Security

Here is how we do it.

Home » Resources » Security

Security Tips for Your Protection

The the way financial institutions do business has changed. Digital banking solutions provide a convenient way to access information and perform transactions from wherever you choose – but convenience also draws out unwanted risks from fraudsters. It is important to be hypervigilant when utilizing the digital banking solutions for your financial transactions or to convey information to your financial institution so as not to open yourself up to risk.

Alerts

To learn more about the different type of alerts Integris sends, expand the boxes below.

Alerts that help manage your accounts!

Integris sends email and/or SMS alerts when available funds are less than an available balance in your account. An overdrawn alert provides members with the opportunity to deposit funds, avoid incurring an NSF fee, and have an item returned due to insufficient funds.

Alerts will indicate the amount of the payment, the payee, and the NSF fee charge. Additionally, we will also include the timeframe in which to make a deposit to cover the item before it is returned.

Should you receive an alert indicating your account is overdrawn, payment can be made a number of ways, including by:

  • Visiting your Integris Branch
  • Calling our Member Experience Centre (1-866-554-3456)
  • Online through Internet Banking or the mobile app

What to do if you cannot make a payment

Should you not be able to make payment, our team of financial experts is here to assist in avoiding financial penalties by providing temporary lines of credit, line of credit extensions and other creative solutions. Please contact your lender to make alternative arrangements. Should you not have a lender, our Member Experience Centre would be happy to help connect you with one.

We are your partners in financial wellness and we want you to ensure you feel welcomed, understood, and valued in every interaction. Please be sure to reach out if you are having challenges – our team is here for you.

How to identify whether a text message is really an Integris Alert

An Integris alert will never ask you to provide personal information over text message. Alerts will contain information that you will recognize to prove that the message is from us. This will include transaction information such as a payment amount, and the payees name.

Should you be concerned about an alert, you can always reach out to us through our website chat or toll free number (1-866-554-3456) to inquire as to the legitimacy of an alert message.

Can I opt out of email/SMS overdrawn alerts?

Due to forthcoming legislative changes, Financial Institutions will soon be required to alert members to NSF charges and the potential for an item to be returned as insufficient funds. For this reason, there is no ability to opt out of this type of alert.

What to do if you are not receiving alert

Please note that our overdrawn account alerts relies on up to date phone number and email. If you are not receiving alerts or concerned we do not have the correct email and phone number on file, please contact us to update your info.

Get Informed

Use our security alerts to make sure you’re aware of suspicious or potentially fraudulent account activity through your Online Banking. We’ll notify you through an email or mobile text message – it’s your choice. Activate any or all of the alerts and customize your selection based on your personal needs.

  • New Payee Added – Notifies you when a new bill payment vendor account is added.
  • Online Banking Account Lock Out – Triggered after three unsuccessful login attempts.
  • Online Personal Access Code (PAC) Change – Notifies/confirms that your PAC has been changed.
Convenient

Setting up and managing alerts is quick and easy through Online Banking. And you can decide if there are others you’d like the alerts sent to as well. You can designate a joint account holder, someone acting with your Power of Attorney (POA), or really anyone else you choose. Just remember, if your contact is not joint on your accounts or doesn’t have your POA authorization, we won’t be able to discuss your account or the alert with them.

Safe and secure

No personal information is transmitted with the alerts. This includes account numbers or other data that potentially could be used to identify you or your accounts.

Peace of mind

Concerned about an elderly parent being taken advantage of or perhaps falling prey to a scam? Bring everyone greater peace of mind and help your parents set up security alerts by adding your mobile phone number or email as one of their contacts.

How to set up and manage your security alerts

Add, delete, and even disable a contact temporarily by clicking the Manage Alerts tab.

Log into Online Banking.

Click on the Messages and Alerts.

Click on the Manage Alerts Contact(s) and Mobile Nicknames tab and choose Add Mobile Phone or Add Email.

