Internet Security Information
Our bank is dedicated to making information security one of our
highest priorities. We utilize the latest software, hardware and
other technologies to prevent unauthorized users from accessing our
We have implemented many different levels of security including
User ID, password, encryption of sensitive data, and others. We
utilize a technology called SSL (Secure Socket Layer). SSL is
software to secure and protect web site communication using
encrypted transmission of data. The SSL creates a secure
communications channel between our Internet Banking server and your
The following are some of the technologies we have implemented
to ensure all transactions are secure:
- Username and Password Protection
- Browser Encryption
- Network Security and Monitoring
Username and Password Protection
To access account information, you must provide a username and a
password to enter the secure area of the site. Your password is not
displayed when entered. If you do not provide this information, we
cannot establish an online banking service for you.
What can I do?
Don't let anyone else know your password. Never write it down
where anyone can find it. We also recommend that you change your
password every 30 days or sooner. Use letters (upper and lower
case), numbers, symbols. Use a different password for different
internet websites. Don't use the same password for all of your
websites that require you to login. Never access the online banking
site from a computer or terminal that an untrusted individual or
the general public may have access to. You should also take the
standard precautions to keep your computer free from viruses.
Always Log Out
You should always log out of the online banking site when you are
finished or if you are going to be away from your computer for an
extended period of time. The log out will end your session, and you
will be required to enter your User ID and password before entering
the online banking website again.
If you have not accessed the internet banking for a period of
time, your login session will automatically timeout. To start a new
session, you will be required to enter your User ID and password on
the login page.
Remember that once you've downloaded the proper browser, you
must install it on your computer. Follow the browser manufacturer's
instructions that appear on your screen.
Secure Sockets Layer (SSL)
After you are connected with a website that is secure, you will
see a padlock or key icon on your browser that shows being locked
or connected. This icon will only appear after you have gone to the
Login web page. The padlock or key icon may not appear locked on
pages where you are not logged on and where general information is
displayed about the site. However, you can be assured that any
screen which displays or requests information about your account,
username, password or any other sensitive information is
If you would like to read more information about SSL encryption,
we recommend you read
VeriSign's SSL page.
Network Security and Monitoring
Firewalls are an essential part of network security. They are
used to protect your internal network from external threats that
can compromise data and data transmissions. We are using our
firewalls to monitor all transmissions from the internet. Our
firewalls create logs of network traffic that allow for centralized
auditing and security monitoring. We have also setup security
policies on the firewall to stop any suspected malicious
About scams and spoofs
Many financial institutions that do business on the Internet
have become the target of fraudulent email and website scams. Every
Internet user should know about these spoof (also called phishing
or hoax) e-mails that appear to be from a well-known company but
can put you at risk.
Even if you don't provide what they ask for, simply clicking the
link could subject you to background installations of key logging
software or viruses.
How to identify online fraud
It is difficult to distinguish if an email is legitimate.
Scammers have become increasingly sophisticated in creating
fraudulent emails and websites that look authentic. These emails
and Websites often appear to be from legitimate companies and
include images and logos of these organizations.
Characteristics of fraudulent emails and
Our bank will never send out an email requesting you to provide,
update or confirm sensitive data.
Spoofs often have a sense of urgency telling clients that if
they fail to update, verify or confirm their personal or account
information, access to their accounts will be suspended.
Spoof emails typically ask for personal or account information
- Account numbers
- Credit and check card numbers
- Social Security Numbers
- User IDs and passwords
- Mother's maiden name
- Date of birth
- Other sensitive information
They often include links that include a legitimate company's
name or website address. The fraudulent emails will disguise or
forge the sender's email address so they appear to be from a
How to protect yourself from online fraud
- Never provide personal or financial information to unsolicited
email, phone or pop-up website requests.
- Type the Website addresses (URL) into browsers instead of
clicking on links in emails.
- Change User IDs and passwords every 30 days.
- Keep anti-virus and anti-spam filtering software on your
computer up to date.
What is MultiKey?
MultiKey is a new online security feature that is now a standard
part of your Farmers & Merchants Bank Internet Banking login
experience. As part of our ongoing commitment to help protect you
against identify theft and fraud, MultiKey helps prevent
unauthorized access to your accounts while reassuring you that
you're at the valid Farmers & Merchants Bank website. MultiKey
consists of four parts: User ID, three challenge questions, a
personal image and an encrypted password. All four parts help
protect you, whether you login to Internet Banking from one of your
trusted computers or from a public computer.
Why do I need MultiKey?
