Member Guide for Online Banking
Use these instructions to enroll in online banking and to learn about the other online banking functions that are available to you.
Online Banking Enrollment Instructions
The following is a guide to assist you in the enrollment and login process.
Before You Begin, You Need to Know:
The member number of the account you wish to enroll
The Date of Birth on the account to be enrolled
The email address on the account to be enrolled
Notes:
You must already be a member of the credit union to enroll in online banking
During the enrollment process a temporary password will be sent to the email address on the account to be enrolled. You must have access to that email account in order to complete the enrollment process
Step 1
Click on the Virtual Branch Online Banking link on the credit union website or, open your browser and enter https://www.shareteccu.com/epfcu in the address bar.
To start the enrollment process, click “Click HERE” to enroll now.
Step 2 – Enter Enrollment Information
Enter the information requested for the account to be enrolled:
Member number
Email address (remember, a temporary password will be sent to this address during the enrollment process)
Birth date (mm/dd/YYYY)
Note: All the information entered must match the member information on file with the credit union. If you are unsure about any information contact the credit union before continuing.
Review the terms of use agreement by clicking the link Online Banking and Electronic Statement Disclosure. You must accept the terms of use agreement by checking the box to the left.
Click “Sign Up” to complete your entries.
Step 3 – Change Login ID
Using your member number as a login ID for online banking is not a safe security practice. In this step you will create a new login ID.
Login ID Best Practices:
Avoid easy to guess IDs like your name, your children’s or pet’s names
Make your login ID hard for other people to guess
Consider using upper and lower case letters and numbers
Special characters !@#$%^&*() are not allowed in this field
Choose another login ID and enter it here.
Enter your new login ID a second time exactly like you did the first time.
Click “Save” when you are finished.
Step 4 – Receive Temporary Online Banking Password
In this step you will receive your temporary password. The temporary enrollment password is sent to the email address that you entered in a previous step. Check that email address now for your temporary password.
Note: If you do not receive a temporary password, check your junk email and spam filter. If you still do not locate the email contact the credit union for assistance.
Click the “Click Here to Login” link to proceed.
Step 5 – Login with New Online banking Login ID
Enter the new login ID you created in step 3. You will use this login ID instead of your member number from now on. Enter the temporary password you received from online banking.
Click “Login”.
Step 6 – Select Authentication Questions & Confidence Word
In this step you will select authentication questions and a confidence word. When you log in to online banking you will be asked one of the three authentication questions from time to time to verify your identity. The confidence word will be displayed every time you log into online banking as well.
You can pick each of your three authentication questions from the list displayed. You must provide answers to all three authentication questions.
Enter your confidence word. Tip: Certain words may be restricted from use.
Review this screen carefully. Make sure your authentication questions/answers are what you think they are. Double-check your confidence word.
If the computer you are enrolling on is a private computer you may click to check the Remember me on this computer check box. Doing this will streamline future login attempts. If this is not a private computer, do not check this box.
Click “Save” when you have finished this step.
Step 7 – Confidence Word Confirmation
Displays a confirmation that your confidence word has been set.
Click the “Click here to Login” link when you are ready to continue.
Step 8 – Verify Confidence Word and Enter Password
On this screen you will verify the confidence word you created in step 6. If the confidence word is correct, you will enter the temporary online banking password that was sent to you by email.
Click “Login” when you are ready to continue.
Step 9 – Create new online banking password
Now, you will change your temporary password to a permanent password.
Enter the login ID you created in step 3 above (not your member number!).
In the current password field enter the temporary password that was emailed to you.
In the new password field enter your new password.
Your new password must be:
A minimum of eight characters long.
Include at least one upper case letter and one lower case letter.
Include at least one numeral.
Include at least one special character. Examples of special characters are ~!@#$%^&()+?.
Click “Change” when you are ready to continue.
Important: Remember your password! You will need it to login to online banking in the future.
Step 10 - Completion
Congratulations! You have successfully enrolled for online banking. Click “here” to proceed to your home page.
Step 11 – Welcome to Online Banking
You should see a display of all you accounts along with a messages link and you email address. Click the desired account to see the account transaction history and details.
We hope you enjoy using the new online banking system!
Online Banking Functions
You can choose to login, view your accounts and their history, make transfers and export your account information to a file. You can retrieve your forgotten password, change your login ID and change your email address associated with your online banking ID. The following pages provide directions to these functions.
Online Banking Login
You will need to login using your online banking Login ID and password that you created during the enrollment process.
Login ID – Enter the online banking Login ID created during the enrollment process.
Click “Login” to proceed.
Password – Enter the online banking password at the Verify Confidence Word and enter Password step.
Note: If you can’t remember your password, click the forgotten password link. Information will be emailed to the email address assigned to the member account.
Click “Login” to proceed.
