Are You Who You Say You Are?


Computer hacker stealing information with laptopA challenge for any business involves proving the person they are dealing with is actually their customer. The business needs to gain assurance that the person is authorized to access account information and perform transactions. To assist, businesses use identity credentials to authenticate their customers, as a means to prove they are who they say they are. However, the challenge is complicated by the fact that criminals have access to much personal consumer information.

Everyone is familiar with passwords which are used to protect accounts. Unfortunately, passwords have been long-losing their effectiveness as the sole means for authenticating consumers. As a result, businesses often choose from many other factors to authenticate consumers. Those factors fall within three categories: something you know; something you have; and something you are.

“Something you know” is typically a password. It may also be a personal identification number (PIN), the last four digits of your social security number, your date of birth or some account-specific information such as your most recent debit card transaction. “Something you have” could be a cell phone, to which a special code (“out-of-band”) is sent by text message or email. “Something you are” involves using methods such as fingerprint biometrics, eye biometrics, facial recognition, or a voice sample that a system compares to a stored reference.

Members 1st employs many of the above layers of security to help protect your confidential information. Understand that at times you may only be required to provide a single factor to authenticate yourself. But other times, we may ask you to provide multiple pieces of information or use a combination of authentication factors in the above categories. Such “two-factor” authentication adds an extra layer of protection by requiring information beyond simply your username and password.  For example, in addition to your password, you may also be required to enter a one-time code which is texted to your mobile device. Such practices are more common when we do not have the opportunity to conduct your transaction in-person, like we would at one of our branch locations. Or, when we deem that your transaction is higher-risk and as a result, requires a higher level of security.

Our goal is to ensure your experience is properly balanced in terms of protecting your information and providing convenient, efficient service. We want our security to work for, not against our members. That often provides a challenge as members are not always comfortable or willing to learn new security procedures, or consider the security procedures to be inconvenient.

So how can you help?

One of the most important ways to help is by keeping your online and mobile banking login credentials (usernames, passwords, PINs, etc.) private. It’s quite frustrating to hear the weekly stories from the fraud and anti-money laundering team. Those stories involve members who relinquished their personal login credentials. Stories of the financial losses which resulted because members were involved in romance scams, work-from home “opportunities,” or lottery or inheritance scams. Simple fix. Do not share your online and mobile banking login credentials with anyone. Because if you do, you will likely be the individual directly responsible for the fraudulent transactions on your account.

In addition to securing your online and mobile banking login credentials, changing your password on a regular basis and keeping it secure will also help to protect your account. Establishing a Personal Identification Number (PIN) for transactions conducted through TeleBranch and other call centers provides comfort to us that you’ve met a certain security level. And maintaining up-to-date telephone and email contact information is critical to ensure you have the ability to receive a security code. That security code may be necessary to help authenticate you before processing your transaction.

Finally, we ask for your patience when we require multiple pieces of information to authenticate you. While it may take a bit longer, know that our relationship with you is built on your trust in us. For that reason, we view strong security as part of the exceptional service which we provide.


Members 1st logo

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: