ABC's of security

Security and confidentiality are two extremely important considerations at the National Bank, particularly for Internet Financial Services. This will become more obvious to you as you take the time to read this section carefully. It deals with all matters directly or indirectly related to security!

A SERIOUS COMMITMENT BY THE NATIONAL BANK!

The National Bank has always paid special attention to protecting the personal information you entrust to it. To make sure that your rights are fully respected in this regard, we have developed, in cooperation with other financial institutions and the Canadian Bankers Association, a code of procedure for protecting the personal information of individuals.

In accordance with this code, which all our employees undertake to follow, your personal information is placed in your own personal file solely to enable us to properly manage the products and services you are using, to inform you about other products and services which might be of interest to you and to better meet your expectations. Only employees who need to access your personal file in their normal functions are cleared to consult it. To find out more about the National Bank's privacy protection code, click on Privacy code – Strictly between you and us.

The ongoing involvement of the Information Security group is further evidence that the National Bank places great importance on the confidentiality and integrity of your banking affairs. This group's mission is to:

Identify and manage information security risks, while taking into account their impact on Bank business;
Define information security policies, strategies and standards;
Assist and advise owners of information in evaluating risks and required levels of protection, and in choosing appropriate security measures;
Make all employees aware of information security and the importance of their involvement.

COMPLETED TRANSACTION-CONFIDENTIALITY ASSURED!

Rest assured that all precautions have been taken to maintain the confidentiality of the information you transmit when doing your banking via Internet Financial Services.

First, the National Bank subscribes to the strictest security standards, as demonstrated by its choice of the 128-bit encryption system, the highest level currently available in North America. With this system, it is practically impossible to decode the data you exchange with us, and the confidentiality of your transactions is thus ensured.

For your part, you can take certain measures to increase security even more. To start with, you have to choose a password known only to you, and enter it each time you want to log on to do one or more transactions. We strongly recommend that you change your password at least once a month to minimize any chance of it being discovered. All you need to know to manage your password securely is explained in the section entitled A well-managed password is safer! (See below).

In fact, with the measures implemented by the National Bank and the preventive measures we recommend to you, using the Internet to carry out your banking transactions is as safe as going to the branch.

YOUR SHARE OF THE RESPONSIBILITY!

Our security standards are very high. However, the Internet itself and the computer software you use may also have an impact on the security of your transactions. That is why you should take the necessary measures to maintain a high level of security when you do your banking with Internet Financial Services.

For example, it is in your interest to become familiar with your Internet browser and identify the security level it offers you. Also pay attention to the messages which your software and computer may give you when you surf the Internet.

Install a personal firewall

It is highly recommended that you install personal firewall software on your computer, especially if you use a high-speed Internet connection. This type of software gives you additional protection to prevent unauthorized individuals from taking remote control of your station or from accessing your confidential data without your knowledge.

Here is a site which offers information on this topic:
http://www.firewall-net.com/

Please note that this site is not endorsed by the National Bank and that the Bank assumes no responsibility as to its content.

A WELL-MANAGED PASSWORD IS SAFER!

The password is your simplest and most effective way to control access to your confidential information. Managing your password well maximizes your security. Here are the main areas you must pay attention to in managing your password:

Password format
Your password must be made up of 8 alphanumeric characters of your own choice (must be a combination of numbers and letters).

Choice of password
The challenge is to find a password which you'll remember easily, but which will be hard for someone else to guess. For example, you can:

join a few words that make up a common phrase (e.g. milk1cow);
change the spelling of words (e.g. 120burds);
take the first letters of each word in a sentence about you and add numbers ("I'm going on vacation on April 27" becomes "Igovo427");
use the first letters or part of each word in an expression, song title or proverb ("Early to bed, early to rise" becomes "E2bede2r").

Important! Do not use any of the above examples as your actual password.

Avoid choosing a password based on personal information (name, surname, names of your spouse or children, date of birth, social insurance number, telephone number, a word in the dictionary, a word in the dictionary spelled backwards, name of a sports team, registration number, etc.). Although easier to memorize, such a password is more likely to be discovered by hackers.

Password security
Here are a few more pointers to ensure that your password helps give your transactions maximum security.

