Security Statement

  

Home Savings and Loan Association is pleased to offer Internet Banking services, including but not limited to Personal Online Banking, Business Banking Online, and Online Bill Pay services. Delivering these services requires a solid security framework that protects data from outside intrusion. We are committed to providing the safest operating environment possible for our customers. The information below summarizes our security framework, which incorporates the latest proven technology. We also encourage you to refer to our Online Security Tips and Identity Theft to access additional information and recommendations for your safety.

User Level security ensures the confidentiality of information sent across the public Internet. You are required to use a fully (Secure Sockets Layer) SSL-compliant 128 bit encrypted browser such as Mozilla Firefox or Microsoft Internet Explorer. SSL allows a user’s browser to establish a secure channel for communicating with our Internet server. SSL utilizes highly effective cryptography techniques between your browser and our server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate which ensures that you are truly communicating with the Internet Banking server and not a third party trying to intercept the transaction.

After a secure connection has been established between your browser and our server, you then provide a valid Access ID and Password to gain access to the services. This information is also encrypted. Although SSL utilizes proven cryptography techniques, it is important to protect your Access ID and Password from others. You must follow the Access ID and Password parameters we specify at the time you sign up for Internet Banking services. We also recommend changing your Password periodically. Session time-outs and a limit on the number of logon attempts are examples of other security measures in place to ensure that inappropriate activity is prohibited at the User Level.

The Banking Server is protected using the latest firewall platform. This platform defends against system intrusions and effectively isolates all but approved customer financial requests. The platform secures the hardware running the Internet Banking services and prevents associated attacks against all systems connected to the Banking Server. The system is monitored 24 hours a day, seven days a week for a wide range of anomalies to determine if attempts are being made to breach our security framework.

Once authenticated, the customer is allowed to process authorized Internet Banking services transactions using host data. In addition, communication time-outs ensure that the request is received, processed, and delivered within a given time frame. Any outside attempt to delay or alter the process will fail. Further password encryption techniques are implemented at the host level, as well as additional security logging and another complete physical security layer to protect the host information itself.

In order to help ensure the security of your online transactions, we want you to know that:
We will never email, call or otherwise ask you for your user name, password or other electronic banking credentials.

Debit Card Safety Tips

The following are some Consumer Reports suggestions about keeping your debit card information safe:

  • Beware when using foreign ATMs
    If you see an out-of-order sign on a legitimate ATM, beware of using a nearby ATM. Thieves may have set up a phony ATM to “skim” card data. Consumer Reports also suggests keeping your PIN code separate from your ATM or debit card. Also, when keying your PIN into an ATM or card reader, shield the keypad with your free hand. Do not allow hidden cameras or any person to be in sight of the keypad.
  • Protect your card and information at gas pumps
    Consumer Reports reported, “Card-skimming at gas stations is likely to increase.” To protect yourself, use cash or process your debit card as a credit card transaction instead of using your PIN.
  • Update your account weekly
    Be sure to maintain your account, so should any unauthorized transactions take place, you may report them quickly. Time is of the essence!
  • What to do with receipts?
    Do not discard receipts at ATM locations or the gas pump. Keep them until you match the amounts with the transactions; wait for them to clear the bank, then shred the receipts.
  • Your trash may be a treasure to a thief
    Be sure to shred bank account statements and other financial information prior to tossing them in the trash. Trash is among the top methods used by thieves to commit Identity Theft. Protect yourself – Don’t let them do it to you!
  • Be aware of counterfeit cards
    If you receive a debit or credit card you are not expecting, you may call us or the associated financial institution to verify. Unauthorized cards may include fraudulent numbers on the back, which collect card and PIN information illegally.

Security questions and passwords should be thoughtfully selected. Here are some tips:

  • Change your passwords regularly
  • Your password should be complex and difficult for others to guess
  • Don't use information that could be easily linked to you (like your birth date, Social Security number, phone number, or the names of pets or hobbies)
  • Create a unique User ID and Password for each site. Do not use the same identifying information on multiple websites
  • Do not use the same password for social media sites, as you do for online banking
  • Never share your Online Banking passwords with others, even family members
  • Do not store your User ID or password information in an unsecured location, or on your computer

10 Cyber Security Tips To Keep You Safe Online

We want to do our part to promote cyber security by sharing our top 10 tips to help you stay safe online. Don’t be the next target of an online attacker. Follow these 10 tips to keep your information safe:

  • Keep your software and web browser up-to-date
    • It may seem like a hassle to always install the latest anti-virus or web browser updates, but attackers become aware of problems and vulnerabilities within a system. The new updates take measures to block the latest hacking and virus tricks.
  • Check your software settings
    • Most software defaults to allow all available functionality, but you can control this in settings. Try to use the highest security setting available for the functionality you wish, especially for software connecting to the browser.
  • Keep your information encrypted
    • Personal information should only be given to encrypted sites. You will know if a site is encrypted because it will begin with “https:” and NOT “http:” or any other variation. There should be a closed padlock icon on the address bar or at the bottom of the window to ensure the user the site is encrypting information.
  • Lock your computer when you are away from it
    • Remember to lock your computer every time you get up or stop using it, especially at work or in a public place. Attackers can sit at your computer and access all your information in less than 10 minutes.
  • Dispose of sensitive information properly
    • Only deleting a file does not completely stop the existence of the file. Sensitive information needs to be completely erased and permanently deleted from your computer. There are different steps for doing this, whether you use a Windows or a Mac computer.
  • Be cautious of emails requesting personal information
    • Legitimate businesses will not attempt to gain your personal information over email. Be cautious when clicking on links in emails; you need to know where the link is going to send you.
  • Take advantage of security features
    • Passwords can add layers of protection against attackers. Create a strong password. The strongest passwords are not true words and use characters with a mix of symbols, numbers, and capital and lowercase letters.
  • Only make secure transactions from reputable vendors
    • Only do business with legitimate organizations. If you are unfamiliar with the business, look for the site certificate and pay attention to the “issued to” portion. Keep any phone numbers and physical address information on the certificate, in case there is a problem with the bill.
  • Use a credit card for online transactions and check your statements
    • Credit cards are a better option than debit cards for online purchases for three reasons: Credit cards have spending limits, credit cards will not draw the money directly from your bank account, and laws limit your liability for fraudulent charges.

Take the time to protect your information. If you suspect you have been a victim of fraud, please report any suspicious bank account activity to us immediately by calling or visiting us in a branch.

OR

You can help protect your online account by:

  • Making sure you choose an adequate user name and password that, at a minimum, mixes in small case letters, upper case letters and numbers
  • Periodically changing your password (e.g., at least every 90 days)
  • Safeguarding your user name and password information
  • Having current anti-malware and anti-virus software
  • Making sure you have a firewall in place when conducting your financial transactions
  • Logging off the system when you’re done conducting business (don’t just close the page or “X” out of the system)
  • Monitoring your account activity on a regular basis

Back to Top