Fighting Fraud - Protect

Protect

Once you have identified your important accounts and the threats to them, it's time to put in place preventative controls to "Protect" them. Preventative controls for your online accounts focus on implementing safeguards to prevent or limit fraudulent activity. It involves the establishment of appropriate account controls, rights, approvals, alerts, and card controls. This function aims to ensure the confidentiality, integrity, and availability of your accounts. We recommend you look for similar controls within all of your important accounts.

Resource: Fight Fraud Protect Template
Resource: Fight Fraud Protect XLSX (URL on current site isn't operable)

Preventative Controls to Protect Your Jonah Bank Accounts

Security starts with the creation of a unique combination of a username and password to access your account. The username and password used for online banking should be different from all other credentials you have for other sites and services (unique).

Jonah Bank recommends you do not use your name, email address, phone number, SSN, or EIN as either your username or password. We encourage you to get creative and have some fun with your username.

Once you have set your username and password, it is important you do not share or divulge it to anyone, not even us.

The creation of unique sets of usernames and passwords can be difficult. Jonah Bank recommends you use a password manager of your choosing to help store and manage them.

Biometric Logins for Mobile Devices
For users of the Jonah Bank Mobile App, once you have logged into online banking for the first time using your username and password, you can setup Touch ID or Face ID for future logins. Touch/Face ID speeds up your login experience by not having to type in your username or password.

To Setup Touch/Face ID:
  • Login to the Jonah Bank Mobile App
  • Select Menu
  • Select Settings
  • Select Security Preferences
  • Enable Touch ID (for devices without a fingerprint reader, the App will use Face ID)
  • Enter Your Username and Password
  • Touch/Face ID Setup Is Complete!
For more information about user accounts and how to setup Touch/Face ID, please reference our Training Videos Below or Our e-Guide.

Jonah Bank: Security Settings

While unique usernames and passwords are a great start, we know it is not sufficient to protect highly valuable accounts. That's why we enforce MFA for all of our Online Banking accounts. The basic form of MFA requires customers to receive a one-time pin (also called a Security Access Code) to complete their login to online banking. Jonah Bank also offers Push MFA for faster login experiences on mobile devices.

To Add or Change Your Security Access Code Destinations:
  • Login to Online or Mobile Banking
  • Select Settings > Security Preferences > Secure Delivery
  • Use the pencil icon to edit an existing contact method or select "Add Contact" to create an additional contact number
To Enable Push MFA:
  • Login to the Jonah Bank Mobile App
  • Select Menu > Settings > Push Notifications
  • Select to enable Push Notifications (If it is already enabled, we suggest you disable it, log out of the App, log back in, and return to this step.)
  • When you enable push notifications (a requirement for Push MFA), you will be presented with the option to turn on and allow push for Two Factor Authentication.
  • The next time you login to the Mobile App, you will have a new option, "Push" to complete the authentication process. Next to Push will be the name of your device (you can change this from within online banking).
  • Select Your Push Target
  • Select "Yes, it is me."

To Change Your Push MFA Device Name:
  • Login to the Jonah Bank Mobile App
  • Select Menu > Settings > Security Preferences > Secure Delivery
  • Underneath "Registered Devices", select the pencil icon to edit your device's name
  • Select "Save"
Jonah Bank's online and mobile banking platform enable you to create numerous users for your business. Each user you create can have a unique set of rights tailored specifically for the role the user has with your business.

User Permissions Within Online or Mobile Banking:
  • The ability to view, deposit or withdraw from accounts
  • The types of transactions a user has access to such as Funds Transfer, ACH Payment or Collection, Payroll, Tax Payments, or Wires
  • The transactional limits for each transaction type based on dollar amount or volume.
  • The right to draft or approve transactions
  • The rights to view or manage recipients
  • The rights to view or manage payment templates
  • The ability to control administrative settings within online banking
During the Identify Step, you identified all the users who have access to online banking and what their permissions are. With this list, you can confirm if the settings are accurate for the user's role, and you can copy the user with their permissions to speed up the creation of additional users. We recommend you refer back to your documentation annually to ensure the rights granted to users match their requirements to perform their duties without granting more rights than necessary.

For more information on user permissions, see Jonah Bank's e-Guide or watch our Business Banking Video on User Management.

Jonah Bank: Business Banking

To help protect against an insider threat or a Corporate Account Takeover scenario (where a fraudster has access to your online account), we recommend turning on dual approval for all transactions over a set dollar value. You are in control of the dollar value and can set it to your comfort level.

Dual Approval Transaction Flow
  • Administrators for a business can configure dual approval requirements for specific users, types of transactions and the minimum dollar amount per transaction for when dual approval is required.
  • With dual approval configured, when a user triggers the dual approval requirements, a second user is required to approve the transaction.
  • The draftee has the ability to notify any of the configured approvers on the account.
  • The approver will need to login to online or mobile banking, the transactions requiring approval will be on the landing page for Online or Mobile Banking.
  • Selecting the transaction for approval, the approver can view all the details regarding the transaction and select to approve or deny it.
For more information on dual approval see Jonah Bank's eguide.
Transaction Authorization Codes (TAC) are security codes used to authenticate and authorize transactions. These codes are typically used to prevent unauthorized or fraudulent transactions from taking place. Jonah Bank uses TACs to provide an additional layer of security when approving ACH or Wire payments. TACs with Jonah Bank utilize One-Time Passcodes (OTPs) to provide an extra layer of security, because they change with each transaction making them difficult for attackers to predict or reuse.