After accepting the Alerts Agreement, input the contact information.

For a mobile phone contact you will be prompted for a passcode. The passcode will be sent to the mobile device as a text message.

Go back to the Manage Alerts page and select the Security Alert(s) you wish to activate.

Using the Edit button, indicate the contacts you want each Alert sent to.

Click Submit to activate the Alert.

You can have up to three mobile phone numbers or email addresses listed as contacts.

Browser Safety & Requirements

Browser Requirements when using a personal computer

Supported Browsers

To maximize your Internet banking experience and for your Internet security, we recommend using the latest supported browsers. Please note that we do not support Beta or test versions of browsers.

  • Microsoft Edge: Download  Microsoft Edge.
  • Firefox: Download the latest version of Firefox.
  • Safari: Download the latest version of Safari.
  • Google Chrome: Download the latest version of Google Chrome.
  • Internet Explorer: Note, Microsoft will no longer support IE after June 15, 2022. Please upgrade to any of above browsers.

Please note that in downloading the supported required browser version, you acknowledge that these are third party sites and we cannot take any responsibility for the consequences of your downloading these browsers.

128-Bit Secure Sockets Layer (SSL) Encryption

To access our services, your browser must at least support 128-bit Secure Sockets Layer (SSL) encryption. All the browsers we support meet this requirement and higher. If yours doesn’t, please download the appropriate encryption support from your browser’s supplier. As additional security feature our banking system supports TLS 1.2 with a 256-Bit Encryption.

Cookies

To use our online banking services, you must enable your browser to accept cookies. Detailed information on our use of cookies is available in our Cookie Usage Policy. For more information on enabling and disabling cookies, please refer to your browser’s Help section or documentation.

JavaScript

To use our online banking services, you must change your browser and/or device settings to enable JavaScript. For more information on enabling JavaScript, please refer to your browser’s Help section or documentation.

Hardware Configurations

We have no minimum hardware requirements; however, certain minimum requirements may be specified by the browser you are using.

Device Security

Protect Your Desktop Device

  • Install and use a trusted antivirus or advance end point protection program
  • Update your security solution regularly
  • Install and use an end point firewall, update regularly
  • Keep your End Point system updated, including operative system (Windows, MAC) and applications
  • Avoid using a public computer for financial transactions
  • Always log out of your banking system session and do not leave your system unattended
  • Clear your browser cache according to each vendor recommendations
  • Change your password on regular basis
  • Disable automatic save password feature on your browser

 Protect Your Mobile Device

  • When using a smartphone, turn off features not in use to decrease risk
  • If your mobile phone supports System Encryption, turn this feature ON to protect your data in case your device is lost or stolen
  • When installing any new APP, always review and research the vendor and/or developer
  • Application may require additional permissions when installing; only grant what is minimum for application to function
  • Enable Screen LOCK and use a long passcode as a first layer of protection
  • Avoid allowing your device to connect to unknown Wireless Access Networks (Wi-Fi Access Points)
  • Keep your smartphone updated according to vendor recommendations
  • When disposing of your device, always do a Factory Reset to clear all your personal data
  • Your mobile device is a personal computer, use caution when browsing or following suspicious links

Identity Theft

What if it happens to you? Report it!

If you are the victim of identity theft, there are steps you can take to minimize damage and help prevent any further fraud or theft. As soon as you discover the fraud or theft, take the following steps to report it:

