New Page 1
  New Page 1

RSA

Privacy Policy


 

Internet Banking will be eliminating the Image/Phrase site verification as of Monday, May 19, 2014. When you log in to Internet Banking after May 19, 2014, you will no longer see your Secure Image and Word or Phrase.

This change will not affect multifactor authentication device security. Originally, the Site Verification feature helped reassure customers that Valley Bank’s online banking site was genuine; however, other, more modern mechanisms have largely eliminated the feature’s usefulness. In addition to the traditional user name and password required at login and the existing security challenge questions, RSA’s systems employ device forensics to seamlessly authenticate our customer’s computers or other devices being used to access online accounts.

The image/passphrase feature is being replaced with Extended Validation (EV) certificates, which are currently in place. The EV certificate changes the Internet Banking website URL address bar to green, providing visual confirmation that you are on a valid website. In addition, EV certificates provide a special field that appears with the name of the legitimate website owner (Fiserv, Inc.). Each browser displays the EV certificate differently.

greenbar

Please feel free to stop by the bank or call us at (406) 228-4364 or (800) 621-3083 with any questions.

WHAT IS RSA?


RSA Multifactor Authentication provides you added safety by helping ensure that only you can access you bank account. The RSA Multifactor Authentication is a picture and caption that is a shared secret between you and the bank. When you see your RSA Multifactor Authentication you can be confident that you are at the legitimate bank web site, not an imposter site.

Make sure you see your RSA Multifactor Authentication before you enter your password!
In addition, the RSA Multifactor Authentication remembers which computer(s) you normally use, preventing potential fraudsters from logging into your account even if they somehow get a hold of or guess your username and password.

Why do I need RSA Multifactor Authentication?
RSA Multifactor Authentication is an enchanced security feature that helps protect you while you access your on-line account. On the Internet today, fraudsters attempt to steal your identity by impersonating the web sites you trust. We are committed to proactively protecting you, our customers, against such attacks. RSA Multifactor Authentication helps us do this.

How does it work?
When you visit Valley Bank, you know our faces and we know yours. RSA Multifactor Authentication does the same thing over the Internet. It is a new method to identify us to you and you to us. When you enroll in RSA Multifactor Authentication, you will select a secret picture and caption known only to you. Whenever you log-in we will show you this picture so you can rest assured that you are accessing the real banking site and not an imposter site.

We also check the computer(s) or device(s) that you are using to access the web site. Typically you will access the web site from one or two computers, such as your work and home machine. RSA Multifactor Authentication remembers your computer. Should you need to log-in from a different computer, such as an Internet café, we will take additional steps to verify your identity, such as ask you to provide the answer to secret questions we both know the answers to.

RSA Multifactor Authentication remembers your computer by assigning a unique identifier to each computer you use to access our web site using standard secure cookies. The cookie is used to store the identification information only. No personal or private data is stored in any way.

How is RSA Multifactor Authentication more secure?
RSA Multifactor Authentication protects you from accidentally revealing your username and password to a fake site. In addition, if someone does somehow get your username and password, he will still not be able to access your account because he is not at your registered computer.

What keeps somebody from stealing my RSA Multifactor Authentication picture?
We only show you your RSA Multifactor Authentication picture and caption if you log-in from your own computer, or after you have answered a secret question. So, it is not possible for an un-authorized person to get access to your picture.

Why am I being asked a question when I try to log-in?
We ask you a secret question when we detect that you are trying to log-in from a new computer. This is to prevent someone with stolen passwords from logging into your account. Since only you know the answer to the questions, we will know it’s really you. Generally you will be asked to answer a secret question only when you log-in for the first time from a new computer. After you answer the question, you will be asked whether we should remember this computer for future log-ins. If you are using a personal computer, you should answer yes. If you are using a public terminal, you will want to answer no.

Can I access my account from multiple computers?
Yes, you can still access your bank account from any number of computers. If you log-in from a new computer or a public terminal, you will just need to go through one extra step of answering a secret question. This helps protect you by keeping unauthorized people from accessing your valuable information. There is no limit on how many different computers you can use to log-in to your bank account.

I am not an Internet expert. How easy is RSA Multifactor Authentication to use?
RSA Multifactor Authentication is extremely simple for anyone to use. You don’t need to memorize anything new – just use the site as usual and look for your RSA Multifactor Authentication at log-in.

I share my computer with someone who has their own bank account. Can both of us still log-in from this machine?
Yes, you can both use the same computer to log-in to your individual bank accounts. There is no limit on how many people can log-in into the bank web site from the same computer.

What happens if someone steals my password? How will RSA Multifactor Authentication keep them from accessing my account?
When someone tries to log-in using your stolen user name and password, we will recognize that they are logging in from a different computer, and ask them a secret question. Since only you know the answers to your secret questions, they will not be able to give a correct answer. They will not be able to log-in.

Can I change my RSA Multifactor Authentication picture and caption?
Yes, you can change your RSA Multifactor Authentication picture and caption at any time. To make the change, go to the account maintenance link after you log-in to your account.

How do you know I am logging in from my own computer?
When you log-in for the first time from a new computer, we put a secure (encrypted) cookie on your computer. This cookie contains a randomly generated unique number that identifies your computer. The cookie is visible only to the bank web site and does not contain any of your personal information. When you log-in after that, your web browser sends us this cookie. This lets us know that this is your computer.

What is Phishing?
Recently there have been attempts by fraudsters to trick people into revealing their personal information, such as passwords, by creating fake web sites that look very much like the sites of legitimate financial institutions. They send out emails randomly with links to these fake web sites. This phenomenon has been called Phishing. (pro-nounced “fishing”).

I am trying to log-in from my own computer, but the bank’s web site is not showing me my RSA Multifactor Authentication. Instead, it is asking me a question. What is happening?
This might happen in rare cases if you have deleted all cookies on your computer. Before answering a secret question or entering your password, make sure that you are going to the legitimate bank web site. The easiest way to ensure this is by typing in the URL of the bank (www.valleybankglasgow.com) directly into your web browser. Then, after you answer the security question, you should see your secret RSA Multifactor Authentication next to the password field. If your RSA Multifactor Authentication is there, you can be confident that you are at the legitimate web site and can enter your password.

What is a Trojan or Key Logger?
Some fraudsters have been putting programs on random computers in order to harvest your user id and password information used to log-in to web sites. They collect this information and secretly transmit it to their own computers and attempt to log-in to your site. These are called Trojans (short for Trojan Horse) or Key Loggers (for logging your keystrokes).

How does RSA Multifactor Authentication protect me from a Trojan or Key Logger?
Once you have RSA Multifactor Authentication and have registered your computer, even if a fraudster steals your login ID and Password, his computer will not be registered and he will not be able to log-in as you; thus, RSA Multifactor Authentication protects your identity and your account.