In Internet banking as with traditional banking methods, security is a primary concern. At Bank of Dwight we have taken every precaution necessary to be sure your information is transmitted safely and securely. The latest methods in Internet banking system security are used to increase and monitor the integrity and security of the system.

The security of the Bank of Dwight Internet banking application is addressed at three levels. The first concern is the security of customer information as it is sent from the customer's PC to the Web server. The second area concerns the security of the environment in which the Internet banking server and customer information database reside. Finally, security measures are in place to prevent unauthorized users from attempting to log into the online banking section of the Web site.

Data security between the customer browser and our Web server is handled through a security protocol called Secure Sockets Layer (SSL). SSL provides data encryption, server authentication, and message integrity for a Internet connection. In addition, SSL provides a security "handshake" that is used to initiate the connection. This handshake results in the client and server agreeing on the level of security they will use and fulfills any authentication requirements for the connection. Currently Bank of Dwight's online banking application supports data encryption at the highest level (128 bit). In order to get this level of encryption, you will need a browser that supports it. Both versions 3 and 4 of the most popular browsers support 40-bit encryption as a default, and have complete versions as well as patches that will support the stronger 128-bit encryption. Check with your browser manufacturer's website for more information.

Requests for online banking information are passed on from the Web server to the Internet banking server. The Internet banking application is designed using a three-tiered architecture. The three-tiered architecture provides a double firewall, completely isolating the Web server from the customer information SQL database.

The World Wide Web interface receives SSL input and sends requests through a firewall over a dedicated private network to the Internet banking server. The World Wide Web interface is the only process capable of communicating through the firewall to the Internet banking server. Therefore, only authenticated requests communicate with the Internet banking server.

The customer information database is housed on a Microsoft SQL Server, which implements Microsoft NT security in addition to the firewall technology. The customer database is stored on a RAID-5 drive array, which provides uninterruptible data access, even in the event of a hard drive failure. Just as the World Wide Web interface is the only process capable of communicating with the Internet banking server, the Internet banking server is the only process able to send requests to the SQL database. Thus, the outside world is removed from the customer database by two dedicated private networks.

A security analyzer constantly monitors login attempts and recognizes failures that could indicate a possible unauthorized attempt to log into an account. When such trends are observed, steps will be taken automatically to prevent that account from being used.

Security concerns have been addressed from every angle within the architecture of the Internet banking application. Implementation of the SSL security protocol on the Web server and customer browser ensures authenticated data has been received from the customer. The three-tiered approach of the Internet banking application creates a double firewall which performs information requests over dedicated networks designed to handle specific functions. Placing all business logic and event logging within the Internet banking server creates a controlled environment which allows quick incorporation of Internet security technologies as they evolve. Finally, the security analyzer monitors login attempts in order to prevent unauthorized logins.

Security Enhancements

Bank of Pontiac and Digital Insight are constantly focused on protecting the security of your data and personal information. One major focus of this change is to re-architect the core technology behind our login and registration functionality in order to enhance security, performance, and code maintainability. In particular, we have tightened security restrictions around our login functionality and this may impact your ability to login to Online Banking.

Access Control: We have added additional layers of security to prevent non-authorized access to Internet Banking applications and the data contained within a secure Internet Banking end-user session. Because of this, we are no longer allowing nonauthorized interactions with Internet Banking application components. This security improvement has the following effects: We have found that some third party software installed into standard browsers and computers (i.e. toolbars, adware, etc.) make attempts to directly interact with our application using non-authorized methods. Many of these browser add-ins are known to be spyware products and we believe the Internet Banking application should not allow such interactions. The suggested solution is to educate the end user regarding the third party products and advise them to remove the offending browser add-in software. Below we have categorized three specific types of browser add-in software and provided some information to help you. Additionally, Internet Banking will present an error message to you if you encounter some of these issues. The message will read:

Error #1512

Due to increased security, your computer settings will not allow you to login. We suggest you check all computer, browser and third party software settings that may limit this login session. If you need assistance please contact your financial institution. Click here for more information.

Internet Explorer Content Advisor Defect

Microsoft Internet Explorer has a feature called Content Advisor that allows parents to restrict access to certain sites, based on content filter settings. Unfortunately, there is a known defect in Microsoft Internet Explorer that causes it to behave inappropriately with our security enhancements. Under this scenario, Internet Explorer will cache the Internet Banking login page, despite Digital Insight's adherence to the technical standards that would tell the browser to not store our login pages in a local cache.

Work Around #1: End Users that have Content Advisor enabled in Internet Explorer will require some changes that need to be made in order to use Internet Banking. If you have Content Advisor enabled within your browser these are the steps required to access Internet Banking: 1. Click on Tools 2. Select "Internet Options" 3. Select the "Content" tab 4. Select "Settings" and input the Content Supervisor password. (The password was created when enabling the Content Advisor; if you have forgotten this password contact Microsoft) 5. Select "Approved Sites" 6. Copy and paste the entire Login page URL; for example: www.myfi.com/onlinserv/HB 7. Select "Always" and then click "Apply" 8. Click "OK" to close the Window When logging into Internet Banking, you may see the following message box: 9. Select "Yes" to continue.

Work Around #2: To Disable Content Advisor.
1. Click on Tools
2. Select "Internet Options"
3. Select the "Content" tab 4. Within the Content Advisor section, click the "Disable" button
5. You will be prompted to input the Content Supervisor password. (The password was created when enabling the Content Advisor).
6. Click the "Apply" button
7. Click the "OK" button to close the window.

Additional Third Party Software (TPV)

Due to increased security, certain third party toolbars/software may prevent end user access into Internet Banking. This can also include some types of pop-up blockers. In order to log in to Internet Banking, this software may need to be disabled or uninstalled. Please refer to the third party vendor instructions for information on how to perform these steps. An example of one of these types of toolbars is HotBar. For information regarding HotBar specifically, see below: Performing a search from Google generates the following information:

What is HotBar?
The Hotbar Browser Toolbar presents buttons on your Internet Explorer browser that change while you surf to relate to the website you visit. These buttons also provide you instant access to Search, Yellow Pages and more. The Browser toolbar also spices up your Internet Explorer with your chosen image (skin) picked from a huge variety of skins. The Hotbar Email Toolbar is added to your mail (Outlook, Outlook Express, Hotmail and Yahoo mail).

Known Issue:
HotBar does track website visits and also has an auto-update feature that updates automatically. So there are both privacy and security concerns with this add-on program.

Automatic Removal:
For Automatic Removal of Hotbar, Click on the following link to download and run the HotBar uninstaller program. http://hotbar.com/downloads/HbUninst.exe

Spyware/Adware
Due to increased security, certain spyware/adware may also prevent end-user access into Internet Banking. In order to log in to Internet Banking, end users must remove this type of software from their computer.

Spyware is Internet jargon for advertising supported software (Adware). It is a way for shareware authors to make money from a product, other than by selling it to the users. Adware typically reports your Internet surfing habits back to a third party site for data collection purposes. In order to protect your financial privacy, it may be necessary to install a spyware/adware search tool to determine if your computer has any of this software installed. If you determine that adware or spyware has been installed on your computer, the software will need to be removed.

Errors #1504 and #1518

These error messages occur when you have bookmarked the login screen instead of accessing the online banking from our website. Please access the online banking through the login on the Bank of Dwight website.