Jonah Bank business customers can receive TACs in one of two ways:
  • A Dedicated Symantec Hardware Token or
  • The Symantec VIP Mobile App
Before a new Token or Mobile App can be used for TACs, it needs to be registered with Jonah Bank by contacting one of our support staff.

Just like your username, password, and secure access codes for logging into online banking, it's important for users to never share a TAC with anyone and be cautious of phishing attempts trying to trick you into revealing these codes.
Check Positive Pay is a fraud prevention service offered by Jonah Bank to help businesses and organizations mitigate the risk of check fraud. It is designed to safeguard against unauthorized or altered checks being presented for payment. Check fraud involves criminals altering the details on legitimate checks or creating counterfeit checks to steal funds from bank accounts. Check Positive Pay is an effective method for detecting and preventing such fraudulent activities.

How Does It Work?
There are four Positive Pay steps as depicted in our Positive Pay flyer:
  1. The account holder writes a check.
  2. The account holder enters the check details into Positive Pay (Payee, Amount, Check Number, Date).
  3. The payee deposits the check.
  4. The Positive Pay system matches the presented check to identify any exceptions allowing you to pay or stop the check.
Learn More
For more information on Positive Pay with Jonah Bank, please review our e-Guide on Positive Pay.

Get started with Positive Pay
In order to start using Check Positive Pay, please reach out to our Customer Service Team for more information at 307-237-4555.

Additional Check Controls
It's worth noting that while Check Positive Pay is a robust fraud prevention tool, it's not a guarantee against all forms of check fraud. Therefore, businesses should also adopt other security measures such as using secure check stock (ask Jonah Bank about your options), securely storing and destroying checks, and educating employees about potential fraud risks.
Take control of your Debit and Credit Cards from Jonah Bank by using Card Valet®. Card Valet® is a Mobile App (separate from the Jonah Bank Mobile Banking App) offered by Jonah Bank that allows cardholders to control and manage their debit and credit cards more effectively and securely. The App provides you with a range of features to monitor and control your card usage, enhance security, and reduce the risk of unauthorized transactions.

Key Features of Card Valet Include:
  • Card Lock and Unlock: You can instantly lock or unlock your payment cards with a simple tap in the App. This is particularly useful if a card is temporarily misplaced or if you want to prevent unauthorized use of your cards.
  • Transaction Alerts: Card Valet® allows you to set up customizable transaction alerts. These alerts notify you in real-time whenever a card transaction occurs helping you stay informed about your account activity and quickly detect any unauthorized or suspicious transactions.
  • Spending Limits: You can set spending limits for your cards either overall or by specific transaction types such as online purchases and international transactions. This feature helps you stay within your budget and prevents excessive spending.
  • Merchant and Location Controls: Cardholders can define specific geographic areas where their cards can be used. If a transaction is attempted outside the designated areas, it may be declined. Similarly, you can block or allow transactions with specific merchants or types of merchants.
  • Categories and Types of Transactions: Card Valet® allows you to enable or disable card usage for certain categories or types of transactions such as restaurants, entertainment, or gas stations. This feature adds an extra layer of control over card activity.
  • Card Status and History: The App provides cardholders with information about their card's status including recent transactions, declined transactions, and transaction history.
  • ATM Access: You can limit ATM access for your cards preventing unauthorized cash withdrawals.
The main goal of Card Valet® is to provide you with a higher level of control and security over your payment cards. By allowing you to customize and restrict card usage based on your preferences and needs, the App helps reduce the risk of fraud, theft, and unauthorized transactions. Additionally, the real-time alerts empower you to take immediate action if you detect any unusual activity on your cards.

To get started with Card Valet®, download the App from the respective Apple or Android store today!
By using Jonah Bank's Credit Card Management Platforms, customers can view and manage their balances as well as take control of how their cards can be used (customers can use these tools in addition to the controls provided by Card Valet®).

Business customers can utilize the following controls on their fleet of cards from the Business Portal:
  • Spending Limits: Business customers can set the limit on their cards as well as a per transaction limit.
  • Merchant Category Limits: Business customers can specify categories of merchants where their cards can be used such as Airlines, Hotels, Transportation, Memberships, Automotive etc.
  • Lock Card: Business customers can turn a card off when needed.
  • Reset PIN: Business customers can reset the pin on a credit card when needed.
  • Replace a Card: Business customers can initiate the ordering of a replacement card.
Consumer customers can utilize the following controls for their cards from the Retail Portal:
  • Replace a Card: Customers can initiate the ordering of a replacement card.
  • Reset PIN: Customers can reset the pin on a credit card when needed.