Online Banking Security Tips
We safeguard your information using industry-leading features to keep your financial information secure and confidential. In addition, we have external vendors perform regular audits of our system. The result is a "layered security" model, one that ensures protection throughout the banking process, on your computer, during the transmission of information, and in the bank's own computer systems.
With layered security, we use many lines of defense to protect your account information. This eliminates a single point of failure. Whether you are enrolling for online banking, viewing your account information, transferring money or paying your bills, you can depend on your accounts and your account information being safe.
SMB takes numerous steps to keep your accounts and personal information secure, and you also play a role in maintaining the security of your banking information. Here are some of the things SMB does and you can do to help keep your online banking safe.
SMB uses between 128 and 256 bits of encryption for SMB Online transactions and each session uses a unique master key to encrypt messages. The web server will automatically pick the highest level of encryption. Encryption is a communications process that scrambles private information to prevent unauthorized access during the exchange of information between your computer and the SMB Online servers. Once you sign off, the master key used for that session becomes useless, as it is only good for one session.
Timed Log Off
If you forget to log off or if your SMB Online banking session is inactive for more than 10 minutes, we take care of you by ending the session. You will need to log back in to access your information.
You authenticate your SMB Online session by entering your unique User ID and password, both of which are encrypted as they pass over the Internet and before they are stored on our system. Once you change your password on the first access, we do not have access to your password to further increase security.
Two-Factor Authentication (2FA) is an extra layer of security that ensures you are the only person who can access your account information. Each time you log in using a new device or web browser, a verification code is sent to ensure it's you logging in. Even is someone knows your password, they cannot access your information without successfully entering the verification code.
We take numerous steps to keep your accounts and personal information secure, but you also play a role in maintaining the security of your banking information. Here's some things you can do to help keep your online banking safe and secure.
Protect the Confidentiality of Your User ID and Password
Creating a good password and keeping it a secret are essential to keeping your online banking account secure. As you are responsible for what occurs with your User ID, it is strongly recommended that you follow these guidelines to prevent someone from obtaining your password and abusing your account.
- Make your password unique and change it regularly. You should never use a password that would be easy for others who know you to guess, or one that a common password cracking utility could find. Longer is better and you can use a pass phrase, like "My dog was 10 in 20!9".
- Memorize your password. Your user ID and password authenticate you when you begin an online banking session. You should memorize this password and never write it down anywhere or reveal it to anyone.
- Do not share your password with anyone. Sharing your password with someone else is the same as giving that individual authority to use your name in a transaction.
If you forget your User ID or password, you can recover your account, contact our Customer Service Center at (800) 943-8488 or chat with us. Once we positively identify you, we will be able to find your User ID and reset your password so you may choose a new one. Do not release any personal information on the phone, in the mail, or over the Internet unless you initiate the contact or are certain you know who you are dealing.
Log Off When You Are Done Using Online Banking
We recommend our online banking users complete online transactions and log off before visiting other sites or turning off their PCs. We also suggest they do not visit other sites when logged on to online banking. In addition, you may not always be at your own computer when you bank online. Therefore, it's important to sign off when you're finished banking.
Use A Current Browser and Anti-Virus Software
We recommend you use a modern browser and install and use a good quality anti-virus software. It is also very important that you stay up-to-date with patches and updates on these also. There are security patches issued regularly that fix new issues that may be exploited.
Ensure That You Keep Your Information Secure
As explained in SMB's End User License Agreement, you are responsible for keeping your online password, account numbers, personal identification information, and other account data confidential.
- Do not give or disclose any part of your User ID and Password to anyone. Bank employees may request your User ID when accessing your account profile, but should never ask for your password.
- Do not send your User ID, password, or account information over any public or general email system.
- Do not release any personal information on the phone, in the mail, or over the Internet unless you initiate the contact or are certain you know who you're dealing with.
- Contact us immediately if there are charges on your account you don't recognize.
- Do not leave your computer unattended while you are connected to online banking.
If you notice suspicious activity within your account or experience security-related events (such as a Phishing email purporting to be from SMB), please call (800) 943-8488 and ask for Online Banking Support.
The FDIC has two brochures about how you can protect yourself against cyber crime all across the Web, one for consumers and one for businesses. We recommend you read these brochures.
A Cybersecurity Guide for Financial Institution Customers