Blackhawk Bank Internet Security

Deter, Defend. Detect.


One of our highest priorities is to ensure your privacy and peace of mind by employing the most advanced online security measures in the industry. Once enrolled in Business Online Banking, you will be able to use a self-selected User ID, Password and Multi-factor Authentication System that serves as your first line of security. Once enrolled in Personal Online Banking, you will be able to use a self-selected User ID, Password and 2FA (Two-Factor Authentication) that serves as your first line of security.

Blackhawk Bank provides state-of-the-art encryption of all data transmitted between your computer and our secure site. Most browsers utilize an encryption method called Secure Sockets Layer (SSL), a protocol that encodes data before it's transmitted over the Internet.


Security Enhancement – EV SSL (Secure Sockets Layer) Certificates


Jack Henry and Associates (Blackhawk Bank’s SSL Certificate Issuer) will use SSL Certificates for security to help confirm that users have reached a legitimate Web site, not a “spoofed” site created by fraudsters to steal personal and financial information.

Address Bar: The address bar in the browser will display https://

Padlock Icon: A closed padlock is prominently displayed in the address bar. Users may click the      padlock to view details about the certificate that secures the site and the certificate issuer.

Security Status Bar: The security status bar rotates between the name of the authenticated            organization (Jack Henry and Associates is Blackhawk Bank’s Certificate Issuer) and VeriSign, the      trusted 3rd party that performed the Extended Validation authentication.

Supported Browsers

As part of our commitment to protecting you with the highest security standards, Blackhawk Bank’s Online Banking only supports the current and prior major releases.

In general, compatible browsers/versions* are:

Microsoft Edge:

Microsoft Edge will only be supported by the latest version. Online Banking may deny access to      Microsoft Edge versions 60 days after a new version is released.

Google Chrome:

Google Chrome should automatically update when major updates are released, approximately          every 12 weeks. If Chrome is two versions older than the current stable channel version, Online        Banking may deny it access.

Apple Safari:

Apple typically makes upgrades to Safari during the fall of each year. Online Banking may deny      access to older versions approximately 60 days after a new version is released. However, this          change requires that the new version of Safari is available on both MacOS and iOS devices.

Mozilla Firefox:

Firefox should automatically update. If Firefox is two versions older than the current stable            channel version, Online Banking may deny it access.

Internet Explorer and the legacy Microsoft Edge browsers for Personal and Business Online Banking are no longer supported, effective January 1, 2021. If you are currently using Internet Explorer, we recommend switching to the new Microsoft Edge or another supported browser. If you are using the legacy Microsoft Edge browser (any version of Microsoft Edge less than 70), we recommend upgrading to the newer version or switching to another supported browser.

Effective November 1, 2021, Android versions less than 6.0 and iOS versions less than 12.0 will no longer be supported by our mobile applications.

Beta Versions

Beta versions are not supported. When new versions of browsers are announced as ready to Release to the Web by the provider, they will become a supported version.

Troubleshooting

The following types of tools and/or access are not recommended and may impact experience:

• Accessing account via an embedded browser such as:
• Personal or Commercial Financial Management Software (Quicken, QuickBooks, etc.)
• Browser Bars within AOL, Yahoo, Google, etc.…
• Internet Portal access within gaming systems such as Xbox
• Use of browser Add-Ins (Emoticons, FunWeb Services, etc.)


Download a supported browser:


     • Microsoft Edge
     • Firefox
     • Safari
     • Google Chrome

PLEASE NOTE: Your browser MUST accept “Cookies” to utilize this service. Each browser handles Cookies uniquely. Please check with your browser software manufacturer to determine how to verify that your settings will accept Cookies.

An icon, such as a lock or key, will be displayed in the corner of your browser’s window to let you know that your browser’s encryption is active.

Security Education


Education is key to understanding the safeguards that you should employ to help you reduce your risk for fraud when banking online. Take precautions to protect your PC from viruses and malware.


What You Should Do


Ideally, use a dedicated computer for online banking ONLY and a separate computer for email, surfing the Internet and online shopping. This is the best way to prevent the possibility of malicious software infecting the computer you use for online banking. Computer technology advances (e.g. ‘Notebook’ laptops) have made the purchase of a dedicated computer an inexpensive means of protection.


If you choose not to use a dedicated computer:


Avoid Spyware. The best way to protect your computer from spyware is to install an anti-              spyware program that monitors the activity of software on your computer. Like a virus scanner,        anti-spyware software detects and attempts to remove malicious applications from your                computer. Spyware infects computers when the user interacts with a malicious resource on the        Internet.
 
Use software that scans for viruses.

Note: There are a number of malicious programs that purport to be anti-virus and anti-spyware      applications. When installing anti-virus and anti-spyware be sure they are legal licensed                versions of the software.


