USE Credit Union

Shop Safely Online This Holiday Season

The season for online shopping is here, making consumers especially vulnerable to online scams and credit card fraud.
According to the Better Business Bureau (BBB), last year’s online Cyber Monday sales topped $1.7 billion setting the stage for more online holiday shopping this year and more potential for cyber scams and credit card fraud.
To keep you “cyber safe” this holiday season, BBB has provided these top 10 tips for safe online shopping:
1.      Protect your computer. Install a firewall, anti-virus and anti-spyware software. Check for and install the latest updates and run virus scans regularly. 
2.      Check a site’s security settings. If the site is secure, its URL should start with “https://.” 
3.      Shop trustworthy websites. Look for BBB Accredited Business seals on websites and click to confirm that it’s valid. 
4.      Protect personal information. Read a site’s privacy policy and understand what personal information is being requested and how it will be used. If a site lacks a privacy policy, it could be a red flag that the site could sell your information without your permission. 
5.      Beware of too-good-to-be-true deals. Be cautious of website or email promotions where there may be hidden costs or where your purchase may sign you up for a monthly charge. Read the fine print. 
6.     Beware of phishing. Remember that legitimate businesses do not send emails to claim there are problems with an order or an account, or to request financial information. If you suspect phishing, call the phone number listed on the website or email to confirm a problem exists. 
7.      Pay with a credit card. Never pay with pre-paid debit cards or wire money to someone you don’t know. Under federal law, you can dispute credit card charges if you don’t receive items and dispute unauthorized charges. 
8.      Keep documentation of your order. Save a copy of the confirmation page of an order or emails confirming the order until you receive the item and are satisfied. 
9.      Obtain a tracking number for shipments. Find out from the shipper when your shipment is estimated to arrive. If the shipment is late, saving the tracking number can help you find a lost order. 
10. Know your rights. Federal law requires that orders made by phone, mail or online be shipped by the date promised or within 30 days if no delivery time was stated. If goods aren’t shipped on time, shoppers can cancel and demand a refund. Consumers can also reject items if they are defective or misrepresented.
If you would like more general information about online security measures, visit the Better Business Bureau's website.

Online Security Policy

What we do to keep your information safe when you bank online.

Information Collection
We collect only general website usage information about your visit that does not identify you personally. We may be able to identify the computer, browser, and web service you are using. We may also know the date, time, and pages you visit. Collecting this information helps us improve and design the website to meet our members’ needs.

We do not track personally identifiable information about online activities over time or across third party websites or online services and neither do any of our third party service providers. 

Cookies are messages shared between Web browsers and Web servers. To deliver more customized service, cookies are used in several applications as well as to indicate acceptance of our Online Banking and related agreements. We do not link the cookie information that we receive with your name, account number, or any other personal information.

What we do to keep your information safe when you visit our website.

What the “Green Bar” Does for You.
When you visit our website, you’ll notice a “green bar” in the web browser address box at the top of your screen. This means that USECU has an Extended Validation SSL Certificate. This verifies that you are visiting USECU’s official website that is safe and secure Website.

What is Extended Validation SSL Certificate?
An EV SSL certificate is third-party authentication provided by Certificate Authorities (CA) that gives you an additional layer of security and extra peace of mind. Companies that adopt the CA security platform must follow a strict management process as part of the CA/Browser Forum.

When you visit a Website secured with an EV SSL Certificate, the browser address bar turns green (in high-security browsers) and a special field appears with the name of the legitimate Website owner along with the name of the security provider that issued the EV SSL Certificate.

Changes to the Policy
This information will be updated if any changes are made to the website online security policy. Changes to the online banking agreement will be provided during the login process.

Online Banking Security


What is Enhanced Login Security?
Enhanced Login Security is superior security technology that protects your accounts from unauthorized access by strengthening the security of your online banking session. When you login to your online banking session you can have peace of mind. Powered by the best-of breed technology, Enhanced Login Security protects against online fraud by providing an additional authentication ‘factor’ beyond your username and password used today through the use of a one-time access code.

Enhanced Login Security will:

  • Defend against identity theft and fraud
  • Provide added security from any computer, wherever you are
  • Provide a quick and easy one-time set up process

When will I know that Enhanced Login Security is set for my accounts?
You have been prompted, or will be if you are a first-time Online Banking user, to set up extra login security when you access your online banking session. You can set up how you want to receive a one-time passcode from the options that are available to you, then you're all set. You can receive this one-time access code by:

  • Phone
  • Text message
  • Email (after initial authentication)

How will it affect my online banking experience?
Once you set up your login security options the next time you login it will be business as usual, the rest of your online banking experience will remain exactly the same.

For your convenience, after you successfully authenticate with your User ID, password and One-Time Passcode (OTP), you may enroll your computer for use in authentication. If you choose to enroll your computer, a special Browser Cookie will be present on the system, which will act in place of your phone for something you have in your possession.

We recommend you ensure that your browser settings and any antivirus software you have do not delete your cookies (data files) so that you are not prompted to provide the One-Time Passcode (OTP) every time you log into Internet Banking.

