Why security is important
Security, quite simply, protects the confidentiality of your financial information and prevents theft of your assets. There is nothing more important to us and our customers than knowing that online banking transactions are private and secure. Our system’s sophisticated security architecture keeps unauthorized users from accessing any of your financial information through the Internet. At Verus Bank of Commerce, online security is very important to us. While we provide for the protection and confidentiality of your online information on our systems, we need your help to ensure your information is protected on your systems. We will never contact you via unsolicited email or any other method and ask you for your account number, password or PIN (personal identification number) or social security number. We do not as a general practice send imbedded links within emails when corresponding with customers and we do not anticipate implementing this practice at any time in the future. Contact the bank directly at 970-204-1010 to verify the authenticity of the email received if you believe you have received a suspicious email. In addition, a great deal of fraudulent activity occurs on the Internet. Fraud such as: phishing, spamming, and spoofing are common attacks that have been reported in the media. It is strongly recommended you not send confidential information unencrypted via email or any other means (ie. social security number, account numbers, mother's maiden name, income, etc.) over the Internet. If you have questions regarding your accounts, contact us by telephone or through our contact us function on our website.
Internet security overview
One of the basic tools used to ensure Internet security is encryption. Encryption happens as follows: When you go to the sign-on page for online banking, your browser establishes a secure session with our server. The secure session is established using a protocol called Secure Sockets Layer (SSL) Encryption. This protocol requires the exchange of what are called public and private keys. Keys are random numbers chosen for that session and are only known between your browser and our server. After the keys are exchanged, your browser will use the numbers to scramble (encrypt) the messages sent between your browser and our server. Both sides require the keys because they need to de-scramble (decrypt) the messages when they are received. The SSL protocol not only ensures privacy, but also ensures that no other browser can "impersonate" your browser, nor alter any of the information sent. You can tell whether your browser is in secure mode by looking for the secured lock symbol at the bottom of your browser window. The numbers used as encryption keys are analogous to combination locks. The strength of encryption is based on the number of possible combinations that a lock can have. As the number of possible combinations grows, it becomes less likely that anyone would be able to guess the combination in order to decrypt the message. Current versions of today's browsers offer 128-bit encryption, which results in 2128 possible combinations. Older browser versions may only offer 40-bit encryption, which we feel is not sufficient in today’s world of sophisticated technology. Our servers require the use of 128-bit capable browsers.
It is also important to verify that only authorized users log into the online banking system. We use password verification to ensure user authorization. When you submit your password, it is compared with the password we have encrypted and stored in our secure data center. We limit the number of times you can enter your password incorrectly. We monitor and record "bad-login" attempts to detect any suspicious activity (i.e., someone trying to guess your password). You play a crucial role in preventing others from logging on to your account. Never use passwords that are easy to guess. Examples of bad passwords are: Birth dates, first names, pet names, addresses, phone numbers, social security numbers, etc. Never reveal your password to another person. You should periodically change your password while logged in to our online banking system. Verus Bank of Commerce does not send emails or phone calls asking for your online banking information including user ID, passwords or pin numbers. If you feel you have sent personal information in error please call is at (970) 204-1010.
Our Enhanced Login Security provides additional peace of mind when using Verus Bank of Commerce's online banking. Enhanced Login Security strengthens security and protects against online fraud by requiring an additional authentication “factor” beyond your ID and password each time you login to online banking. This additional layer of security is a browser-based secure cookie, (a piece of information), that is stored on your computer and is recognized by our system when you login.
We also “time out” an online banking session after a specified period of inactivity. This keeps others from viewing or continuing online banking activity if you leave your PC unattended. However, we recommend that you always sign off (log out) when you have finished your online banking.
All systems are secured with multiple layers of encryption, firewalls, screening, and filtering routers.
All sensitive data is protected from direct access from the Internet.
The following measures are employed:
- Secure Sockets Layer (SSL) Encryption provides a secure channel for data transmission across computer networks using public key cryptography.
- For added security, we maintain Strong Password Requirements, meaning we require one letter, one numeric character, and a longer password of 6 - 8 characters.
- Firewalls and Redundant Screening/Filtering Routers are gateways that verify the source, destination, and protocol of each data packet before it is sent.
- Security procedures are audited by a Certified Public Accounting firm on an annual basis. Federal Bank examiners review the results of this audit. In addition, an independent security firm routinely performs penetration and security testing on online Banking systems.
Messages sent by e-mail may not be secured, may be intercepted by third parties and may not be immediately received by the appropriate department at Verus Bank of Commerce. Please do not use e-mail to send us communications that contain confidential information, which we require in writing or which need our immediate attention. Please call us instead at (970) 204-1010. Be aware that a "receipt" acknowledgment on an e-mail message means only that the message has routed into the Internet, not that the message has been received by Verus Bank of Commerce. Urgent or confidential matters should be addressed via phone or in person. Written authorizations should be provided via U.S. mail or in person.
Web Site Links
The links in this web site will let the user leave Verus Bank of Commerce's site. The linked sites are not under the control of Verus Bank of Commerce, and Verus Bank of Commerce IS NOT RESPONSIBLE FOR THE CONTENT AVAILABLE ON OTHER INTERNET SITES. These links are provided as a convenience to users. Access to any other Internet sites linked to this web site is at the user's own risk. The inclusion of any link does not imply a recommendation or endorsement by Verus Bank of Commerce of the linked site.