  • Call your financial institutions – have them cancel your cards and re-issue new ones. If you do not report a lost or stolen card immediately you could be liable for any losses.
  • Contact local police. If a report is filed, be sure to include the police report number they give you in all correspondence you have relating to the theft.
  • Contact the CRA at 1-800-959-8281.
  • Contact Canada’s main credit reporting agencies:
    • Trans Union Canada at www.transunion.ca (1-800-663-9980,  Québec Residents 1-877-713-3393).
    • Equifax Canada at www.equifax.ca (1-800-465-7166)Experian (1-888-397-3742.  
    • Ask each agency to send you a copy of your credit report and discuss with them whether you should have a fraud alert or identity alert placed on your file. Ongoing monitoring of your credit report is recommended.
  • Replace your ID cards like health, driver’s license, or SIN by calling 1-800-O-Canada. An agent will be able to direct you to the appropriate federal and provincial organization to replace each of your cards.
  • If your mail is missing, contact Canada Post at www.canadapost.ca (1-800-267-1177).
  • Contact each organization that provided the identity thief with unauthorized credit, money, information, goods or services in your name, and ask them to investigate the occurrence as well as cancel and close all fraudulent or affected cards or accounts. Find out the following: What information does the company need to begin an investigation? Has the company begun a criminal investigation? If so, what is the police report number? What do you need to do to have your losses reimbursed?
  • For advice on privacy issues related to the identity theft (PIPEDA) contact the Privacy Commissioner of Canada (1-800-282-1376 or www.priv.gc.ca). Note that Quebec, British Columbia, and Alberta have separate privacy laws that are similar to PIPEDA, so if you live in one of these provinces, contact the corresponding Provincial Commissioner.
  • To help stop fraud, be sure to report the incident to Canada’s national anti-fraud call centre. The Canadian Anti-Fraud Centre gathers information and intelligence about identity theft and provides advice and assistance to victims. Canadian Anti-Fraud Centre (1-888-495-8501)

Keep Records

Be sure to record the steps you’ve taken to report the fraudulent use of your identity.

Key Government Contacts

If your government-issued documents are lost or stolen, it is important to report them right away, so that they can be cancelled and you can apply to have new documents issued.

As mentioned above, to replace any key government documents, contact the Government of Canada at 1 800 O-Canada (1-800-622-6232 TTY 1-800-465-7735). They will direct you to the appropriate organization. Although 1-800-O-Canada agents can direct you to your provincial or territorial government for key documents issued by provincial or territorial governments, you can also contact them directly at the following coordinates:

AlbertaToll Free: 310-0000
TTY Toll Free: 1-800-232-7215		www.servicealberta.ca
British ColumbiaToll Free: 1-800-663-7867
TTY Toll-free: 1-800-661-8773		www.gov.bc.ca
ManitobaToll free: 1-866-626-4862
TTY: 204-945-4796		www.gov.mb.ca
New BrunswickToll Free: 1-888-762-8600www.snb.ca
Newfoundland
& Labrador		Telephone: (709) 729-2600www.gov.nl.ca
Northwest TerritoriesTelephone: (867) 873-7817www.gov.nt.ca
Nova ScotiaToll Free: 1-800-670-4357www.gov.ns.ca
NunavutTelephone: (867) 975-6000www.gov.nu.ca
OntarioToll Free: 1-800-267-8097
TTY Toll-free: 1-800-268-7095		www.ontario.ca
Prince Edward IslandTelephone: (902) 368-4000www.gov.pe.ca
QuebecToll Free: 1-800-363-1363www.gouv.qc.ca
Saskatchewanwww.saskatchewan.ca
YukonToll free: 1-800-661-0408
TTY: (867) 393-7460		www.gov.yk.ca

Internet Scams

Internet fraudsters use fear tactics and expediency to try and trick you into falling for their schemes. These scams typically start with an information request that is then used to crack your passwords, steal your identity, and more all with the end goal of stealing your money or monetizing on your personal information. You can protect yourself from these situations by knowing how to identify and avoid these scams.

A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or text messaging (SMS). Phishing works by sending communications, which appear to be from your financial institution, but they are not. You are asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – and you’ll be asked to enter your credentials.

Phishing emails may include:

  • Warnings about account closures
  • Requests to update your information
  • Offers to register for a new service
  • Offers for pre-approved credit cards
  • Free virus-protection programs
  • Reimbursement of funds

Once you click on the link, which directs you to a phishing website, you’ll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social insurance number (SIN), or mother’s maiden name. The details obtained will then be used for identity theft.

