Internet Banking will be eliminating the Image/Phrase site verification as of Monday, May 19, 2014. When you log in to Internet Banking after May 19, 2014, you will no longer see your Secure Image and Word or Phrase.
This change will not affect multifactor authentication device security. Originally, the Site Verification feature helped reassure customers that Valley Bank’s online banking site was genuine; however, other, more modern mechanisms have largely eliminated the feature’s usefulness. In addition to the traditional user name and password required at login and the existing security challenge questions, RSA’s systems employ device forensics to seamlessly authenticate our customer’s computers or other devices being used to access online accounts.
The image/passphrase feature is being replaced with Extended Validation (EV) certificates, which are currently in place. The EV certificate changes the Internet Banking website URL address bar to green, providing visual confirmation that you are on a valid website. In addition, EV certificates provide a special field that appears with the name of the legitimate website owner (Fiserv, Inc.). Each browser displays the EV certificate differently.
Please feel free to stop by the bank or call us at (406) 228-4364 or (800) 621-3083 with any questions.
Authentication provides you added safety by helping ensure
that only you can access you bank account. The RSA
Multifactor Authentication is a picture and caption that is
a shared secret between you and the bank. When you see your
RSA Multifactor Authentication you can be confident that you
are at the legitimate bank web site, not an imposter site.
Make sure you see your RSA Multifactor Authentication
before you enter your password!
In addition, the RSA Multifactor Authentication remembers
which computer(s) you normally use, preventing potential
fraudsters from logging into your account even if they
somehow get a hold of or guess your username and password.
Why do I need RSA Multifactor Authentication?
RSA Multifactor Authentication is an enchanced security
feature that helps protect you while you access your on-line
account. On the Internet today, fraudsters attempt to steal
your identity by impersonating the web sites you trust. We
are committed to proactively protecting you, our customers,
against such attacks. RSA Multifactor Authentication helps
us do this.
How does it work?
When you visit Valley Bank, you know our faces and we know
yours. RSA Multifactor Authentication does the same thing
over the Internet. It is a new method to identify us to you
and you to us. When you enroll in RSA Multifactor
Authentication, you will select a secret picture and caption
known only to you. Whenever you log-in we will show you this
picture so you can rest assured that you are accessing the
real banking site and not an imposter site.
We also check the computer(s) or device(s) that you are
using to access the web site. Typically you will access the
web site from one or two computers, such as your work and
home machine. RSA Multifactor Authentication remembers your
computer. Should you need to log-in from a different
computer, such as an Internet café, we will take additional
steps to verify your identity, such as ask you to provide
the answer to secret questions we both know the answers to.
RSA Multifactor Authentication remembers your computer by
assigning a unique identifier to each computer you use to
access our web site using standard secure cookies. The
cookie is used to store the identification information only.
No personal or private data is stored in any way.
How is RSA Multifactor Authentication more secure?
RSA Multifactor Authentication protects you from
accidentally revealing your username and password to a fake
site. In addition, if someone does somehow get your username
and password, he will still not be able to access your
account because he is not at your registered computer.
What keeps somebody from stealing my RSA Multifactor
We only show you your RSA Multifactor Authentication picture
and caption if you log-in from your own computer, or after
you have answered a secret question. So, it is not possible
for an un-authorized person to get access to your picture.
Why am I being asked a question when I try to log-in?
We ask you a secret question when we detect that you are
trying to log-in from a new computer. This is to prevent
someone with stolen passwords from logging into your
account. Since only you know the answer to the questions, we
will know it’s really you. Generally you will be asked to
answer a secret question only when you log-in for the first
time from a new computer. After you answer the question, you
will be asked whether we should remember this computer for
future log-ins. If you are using a personal computer, you
should answer yes. If you are using a public terminal, you
will want to answer no.
Can I access my account from multiple computers?
Yes, you can still access your bank account from any number
of computers. If you log-in from a new computer or a public
terminal, you will just need to go through one extra step of
answering a secret question. This helps protect you by
keeping unauthorized people from accessing your valuable
information. There is no limit on how many different
computers you can use to log-in to your bank account.
I am not an Internet expert. How easy is RSA Multifactor
Authentication to use?
RSA Multifactor Authentication is extremely simple for
anyone to use. You don’t need to memorize anything new –
just use the site as usual and look for your RSA Multifactor
Authentication at log-in.
I share my computer with someone who has their own bank
account. Can both of us still log-in from this machine?
Yes, you can both use the same computer to log-in to your
individual bank accounts. There is no limit on how many
people can log-in into the bank web site from the same
What happens if someone steals my password? How will RSA
Multifactor Authentication keep them from accessing my
When someone tries to log-in using your stolen user name and
password, we will recognize that they are logging in from a
different computer, and ask them a secret question. Since
only you know the answers to your secret questions, they
will not be able to give a correct answer. They will not be
able to log-in.
Can I change my RSA Multifactor Authentication picture
Yes, you can change your RSA Multifactor Authentication
picture and caption at any time. To make the change, go to
the account maintenance link after you log-in to your
How do you know I am logging in from my own computer?
When you log-in for the first time from a new computer, we
put a secure (encrypted) cookie on your computer. This
cookie contains a randomly generated unique number that
identifies your computer. The cookie is visible only to the
bank web site and does not contain any of your personal
information. When you log-in after that, your web browser
sends us this cookie. This lets us know that this is your
What is Phishing?
Recently there have been attempts by fraudsters to trick
people into revealing their personal information, such as
passwords, by creating fake web sites that look very much
like the sites of legitimate financial institutions. They
send out emails randomly with links to these fake web sites.
This phenomenon has been called Phishing. (pro-nounced
I am trying to log-in from my own computer, but the
bank’s web site is not showing me my RSA Multifactor
Authentication. Instead, it is asking me a question. What is
This might happen in rare cases if you have deleted all
cookies on your computer. Before answering a secret question
or entering your password, make sure that you are going to
the legitimate bank web site. The easiest way to ensure this
is by typing in the URL of the bank (www.valleybankglasgow.com)
directly into your web browser. Then, after you answer the
security question, you should see your secret RSA
Multifactor Authentication next to the password field. If
your RSA Multifactor Authentication is there, you can be
confident that you are at the legitimate web site and can
enter your password.
What is a Trojan or Key Logger?
Some fraudsters have been putting programs on random
computers in order to harvest your user id and password
information used to log-in to web sites. They collect this
information and secretly transmit it to their own computers
and attempt to log-in to your site. These are called Trojans
(short for Trojan Horse) or Key Loggers (for logging your
How does RSA Multifactor Authentication protect me from a
Trojan or Key Logger?
Once you have RSA Multifactor Authentication and have
registered your computer, even if a fraudster steals your
login ID and Password, his computer will not be registered
and he will not be able to log-in as you; thus, RSA
Multifactor Authentication protects your identity and your