Bancroft State Bank - A Bank For All People Bancroft State Bank - 24 Hour Telephone Access
 
 


Bancroft State Bank - Equal Housing LenderEqual Housing Lender
     
   


 

 

 

 

Text Box: PAY BILLS WITH CREDIT CARD

 

ENHANCED SECURITY WITH PASSMARK, TWO FACTOR AUTHENTICATION PRODUCT, TO MEET GUIDELINES FOR ONLINE SECURITY AS OF JANUARY, 2007.

Background

In October 2005, the bank regulators issued new guidance for banks regarding data security measures associated with Internet banking activities.  Banks were expected to conform to the guidance no later than December 31, 2006.

The regulatory agencies consider single factor authentication (i.e. password) not adequate protection for high-risk transactions including customer information or funds movement. Where the password method is inadequate, the regulators call for the bank to implement layered security, or other comparable controls to lessen the risk of fraud or identity theft on you.

Bancroft State Bank enhanced our online account access with passmark multifactor authentication on January 2007, to comply with this requirement.  This enhancement will protect your login credentials from potential identity theft; it will not affect your transaction, alert or payment history. 

How PassMark Works

At the first time users login following implementation, the new security feature will require that you establish a new security profile by selecting an image and creating three (3) challenge questions.  Once the profile has been completed, you will receive your selected security image each time you attempt to log in at the site.  This image allows you to verify you are at the correct Web site prior to entry of confidential data, or access to account information.

During setup, the PassMark product also records the PC characteristics and creates a registration for the specific computer being used.  During each subsequent log in attempt, the register information is compared to the current PC identification.  If the data differs, the challenge questions are presented to fully authenticate the user.  You will also be offered the option to register the new device (PC) for future use.  Once registered, you are presented the selected security image each time you log in from any registered device in your profile. 

Please review our Frequently Asked Questions (FAQ) document and a two-page guide illustrating the setup process for enrolling in passmark.

 

PassMark Frequently Asked Questions

1    What is PassMark?

2     Why do I need PassMark?

3     How does it work?

4     How is PassMark more secure?

5     What keeps somebody from stealing my PassMark picture?

6     Why am I being asked a question when I try to log-in?

7     Can I access my account from multiple computers?

8      I am not an Internet expert. How easy is PassMark to  use?

9     I share my computer with someone who has their own bank account.

10    Can both of us still log-in from this machine?          What happens if someone steals my password? How will PassMark keep them from accessing my account?

11     Can I change my PassMark picture and caption?

12     How do you know I am logging in from my own   computer?

13     What is Phishing?

14    I am trying to log-in from my own computer, but the    bank’s web site is not showing me my PassMark. Instead, it is asking me a question. What is happening?

15    What is a Trojan or Key Logger?

16     How does PassMark protect me from a Trojan or Key Logger?

          Enrollment Walkthrough Guide

1. What is PassMark?

The PassMark Solution provides you added safety by helping ensure that only you can access your bank account. Your PassMark is a picture and caption that is a shared secret between you and the bank. When you see your PassMark you can be confident that you are at the legitimate bank web site, not an imposter site. Make sure you see your PassMark before you enter your password!

 

 

 

 

In addition, the PassMark Solution remembers which computer(s) you normally use, preventing potential fraudsters from logging into your account even if they somehow get hold of or guess your username and password.

2. Why do I need a PassMark?

PassMark is an enhanced security feature that helps protect you while you access your on-line account.  On the Internet today, fraudsters attempt to steal your identity by im-personating the web sites you trust. We are committed to proactively protecting you, our customer, against such attacks.  PassMark helps us do this.

3.  How does it work?

When you visit your branch office, you know our faces and we know yours.  PassMark does the same thing over the Internet.  It is a new method to identify us to you and you to us. When you enroll in PassMark, you will select a secret picture and caption known only to you. Whenever you log-in we will show you this picture so you can rest assured that you are accessing the real banking site and not an impostor site. We also check the computer(s) or device(s) that you are using to access the web site. Typically you will access the web site from one or two computers, such as your work and home machine.  PassMark remembers your computer.  Should you need to log-in from a different computer, such as an Internet café, we will take additional steps to verify your identity, such as ask you to provide the answer to secret questions we both know the answers to.

PassMark remembers your computer by assigning a unique identier to each computer you use to access our web site using standard secure cookies. The cookie is used to store the identification information only.  No personal or private data is stored in any way.

4.  How is PassMark more secure?

PassMarks protect you from accidentally revealing your username and password to a fake site.  In addition, if someone does somehow get your username and password, he will still not be able to access your account because he is not at your registered computer.  

5. What keeps somebody from stealing my PassMark picture?  

We only show you your PassMark picture and caption if you log-in from your own computer, or after you have answered a secret question.  So, it is not possible for an un-authorized person to get access to your picture.   

