Let us help you protect your identity.
First Federal . . . Right Here When You Need Us!

Fraud Information Center

Protect your personal information, because confidentiality matters!

Protect your personal information. Confidentiality matters!

Account Authentication

Important Facts About Your Account Authentication and Online Banking

Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and customers.


First Federal will not contact you requesting personal or sensitive information, such as your full Social Security Number, Personal ID, Online Banking passwords, or PIN. In order to protect the security of your accounts, First Federal, or our authorized Fraud Protection or Compliance/Audit Service, may contact you by phone to update non-personal information or verify suspicious transactions. You may place a call back to First Federal to ensure the phone call you received is valid. Please click on the “About Us” link located on the top navigation bar to read more about our Privacy and Security Policies.


If you use online or mobile banking, you will be interested to know that we maintain the highest standards of security for our Internet Banking system. Our enhanced security adds an extra layer of protection that works behind the scenes to help secure your account information. Because of this, you may occasionally be prompted to verify your identity before continuing with your questions or transaction. For example, you may be asked a few security questions that only you know the answer to before you are able to proceed. Also, our employees will take extra steps to verify the identity of callers and customers before providing any account information.


Online security begins with an authentication process used to confirm that it is you, and not someone who has stolen your identity, attempting to access your account. Authentication generally consists of one or more basic factors:

  • Something only you know (e.g., password, PIN)
  • Something you have (e.g., ATM card, smart card, etc.)
  • Something that is physically unique to you (such as fingerprint).

Sometimes only a single method of authentication is used (single factor authentication), and sometimes more than one factor is used (multi-factor authentication). Multi-factor authentication is considered a stronger fraud deterrent.

For example, when you use your ATM you are utilizing multi-factor authentication: Factor number one is something you have, your ATM card; factor number two is something you know, your PIN. To assure your continued security online, First Federal uses both single and multi-factor authentication, as well as additional “layered security” measures as appropriate.


Layered security means that controls are used at different points in the transaction process so that a weakness in one control generally is strengthened by the use of a different control. An example of layered security might be that you follow one process to log in (user/password), and then give additional information to authorize funds transfers.

Layered security can substantially strengthen the overall security of online transactions… protecting sensitive customer information, preventing identity theft, and reducing account takeovers and the resulting financial losses.

First Federal makes use of layered security to allow us to authenticate our customers, detect and respond to suspicious activity related to initial login, and then to reconfirm the authentication when further transactions involve the transfer of funds.


Behind the scenes, our goal is to ensure that the authentication required for a particular transaction is appropriate to that transaction’s level of risk. Accordingly, First Federal conducts comprehensive risk-assessments of its methods as recommended by current federal guidance. These risk assessments consider the following things:

  • Changes in the internal and external threat environment
  • Changes in the customer base adopting electronic banking
  • Changes in the customer functionality offered through electronic banking; and
  • Actual incidents of security breaches, identity theft, or fraud experienced by the institution or industry.

There are times when a transaction you initiate may create more risk to you and to the Bank. In those cases, we will likely request additional identification verification procedures, or layers of control, such as:

  • Utilizing call-back (voice) verification, e-mail approval, or cell phone-based identification.
  • Employing customer verification procedures, especially when opening accounts online.
  • Analyzing banking transactions to identify suspicious patterns. For example, that could mean flagging a transaction in which a customer who normally pays $10,000 a month to five different vendors suddenly pays $100,000 to a completely new vendor.
  • Establishing dollar limits that require manual intervention to exceed a preset limit.


First Federal Bank follows specific rules issued by the Federal Reserve Board, known as Regulation E. The rules cover all kinds of situations involving transfers made electronically. Under the consumer protections provided by this law, you can recover unauthorized or fraudulent transactions conducted electronically as long as you detect and report them in the manners shown below:

If you report unauthorized or fraudulent transactions within two days of receiving your statement, you may be liable for the first $50. After two days, the amount increases to $500. After 60 days, you could be legally liable for the full amount. The best practice is to notify First Federal as soon as you detect the activity. You can do this by contacting any one of our branches.


Of course, understanding the risks and knowing how fraudsters might trick you is a critical step in protecting yourself online. You can make your computer safer by installing and regularly updating your

  • Anti-virus software
  • Anti-malware programs
  • Firewalls on your computer
  • Operating system patches and updates

You can also learn more about online safety and security at these websites:

Fraud Prevention

User ID and Password Guidelines

  • Create a "strong" password with at least 8 characters that includes a combination of mixed case letters, numbers, and special characters.
  • Change your password frequently.
  • Never share your user name and password information with third-party providers.
  • Avoid using an automatic login feature that saves user names and passwords.

General Guidelines

  • Do not use public or other unsecured computers for logging in to Online Banking.
  • Check your last login date/time every time you log in.
  • Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
  • View transfer history available through viewing account activity information.
  • Whenever possible, use Bill Pay instead of checks to limit account number dissemination exposure and to obtain better electronic record keeping.
  • Take advantage of and regularly view system alerts. Examples include:
    • Balance alerts
    • Transfer alerts
    • Password change alerts
    • ACH Alerts (for Cash Management users)
    • Wire Alerts (for Cash Management users)
  • Do not use numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
  • Whenever possible, register your computer to avoid having to re-enter challenge questions and other authentication information with each login.
  • Review historical reporting features of your online banking application on a regular basis to confirm payments and other transaction data.
  • Never leave a computer unattended while using Online Banking.
  • Never conduct banking transactions while multiple browsers are open on your computer.
Fraud Tips

Tips to Avoid Phishing, Spyware and Malware

  • Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials, such as user names, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer.
  • Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e-mail.
  • If an e-mail claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate.
  • Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry-standard product.
  • Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
  • Ensure computers are patched regularly, particularly operating systems.
  • Install a dedicated, actively-managed firewall, especially if using a broadband or dedicated connection to the internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers.
  • Check your setting and select, at least, a medium level of security for your browsers.
  • Clear the browser cache before starting an Online Banking session in order to eliminate copies of Web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's 'Preferences' menu.

Click here to view an Infographic on Cybersecurity.





Full Name:  
Street Address:  
Zip Code:  
Tell us what or who you need:  
How should we respond to you?