Scam emails or text messaging purporting to be from your credit card company or financial institution often have some telling signs, including:

  • Poor spelling or grammar
  • Alarmist content, warning that your account will be closed if you don’t provide your banking or personal details immediately
  • Notices that you’ve won a prize and are required to pay a fee to claim it

Never provide personal details or any account details in an email. Electronic messaging is not a secure form of communication. If you receive a message that you are unsure about, please contact Integris.

Another way for hackers to get their hands on your personals details is by pharming them. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer’s host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you’re on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

Integris will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is to never use a link provided in an email to access your online banking (because we don’t send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software.

Always type your financial institution’s website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter “s” in ‘https’ indicates you are navigating in a secure site, in comparison to the open and unprotected ‘http’ URLs. Look for the ‘https’ when online shopping, too.

Don’t feel panicked when phishing emails or text messages caution of immediate account closures if your banking details cannot be verified. Don’t believe emails warning that your account has been compromised or that you’ll miss out on a great deal if you fail to act immediately. If you are concerned, call or visit one of our customer service representatives.

Social media was designed to allow users to create and share content, as well as participate in social networking. Frauds initiated through dating websites and applications are also included in this contact method. Fraudsters will create fake accounts, social media bots, compromise existing accounts and create fraudulent advertisements to scam social media users.

Warning signs and how to protect yourself:

  • Do not accept requests from people you do not know! You can’t know their intent.
  • Be wary of profiles that seem perfect in their photos.
  • Complete a reverse image search to see where the same photo is being used online (Google images and TinEye are great options).
  • Ask specific questions and look for inconsistencies in the responses.
  • Be wary of those who always have an excuse as to why you cannot meet in person.
  • NEVER SEND MONEY TO SOMEONE YOU HAVE NEVER MET IN PERSON.
  • Beware of profiles that do not have many friends connected to them.
  • If someone is harassing or threatening you, remove, block and report their account.
  • Spot other fake accounts when: they have a high follower count but low engagement, the engagement rate is too fast, they have a large following but very few posts, or they only share spam content.
  • Accounts that only push out information and do not engage in conversations likely have a bot behind them.
  • Keep an eye out for wording or messages that seem unnatural.
  • DO NOT CLICK ON SUSPICIOUS LINKS.
  • Adjust your social account privacy settings from “public” to a more restricted option.
  • DO NOT SHARE SENSITIVE INFORMATION (i.e. personal, financial, travel plans, etc.).
  • Recognize that what you share online, WILL ALWAYS BE ONLINE.
  • Do not provide your login details to anyone.

A fraudster agrees to buy your item, often too quickly and without seeing it. In one version, the fraudster will agree to buy your item and you receive a PayPal or email money notification that claims the payment is pending. However, it states the payment will only be released when you provide a tracking number for the goods. By the time you enter the tracking number, you’ll have already shipped the merchandise only to learn that the payment notification was a fake.

In another version, the scammer may send you a message that says the payment can’t be sent due to a problem with your PayPal or bank account. You’ll be asked to pay a fee to obtain a business account to complete the transaction. The scammer offers to pay the fee if you reimburse them using a transfer or wire service.

In other cases, you might get paid with a fake money transfer, a fraudulent cheque or a stolen credit card. Or, you may receive a cheque for an amount that is higher than the actual purchase price and asked to wire the excess funds (the overpayment) immediately back to them. Once your bank realizes the cheque is a fake, you’ll be on the hook for the money withdrawn.

Protect yourself:

  • Always meet in a local, public and safe place to complete an exchange.
  • Beware of generic emails with bad grammar.
  • Beware of geographically distant buyers who want to buy products or other items without seeing them.
  • Verify the sender’s email address—scammers will often create addresses that are very similar to legitimate ones, with just one or two different letters.
  • Never send money to get money.

