Security and Browser Requirements Statement Security is the protection of system, information and services against disasters, and unauthorized access. NMSBank reserves the right to safeguard customer information on our website. NMSB E-Banking Service transmits data using SSL (Secure Socket Layer) technology that supports 256-bit key encryption. It is important to verify that a secure connection between your browser and the Internet Banking server has been established before transmitting any confidential account information over the Internet. This can be verified by an indicator on your web browser. Netscape Navigator has a key symbol that appears in the lower left corner of the screen. When the symbol appears “solid” transmitted data is being encrypted. When this symbol appears “broken”, a secure session has not been established. Similarly, Microsoft Internet Explorer has a lock symbol that appears when data is being encrypted. When this symbol does not appear, a session is not secure. Browser Security When conducting business over the internet you must use SSL and secure browser with 128-bit encryption. Internet Explorer and Netscape Navigator are secure browsers. If your browser does not support 128-bit encryption, you must upgrade your browser to Internet Explorer 5.0 or higher and Netscape Navigator to 6.2 or higher. The following is how to determine if your browser supports 128-bit encryption: • Select “Help” in the toolbar of your internet browser • Select “About” • A pop-up window will appear • For Internet Explorer: next to cipher strength you should see “128-bit” • For Netscape Navigator: next to cipher strength you should see “This version supports high grade (128-bit) security with RSA public key cryptography.” Secure browser employs SSL (secure sockets layer) technology to communicate with servers. SSL provide server authentication, and data encryption. SSL connection is equipped with a mechanism for automatically determining whether data sent over the encrypted connection has been altered in transit. HOST SECURITY NMSBank’s web server does not connect directly to the Internet. It is buffered from the Internet through the use of a firewall. All access from outside the Bank must go through this firewall, which screens the requests and allows only valid http traffic to reach the server. NMSBank’s Internet Banking Service makes use of an ICSA certified firewall. FRAUDULENT WEB SITES NMSBank recommends you to watch for copycat websites that use a web name or web address not the same but similar to the real financial institution. Before accessing your account always check that you have typed in the correct web address. CACHE NMSBank recommends clearing your Internet browser cache and history from your computer periodically. Please refer to your Internet explorer “Help” file on how to clear cache and history. COOKIES NMSBank does not collect information from visitors to its website. We do not store confidential and sensitive information in cookies. A cookie is a small piece of information that a website stores on a visitor’s web browser, which can later be retrieved. Cookies cannot be read by a website other than the one that set the cookies. In order to enter the secure encrypted site you must accept the cookies. You will not be able to use our e-banking service unless you enable the cookies. Your web browser can be set to inform you before accepting a cookie, so that you can control whether you accept or reject a cookie. PHISHING Phishing is the illegal act of sending an email to the user that directs the user to the website falsely claiming to update their personal information like password, account number, social security number, credit card numbers etc. NMSBank never contacts you asking for sensitive information by email. We also recommend you do not send sensitive information to us or to anybody by email. If you receive email requesting sensitive information please contact your financial institution.