Never reveal your password to anyone;
Change your password regularly (at least once a month) to make it less likely for it to be discovered. If you suspect that your password has been discovered, select a new one immediately;
Use a different password for each of your applications;
Don't use the same password as the one that gives you access to your computer at work;
Don't use your PIN (personal identification number) for your password;
If you write your password down, disguise it. We strongly recommend, however, that you DO NOT WRITE YOUR PASSWORD DOWN. If you absolutely have to do so, do it in such a way that only you will be able to recognize it, and keep it in a safe place;
Don't save your password on your computer. Passwords should never be saved on your computer;
Do not program any function keys to automatically access Internet Financial Services.

Keep in mind that your password is like the key to your house: you must take all the necessary precautions to prevent it from falling into someone else's hands.

Changing your password
For added security, we suggest that you change your password at least once a month to make unauthorized access more difficult. To change your password, simply go to the “Preferences” section of the navigation bar at the top of the Internet Financial Services screen while you are logged on. You will be prompted to enter your new password twice.

When you change your password, please keep the following tips in mind:

Try to choose one you haven't used yet;
Don't use the same password more than twice in the same year;
Don't just choose two passwords and alternate between them;
Choose a secure password using the helpful hints in the Choice of password section

In case you forget!
If you really can't remember your password, call a customer service representative at 1 888 4-TELNAT (toll-free) or (514) 394-5555 and select options 5 and 7. He or she will assign you a temporary password to give you access to Internet Financial Services. You must then select a new secure password.

BROWSER REQUIREMENTS FOR INTERNET FINANCIAL SERVICES

To access Internet Financial Services and benefit from all the security required for your banking transactions, you MUST have one of the following browser versions:

For PC users:

Microsoft Internet Explorer, Version 5.5 or higher (and the 128-bit update);

Netscape, Version 6.0 or higher and the 128-bit.

For Macintosh users:

Microsoft Internet Explorer, Version 5.1.7 or 5.2.3 (128-bit);

Netscape Communicator, Version 6.2 (128-bit).

For more detailed information about 128-bit encryption, consult the FAQ section. Find out whether your browser meets the security criteria by going directly to Test your browser, where you can download a 128-bit browser if necessary.

THE WHOLE TRUTH ABOUT COOKIES!

A cookie is a feature that enables a browser to store information provided by the user and save it in a small text file on the hard disk. This information may be used later to simplify your navigation through Internet Financial Services. Please note that with Internet Financial Services no personal information is saved without your consent. Moreover, the information contained in cookies is intended solely to facilitate management of your work session. It is never transmitted to legal or other entities or permanently saved, as it is deleted as soon as you terminate your session.

Several sites offer information on this topic, including:

http://www.microsoft.com/info/cookies.htm
http://www.tactika.com/cookie/ (French only)

Please note that these sites are not endorsed by the National Bank and that the Bank assumes no responsibility as to their contents.

SOME MORE DOS AND DONT'S

Erase the cache memory of your browser. The cache memory is used to locally store Internet pages consulted, which improves the performance of your browser when you revisit the sites. You can find out more about cache memory by going to the FAQ section.

Never open an executable file received by e-mail unless you trust the source and are sure that the sender has an updated antivirus program.

Make sure the hard disk of your workstation and the printer are not in shared mode.

Install the security upgrades for Windows, Microsoft Internet Explorer, and Microsoft Office and keep them up to date: http://www.microsoft.com/downloads.

Install recognized antivirus software and update it. If you use Microsoft Word and Excel 97, activate Macro virus protection.

If you use Microsoft Word and Excel 2000, set the security level to average or higher. This measure will notify you by a dialogue box of any unsigned macros and will let you disable them.

If a Word document received by e-mail seems suspect, it is preferable to open it with Wordpad rather than with Word, because Wordpad does not recognize and will not open macros.

Do not remain connected to the Internet unnecessarily.

Make sure that your personal firewall and your antivirus software are active before you access the Internet.

Regularly make backups of your important files.

Never leave your computer unattended, especially if it is not protected by a screensaver.

Don't download or install freeware, shareware or demo software for which you do not know the source.
Always sign out and close your browser to erase any Internet Banking Solutions information in your computer's cache.

Additional information is available in the Security section.