Security/Privacy

Machias Savings Bank Security Statement

Machias Savings Bank’s Internet Banking Systems, MSB Online and MSB Ecorp, use a combination of security technologies to protect data for the bank and for our customers.

I. Verifying User Authenticity

Once you have signed up for MSB Online or MSB Ecorp, you will be issued a temporary password. The first time you log in, the system will prompt you to change your temporary password to a new password. This is when you will establish a completely personalized password.

Multi-Factor Authentication

Access to MSB Online and MSB Ecorp requires multi-factor authentication. Both systems utilize device printing and private image technology. Your private image and passphrase helps you identify our website as legitimate which can help protect you from phishing scams. Device printing helps us identify you based on unique characteristics of the system you are connecting from. MSB Ecorp also employs secure token authentication.

Protecting Your Password

Protecting your password and private image passphrase is vital.   Remember that employees of Machias Savings Bank will NEVER ask you for this information. If you are ever asked for this information, please contact our Customer Service Department immediately at 1-866-416-9302.   

Passwords

Access ID’s and Passwords are designed to protect your account from unauthorized access. This information should not be shared with anyone; each individual customer of the MSB Online or MSB Ecorp system should have his or her own account and individual password. Passwords must contain no fewer than eight (8) characters and no more than fifteen (15) characters. Passwords should not be easy to guess. Using children’s or pet’s names, birthdays, anniversaries, or addresses are easily guessed passwords and should be avoided. A combination of letters and numbers is suggested.

Three Strikes Rule

After three unsuccessful login attempts, the system will lockout your account. The account will remain locked until you contact the bank to have the password reset. As an additional precautionary measure, the bank monitors failed login attempts and will contact you if any suspicious activity occurs.

Password Replacement

If you ever forget or lose your password, please contact our Customer Service Department at 1-866-416-9302 to have a new, temporary password assigned to you. The next time you log in, the system will prompt you to change the reset password to a new password.

Token Replacement

If your MSB Ecorp security token is lost or damaged you can request a new one by clicking on the Lost/Damaged Token link on the MSB Ecorp login page and completing the online form. A new token will be mailed to you within 5 business days. A replacement token fee will be assessed per the MSB Ecorp Fee Schedule.

Automatic Logoff

The system will automatically terminate your session after 15 minutes of inactivity. This step is taken to help ensure that no one else will access your account should you forget to logoff. All customers are encouraged to log off when finished with the MSB Online or MSB Ecorp system by clicking the “Log Off” button from within the software.

II. Data Transmission Security

MSB Online and MSB Ecorp are secured by using an encryption technology known as Secure Sockets Layer (SSL). Data is encrypted as it travels back and forth between you and our website. Both systems use 128-bit encryption, which is one of the industries highest standards.

Public/Private Key pair technology is used to ensure that data is encrypted as it travels between the bank’s server and your web browser. Upon successful login, a public key and a private key are issued to both you and our web server. These keys allow each computer to verify each other’s identity during the online banking session. These keys are re-issued each time a new session is started. These Digital ID’s are issued by Verisign, an independent third party Internet security company. To learn more about Verisign visit their site online at www.verisign.com.

III. Information Privacy and Integrity

The MSB Online and MSB Ecorp systems are housed securely behind a firewall. Requests must filter through the firewall before they are permitted to reach the server. Intrusion detection technologies are used to monitor network activity 24 hours a day to ensure that unauthorized access to your information is not permitted. To ensure secure communications between the system and the end-user, the products provide SSL, 128 bit encrypted file transfer methodologies.

For more details on the privacy of your information, please refer to Machias Savings Bank’s privacy policy.

Using the methods and technologies mentioned above, Machias Savings Bank is committed to ensuring the privacy and security of your Internet Banking transactions. To report any suspect activity or for further questions please contact our Customer Service Department at 1-866-416-9302 or click here to use our Secure Contact Form.

Machias Savings Bank Privacy Policy

Protecting the privacy of consumers is important to Machias Savings Bank and our employees. We want you to understand what information we collect and how we use it. In order to provide our customers with a broad range of financial products and services as effectively and conveniently as possible, we use technology to manage and maintain customer information. The following policy serves as a standard for all Machias Savings Bank employees for collection, use, retention, and security of nonpublic personal Consumer information.

“Consumer” means an individual who obtains or has obtained a financial product or service from a bank that is to be used primarily for personal, family, or household purposes, or that individual's legal representative.

