About Online Banking
Login changes effective August 3, 2016
'Change Personal Access Questions' Enhancement
If you need to access the MemberDirect ‘Change Personal Access Questions’ page you will not be able to view your previously answered questions. You will need to provide three new answers. Additional changes to the user experience of the Increased Authentication self-service ‘Change Personal Access Questions’ page will be made in the near future.
Login changes effective December 5, 2015
When logging in, a member will now enter their PAC on a single page. The personalized image page is no longer in use.
- Flowchart of login process (JPG 467 K)
What is Increased Authentication?
MemberDirect® Increased Authentication improves the safety of the online banking environment by adding a challenge question and answer during the login stage. MemberDirect Increased Authentication uses RSA security software to authenticate customers based on their Personal Access Code (PAC) and the specific computer they use to log in. This double authentication helps your financial institution increase protection against fraudulent activity.
MemberDirect Increased Authentication also provides anti-phishing protection by allowing customers to select a personalized image that is displayed at login to reassure customers that they are logging into your actual site.
What is phishing?
Phishing is a type of scam where an attacker impersonates a legitimate website in order to trick a user into providing his credentials to the attacker. The attacker can then use those credentials to impersonate the user on the legitimate site.
Are we still protected from phishing?
Yes, you are still protected. When the RSA personalized images were introduced in 2007, it was considered best-in-class anti-phishing technology. Since that time, more sophisticated technologies have been built into all major web browsers (Google Chrome, Internet Explorer, Safari, Opera and Firefox, among others), providing users better protection in a more intuitive way.
For example, Google Chrome has built-in tools such as phishing and malware alerts that immediately and clearly alert the user attempting to connect to a site that is not legitimate. This tool is more difficult for an attacker to circumvent and does not require any action from the user, resulting in a more effective solution than the personalized images currently in place. Presented below is an example of a warning message that users will be presented with when they attempt to access a phishing site.
Registering your computer for faster logins
You can speed up the login process by opting to register your computer. When you log in from a registered computer, you don't have to answer a security question before viewing your personal image and entering your PAC.
Registering your home or personal computer is highly recommended for faster logins. You should not register shared or public computers.
Cookies are used to identify registered computers. If you clear your cookies, you will have to re-register your computer.