proactive monitoring, routers, demilitarized zones and antivirus protection.
Check out the different tabs above to read more about factors used to protect you and your account!
Multi-Factor Authentication
Multi-factor Authentication (MFA) is the process of verifying that you are who you claim to be when logging in to a device or an account. If you're reading this from your computer, you probably logged in to your computer with a password—that's single-factor authentication. But single-factor authentication is no longer enough to keep your accounts secure.
Understanding the types of Identity Claim Factors:
- Something you own. This is using a mobile phone or device like a hardware key that you have in your possession to prove your identity. Typically, the device provides a code via an application, text message, email, voice call, or an embedded chip. You then enter this code or key, and for successful authentication, the code must match what is expected by the service you’re attempting to log in to.
- Something you know. This is something you have memorized or stored somewhere, such as a password or a PIN. You must supply the correct response to log in to your device or service.
- Something you are. This factor is something about your physical body that cannot be altered, such as your fingerprint or retina. Biometric scanners or readers are used to confirm you’re physically the person that you are claiming to be.
In our digitally-driven world, passwords are no longer enough to keep your information safe. These days, it takes minimal effort for hackers to break into, or social engineer their way into, accounts that are only protected by passwords. Adding an extra step—an extra factor—to access your accounts, such as entering an authentication code, means that hackers would also need to have your phone or your fingerprint to break in. This is why it is called multi-factor authentication (MFA), when two or more of the types of Identity Claim Factors are used in combination.
Your security is our number one priority! In order to use our Digital Banking you must enroll. Enrollment requires that you establish a unique username and password, and provide an email and a phone number that we have on file. You will need to have access to this phone number while signing in to receive a verification code. If you have a joint account you will only be able to establish one MFA number. Blackhawk employees do not have access to your password. If your password is entered incorrectly three times at the login page, your account will be frozen for your protection against hackers that might be trying to guess your answer. You can then contact the Credit Union at 800.779.5555 to be authenticated and unlocked. If you have simply forgotten your password, use the self-service, “Forgot” link to reset your access.
When you login, your online banking username and password are transmitted via a secure session between your browser and our servers. Your information is encrypted or 'scrambled' and then sent to our online banking servers where it is decrypted using a unique and temporary key. Please see the "Encryption" tab above for more information.
The first time you access your accounts, you will be prompted for your MFA code. Once you are authenticated, you can bypass this on future logins using the same device and browser by selecting, “Don’t ask for codes again while using this browser.” However, do not use this feature on a shared or public computer. You may be asked to renter your password or MFA code when you log into digital banking from a new device, you complete a transaction outside the norm, or you exceed a certain dollar amount. Multi-factor authentication protects you and your financial assets!
Encryption
We require the use of a secure browser to access your account online. Your browser must be equipped with SSL (Secure Socket Layer) with a 128-bit or higher encryption algorithm to communicate with our servers. SSL protects against eavesdropping and data tampering during transmission. To check the security status of a web page, look at URL in your browser window. You will see an "s" added to the familiar "http." This indicates that SSL is in effect for the current page.