A scammer convinces you to enter a virtual, online relationship so the scammer can gain your trust and affection. This can occur through:

  • Email messages
  • Fake profiles on social media and dating sites

Eventually, the scammer may ask you:

  • For money for travel, a medical emergency or family assistance – making it seem urgent or like an emergency.
  • To receive money for them – by doing so you might unknowingly be committing a crime.
  • To join a business venture with them.
  • To invest in cryptocurrency– promises of fast returns but the scammer vanishes with your funds.

Scammers will try to use any means necessary to convince you that their requests are legitimate. The majority of fraud is not committed by amateurs and they will use technology to their advantage.

Cryptocurrency wallets can be compromised by scammers. If you have an interest in investing in cryptocurrency of your own accord, our Integris Financial Planners are here to assist you.

Red Flags:

  • When someone you haven’t met in person professes their love to you.
  • If the person wants to quickly move to a private or different mode of communication (email, text, Whatsapp, Google Hangouts etc.).
  • If they always have an excuse not to meet in person.
  • If you receive poorly/oddly written messages, sometimes even addressing you by the wrong name.
  • If the individual claims to live close to you but is working overseas.
  • If they act distressed or angry to guilt you into sending money.
  • If the individual discourages you from discussing them or their situation with your friends and family (attempting to isolate you from those who may be suspicious of the relationship).

Scammers target everyone. It doesn’t matter how old you are, how much education you have, your income level, or any other aspect of your personal background. Fraudsters are very good at manipulating people to get what they want, such as getting you to reveal personal information or convincing you to give them money. They do this by using tactics that take advantage of normal human tendencies and feelings. For example, scammers will imply that you should:

  • Return a favour
  • Do what others are doing
  • Obey an authority figure
  • Want something because it is scarce
  • Honour a prior commitment
  • Trust someone because they seem likable
  • Act fast because it’s urgent or a time-sensitive offer

The best way to avoid becoming a victim of fraud is to be informed and vigilant. Take a moment to think before parting with your money or information. Re-read the details of the offer and the fine prints, consult a trusted person or sleep on it. Get to know the different types of scams and always report instances of fraud.

Anti-Virus Software

Install anti-virus software on your computer to protect your information, money and privacy. Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.
Malware

Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus. They can steal your personal information, take over your PC and use your computer to attack other people’s computers. Your PC can become infected through email attachments, downloading infected content or visiting harmful websites.

Spyware

Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain Internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or it can include passwords and personal data that you wouldn’t want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.
The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.

Ransomware

Ransomware is a malicious software (malware) that infects your computer or device and allows a hacker to deny you access to the system or data. A hacker will then demand a sum of money to restore your information. If you have an infected computer, you will see an on-screen alert stating your files are encrypted.

Scareware

One of the most common viruses to watch out for is known as scareware. These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.

You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won’t be fooled if one of these pop-ups appears.

For more information on internet or other scams occurring within Canada and how to protect yourself, visit the following websites:

Online Banking

Our online banking system is safeguarded with the best security available, ensuring that your information is protected while data is transmitted between your computer and our banking system.

Internet encryption protects your information while it is in transit between your computer or mobile device and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled. Our online banking website uses a 128-SSL-Key, encrypting both request and response transactions, through a secure channel. To guarantee a secure connection, our systems have disabled insecure protocols, allowing only encrypted traffic. All browsers and mobile devices we support meet this requirement. If yours device doesn’t allow for encryption, please download the appropriate encryption support from your browser’s supplier or update the Integris App from the official App Store.

Your accounts can only be accessed by providing the correct debit card number and Personal Access Code (PAC), which only you know. Our employees never know these details and will never ask you to provide them with this information.  Your PAC must be a minimum of 8, maximum 30 characters long and must contain a combination of letters (uppercase, lowercase), numbers and at least one special character (eg @ # % ^ &); spaces are not allowed.

