School Systems FCU Privacy Notice
School Systems Federal Credit Union is owned by its members and run by a board of directors you elect. You can be confident that your financial privacy is a top priority of this credit union. We are required by law to give you this privacy notice to explain how we collect, use and safeguard your personal financial information.
We are committed to providing you with competitive products and services to meet your financial needs, which necessitates that we share information about you to complete your transactions and to provide you with certain financial opportunities. In order to do so, we have entered into agreements with other companies that provide either services to us or additional financial products for you to consider. Under these arrangements, we may disclose all of the information we collect, as described below, to companies that perform marketing or other services on our behalf or to other financial institutions with whom we have joint marketing agreements. To protect our members' privacy, we only work with companies that agree to maintain strong confidentiality protections and limit the use of information we provide. We do not permit these companies to sell to other third parties the information that we provide them.
Information We Collect and Disclose About You
We collect and may disclose nonpublic personal information about you from the following sources:
We may disclose information we collect about you under other circumstances as permitted or required by law. These disclosures typically include information to process transactions on your behalf, conduct the operations of our credit union, follow your instructions as you authorize, or protect the security of our financial records.
If you terminate your membership with School Systems Federal Credit Union , we will not share information we have collected about you, except as permitted or required by law.
How We Protect Your Information
We restrict access to nonpublic personal information about you to those employees who have a specific business purpose in utilizing you data. Our employees are trained in the importance of maintaining confidentiality and member privacy. We maintain physical, electronic, and procedural safeguards that comply with federal regulations and leading industry practices to safeguard your nonpublic personal information.
Home Banking Security
We are pleased to offer home banking and bill payment services via the Internet. Delivering these services requires a solid security framework that can protect you and our institution from outside intrusion. The information below summarizes our security framework, which incorporates the latest proven technology. A section at the end also summarizes your responsibilities as a user of the home banking system with regard to security.
There are several levels of security within our security framework. User Level deals with cryptography and Netscapeís Secure Sockets Layer (SSL) protocol, and is the first line of defense used by all customers accessing our Home Banking Server from the public Internet. Server Level focuses on firewalls, filtering routers, and our trusted operating system. Host Level deals specifically with our home banking and bill payment services, and the processing of secure financial transactions.
There are several components of User Level security that ensure the confidentiality of information sent across the public Internet. The first requires your use of a fully SSL-compliant browser such as Netscape Navigator or Microsoft Internet Explorer. SSL is an open protocol developed by Netscape that allows a userís browser to establish a secure channel for communicating with our Internet server. SSL utilizes highly effective cryptography techniques between your browser and our server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate which ensures that you are truly communicating with the Home Banking Server and not a third party trying to intercept the transaction.
After a secure connection has been established between your browser and our server, you then provide a valid User ID and Security Code to gain access to the services. This information is encrypted, and a request to log on to the system is processed. Although SSL utilizes proven cryptography techniques, it is important to protect your User ID and Security Code from others. We recommend using a full 8-digit Security Code and changing it often. Session time-outs, a limit on the number of logon attempts, forced Security Code change intervals, and special browser caching techniques are examples of other security measures in place to ensure that inappropriate activity is prohibited at the User Level.
All transactions sent to our Home Banking Server must first pass through a filtering router system. These filtering routers automatically direct the request to the appropriate server after ensuring the access type is through a secured browser and nothing else. The routers verify the source and destination of each network packet, and manage the authorization process of letting packets through. The filtering routers also prohibit all other types of Internet access methods at this point. This process blocks all non-secured activity and defends against inappropriate access to the server.
The Home Banking Server is protected using the latest and most powerful firewall platform. This platform is based on a government-rated B1 trusted operating system, in use for many years by high-security government agencies including the U.S. Department of Defense. This platform defends against every kind of system intrusion and effectively isolates all but approved customer financial requests. The platform secures the hardware running the home banking applications and prevents associated attacks against all systems connected to the Home Banking Server.
Administration of the platform cannot occur remotely and must be initiated by authorized personnel in direct physical contact with the master console. Thus, a level of physical security has been implemented that rivals some of the most secure government facilities. Additional measures to ensure the security of information involve the separation of server applications from host data. This means that information of value does not physically reside on the Home Banking Server. Logging of security information occurs at all times and there is always a backup of the information logged about every attempt made to access the system. These security logs allow us to constantly monitor for a wide range of anomalies and to determine if attempts have been made to breach our security framework.
After passing through the Home Banking Server, the transaction is sent via secure dedicated communication lines to our Transaction Server which verifies customer identity. Once authenticated, the customer is allowed to process authorized home banking and bill payment transactions using host data. No direct database access occurs between the Home Banking Server and the Transaction Server. Only specific transactions in the proprietary format are allowed into the Transaction Server. Protocol conversions have also been implemented to ensure that information does not remain in a single state of existence, further securing the information at any given point in the transaction process. In addition, communication time-outs ensure that the request is received, processed, and delivered within a given time frame. Any outside attempt to delay or alter the process will fail. Further password encryption techniques are implemented at the host level, as well as additional security logging and another complete physical security layer to protect the host information itself.
While we continue to evaluate and implement the latest improvements in Internet security technology, users of the home banking system also have responsibility for the security of their information and should always follow the recommendations listed below:
When you follow these simple security measures, your interaction with the home banking system will be completely confidential. We look forward to serving your home banking and bill payment needs both today and into the future - securely!
To print this screen, place your pointer on the text, right click on your mouse and select print.
To contact the Supervisory Committee, please mail to: School Systems FCU, Attn: Supervisory Committee, 325 Washington Ave. Extension, Albany, NY 12205.