Online Banking Security
How we're keeping your accounts and personal information safe
Protecting Your Security with Online Banking
Online Banking is an extremely secure way to manage your DCU accounts. Here's why...
Secure Online Banking Login
When you log into Online Banking from the DCU homepage, your member number and password are sent from your computer to ours using Extended Validation 128-bit Secure Socket Layer (SSL) technology. SSL encrypts your personal information before it leaves your computer, ensuring that no one else can read it. See Key Encryption below.
Once you're logged in, there are three ways to confirm your Online Banking session is secure:
- A small locked or closed padlock icon, usually in the lower right hand corner of your browser window
- An "s" in "https" at the beginning of your browser's address bar
- A green background on the browser's address bar (on newer browsers)
Online Banking Enhanced Login Security with MFA
DCU cares about keeping your financial information secure and safe. That's why we've added security questions to our network of fraud protection tools for members. Enrollment is mandatory for all Online Banking users. Registering the computer(s) you use to log into Online Banking regularly is optional, but highly recommended. We are using MFA (Multi Factor Authentication) coupled with a computer registration process. These security processes are industry standard methods for keeping information secure and they are likely familiar to you if you are using another financial institution or brokerage firm.
It may take a few more minutes of your time, but the benefits of having your banking information and identity secure is worth the effort. Consumers lose when internet fraud occurs. With the increasing sophistication of hackers and government demands for data privacy, DCU is continuously enhancing Online Banking security.
How does this work?
Multi factor authentication enrollment
- You select and answer three security questions. This will help to confirm your identity when logging in. Your correct answers to these questions will help us verify it's you. Please note that we will never ask you to provide answers to your security questions via email.
- When you set up your security questions, please look to verify your contact information so we can get in touch with you right away if there is ever an issue with your account or membership.
- All members must choose security questions to continue accessing their accounts online. We will ask you to select your questions after you sign on and before access your account. Typically, you will only have to set up your questions once.
- If you share access to your Online Banking access with a joint owner (i.e. spouse) you will need to make sure you have discussed your security questions with the other user(s). This will help ensure you don't inadvertently lock them out of account access.
- We understand you may not be able to take the time to do this the first time our system starts Enhanced Login Security. We will allow you three Online Banking logins to delay enrollment. At that third login, you will be required to enroll.
- Most members use one or two computers. When you register those computers typically you will not need to answer the security questions when you log on. This is because a secure cookie is placed on your computer if you delete your cookies on a regular basis you will be required to re-register the computer or answer the security questions.
- Registering a computer is completely optional. If you choose not to enroll your computer you will have to answer your three security questions each time you login. You can register a computer at any time or unregister one by logging in with that computer to Online Banking and choosing the "remove extra security protection from this computer" option from the "Enhanced Login Security" page under User Options.
- Personal firewalls should not affect the installation of the secure cookie. Please note that if you use multiple browsers within the same computer you will need to enroll each browser separately. For those members using Account Aggregation through FinanceWorks and CashEdge, both have modified their software to be able to work with Multi Factor Authentication. If you use other Account Aggregation software you may need to contact them to see if they can work within a Multi Factor Authentication environment.
Tips for using Enhanced Login Security
Quick and easy to set up, security questions help protect your account and keep your identity safe. There are a few things you should think about when setting them up.
- Make sure the answers to the security questions you select are easy for you to remember but hard for anyone else to guess. Do not write them down.
- If you have selected security questions on other sites, you should avoid using the same set of questions to protect your DCU Online Banking account.
- We strongly recommend that you do not enroll public computers, thus not placing a secure cookie on a public machine. You should assume that the cookie does remain on the machine after logout.
- If you do delete your cookies regularly and do not want to be asked for additional information at each login we recommend that you have Macromedia player installed on your computer. If this is installed on your computer we will place a copy of the secure cookie within this software. This copy will be used by us if your cookie has been deleted.
Transmissions between your PC and the Online Banking file servers are encrypted or scrambled so only those two computers can decipher them. Browser software with a minimum of 128-bit strong encryption is required. You cannot access Online Banking unless you are using a browser equipped with encryption technology (also known as SSL or Secure Socket Layering).
In the User Options section, you can set the how fast the Online Banking session will automatically close if there is no activity. This is important if you are accessing your accounts from your office or a public location where people would have access to the computer if you walked away without closing your session.
Unique session ID
Online Banking assigns a session ID number each time you log in. Cookies must be enabled on your browser so it will accept this ID number and this session can begin. This number is verified each time you send or receive information from the Online Banking host processor during that session. The cookie is not stored on your computer and it is dismissed when you exit your browser, exit Online Banking, or are automatically logged out for inactivity.
Typically, internet pages you recently visited are stored in a cache on your computer so they load faster when you return to them. The account information pages in Online Banking are set up so they cannot be stored in your computer´s cache. This is so the pages you've looked at are no longer on your computer after you log off. If you walk away from your PC at work, for example, no one can use your browser´s back button to view account information after your session is over.
Three tries and you're out
If someone has discovered your member number and tries to guess your password, the third incorrect password entry in a row (without a successful login) immediately blocks Online Banking account access by electronic services to your member number. You have to tell us to unlock it.
Changeable Online Banking password
As an added measure of security, you will be required to change your standard DCU PIN the first time you log in to Online Banking. You must use any Alpha-Numeric combination (at least one of each) with a minimum of 6 digits and up to 16 characters long. Blank spaces and special characters can not be used.
Never disclose your PIN or password to anyone not even us!
No one at DCU knows your PIN or password and no one at DCU will ever ask for it. If you forget or lose it, let us know. Our data processing system will print you a new copy in a sealed mailer. No one will see it until you open it.