Home Page
After you login, you will see the Home Page. This page displays your accounts, available and current balances. It also displays messages and your e-mail address.
Account Information
Use the Account tab to view all of your accounts, as well as see details and/or history for the accounts.
From the History View, you can drill-down to more details about the selected account, by clicking “Account Details”.
In addition, you can:
Specify a date range to display details
Search for a specific date or transaction amount
Export the account information to a .csv file or MS Money
Transfers
Use the Transfer tab to transfer funds from one account to another.
To make a transfer:
Select the account to Transfer From and the account to Transfer To.
Enter the transfer amount.
Then, click “Transfer”.
The Transfer screen displays the following message.
Click Yes to post the transfer or No to cancel.
Important: Please know that clicking the browser's Stop button may or may not stop your transaction. Do not click Yes or refresh more than one time.
After you click Yes, wait for your confirmation to display and a transfer complete message.
Services
Use the Services tab to change your online banking password, enter or change an e-mail address, change your account descriptions, and change your login ID.
Use the Mail tab to e-mail the credit union administrator with any questions you have regarding account information, requesting forms or submitting comments.
The mail stays within the secure site and an alert is sent to the credit union administrator every time mail is sent from a member.
To send a message, click “New Secure Message” and use the following window to send your message.
Forgotten Password
If you forget your online banking password, click “Did you forgot your password?” link. You will need to complete the required fields to have your password emailed to the email address on file.
Note: You must have an email address electronically stored at the credit union in order for this process to work.
After clicking the Forgotten Password link, the following screen displays for you to fill out. Then, click “Submit”.
Log Out
It is important to log out at the end of your online banking session. To do this, simply click the Log Out link in the upper right corner of the online banking window. Then, close your browser window to clear the cache.
Home Banking Policy
-
The credit union’s authentication process should be consistent and support ENERGY PEOPLE’S overall security and risk assessment programs. Further, the implementation of appropriate authentication methodologies starts with an assessment of the risk posed by ENERGY PEOPLE’S electronic banking systems.
Energy People needs to utilize reliable methods to verify the identity of members during the account origination process, as well as authenticating members before granting them access to on-line banking systems.
A sound authentication system should include audit and monitoring features that can assist in detecting fraud, unusual activities, compromised passwords, or other unauthorized activities.
The Energy People FCU authentication process should be received periodically to assess the adequacy of existing authentication techniques in light of changing or new risks. -
This interagency guidance focuses on the risks and risk management controls related to authentication in an electronic banking environment. It reviews the risks and risk management control of a number of existing and emerging authentication tools necessary to initially verify the identity of new customers and authenticate existing customers that access electronic banking services. These functions are jointly referred to as “authentication” in this guidance.
This guidance applies to both retail and commercial customers and is intended to be “technology neutral.” Energy People Federal Credit Union may use this guidance when evaluating and implementing authentication systems and practices where they are provided internally or by a third service provider. Furthermore, management should review this guidance in conjunction with other guidance to ensure that safety and soundness objective concerning confidentiality, data integrity, contract enforceability, and effective internal controls are adequately addressed. -
Reliable customer authentication is imperative for Energy People Federal Credit Union engaging in any form of electronic banking or commerce. An effective authentication system can help financial institutions reduce fraud and legal enforceability of their electronic agreements and transactions. Strong customer authentication practices also are necessary to enforce anti-money laundering measurers and help financial institutions detect and reduce identity theft. Customer interaction with financial institutions is migrating from physical recognition and paper-based documentation to remote electronic access and transaction initiation. The risks of doing business with unauthorized or incorrectly identified individuals in an electronic banking environment could result in financial loss and reputation damage through fraud disclosure of confidential information, corruption of data or unenforceable agreements.
The method that Energy People Federal Credit Union to verify authentication tools and methodologies to authenticate customers. They include the use of passwords and personal account number. The level of risk protection afforded by each of these tools varies and is evolving as technology changes.
Authentication methods that depend on more than one factor typically are more difficult to compromise than single factor systems. Accordingly, properly designed and implemented multi-factor authentication methods are more reliable indicators of authentication and stronger fraud deterrents. Energy People Federal Credit Union should be sensitive to the fact that proper implementation is key to the reliability and security of any authentication system. For example, a poorly implemented two-factor system may be less secure than a properly implemented single-factor system. Energy People Federal Credit Union has a two-factor security system in place.
The success of a particular authentication method depends on more than the technology. It also depends on appropriate policies, procedures and controls. An effective authentication method should have customer acceptance, reliable performance, scalability to accommodate growth, and interoperability with existing systems and future plans. -
An effective authentication program should be implemented on an enterprise-wide basis to ensure that controls and authentication tools are adequate among products, services, and lines of business. Authentication process should be designed to maximize interoperability and should be consistent with the Energy People Federal Credit Union overall strategy for electronic banking.
