Enhanced Login Security FAQs
Q. Why is the credit union requiring Enhanced Login Security for online banking through Internet BranchSM?
A. Our regulators have instructed us to provide enhanced security for our online banking users. The solution must provide additional security that goes beyond a secret password and member number. We want to ensure your online experience is user-friendly, convenient and most of all secure.
Q.How does Enhanced Login Security work?
A. It works by placing a non-invasive, non-tracking cookie on the browser of computer(s) you use regularly. The cookie is encrypted and contains no externally identifiable information about you or your accounts. When you log in, our Internet Branch system verifies your member number and password and checks for the presence of the cookie. If your computer includes a Macromedia Flash Player plug in, a flash object mirroring this cookie will be added. If your cookies are deleted, the flash object will retain a copy of the cookie identifying that computer as being registered for your additional security.
You control which computers receive the cookie by going to the User Options section of our Internet Branch site and selecting Enhanced Login Security. Only computers you use regularly, such as your home or work computers should be registered. It is not advisable to place the cookie on the browser of any public or shared PC, such as one at a school, library, or Internet café. However if you do, just clear the cache (delete the cookies) from that computer.
Q.What are the different ways I can use my challenge question?
A. All Internet Branch users will be prompted to choose one challenge question (there are four questions to choose from) and provide an answer when enrolled in Enhanced Login Security.
You can access Internet Branch from any computer, even if it's not registered, by correctly answering your challenge question when prompted.
In addition, the challenge question will allow you to use the Forgotten Password feature available to Internet Branch users.
Q.Is the challenge question case sensitive?
A. No, however you must type the answer exactly as it was answered at registration. For example, if you answered "First Street" during registration, the system will not recognize "1st Street" or "First St." as valid answers. Similarly, dates must be typed in the same format as originally answered, e.g., January 1, 2006 vs. 1/1/06 vs. Jan 1, 06, etc.
Q.Will my joint account owner need to choose a challenge question too?
A. No, joint account owners share log in information just as they do today.
Q.What if I don't want anyone to be able to access my account using the challenge question?
A. You can enter incorrect information as your answer to the challenge question which will protect you against unauthorized access by someone who may know the correct answer. However, if you forget your answer to the challenge question this will prevent you from being able to access your account from a non-registered computer/ browser as well as the forgotten password feature.
Q.What if I forget the answer to my challenge question?
A. If you forget the answer to your question, a Contact Center Representative can assist you with resetting your question but no employee of US Federal Credit Union can view the question or answer you have selected. Contact US Federal Credit Union at (952) 736-5000 or toll-free at 1 800 345-2733.
Q.How do I use the forgotten password feature?
A.In the event you forget your password, you do have the option to reset it. Simly enter your member number, answer the challenge question and finally enter a new password.
Q.What if I have already added Enhanced Login Security to my account and my computer. Will I have to register again?
A. No further action will be required on your part if you have already added Enhanced Login Security to your accounts and your computer(s), and you are actively using the service.
Q.What if I have added Enhanced Login Security to my account and currently have the feature disabled in the User Options section of Internet Branch? Will I now be required to enroll my computer in the service and/or answer my challenge question?
A. Yes. If you have added Enhanced Login Security to your accounts and currently have the feature disabled through the User Options in Internet Branch, you will be required to either register your computer in the service, or answer your challenge question each time you log in to Internet Branch.
Q.Why are you requiring an e-mail address?
A. To ensure your account security, we will begin e-mailing you any time the forgotten password feature is used, or an invalid attempt is made to access your account using the challenge question. US Federal Credit Union will never share your e-mail address.
Q.Can I enroll more than one computer and/or browser?
A. Yes, you can enroll as many different computers and browsers as you like. If you use multiple browsers within the same computer you will need to enroll using each browser separately. Simply log in with each browser and select "Add extra security to this computer" under User Options/Enhanced Login Security.
Q.I share my computer with someone that also uses Internet Branch services - can both of us still log in from the same computer?
A. Yes. You can use the same computer to log in to your individual accounts safely; you will not be able to access each other's information. This is because your secure cookie is linked to only your log in information. There is no limit as to how many secure cookies can be installed on the same computer. Just remember to never share your member number or password with anyone.
Q.What should I do if I want to discontinue the use of a computer that I have added Enhanced Login Security to?
A. You should remove the Enhanced Login Security from that computer. This can be done by logging into your account from the computer and selecting the "remove extra security from this computer" option from the Enhanced Login Security options page. This will remove the secure cookie from that browser, so that if an attempt to log in to your account is made from that computer, extra information will be requested before access is granted.
Troubleshooting
Q.Why do I keep getting asked for extra information when I log in from a computer that I have already added extra security to?
A. There are two reasons this could be happening:
1. If you are using a different browser (i.e., Internet Explorer, Firefox) from the one you used when you added extra security, you will need to add extra security using the new browser.
2. The secure cookie could be getting deleted. This is a common method used by Spyware blocker software to remove potentially risky items from your computer. These solutions typically remove ALL cookies as a precaution, even though very few cookies are actually security risks. In order to use this feature without being asked for additional information at each log in, the secure cookie that we use to identify your computer must stay within your browser. We recommend that you do not delete these cookies if you do not want to be asked for additional information at each log in. If your computer includes a Macromedia Flash Player plug in, a flash object mirroring this cookie will be added. If your cookies are deleted, the flash object will retain a copy of the cookie identifying that computer as being registered for your additional security.
Q.Why isn't Microsoft Money working properly?
A. If you are using the "Passport" feature within MS Money, you will need to disable that feature. Since "Passport" combines financial information from multiple sources using ID and password information only, the feature will no longer work with the new "multi-factor" identification methods required.
Q.I currently use an Account Aggregation Software / Application to manage my accounts. Why isn't the application able to access my account information?
A.Since Enhanced Login security is new, most account aggregation software and applications are not able to recognize the new process that is required to access your account information. Some companies have made the required changes to their software and applications to allow you to enter your Challenge Question, so that the account information can be accessed. For your security, we recommend that you do not enter your challenge question answer in the account aggregation software and/or application.
