Fraud is a sad fact of life and the damage is enormous. Potential
damage to your personal credit and financial history often takes years
to repair. Criminals are finding new ways to steal accounts
and identities. Innovation Credit Union has a vested interest in your
security and protection.
iClick Online Banking®
Protect your password
Your login name and password in iClick Online Banking® grant you access to
your personal information and online services. You do not want someone
else to easily guess this information.
- Keep your password confidential.
- Protect your password. Memorize
it, do not write it down or store it in a PC file. Change it frequently
and do not reveal it to anyone.
- Never disclose your password in a
voice or email. Do not disclose it over the phone, especially cellular
- Avoid passwords that are obvious choices, like birthdays,
telephone numbers, PINs or SINs. But make sure that the password
is easy to remember.
- Choose unique passwords. Longer passwords
are harder to figure out than shorter passwords.
Change your password regularly, like every 90 to 120 days.
- Do not
permit anyone to watch you type in your password.
- Contact Innovation
Credit Union immediately if you cannot remember your password or
if you suspect that someone has gained
knowledge of your
- Contact Innovation Credit Union immediately
if you believe there are any errors or omissions in your account.
Protect your PC
Never leave your PC unattended while using the Internet
banking system. Always exit the Internet banking
system and your
Internet browser if
you step away from your PC.
- If your login name or password automatically appear
in the sign-in page of a secure website, you
- Install and use a quality anti-virus
- Your Internet browser software may retain information
you entered until you exit your browser.
Secure or erase files
your PC by your
Internet browser so they cannot be read
by others. Most Internet browsers store information in non-encrypted
files in the
browser's cache to improve
performance. The files remain there until
Keep your software up-to-date
The software you use can affect the security of your online banking
activities. You should watch for warnings about security "bugs" that
may affect the software and web browser you are using. Regularly check
for software updates on the website of your manufacturer. Protect yourself
against identity theft.
Identity thieves steal your personal information and use it to obtain
funds or credit in your name. Identity theft can take months to detect
and it can take just as long to correct the damage. To protect yourself
from identity theft, do not give thieves an opportunity to steal your
information. Keep important information in a safe place. Monitor bills
and statements and, when discarding sensitive information, ensure it
If you suspect that you are a victim of identity theft, file a report
with the police immediately. Ask for a copy so that you can provide the
evidence to the various companies you have to contact. Then contact your
credit union representative to ensure that all debit and credit cards,
and accounts are secure.
At Innovation Credit Union, information security is a top
priority. We use advanced technologies to protect your information against
access, disclosure, alteration or misuse. Innovation Credit Union anticipated
its members' security concerns. We built a security system from the ground
up in order to safeguard your money and keep your account information
iClick Online Banking uses many lines of defense,
including encryption, automatic sign-off and firewalls to protect your
account information. So whether you're enrolling online for Internet
banking, transferring money or paying your bills, you can depend on your
accounts and your account information being safe.
We recommend that you use the built-in security features that browsers
provide. Choosing certain security settings and options will help protect
the privacy of your accounts and personal information.
From the moment account information leaves your computer to the time
it enters Innovation Credit Union's computers, all online banking sessions
are encrypted. Encryption is the process of scrambling data into an unreadable
format. It is more secure to transmit encrypted data over the Internet
in it's 'raw' form. That means your password as well as all information
relating to you and your accounts employ some of the best forms of cryptography
that are commercially available for use over the Internet, making it
difficult for unauthorized individuals to intercept, read or alter your
online communications and transactions. Encrypted data is sent through
the Internet to Innovation Credit Union's secure Internet banking system
which then decrypts (unscrambles)
We also require that your browser support 128-bit encryption when you
access our online services. The higher the number of the encryption,
the more complex the encryption. 128-bit encryption is the strongest
level of encryption that is publicly
available. Although 40-bit encryption is the international standard,
iClick Online Banking requires you to use a browser that supports 128-bit
encryption. According to Netscape, 128-bit encryption is 309,485,009,821,345068,724,781,056
times more secure than 40-bit encryption. If for any reason your secure
session ends, your online banking session automatically terminates.
How do I disable the save password option?
When the Save Password Option is selected on the browser, the Save Password
prompt program is automatically launched. The system will remember all
account numbers and corresponding access codes entered into any website
on the PC without further prompts. If there are different people using
the same PC, all of their account numbers and passwords will be saved
in Internet Explorer. For security reasons, it is recommended that this
function not be used.
If you have enabled this function and wish to disable this function
in Microsoft Internet Explorer, the following procedures are to be followed:
- With your browser running, click on "Tools."
- Click on "Internet
- Click on the "Content" tab.
- Under Personal Information,
click on "AutoComplete."
- Under Use AutoComplete, click
on the tick box beside "User names
and passwords on forms" to remove the tick mark.
Clear AutoComplete history, click on "Clear Forms" and
- Under Clear Auto Complete history, click
on "Clear Passwords" and
- Click "OK."
- Click "OK" to exit the menu.