The first time you log in to your online banking account, you will be asked to set up a series of security features.

These measures help to protect against fraud or phishing scams.

  • You will be asked to choose from a list of security questions and answers. Be sure to pick questions with answers that are not easy to guess and use answers that only you know.
  • You can register your home, personal computer or mobile device so that you will not have to answer a security question every time you log in. However, when you log in to your account from another computer or mobile device, we will ask one of the security questions to confirm your identity.

For security reasons, we track the number of login attempts used to access your online banking. After a number of incorrect attempts to provide the correct PAC or answers to security questions, your online access will be immediately disabled. To regain access, please call our customer service representatives.

To ensure that you are the only person accessing your personal financial information, we restrict access to the online banking section of the site by requiring that you enter your Member ID and PAC to login. Only you know your PAC. Our employees do not have access to your PAC and they will never ask you to reveal it. If someone does ask you to provide your PAC to them, we ask that you refuse to do so and contact us immediately.

By nature, our Internet banking site has many transactional functions such as transfers between accounts and bill payment functions. These transactions are all logged to ensure that your accounts are debited or credited appropriately, and a history of each transaction is available to verify your account information. We store and use your transactional information in the same fashion as if you performed the transaction at a branch or through any other service channel. We may also use transactional information for servicing your account — for example, billing you for the particular transactions that you perform, or for the services that you use.

To provide you with a convenient method for applying for loans and mortgages, or for purchasing other financial services products such as Registered Savings Plans, we may provide secure online application forms. These forms capture personal information that we use to provide you with the products and services you request. This information is processed in a similar way to application forms received through our other channels.

To continually improve our site, we often collect statistics about member usage. These usage statistics are only viewed in the aggregate and are not associated with you as an individual. We use this information for purposes such as improving the pages where our members are having difficulties.

The information collected may include your IP address, your browser type and your operating system, as well as data such as the number and types of pages visited, and the length of time spent per page and on the site overall.

A cookie is a small information token that sits on your computer. As you use this site, cookies are passed back and forth between our server and your browser. Integris uses session cookies and persistent cookies.

We use session cookies to maintain the integrity of your online banking session distinguishing your session from many others that may be happening at the same time. Our session cookies never store any personal information, such as your name, date of birth, or financial information, such as your accounts and balances. A session cookie exists only for the length of your browsing session and is deleted when you close your browser.

If you are concerned about cookies, we encourage you to upgrade your browser to a recent version and review the Help section of your browser to learn more about its specific control features. To learn more about Integris’ use of cookies, visit our Cookie Usage Policy.

We use a persistent cookie to store information to help you personalize the site and to make it easier to use. For example, we allow you to make the login easier by remembering your login information within our Memorized Accounts feature. Since the Memorized Accounts feature is optional, this cookie only contains information that you have entered into it. We never store your Personal Access Code (PAC) in a cookie.

To ensure that no-one else can access your personal information, always use the logout button, located at the top of every page, to end an online banking session. When you exit using the logout button, we delete your session cookie so that your session cannot be resumed unless your Member ID and PAC are re-entered.

In the event that you leave your computer without logging out, the online banking feature of this site has been designed to end your session automatically if our system detects that you haven’t provided any instructions or used the browser buttons to navigate for several minutes. To restart the session, you will need to log in again.

To communicate with us electronically, we strongly recommend that you use our Contact Us feature. This feature provides a secure channel for sending us comments, questions or instructions.

General email is not secure since it passes through many points on its route from you to us. If you are using general email to communicate with us, we strongly recommend that you do not include personal financial information (such as account numbers) within the email as we cannot guarantee its confidentiality en route to us.

When you email us your comments, questions or instructions, you provide us your email address and we use it to correspond with you. We then store your email and our replies to you in case we correspond further.

