Privacy and Security: Staying Safe on the Internet

Just How Secure Is It?

The MemberDirect® site ensures that your personal and financial information is handled with care. Any personal or transactional information transmitted between you and our Internet banking system is secure and cannot be read by anyone else. While using the MemberDirect® site the integrity of your account information is guaranteed. Transactions from your computer to our system are received without alteration. From a technical point of view a process called encryption is used to achieve security.

How Is Security Achieved?

Access to our client services, financial systems, and databases is strictly managed. Technological and procedural systems are in place to ensure security is not breached. This includes physically securing all of our computer hardware and telecommunications systems. All data is transported using encrypted channels.

What is encryption and how does it work?

Encryption is the process of scrambling data into an unreadable format. It is more secure to transmit encrypted data over the Internet. In the case of the MemberDirect® site, data is sent by your browser through an encrypted channel to our secure systems where the message is safely received.

Some browsers can create a more secure channel than others, owing to the 'strength' of their encryption. To safeguard your personal and financial information, we only use the strongest channel available - referred to as 128-bit SSL or Secure Socket Layer. If you have a browser that only supports 'weaker' encryption such as 40-bit or 56-bit SSL, you will need to upgrade your browser before using our site.

What is the difference between 40– and 128–bit encryption?

Encryption and decryption is accomplished using a complex mathematical formula called an algorithm. An encrypted message cannot be read unless you have the formula or 'key' to unscramble the message. The longer and more complex the 'key' is, the stronger the encryption. The 40 and 128 refer to the length of the key. Since 128 is longer, than 40, it is more secure.

But don’t let the relatively small difference in the size of the key fool you. According to Netscape, 128–bit encryption is trillions of times stronger than 40–bit encryption.

Protect your Personal Access Code (PAC)

Just as you play a vital role in ensuring the security of your home and your possessions, you too share in the responsibility for ensuring that your personal information is adequately protected.

In order for us to ensure that only you are accessing your accounts, we need a unique way of knowing that it's you. Just as the key to your home protects unwanted entry, the online banking "key"—your Personal Access Code (PAC)—ensures that only you can access your accounts.

It is your responsibility to ensure that your "key" to the MemberDirect® site is protected. Please observe the following security practices:

  • Select a PAC that is easy for you to remember but difficult for others to guess.
  • Do not select a PAC that is easy to guess (such as 12345) or is based on personal information (avoid your birth date, address, phone number, social insurance number, or similar information about your family or friends). Otherwise, someone who knows you can easily guess your password.
  • Do not select a part of your PIN (your ATM "key") or another password.
  • Keep your PAC confidential.
  • Do not write your PAC down or store it in a file on your computer.
  • Never disclose your PAC in a voice or e-mail, and do not disclose it over the phone, especially cellular phones.
  • Do not share your PAC with anyone else.
  • Do not permit anyone to observe you typing in your PAC.
  • Change your PAC on a regular basis. We suggest every 90–120 days.
  • Contact Concentra Financial immediately if you suspect someone has gained knowledge of your PAC.
  • Contact Concentra Financial immediately if you believe there are errors or omissions in your account.
  • Contact Concentra Financial immediately if you become aware of any loss, theft, misuse, or unauthorized use.

Protect The Information On Your Computer

While we have provided a secure channel for our Clients to communicate with us, once the information has reached your computer, it's up to you to protect it. To protect your information, you should:

  • Never leave your computer unattended while using our online banking services.
  • Always exit the MemberDirect® site using the Logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser.
  • Prevent the browser from caching (storing) the pages that you view by using the Enhanced Security feature located on the Login screen. We strongly recommend that you use this feature if you are accessing the MemberDirect® site from a shared computer, such as at a friends house or through a publicly-accessible computer, such as at a library or airport.
  • Secure or erase files stored on your computer by your browser so others cannot read them. Most browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. These files remain there until erased. Using standard computer utilities or by using your browser feature to "empty" the cache, these files can be erased.
  • Disable automatic password-save features in the browsers and software you use to access the Internet.
  • Install and use a quality anti-virus program. As new viruses are created each and every day, be sure to update your anti-virus program often.
  • Install and use a personal firewall on your computer to ensure others cannot access your computer through the Internet.
  • Install new security patches, as soon as your operating system and Internet browser manufacturers make them available.

To learn more about browser security, please visit the Microsoft web sites. To ensure a safe and secure Internet session, only visit reputable sites. If you visit any questionable web site before MemberDirect®, we recommend you close your browser and restart it before proceeding to MemberDirect®.

How Have We Met Our Responsibilities?

We ensure your personal and financial information is protected within our MemberDirect® banking service, financial systems, and databases.

We ensure your personal and financial information is protected while in transit between your computer and our server through the use of industry standard security techniques which include Secure Socket Layers (SSL) and encryption.

Encryption ensures that information in transit between your computer and our server cannot be read (private and confidential) or changed (integrity).

We ensure that only individuals who provide the correct PAC can access your account information.

For more information on the specific policies and practices that we use to safeguard your personal and financial information, please click here to view our Privacy Statement.

© All Rights Reserved Concentra Financial, 2005.