Online Banking

Login to Internet Banking
Enroll for Internet Banking/Bill Pay | FAQ
Open an Account | FAQ
Online Mortgage Application
Visa Credit Card Login | Apply  NEW!
Home | Contact Us | Careers | ATMs/Locations/Hours | Financial Calculators | About Us | Site Map | Current Rates | Mobile Banking

Security Information


Customer Awareness Program
Security for Internet Based Services

  • Mifflinburg Bank & Trust's Commitment to Security
  • Online Banking Security
  • Multi-factor Authentication
  • Debit Card Protection
  • Additional Considerations for Business
  • Risk Assessment - What If?
  • Internet Usage/Email Policy
  • Why Your Business is at Risk
  • What Should Your Internet Policy Include?
  • Tips for Safe Browsing
  • Security Information
  • Internet Security

Mifflinburg Bank & Trust’s Commitment to Security
MBTC will NEVER request personal information by telephone, mail or text messaging including account numbers, passwords, personal identification information or any other confidential customer information.

Fraudulent emails may be designed to appear as though they are originated by MBTC. Do not respond to any email communications which request any type of personal or confidential information and do not go to any links listed on that email.  

These communications are not originated by MBTC! Never give out any information that the Bank already has to a caller, texter or email sender. If you contact us, we may ask you to verify two or more of the following pieces of information to verify your identity. These include ‘challenge questions’ that you may have established with us and/or the joint account holder’s name (if applicable), last 4 digits of you SSN or TIN, account number, most recent deposit amount (if applicable), birth date or a day-time telephone number.  If we contact you, we will never ask you for your debit/credit card number or your full SSN or TIN. If we need to contact you, it will always be done in a manner that protects your personal, confidential information and we will clearly identify ourselves. Safeguarding YOUR confidential information to preserve and maintain our reputation as, “Your Community’s Trusted Financial Resource” is a top priority of MBTC.

MBTC deploys a layered security approach including multi-factor authentication as part of a comprehensive information security program to protect your confidential information. If you receive any suspicious emails, telephone calls or any other communications regarding your personal or confidential bank information, please contact MBTC immediately at 570-966-1041. MBTC works with local regulatory and law enforcement departments to be certain that any type of legal activity is stopped as soon as possible. Reacting promptly can help you maintain certain protections you have as a consumer under federal law regarding limits on liability for unauthorized activity. For more information regarding consumer protections, please refer to the Electronic Fund Transfer disclosures that were provided at the time you opened your account. You may also contact us and we will send a copy to you.

Online Banking Security
MBTC is committed to protecting your personal information. Our online banking system uses several methods to protect your information. All information within our online banking system is protected by Secure Socket Layer (SSL) protocol for transferring data.  SSL is a cryptosystem that creates a secure environment for the information transferred between your browser and MBTC.  All information transferred through the online banking system has 128-bit encryption; which is the highest level of encryption available.  In addition to the security features deployed by MBTC, here are some tips for you to keep your information secure:
    # Never give out any personal information including user names, passwords, SSN or date of birth.
    # Create difficult passwords that include letters, numbers and symbols when possible.
    # Do not use personal information for your user names or passwords such as birth dates and SSN.
    # Avoid using public computers to access your online banking account information.
    # Do not give any of your personal information to any web site that does not use encryption or other secure methods to protect your personal information.

Multi-factor Authentication
Multi-factor authentication works by using more than one way to confirm your identity. Internet fraud is becoming more common and more advanced.  This is done using a combination of technology and human input.
    # Security Image and Passphrase
        When you access MBTC’s internet banking system, you will select a security image and create a passphrase.  Each time you log in, you will see your security image and passphrase and know that you
         are on the authentic bank site.  Upon verifying your chosen image and passphrase, you will then enter your password.
    # Security Questions
        You will also establish four security questions.  If we do not recognize the computer you are using to log in, we will ask you to answer two of the security questions previously created by you.

Debit Card Protection
Debit card usage has increased dramatically in recent years and fraudulent use of debit cards has also increased.  MBTC has some suggestions for you to consider regarding the care and usage of your debit cards:
    # Never give your debit card number information when requested by phone, email or texting unless you are making an authorized purchase of goods or services. MBTC will never contact you to request 
    this type of information. Please contact us immediately if you receive this type of request. As mentioned above, if you contact us, we may ask you for some personal or account information to verify your 
    identity.
    # It is a good idea to pay by credit card if your card leaves your sight. An example may be when a waiter takes your card from your table in a restaurant or when making purchases online. Debit cards 
    are easier to process illegally in comparison to credit cards.

Additional Considerations for Businesses
In accordance with Federal Regulatory guidelines and sound business practices, MBTC has implemented a security program to specifically address identified risks in offering internet based services to our customers. The bank recognizes that the most sophisticated and expensive security program can be rendered ineffective if combined with the absence of fundamental customer controls. Thus we need you to consider the following guidelines for your business so that together we can maintain a safe environment for conducting business transactions online.

