Your Online Banking Security

This Internet banking system uses industry-standard technology, including password-controlled entry, Secure Sockets Layer (SSL) protocol, data encryption, public-private key pair, firewalls, and filtering routers. Each security component acts as a layer of protection to safeguard sensitive data from unauthorized users.

Password-Controlled Access

First, this system requires customer identification through a private access code and password before you can get into the system's front-end. You should keep this password and access code absolutely private.

Enhanced Authentication

The new security feature employs two-factor mutual authentication to protect Horizon's online offerings' front door (i.e., log-in). The new security feature allows account access only after two levels of security have been passed: entry of a valid passcode from a recognized computer or device that then must pass multiple layers of security forensics transparent to the end user. If there is any ambiguity, the system presents a challenge question that must be correctly answered before the user can access account information.

Protect Your Accounts. When someone tries to access an account from an unrecognized computer they must correctly answer challenge questions set up by the authorized user. So even if the login ID and password have been stolen through spyware, a phony Web site, or even from a handwritten note, the thief would be required to answer a challenge question to get access to the account, preventing the thief from accessing personal account information.

Confirm the Web site's validity. Once the authorized user enters their login ID and clicks the submit button, they will see their secret image and phrase. If the image and phrase don't appear, the site may be fraudulent. This capability targets a fraud called spoofing and will help ensure that they are not fooled by fake versions of our Web site.

Transmission Security: Encryption

Once you have logged on correctly, you will enter a secure environment in which you can conduct your transactions. The browser automatically secures the session using the Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and the customer is encrypted and can only be decrypted with what is called the public and private key pair.

Data that is encrypted with the public key can be decrypted only with the private key. Conversely, data encrypted with the private key can be decrypted only with the public key. This asymmetry is the property that makes public key cryptography so useful.

Information Privacy: Firewalls and Filtering Routers

Finally, once requests arrive at the bank, the server is protected by a series of firewalls and filtering routers which verify the source and destination of the requests traveling in information packets. The firewall is set up to reject any unauthorized traffic. This reemphasizes the importance of the password, which is the only legitimate entry into the program. This system firewall "opens holes only when necessary and closes them back down as soon as useful work is completed". The purpose of the router is to keep out traffic that does not emanate from one of the only two legitimate ends of a secured transaction: the customer or the bank.

Notwithstanding our efforts to ensure that the Bank's online system is secure, you should be aware that the internet is inherently insecure and that all data transfers, including electronic mail, can potentially be monitored and ready by others.

The Internet Banking section is automatically secured/encrypted, but the rest of the Website can be accessed as either secure or unsecured. To see at a glance if a session is secure:

Check the key icon at the lower-left corner of Netscape's screen. If it is intact and a blue line appears at the top of the screen, all messages are secure.

Check if there is an "s" after the "http" in the URL. The "s" after the "http" denotes that the page is secure.

If using Microsoft® Internet Explorer, and the image of a lock is displayed, the lock indicates the site is secure. If the icon appears as a picture of a broken key or a broken lock, encryption is not in use and the current session is not secure.

To ensure security, we recommend the following:

Never reveal your password**.

**Password refers to your telephone access (audio response system, not Bill Payment) password or the password that you selected when you signed up for Internet Banking. Your financial institution may use a different name. If you have questions about which number to use to access Internet Banking for the first time, contact your financial institution.