What Information We Collect

We may collect “nonpublic personal information” about you from the following sources:

· Information we receive from you on applications or other forms;
· Information about your transactions with us or others; and
· Information we receive from third parties such as consumer reporting bureaus.

“Nonpublic personal information” is nonpublic information about you that we obtain in connection with providing a financial product or service to you. For example, nonpublic personal information includes information regarding your account balance, payment history, and overdraft history.

What Information We Disclose

We are permitted under law to disclose nonpublic personal information about you to other third parties in certain circumstances. For example, we may disclose nonpublic personal information about you to third parties to assist us in servicing your loan or account with us, to government entities in response to subpoenas, and to credit bureaus. We may disclose all of the information we collect to companies that perform marketing services on our behalf or to other financial institutions with whom we have joint marketing agreements. We do not disclose any nonpublic personal information about you to anyone, except as permitted by law.

If you decide to close your account(s) or become an inactive customer, we will continue to adhere to the privacy policies and practices described in this notice.

Our Security Procedures

We also take steps to safeguard customer information. We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you. Our policies provide that employees who violate these standards are subject to disciplinary measures. We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic personal information.

Information We Gather

Visitors to the Machias Savings Bank’s website remain anonymous and we do not collect identifying information about visitors to our site unless the visitor voluntarily provides us with this information via E-Mail, drawing registrations, web surveys, or on-line registration or contact forms. We may use standard software to collect non-identifying information about our visitors, such as:

· Date and time site was accessed
· IP Address (A numeric address given to computers connected to the Internet)
· Web Browser used
· Length of visit
· Specific pages visited

The information that is gathered will help us develop additional products and or services that might be of interest to our customers and will only be used as allowed by law, as stated in our Privacy Policy, or as authorized by you.

Delivery of Privacy Notice

This Privacy Policy will be provided to customers at the time an account is opened and mailed to all customers annually thereafter.

The following additional information pertains to our MSB Online Customers

Cookies

If you use our MSB Online, MSB Ecorp, or MSB BillPay programs you may receive “cookies” which contain your unique identifier, allowing you to view and manage your accounts. These cookies may be linked to personally identifiable information.

“Cookies” are messages a web server ( ie: www.machiassavings.com) gives to a web browser (ie: Internet Explorer software) that contain information that is stored on the customer’s computer and sent back to the server when the customer’s browser requests pages from the server. “Cookies” are used for example in providing customer convenience by storing passwords and logon IDs so customers do not have to enter the information every time, to customize pages for the customer based on information contained in the “cookie”, and to track customer activity on the Web Site for later use in providing good customer service and new products.

Making the appropriate selection from your browser options can disable “cookies”. However, please understand that certain services provided by Machias Savings Bank such as MSB Online, MSB Ecorp, or our Bill Pay program may require “cookies” for effective delivery of the program. Machias Savings Bank will treat all “cookie” information confidential and will use only as allowed by law, as stated in our Privacy Policy, or as authorized by you.

Children’s Online Privacy Protection

Machias Savings Bank is committed to the purpose of the Children's Online Privacy Protection Act of 1998 (COPPA) to protect the privacy of children online. We also believe it is good policy not to collect more personally identifiable information from children 12 and younger than is necessary for them to participate in online activities.

During the application process for MSB Online (our Internet banking service) we collect information to help us verify who is requesting the service and if in fact he/she has ownership of accounts with us that qualify for online access.
Federal law prohibits us from conditioning the child's participation in an activity on the provision of more personal information than is necessary to participate in the activity (i.e. online account access).

Children 12 or younger are required to register with an application that includes a parent's or legal guardian's consent via a hand-written signature. These applications are to be mailed to Machias Savings Bank, P.O. Box 318, Machias, ME 04654. If we receive applications that do not include the required consent we may try to contact the parent or legal guardian in order to obtain consent, or we will destroy the submitted application.

It is our intent not to disclose information collected from children to third parties. However, under certain instances we may be required to do so as allowed by law stated in our Privacy Policy.

We also allow parents to request the removal of information collected about their child from our database. If you would like your child's online account access deactivated or if you have questions or concerns about this privacy policy, call 1-866-416-9302.

Web Linking

Our website contains links to third party sites which you may find of interest. The privacy practices of any third party linked website are not covered by our privacy policy. We are not responsible for the privacy practices, data collection, security or content of other third party websites. You should carefully review any privacy policy posted on a third party website before providing private or confidential information.

BillPay

MSB BillPay is a service offered by Machias Savings Bank through CheckFree Corporation. Please refer to the Terms and Conditions of this service for a complete disclosure of CheckFree’s Privacy Policy.