Can I access my account from other computers at my home, my office or on the road?
Enhanced Login Security identifies you as the true “owner” of your accounts by recognizing not only your password but your computer as well. If we don’t recognize your computer – you’ve logged in from a public computer or one you haven’t used before, for example – we’ll ask you to select how you want to receive a unique one-time access code. You can receive this one-time access code by:

  • Phone
  • Text message
  • Email

You will then be asked to enter that code as an additional line of defense to prevent unauthorized access. With Enhanced Login Security, you’ll be protected from whatever computer you're using, whether you're at home or on the go.

Logging in from a Computer You Normally Use?
When you choose to enroll your computer as PRIVATE, a special Browser Cookie will be present on the system, which will act in place of your Login Security - One-Time Passcode (OTP). You will only need your User ID and password to access your account information.

If you are still getting prompted to provide your Login Security, then please ensure that you have the following:

  • Using one of the Recommended Operating Systems for Online Banking
  • Using one of the Recommended Browsers for Online Banking
  • Browser is not set to delete cookies – Please follow the steps in listed in this help for your respective browser to determine if cookies are being deleted
  • Any antivirus software is not set to delete cookies
  • No viruses or malware on your computer
  • No usage of a proxy server or “web accelerator” by your internet service provider
  • If using a computer from work, verify that your office technical department is not automating deletion of cookies

Logging in from a Computer You DO NOT Normally Use?
When you choose to list your computer as PUBLIC, you will need to provide your User ID, password and you will be prompted to provide your Login Security One-Time Passcode (OTP) each time you log into your account. We recommend this setting when logging in from a library or school computer.

I am being prompted to enter the one-time passcode every time I login, even though I have indicated that the computer I'm using is "Private" and have selected to not be prompted for the code.

I don't have access to any of the three methods of retrieving the one-time passcode. Can I still access Online Banking?
Unfortunately, if you are using an unauthorized device and do not have access to your registered phone or your email account, you will not be able to access your Online Banking information. Ensuring that you have an email account that can be access via the Internet from anywhere (web mail) will ensure you at least have access to receiving the One-Time Passcode by email.

I prefer not to use Enhanced Login Security to protect my Online Banking information. Is there a way for me to turn off this feature?
No, Enhanced Login Security is MANDATORY for all Online Banking users beginning December 5, 2012.

Can I change the phone number or email address that I have set-up for Enhanced Login Security?
Yes. Access your phone and email settings under the My Profile link in Online Banking and all of the settings for this feature can be updated at any time.

Additionally, the computers storing your account information are not linked directly to the Internet. Instead, transactions you initiate online are received by our Online Banking Web servers, which then route your transaction through firewall servers. Firewall servers act as a traffic cop between segments of our Online Banking network used to store information, and the public Internet.

While your requests are traveling between your computer and our servers, the privacy of communications is ensured via encryption. Encryption scrambles messages exchanged between your browser and our Online Banking server.

  • When visiting Online Banking's sign-on page, your browser establishes a secure session with our server.
  • The secure session is established using a protocol called Secure Socket Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys.
  • Keys are random numbers chosen for that session and are only known between your browser and our server. Once keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server.
  • Both sides require the keys because they need to descramble (decrypt) messages received. The SSL protocol helps to ensure the information sent is not altered prior to decryption.

The numbers used as encryption keys are similar to combination locks. The strength of encryption is based on the number of possible combinations a lock can have. The more possible combinations, the less likely someone could guess the combination to decrypt the message. For your protection, our servers require the browser to connect at 128-bit encryption (versus the less-secure 40-bit encryption).

At our data center, there are a number of various access control mechanisms, including intrusion detection and anti-virus, that you can’t see, which monitor for and protect our systems from potential malicious activity. Additionally, our Online Banking servers are fault-tolerant, and provide for uninterruptible access, even in the event of various types of failures.

We also provide a number of security features in Online Banking that you can see. For example, Online Banking will "time out" after 10 minutes of inactivity. This prevents curious persons from continuing your Online Banking session if you left your computer unattended without logging out. We recommend that you always logout when done banking online.

What you can do to protect yourself online.

Choose Your Password Wisely
Never use easy-to-guess passwords, such as your date of birth, pet's name, or social security number. USE Credit Union allows you to set a password that is 6-15 characters long. The password is case sensitive and requires at least 1 letter, at least 1 number, and can’t contain leading or trailing spaces. Never reveal your password to another person. You should periodically change your password by following the User Options link in Online Banking.

Secure Your Computer
There are simple steps even the "nontechnical" among us can take to keep our home computers safe. Keep your operating system and browser up to date and install anti-virus software (and update it regularly). We also recommend that you use a personal firewall. Just like anti-virus programs, personal firewalls are a necessity in today’s environment of open kiosks, free Wi-Fi access, etc., to help protect your computer from hackers.

Avoid malware; install anti-malware software
As you browse the Internet, certain web pages may install unwanted programs, cookies, spy programs, etc., to your system. Many of these can perform serious harm to your computer and can give the fraudsters “inside” tools to steal your information. We recommend you install both anti-virus and anti-spyware programs on your computer to help protect you. We strongly encourage you to keep them both up-to-date and scan your system often.

Use Only Trusted Computers
USE Credit Union doesn’t recommend you use a public computer to bank online. It’s not worth the potential risk as you don’t know how secure they are. Some computers may contain spyware designed to capture your Online Banking User ID and password so only use a computer that you know and trust.

Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government BBB EHL MasterCard SecureCode Sprint Credit Union Service Centers
ABA Routing Number: 322281691
© 2017 USE Credit Union