MultiKey helps to ensure your information is secure by
protecting you from fraud and identity theft in a couple of
- It helps you recognize that you're at the valid Farmers &
Merchants Bank Internet Banking site.
- You can ensure that we also recognize you as the true owner of
your account because MultiKey helps us verify your identity with
your chosen image. If your computer is not registered as a trusted
computer, we'll ask you one of your challenge questions as an
additional line of defense against unauthorized access to your
How does MultiKey work?
MultiKey is made up of four parts: User ID, three challenge
questions, a personal image and an encrypted password.
When you're signing in from a different computer, we ask one of
your challenge questions to verify your identity. When you answer
correctly, a number of MultiKey images appears. If you see your
image, you know it's safe to enter your password and login. You
will need to select your image and continue.
Has my password changed?
No. The MultiKey image, the three challenge questions and
answers you provide are separate from your regular Internet Banking
One of the ways we recognize you is by placing a cookie on your
computer when you sign up for our MultiKey service. The cookie
contains a randomly generated, unique number used as an identifier.
When you login after that, your Web browser sends us this cookie,
which lets us know that you're using your own computer. The cookie
is visible only to the Internet Banking site at Farmers &
Merchants Bank and does not contain any personal information. You
can also access Internet Banking from any number of computers and
have the same MultiKey protections.
What is a cookie?
A cookie is piece of securely-coded information sent by Farmers
& Merchants Bank to your computer when you login with our
MultiKey service. Cookies include a randomly generated, unique
number used as a sign-in or registration identifier. Every time you
log in from that same computer, your Web browser then sends us back
this cookie, which is a security feature that lets us know that
you're using your own computer.
How is MultiKey more secure?
MultiKey helps you know that you are at the valid Internet
Banking site at Farmers and Merchants Bank before you enter your
password. In addition, we know it's really you signing in because
we recognize your computer or we ask you a challenge question to
verify your identity.
What if someone knows my password? How will MultiKey
prevent them from accessing my account?
When an unauthorized person tries to login from another
computer, we will recognize that they're using a different
computer, and so we'll ask one of your challenge questions. They
won't know the answer and will not be able to login to your
Why do I need to set up challenge
Challenge questions help prevent unauthorized people from
getting access to your Internet Banking information. That way, even
if they've stolen your User ID and password, they won't know the
answer to the secret question. And if someone signs in from a
computer that we don't recognize (for example, if you login from a
public library), we'll ask you a challenge question to verify that
it's really you.
When I enter my User ID, it asks me a question instead
of showing my MultiKey image. Why?
This is to help verify that it's really you signing in. We ask a
challenge question when you're signing in from a computer that has
not been registered as a trusted computer. Your correct answer
confirms that it's really you.
How do I know I'm at the genuine Farmers & Merchants
The MultiKey system helps to authenticate you as well as
authenticate the website. After you type the correct address
(http://10.2.0.249) directly into your Web browser, enter your User
ID and your personal MultiKey image will be displayed. That's
confirmation that you're at the legitimate website. If you do not
see your personal image, do not enter your password. Since this may
represent a fraudulent website, please report this immediately to
us at Local (740)732-5621 or Toll Free 888-881-5680.
How do you know that I'm signing in from my own
When you initially login to the Farmers & Merchants Bank
website using the MultiKey service, a secure cookie is saved on
your computer. When you login from the same computer again, the Web
browser uses this cookie to authenticate your computer to our
system. This confirms that you're using a trusted computer. The
cookie is visible only to the Farmers & Merchants Bank Internet
Banking site and does not contain any personal information. You can
also access the Internet Banking site from any number of computers
and have the same MultiKey enhanced security benefits.
Can I access Internet Banking from multiple
Yes, you can access Internet Banking from multiple computers and
have the same MultiKey enhanced security benefits. If you login
from a computer that you haven't registered as a trusted computer,
you just need to answer one of your challenge questions to verify
that it's really you. Once you answer the question correctly, you
will be asked if this computer should be registered as a trusted
computer in the future. If you answer yes, you will not need to
answer a challenge question when you use that computer in the
I share my computer with someone who also has a Farmers
& Merchants Bank Internet Banking account. Can both of us still
login from this computer?
Yes. You can use the same computer to login to your individual
Internet Banking accounts. The MultiKey service is based on the
fact that each User ID is unique.
Is there a fee for using the MultiKey
MultiKey is free. It's just another way Farmers & Merchants
Bank is working with you to safeguard your privacy.
How do I set up my MultiKey information?
It is quick and easy to set up and use MultiKey. You simply
choose a MultiKey image and three challenge questions. You will
setup your MultiKey information during your next login.