Risk Assessment – What If?
MBTC has created an extensive list of “What If” scenarios to consider that present varying degrees of risk to the bank and its’ ability to conduct business. These risks are categorized as technical risks including internet related, computer and telecommunications; human risks such as fraud, error and robbery; and natural risks including flood, fire and snow. A response plan has been created to respond to each risk. We suggest that you also consider doing this for your business.
To address specific risks from conducting business online, consider the following questions.
    # Do you have a password policy that requires the use of strong passwords (includes at least three of the following elements, upper case letter, lower case letter, number or special character?
    # What is your password lockout policy?
    # How frequently are passwords required to be changed?
    # Are passwords being written somewhere such as on the back of the monitor or underside of a keyboard by employees?
    # Can passwords previously used be repeated? Is this based on number of days since last use or the number of times since last use?
    # Does your company conduct background checks on employees? The cost is minimal compared to the potential loss from fraud.
    # Are computer system rights and permissions revoked timely for dismissed employees? Does this include all remote devices?
    # Are duties segregated sufficiently to create effective checks and balances if possible?
    # Do you have a data backup? Is this tested periodically? If this data is transported to another location, is it encrypted or have password protection to guard sensitive data?
    # Does your business have insurance coverage for losses resulting from these events? Do you understand what is not covered?
    # Have you considered reconciling or reviewing account activity daily?
    # Do you ensure that PC and Network related patches and components are up-to-date?

Internet Usage /Email Policy
If your business does not have a policy on internet usage for your employees, please consider adopting one. Though the web can be an incredibly useful workplace tool, it can also cause significant workplace havoc that can result in lost productivity, financial loss, liability and damage to the reputation of your business. Unscrupulous websites, as well as pop-ups and animations, can be dangerous. Establish rules about internet usage including email guidelines to protect your business — and your employees.   

Why Your Business is at Risk
Web pages contain programs that are usually innocent and sometimes helpful - for instance, animations and pop-up menus. But there are questionable, even malicious websites that have their own agenda, and it is not always in your best interests. When surfing the web, site operators can identify your computer on the internet, tell which page you came from, use cookies to profile you and install spyware on your computer - all without your knowledge. Destructive worms can also enter your system through your web browser.

Beyond malicious activities instigated by outsiders, businesses can be put in a vulnerable position by employees who engage in illegal and/or undesirable web activity during work hours and on company-owned computers.

What Should Your Internet Policy Include?
When creating a company-wide internet use policy, consider addressing the following issues:
    # Are employees allowed to browse the web for personal use as well as business purposes?
    # Can employees use the web for personal use (lunch hours, after-hours, etc?)
    # Does the company monitor web use and what level of privacy employees can expect
    # Is certain web activity prohibited? Spell out unacceptable behavior in detail. In many companies, this includes:
        o Downloading offensive content.
        o Threatening or violent behavior.
        o Illegal activities.
        o Commercial solicitations (non-business related).
Provide two copies of the policy to employees - one for them to keep and another for them to sign and return to you. The signed copy provides written proof that the employee was made aware of company policies, possible consequences of violating company policies and that they understand and accept these conditions.

Tips for Safe Browsing
In addition to having a policy, the following recommendations can also help promote safe web browsing:
    # Go to trusted sites only.
    # Do not  use work computers for idle browsing.
    # Never browse web sites from a server. Always use a client PC or laptop.
    # Use a firewall/router. It allows you to filter web addresses and block internet traffic to and from dangerous sites.
    # Consider web-filtering software.

Security Information

The following safeguards have been put in place to protect your account information and ensure the integrity of transactions and other banking information provided to you by Mifflinburg Bank & Trust.

Internet Security

  • Internet Browser Security - Mifflinburg Bank & Trust Company requires the use of an Internet Browser with 128 bit encryption such as Microsoft® Internet Explorer (6.0 or higher) or Netscape Navigator® (4.8 or higher).

  • Session Time-out - After 15 minutes of inactivity, your Internet Banking Session will automatically logout to protect unauthorized account access.

  • User ID/Password - After you have been enrolled for Internet Banking, you will receive an e-mail with your "User ID" and "Password." This information is needed to login to the Internet Banking system. For security purposes, this password will need to be changed during the initial login and again every 90 days.






EHL
FDIC Home | About Us | Privacy Policy | Terms of Use | USA PATRIOT Act

NOTICE: Mifflinburg Bank & Trust is not responsible for and has no control over the subject matter, content, information, or graphics of the web sites that have links here. The portal and news features are being provided by an outside source - The bank is not responsible for the content. Please contact us with any concerns or comments.

© 2010 Mifflinburg Bank & Trust. All rights reserved. Website designed by ProfitStars.