Online Security Policy
Jeff Bank understands that the security of your personal and account information is important to you. We also understand that our continued success as a financial institution relies on both our ability to offer banking services to you in a secure manner as well as your responsibility in keeping any access codes, passwords or PINs secure. To assist us in offering Web-based banking services in a secure manner, we employ a number of measures, which are described below. These measures allow us, among other benefits, to properly authenticate your identity when you access these services and protect your information as it traverses the Internet between your computer and Jeff Bank.
Login protection for the end-user
Every end-user must privately maintain a combination of a password and access ID. Each user is required to establish an absolutely private password and access ID the first time they login to the system. In case the password is lost or forgotten the administrator will be able to reset a default password for the end-user once Jeff Bank has confirmed your identity. The Bank does not have access to your password and therefore is unable to retrieve your password.
Three (3) strikes and you’re out
If an unauthorized person attempts entry into an end-user’s account by trying to guess a login ID, IBS will disable the password on the third incorrect attempt, thus invalidating the login combination. If you accidentally activate this security feature by unintentionally mis-keying a password three times, you would need to call Jeff Bank to reestablish the password for that account. For example, a common mistake made by the end-user is having the CAPS-LOCK on while typing in a password.
To further protect you, a timeout feature is used. This feature will automatically log you out of your current financial service session after a 15-minute period on our site.
Jeff Bank also requires the use of secure browsers to protect you while you access our online financial services. More specifically, the personal and account information that flows back and forth between your computer and Jeff Bank must be encrypted while in transit – secure browsers are how we achieve this level of protection. Encryption is the process of scrambling information (typically for data transmission) so that only someone who has the correct encryption key can reassembled it in its original clear text format. When used between you and Jeff Bank, this technology encrypts your personal information as you send it to us, which only Jeff Bank can decrypt. Likewise, when we send personal or account information to you, this technology encrypts it, which only you can decrypt. This is possible through a 128 bit secure server (certified by VeriSign) so that no unauthorized individuals can read or decipher the data.
Our server does not connect directly to the Internet
It is isolated from the network via a “firewall.” All requests to the server are filtered through a router and firewall before they are permitted access to the server. A router is a piece of hardware that works in conjunction with the firewall to block and direct traffic coming to the server. The router and firewall define and limit access that “outside” computers have to the Jeff Bank server.