Privacy & Security

Landmark Bank Privacy Policy

Click the tab below to read our policy.

Privacy Policy

Internet Banking Privacy and Security Information

Privacy

Landmark Bank does not collect identification information from users visiting this web site or using our Internet Banking System.  However, we do collect usage information to determine frequency and duration of access to this site. In addition, the Internet Banking System tracks the number of transactions entered by customers.  All of this information is used to create summary statistics for our site and to help the bank determine better ways to service our customer's needs.  Information submitted to the bank through e-mail or through the submission of applications is used internally to process requests and respond to customer email.  This information is not distributed or sold to other organizations.  All information is confidential and is securely protected via the Internet.

Security

Landmark Bank employs the latest in Internet Security and User Authentication to ensure that data being transmitted through the Internet Banking System is secure from unauthorized access. The methods are outlined below.

Digital IDs from VeriSign

Landmark Bank's IBS system uses digital IDs certified by VeriSign, an industry leader in digital identification certificates, to authenticate user information and provide access to the data through the system. How do digital IDs work? Digital IDs work off of a matched key setup where the server has a "private" key issued only to the server and a "public" key widely distributed to the bank's customers. A digital ID requires a matched pair of keys that are unique to each other to encrypt and decrypt data. With this setup, transactions created, encrypted, and transmitted by bank customers using the public key can only be decrypted by the other key in the pair running on the server.

Secured Data Transmission

The Internet Banking System combined with digital ID authentication through VeriSign allow the server to implement Secure Sockets Layer (SSL) protocol, the standard technology for secure web-based communications. With SSL, data traveling between the bank and customer is encrypted and can only be decrypted through the pairing of the public and private key pair. SSL capability is built into server hardware and browsers, but requires a digital ID to be functional. Server Access Server access is protected using a firewall computer and the leading firewall software, CheckPoint's Firewall-1. Firewall computers provide secure access to the Web Server and Checkpoint's software by only allowing authorized traffic to hit the Server. By combining the latest technology with authenticated access to the web server, Landmark Bank makes your Internet Banking transactions secure.

Corporate Account Takeover

The tab below is to educate you on the dangers of Corporate Account Takeover.

 

Resources for Business Account Holders

  1. The Better Business Bureau’s website on Data
    Security Made Simpler:  http://www.bbb.org/data-security;
  2. The Small Business Administration’s (SBA) website on Protecting and Securing Customer Information: http://community.sba.gov/community/blogs/community-blogs/business-law-advisor/how-small-businesses-can-protect-and-secure-customer-information;
  3. The Federal Trade Commission’s (FTC) interactive
    business guide for protecting data: http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html;
  4. The National Institute of Standards and Technology’s (NIST) Fundamentals of Information Security for Small Businesses:  http://csrc.nist.gov/publications/nistir/ir7621/nistir-7621.pdf;
  5. The jointly issued “Fraud Advisory for Businesses: Corporate Account Takeover”  from the U.S. Secret Service, FBI, IC3, and
    FS-ISAC available on the IC3 website (http://www.ic3.gov/media/2010/CorporateAccountTakeOver.pdf ) or the FS-ISAC website (http://www.fsisac.com/files/public/db/p265.pdf); and
  6. NACHA – The Electronic
    Payments Association’s website has numerous articles regarding Corporate Account
    Takeover for both financial institutions and banking customers: http://www.nacha.org/c/Corporate_Account_Takeover_Resource_Center.cfm .



Examples of Deceptive Ways Criminals Contact Account Holders

 

  1. The FDIC does not directly contact bank customers (especially related to ACH and Wire transactions, account suspension, or security alerts), nor does the FDIC
    request bank customers to install software upgrades.  Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.
  2. Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software is installed, or information is provided.
  3. Phone calls and text messages requesting sensitive information are likely fraudulent. If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization’s website).  Account holders should not call phone numbers (even with local prefixes) that are listed in the suspicious email or text message.

 

Information Security Laws and Standards Affecting Business Owners


Although banks are not responsible for ensuring their account holders comply with information security laws, making business owners aware of consequences for non-compliance if the information is breached can reinforce the message that they need to maintain stronger security.  Breaches of credit and debit card information from retail businesses are common.  Loss of that information or sensitive personal information can create financial and reputational risks for the business.

When providing security awareness education to corporate customers, banks may want to also alert business owners of the need to safeguard their own customers’ sensitive information. State statutes related to safeguarding customer information could be provided as part of the education process.

The Payment Card Industry Security Standards Council was launched in 2006 to manage security standards related to card processing.  Any merchant that accepts credit or debit cards for payment is required to secure their data based on the standards developed by the council.  The PCI Security Standards Council’s website https://www.pcisecuritystandards.org/security_standards/index.php  notes that noncompliance may lead to lawsuits, cancelled accounts, and monetary fines.  The website provides information for small business compliance.

 

DDoS Attacks

Distributed denial of service online attacks and what they mean for you.

In recent months, many financial institutions of all sizes have faced online attacks meant to delay or prevent customers from accessing bank websites and related services such as online banking. In these types of attacks – known as "distributed denial of service" (DDoS) attacks – an institution's website is flooded with millions of requests for information at once in an effort to create a "traffic jam" that temporarily disrupts customers' online access.

Unfortunately, these types of incidents are becoming more frequent and Landmark Bank want to help you better understand these situations and what it means when we faced with such attacks.

    • The intent of the attacks is simply to slow down or disable the institution's website. They do not affect the security of our banking systems, and your accounts and personal information remain safe.

    • Our third party processor is constantly on alert for these attacks.  They have put strong and thorough measures in
      place to identify and block the computers involved.
    • During one of these attacks, you may experience a slower-than-normal connection to Landmarkbankla.com or our Online Banking, or find that these services are temporarily unavailable.
    • If you are ever unable to connect to Landmarkbankla.com or our Online Banking during an attack, you may access your account information by our Anytime phone banking at 1-877-562-5607 or by calling Account Services at 225-683-3371.

We apologize for any inconvenience you may experience in accessing our online services during one of these attacks. Your satisfaction is our highest priority, and we want to assure you that we are constantly working to maintain or, if necessary, restore these services as quickly as possible.



 

FDIC