New Updates to Protect your Account SecurityNovember 25, 2014
Recently the media has been reporting the discovery of a new global online security vulnerability, nicknamed “POODLE”. This vulnerability has been identified to affect web browsers using SSL (Secure Sockets Layer) 3.0, and has the potential to compromise computers using outdated browsers, such as Internet Explorer versions 9 and lower.
At the Credit Union, the security of your accounts and account information is our top priority. In accordance with industry standards and to ensure the highest level of security possible, beginning December 1, 2014, our Online Bill Payment System and Deposit Anywhere will migrate to TLS 1.0 (Transport Layer Security) and will no longer support SSL 3.0.
It’s important to understand that the POODLE vulnerability is a global problem and is not exclusive to BCU or our Online Bill Payment provider.
What changes do I need to make?
If you are using Firefox (v33+), Chrome (v30+), Safari (v7+) or Internet Explorer (v10+), you are already protected against this vulnerability and no action is needed. If you’re running an older version of one of these browsers, please refer to the information below. Some adjustments may be required to the settings in Internet Explorer 10 (see below for tips to enable TLS 1.0).
If you have additional questions, email us at firstname.lastname@example.org or call 800-388-7000. We’re here to help!
How can I protect myself against the POODLE vulnerability?
Because older web browsers are more vulnerable to these types of security risks, it is recommended that you routinely update your browser to the latest version to maximize the security of all of your information online.
Beginning December 1, 2014, in order to access Online Bill Pay (specifically unscheduled payees, or to set up a new payee) and other select Online Banking services, the following minimum requirements need to be met:
- Running a web browser version that supports a minimum of TLS 1.0
- Firefox (v33+), Chrome (v30+), Safari (v7+) or Internet Explorer (v10+), or newer
- Enable TLS 1.0 if using Internet Explorer 10 (if not already enabled, see below for instructions)
Note: Payments you already have scheduled within your Bill Pay account are accessible via Mobile Banking and are not subject to the December 1 web browser update deadline.
If you are unsure what version of Internet Explorer you are currently using, access About Internet Explorer:
- Click the Tools button (gear icon) - or click Help in the menu bar
- Click About Internet Explorer
- The version is displayed in the pop-up window that appears on your screen
If you are experiencing issues and are running Internet Explorer 10, use these instructions to enable TLS 1.0:
- In Internet Explorer, click Tools
- Click Internet Options
- Select Advanced tab
- Scroll down to the Security section
- Locate "Use TLS 1.0"
- If check marked, do not make any change - you are already protected
- If there is no check mark, click on the box to enable TLS 1.0