The following rules will help keep your computer safe:


• Do not respond to unsolicited (spam) email.
• Do not click on a link within an unsolicited email.
• Be cautious of email claiming to contain pictures in attached files as the files may contain            viruses. Only open attachments from known senders. Virus-scan the attachments if possible.
• Contact the actual business that supposedly sent the email to verify if the email is legitimate.
• Avoid visiting websites that contain questionable content, including sites that offer illegal              music, movie and software downloads.
• Pay attention to the Google Results page. Google identifies sites that may contain malicious          content. Avoid clicking links that have been identified as such.
• To protect your privacy and help prevent unauthorized use of online banking you should              always “Logout” or ‘Exit’ secure websites to completely log-out. Do not simply click the                X to close your Internet session.
• Monitor your accounts and review your transactions regularly. Should you see suspicious              activity, report it immediately.
• Use encryption software on laptop computers.
• Familiarize yourself with the Security Settings on your PC.
• Educate all online banking users in your home about the risks and safeguards


Other Security Hints


• Keep your web browser software up-to-date to take advantage of security enhancements.
• Take precautions to keep your computer free from viruses that might be used to capture              Password keystrokes or send information from your hard drive.
• DO NOT use coffee shop or public Internet hook-ups or rented computers. Computers can            capture information from the Internet as part of the browser software's operation, or because          someone has loaded a program in it to secretly gather your information.
• If you are away from home and get an unexpected screen asking you for your credit card            number, password, or account information, DO NOT disclose it.
• If you save financial information externally, remember that a sophisticated user can read it,          even after you have "erased" the file. DO NOT share external information that contains                  confidential information.
• Practice "safe trash" with printouts of your account information. DO NOT throw them away            where prying eyes can find them. It is always a good idea to shred printouts of your account          information before discarding.


Tips for Creating and Using Safe Passwords

In addition to the suggestions offered above, follow these guidelines for creating and using strong passwords:

• Use BOTH upper- and lower-case letters.
• Place numbers and punctuation marks randomly in your password.
• Make your password long and complex, so it is hard to crack. Between 8 to 20 characters long        is recommended.
• Use one or more of these special characters: +_%@!$&*~
• To help you easily remember your password, consider using a phrase or a song title as a              password. For example, “Somewhere Over the Rainbow” becomes “Sw0tR8nBO” or “Smells Like          Teen Spirit” becomes “sMll10nspT.”
• Make your password easy to type quickly. This will make it harder for someone looking over          your shoulder to steal it.

Using Your Password Safely

• Create different passwords for different accounts and applications. That way, if one account is        breached, your other accounts won’t be put at risk too.
• Never use your online banking password for online shopping sites or free e-mail accounts            (Hotmail, Yahoo!, Gmail).
• Change your passwords regularly, about every ninety days.
• Don’t share your password with anyone else. Once it’s out of your control, so is your security.
• Never enable the “Save Password” option, even if prompted to do so. Pre-saved passwords            make it easy for anyone else using your computer to access your accounts.
• Never walk away from a shared computer without logging off. This will ensure no other users          can access your accounts.
• Don’t use sample passwords given on different Web sites, including the samples listed above.


How Passwords Are Stolen


When you are creating a strong password, it can help to know the tactics hackers use to steal them. Here are some of the most frequently used techniques:

Guessing. Programs designed to guess a user’s password are common. They often use personal        information found online—such as names, birth dates, names of friends or significant others,          pet names or license plate numbers—as a starting point. These programs can even search for a        word spelled backwards.

TIP: It’s best to steer clear of any personally identifying information when creating a password.

Dictionary-based attacks. Programs and software also exist that run every word in a                    dictionary or word list against a user name in hopes of finding a perfect match.

TIP: Staying away from actual words, even in a foreign language, is recommended.

“Brute Force” attacks. By trying every conceivable combination of key strokes in tandem with          a user name, brute force attacks often discover the correct password. Programs can execute a          brute force attack very quickly.

TIP: The best way to beat such an attack is with a long, complex password that uses upper-          and lower-case letters, numbers, special characters and punctuation marks.

Phishing. Phishing scams usually try to hook you with an urgent IM or e-mail message                  designed to alarm or excite you into responding. These messages often appear to be from a          friend, bank or other legitimate source directing you to phony Web sites designed to trick              you into providing personal information, such as your user name and password.

TIP: Best advice is don’t click a link in any suspicious e-mails, and don’t provide your                  information unless you trust the source.

Shoulder surfing. Passwords are not always stolen online. A hacker who is lurking around in        a computer lab, cybercafé or library may be there for the express purpose of watching you            enter your user name and password into a computer.

TIP: Try to enter your passwords quickly, without looking at the keyboard, as a
defense against this type of theft.