Our site may also contain links to other websites or Internet resources. As an example, from time-to-time we may provide links to Microsoft or Netscape to assist you in upgrading your Internet browser. However, we have no control over these other websites or Internet resources and do not control their collection, use and disclosure of your personal information. Always review the Privacy Statements of the sites that you are viewing.

Wi-Fi & Online Shopping

Wi-Fi

These days, everyone is on the go and it’s not uncommon to access Wi-Fi at coffee shops, hotels, restaurants or airports. Using wireless networks to access information is convenient, but not risk-free. Be smart when you surf.

Protect yourself from threats by:

  • Using only a trusted computer or mobile device to access your online banking. Don’t use shared library or café computers.
  • Minimize your risk when using external networks by avoiding to access your confidential and sensitive information online.
  • Managing your online banking only from secure networks. We recommend that you don’t use unsecured public networks for anything sensitive.
  • Connecting only to password-protected networks. If there are several networks available, ask employees of the organization which network they operate.
  • Never leaving your computer unattended, especially if you are logged into your online banking.
  • Using different PACs and security questions as login credentials. If someone obtains your credentials for one site, such as a social networking site, you don’t want them to be able to access your other ones.
  • Ensuring you log out before you close your browsers.
  • If you need to browse on public networks, use a Trusted VPN service which will protect and encrypt traffic between you and service you are connecting.

Shopping Online

Online shopping is the epitome of convenience. There are no lines and no crowds, but it can also be a haven for fraudsters.

Consider the following tips when using your credit cards online to ensure your information stays secure:

  • Make sure that you are shopping at a trusted retailer when you enter your credit card details online.
  • Provide retailers with only the necessary details to complete the transaction. These include your credit card number, expiry date, the security code on the back of the credit card and the card’s billing address. Never provide your social insurance number, account details or your mother’s maiden name. For shopping sites that require you to register with a username and password, we recommend you do not use your online banking PAC.
  • Use your credit cards only on e-commerce websites that use secure browsing technology on the screens where you enter your card information. Ensure the web address begins with ‘https’ (as opposed to ‘http’) and has a closed padlock icon on the screen.
  • Use familiar websites if the site known to you is less likely to be a risk.
  • Ensure that smaller retailers requesting credit card details have reputable contact details, a physical address and you feel comfortable with providing them your card information.
  • Never give your account or credit card details to new-to-you businesses, do your homework and look for reviews.
  • Beware amazing deals, low prices are usually a red flag indicator.
  • Check your statement regularly and look for fraudulent charges.

Zoom Application

The safety of your personal information is important to us. During virtual meetings and events we use the Zoom platform. Zoom has a SOC2 certification which provides assurance on the design of product as well internal controls and processes. Zoom has enhanced security features to ensure meetings are secure.

  • Complex Meeting IDs: Eleven digit unique meeting IDs are now in place. Meeting IDs are also removed from the content sharing window to prevent accidental sharing of meeting information.
  • Passwords & Password Complexity: Meeting passwords are now more complex and enabled by default for most customers, including all Basic, single-license Pro, and K-12 customers.
    Account owners and admins can also lock password settings, to require passwords for all meetings and webinars on their account.
  • Meeting Registration: Registration for meetings requires participants to register with their name and email; those registrants will then be verified by group admin using the approved attendee list.
  • Meeting Authentication: New features allow entry to only authenticated users, and the ability to restrict entry to specific email domains. Each registered participant will receive a unique meeting ID link and for this reason, participants are asked to not share their link publicly.
  • Join by Domain: Only authenticated users can join meetings; this requires individuals to sign into a zoom account and/or ensure their e-mail address is on an approved list before allowing them to join.
  • Real-time media encryption: VoIP media is transported and protected by Secure Real-Time Transport Procotol with AES encryption.
  • Private Network peering: Zoom encrypts communication between Zoom Phones and Public Phones.

Information obtained by Zoom

Read Our Blog