                                                                                                                                                           6. Why am I being asked a question when I try to log-in?

We ask you a secret question when we detect that you are trying to log-in from a new computer. This is to prevent someone with stolen passwords from logging into your account.  Since only you know the answer to the questions, we will know it’s really you. Generally you will be asked to answer a secret question only when you log-in for the rst time from a new computer. After you answer the question, you will be asked whether we should remember this computer for future log-ins.  If you are using a personal computer, you should answer yes.  If you are using a public terminal, you will want to answer no.  

7.  Can I access my account from multiple computers? 

Yes, you can still access your bank account from any number of computers.  If you log-in from a new computer or a public terminal, you will just need to go through one extra step of answering a secret question. This helps protect you by keeping unauthorized people from accessing your valuable information. There is no limit on how many different computers you can use to log-in to your bank account.   

8.  I am not an Internet expert. How easy is PassMark to use?

PassMark is extremely simple for anyone to use. You don’t need to memorize anything new—just use the site as usual and look for your PassMark at log-in.   

9.  I share my computer with someone who has their own bank account. Can both of us still log-in from this machine? 

Yes, you can both use the same computer to log-in to your individual bank accounts. There is no limit on how many people can log-in into the bank web site from the same computer.     

10. What happens if someone steals my password?  How will PassMark keep them from accessing my account?

When someone tries to log-in using your stolen user name and password, we will recognize that they are logging in from a different computer, and ask them a secret question.  Since only you know the answers to your secret questions, they will not be able to give a correct answer. They will not be able to log-in.  

11.  Can I change my PassMark picture and caption? 

Yes, you can change your PassMark picture and caption at any time. To make the change, go to the account maintenance link after you log-in to your account.  

12.  How do you know I am logging in from my own computer?

When you log-in for the first time from a new computer, we put a secure (encrypted) cookie on your computer. This cookie contains a randomly generated unique number that identifies your computer. The cookie is visible only to the bank web site and does not contain any of your personal information. When you log-in after that, your web browser sends us this cookie. This lets us know that this is your computer.

13. What is Phishing?   

Recently there have been attempts by fraudsters to trick people into revealing their personal information, such as passwords, by creating fake web sites that look very much like the sites of legitimate financial institutions. They send out emails randomly with links to these fake web sites. This phenomenon has been called Phishing, (pronounced “fishing”).

14.  I am trying to log-in from my own computer, but the bank’s web site is not showing me my PassMark.  Instead, it is asking me a question. What is happening?

This might happen in rare cases if you have deleted all cookies on your computer. Before answering a secret question or entering your password, make sure that you are going to the legitimate bank web site. The easiest way to ensure this is by typing the URL of the bank (www.bank.com) directly into your web browser. Then, after you answer the security question, you should see your secret PassMark next to the password field.  If your PassMark is there, you can be confident that you are at the legitimate web site and can enter your password.

15. What is a Trojan or Key Logger?

Some fraudsters have been putting programs on random computers in order to harvest your user id and password information used to log-in to web sites. They collect this information and secretly transmit it to their own computers and attempt to log-in to your site. These are called Trojans (short for Trojan Horse) or Key Loggers (for logging your keystrokes).

Text Box: Step 1: The new Advanced Authentication product will allow you to enter your User ID only, on the login screen. you will enter your User ID and click validate to proceed.

 

16.  How does PassMark protect me from a Trojan or Key Logger? Once you have a PassMark and have registered your computer, even if a fraudster steals our login ID and Password, his computer will not be registered and he will not be able to log-in as you; thus, PassMarks protect your identity and your account. Text Box: Step 3: This screen allows you to select or upload an image that will become your PassMark. You can view your images by selecting a category from the “Choose an Image drop-down box” you can select the desired image by clicking on the link below, Select Image. The image will appear in the box labeled Your Passmark. Click Accept Image to proceed.  Text Box: Step 4: The next screen requires you to name your image as well as select and answer 3 challenge questions. Each field must be unique and consist of anywhere from 6 to 30 characters. Once complete, Click Preview. To proceed.  you will review the information, click go back to make changes or Finished, - Login to enter Online Account Access.   The Advanced Authentication set up is complete!   Text Box: Step 2: The next screen will only appear the first time you log after Advanced Authentication is enabled. After you enter your existing password,  click the Login button.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Text Box: Step 5: Each time you log in after the initial setup, you will enter your User ID as shown in step 1. You will then get a screen where you will enter your password while being able to validate your PassMark. You may also be asked challenge questions based on the computer that you are using to access Internet Banking.

 

 

 

 

 

 

 

 

Text Box: * Each time a User logs into Online Account Access from a different computer, they will be asked if they wish to register it. Registration of a PC means that the characteristics of the machines are being logged to the database.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Community Links

:: Community Bankers of WI
:: University of WI Extension
:: Social Security Office
:: IRS Forms and Information
:: Savings Bond Information
:: WI Dept of Fin. Institutions
:: State of WI Forms and Info.
:: Consumer Tips 
:: Learn about Identity Theft  
:: Money Smart, An Adult
   Educational Program
:: Free Credit Report

By clicking on the links above,
you will be leaving our web site.

Bancroft State Bank - ATM Access

Registry Accounts Click Below

    

            

Bancroft State Bank
© 2008 Bancroft State Bank. All rights reserved.