The implementation of appropriate authentication methodologies starts with assessment of the risk posed by the institution’s electronic banking systems. The risk should be evaluated in light of the type of customer; the Energy People Federal Credit Union transactional capabilities; the sensitivity and value of the stored information to both the institution and the customer; the ease of using the method; and the size and volume of transactions.
An enterprise-wide approach to authentication requires development of and adherence to corporate standards and architecture, integration of authentication process within the overall information security framework, risk assessments within lines of businesses supporting selection of authentication tools, and central authority for oversight and risk monitoring. This authentication process should be consistent and support the financial institution’s overall security and risk management programs.
The method of authentication used in a specific electronic application should be appropriate and “commercially reasonable” in light of the reasonably foreseeable risks in that application. Because the standards for implementing a commercially reasonable system may change over time as technology and other procedures develop, financial institutions and service providers should periodically review authentication technology and ensure appropriate changes are implemented.
Single factor authentication tools, including passwords and PINs, have been widely accepted as commercially reasonable for a variety of Credit Unions. However, financial institutions should assess the adequacy of existing authentication techniques in light of changing or new risks (e.g., increasing ability of hackers to compromise less robust single factor techniques). The agencies caution financial institutions that single factor authentication alone may not be commercially reasonable or adequate for high risk applications and transact5ions. Instead, multi-factor techniques may be necessary. Institutions should recognize that a single factor system may be “tiered” to enhance security without implementing a two-factor system. A tiered single factor authentication system would include the use of multiple levels of a single factor (e.g., the use of two or more passwords or PINs employed at different points in the authentication process).
In addition to limiting unauthorized acce4ss, effective authentication also provides institutions with a foundation to enforce electronic transactions and agreements. First, effective authentication provides the basis for validation of parties to the transaction and their agreement to it terms. Second, it is a necessary element to establish the authenticity of the records evidencing the electronic transaction should there ever be a dispute. Third, it is a necessary element to establish the integrity of the records evidencing the electronic transaction. All of these elements promote the enforceability of electronic agreements. -
With the growth in electronic banking and commerce, financial institutions need to utilize reliable methods of originating new customer accounts online. Customer identity verification during account origination is important in reducing the risk of identity theft, fraudulent account applications, and unenforceable account agreements or transactions.
The reliable method to verify a customer’s identity is a tangible proof of identity (e.g., driver’s license).
- Positive verification to ensure that material information provided by an applicant matches information available. More specifically Energy People Federal Credit Union can verify a customer’s identity by comparing the applicant’s Member account number, Birthday, E-Mail Address and home phone number, against information in a trusted database. Correct comparing of database information by Energy People Federal Credit Union with an increasing level of confidence that the applicants are who they say they are
- Logical verification to ensure that information provided is logically consistent (e.g., do the telephone area code, zip code, and street address match)
- Negative verification to ensure that information provided has not previously been associated with fraudulent activity. For example, member information can be compared against fraud databases to determine whether any of the information is associated with known incidents of fraudulent behavior
-
Once Energy People Federal Credit Union has successfully verified a customer’s identity during the account origination process, it should authenticate customers who wish to gain access to the online banking system. Energy People Federal Credit Union uses methods such as User ID and confidence word.
Prudent controls promote the integrity of the authentication method. In addition, Energy People Federal Credit Union can strengthen the reliability of the authentication methods by communicating customer responsibilities and recommended precautions. (Refer to the Appendix for a more detailed discussion on each of these authentication methods and prudent controls.) -
Monitoring systems can detect unauthorized access to computer systems and customer accounts. A sound authentication system should include audit features that can assist in the detection of fraud, unusual activities (e.gl., money laundering), comprised passwords or other unauthorized activities. The activation and maintenance of audit logs will be implemented to identify unauthorized activities, detect intrusions, reconstruct events, and promote employee and user accountability. In addition, financial institutions should report suspicious activities to appropriate regulatory and law enforcement agencies as required by 31 CFR 103.18.
Energy People Federal Credit Union will rely on multiple layers of controls to prevent fraud and safeguard customer information. Many of these controls are based directly upon authentication. Energy People Federal Credit checks each Home Banking. The teller transaction detail is checked each day.
Adequate reporting mechanisms are needed to promptly inform security administrators when users are no longer authorized to access particular systems and to permit the timely removal or suspension of user account access. -
Reliable electronic customer authentication is imperative for financial institutions engaging any form of electronic banking or commerce. The success of a particular authentication tool or methodology depends on more than the technology; it depends on appropriate policies, procedures and controls. An effective authentication method should be implemented on an enterprise-wide basis, have customer acceptance, reliable performance, scalability to accommodate growth, and function with existing systems and future plans.