If Internet Explorer asks again if you wish to save a password, the
AutoComplete window displays:
Click on the tick box beside "Don't offer to remember any more passwords."
Click on "No."
Technology is constantly changing. Innovation Credit Union's security
standards are among the most stringent of any company on the Internet.
Our standards are high and if a browser
isn't secure enough for online banking, Innovation Credit Union won't
permit it to be used to conduct banking sessions.
Likewise, iClick Online Banking® keeps abreast of and implements relevant
technology developments, whether it is an improved form of encryption
or a better method for monitoring unauthorized intrusion. Our security
team constantly monitors attempts to break into our security system to
make sure your account information is safe and secure.
Payment Card Best Practices to Reduce Risk of Card Skimming
In light of recent media coverage about card skimming activity, here’s a reminder about payment card safety.
With holiday travel time here, it is a good time to keep these tips in mind that can help to reduce the risk of card skimming. Before getting into the tips, let’s see how you fare with our skimming quiz:
- When dining out, do you hand your credit card to the server and wait at the table for your receipt?
- When fuelling up, do you hand your card to the pump attendant and wait for your receipt in your comfy vehicle?
- In an ATM lobby where two of three ATMs have ‘out of order’ signage, would you proceed to use your card at the third apparently functional ATM?
- Would you use a merchant PIN pad terminal bearing a ‘Press Hard’ sticky note?
If you answered ‘yes’ to any of these questions, you are at a greater risk of being skimmed sooner rather than later. The following card usage best practices will help you enjoy your travels and reduce your risk of being skimmed year round.
- Be alert - keep your card in your sight at all times during transactions to ensure your card is not swiped through a foreign device.
- Protect your PIN – shield it with your body, free hand, or both.
- Check your receipts - ensure they display the correct amount, date, time.
- Review statements regularly - report unauthorized transactions to your credit union immediately.
For more tips on keeping your debit card and PIN safe, visit Interac’s website at: http://www.interac.ca/consumers/security_protect.php.
Phishing attacks use "spoofed" (look alike) emails and fraudulent
websites designed to fool recipients into divulging personal financial
data such as credit card numbers, account usernames and passwords, social
insurance numbers (SIN), etc. By hijacking the trusted brands of well-known
financial institutions, online retailers, and credit card companies,
phishers are able to convince up to 5% of recipients to respond to them.
Internet users should follow these three simple rules when they see
emails or websites that may be part of a phishing scheme: Stop, Look,
Rules to Avoid Phishing
||Phishers typically include upsetting or exciting (but false) statements
in their emails with one purpose in mind. They want people to react
immediately to that false information, but clicking on the link and
inputting the requested data before they take time to think through
what they are doing. Internet users however, need to resist that
impulse to click immediately. No matter how upsetting or exciting
the statements in the email may be, there is always enough time to
check out the information more closely.
Internet users should look more closely at the claims made in the
email, think about whether those claims make sense, and be highly
suspicious if the email asks for numerous items of their personal
information such as account numbers, usernames, and passwords.
example: If the email indicates that it comes from a financial
institution where you have a debit or credit card account, but
tells you that
you have to enter your account information again, that makes
no sense. Legitimate financial institutions already have their
numbers in their records. Even if the email says a customer's
account is being terminated, the real financial institution will
that customer's account number and identifying information.
If the email says that you have won a prize or are entitled to
receive some special "deal",
but asks for financial or personal data, there is a good reason to be highly
suspicious. Legitimate companies that want to give you a real prize don't ask
you for extensive amounts of personal and financial information before you're
entitled to receive it.
||If the email or website purports to be from a legitimate company
or financial institution, Internet users should call or email that
company directly and ask whether the email or website is really from
that company. To be sure that they are contacting the real company
or institution where they have accounts, credit card account holders
can call the toll-free customer numbers on the backs of their cards,
and financial institution customers can call the telephone numbers
on their financial statements. Never call the number given in the
email to confirm the content's validity as it will lead to the criminals
who sent the email and they will verify whatever was said.
A person will receive a call, letter, or email stating that
someone has money stuck in a foreign country and they are looking for
outside assistance to get their money out. The person will be offered
a large portion of the money if they help, sometimes millions of dollars.
This person will then be told that they just need to provide their financial
account information so that the money can be transferred to cover the
costs of getting through the red tape for the release of funds. If the
person provides the requested funds, they will eventually be asked for
more and more money to assist in getting the funds released or their
account will be hacked and money transferred out. Sometimes a cheque
is sent to a person adn they are requested to cash it, keep their portion
and wire the rest back to the criminal or a third party. In all cases,
the cheque will be a counterfeit cheque and the member will lose the
funds wired to the criminal. Letters or emails for these types of scams
are typically badly written with many spelling mistakes.
Be skeptical of individuals representing themselves as Nigerian
business people or foreign government officials asking for your help
in placing large sums of money in overseas bank accounts. Do not believe
the promise of large sums of money for your cooperation. Guard your
account information carefully.