CMBDirect Corporate Security

Safe Computing Practices:

CMBDirect Corporate is a highly protected and secure environment which meets rigorous Internet security standards for financial institutions. While we take strong measures to ensure the security of your financial transactions and the confidentiality of your information, it is extremely important that you also take precautions to ensure that your information remains safe and secure. We advise customers to read about these topics and follow the recommended safe computing practices listed below, to protect private information on your personal computer:
  1. Protect Your Privacy
  2. Use Anti-Virus Software
  3. Protect Your Internet Connection
  4. Use Supported Browsers
1. Protect Your Privacy:
  • Do not reply to unsolicited online or email requests for your user ID information.

  • Caribbean Mercantile Bank N.V. will never present you with unexpected webpages or send you unsolicited emails asking for your password, Personal Identification Number (PIN), credit card, account numbers or any other private information. We will never ask you to validate or restore your account access through unsolicited email.

    Report any suspicious requests to Caribbean Mercantile Bank N.V. immediately at (297) 522-3000 ((297) 586 2878 after hours) or email FraudReport@cmbnv.com.

    We strongly recommend against responding to unsolicited emails or websites that request personal information

  • Protect your CMBDirect Corporate User ID and password
    Your CMBDirect Corporate User ID and password are confidential and must never be shared with any outside person or company, including:
    • Account aggregation services that consolidate and display all of your financial information in one place.
    • Software that records your User ID and password so that you don't need to enter it the next time you access a website.
    • Services that collect your User ID and password, or any other confidential information, to perform transactions on your behalf or to collect payment from you.
    • Any other agreements you may make or services you accept which include your consent to having your Internet activity monitored.

    In divulging your User ID or password to third parties, you not only compromise funds kept in your bank account but also contravene the terms of our Service Agreement and you will be fully liable for any unauthorized access to your accounts and all associated losses arising from these disclosures.

  • Pick a password that is difficult to guess by using a combination of letters and numbers (nothing obvious). In fact, if you're using a numeric password, please change it now.
  • Memorize your CMBDirect Corporate User ID and password and keep them secret. If you suspect your password has been compromised, please change your password immediately or call Customer Service at (297) 522-3000.
  • Never send confidential information (such as account numbers of any type, CMBDirect Corporate User ID or password) via email.
  • Avoid using software that records your User ID or password so that you don't need to enter them the next time you access a website from the same computer. This type of software could give other users of your computer access to your accounts.
  • Avoid accidentally agreeing to have your Internet activity monitored by other parties by carefully reading the terms of any software you download and free services you accept online before you download them.
  • Always type in the CMBDirect Corporate website address (https://direct.mcbgroup-ebanking.com/cmb/), use your bookmarks or access CMBDirect Corporate from http://www.cmbnv.com.
  • Do not leave your computer unattended while logged on to CMBDirect Corporate.
  • Always log off when you have finished your CMBDirect Corporate session.
  • Clear your browser's cache after each CMBDirect Corporate session. Each time you access the Internet, your browser automatically saves a copy of the webpages you've visited. Diligently clearing your browser's cache after each session is an important step in safeguarding your account information.
  • Keep your Bancomatico card in sight at all times during transactions and never lend your card to anyone.
  • Review your account statements and/or online account transaction details promptly and report any discrepancies immediately. With CMBDirect Corporate, you can review your up-to-date account transactions and therefore identify any discrepancies. If you find any discrepancies call Customer Service at (297) 522-3000.
  • Report lost or stolen Bancomatico cards immediately to (297) 522-3000 or after business hours (297) 586 2878.
2. Use Anti-Virus Software:

Whenever you use the Internet, there is a potential risk of contracting a computer virus or the possibility of infiltration by intrusion software commonly known as "Trojan Horses". Computer viruses can modify programs, delete files and erase the contents of hard drives. "Trojan Horses" can have similar effects and may be able to capture keystrokes, including passwords or other secret information. Spyware and other deceptive software can also conduct certain activities on your computer without your knowledge or consent.

The potential consequences of any of these threats could include damage to your computer, compromise of your secret information, fraudulent transactions issues on your behalf and the inability to use CMBDirect Corporate.

For these reasons, we advise our customers to follow these practices:

  • Install and frequently update a proven anti-virus product, such as McAfee VirusScan or Norton AntiVirus. Most popular anti-virus products include some spyware scanning capabilities.
  • Only accept or download software from a source that you believe to be trustworthy.
  • Never accept files or attachments when accessing websites, newsgroups and chat rooms unless you are very sure of their authenticity.
  • Ensure you are using a legally licensed operating system.
Warning about 'free' services and software offering faster web surfing and email virus scanning: We strongly advise you to carefully read the terms of any free services you accept or software you download online before you accept them. They are known to sometimes include your consent to having all of your Internet browsing activity, including secure transactions monitored. In consenting to such terms, you may allow the service provider to collect highly confidential User ID information such as your bank account and credit card numbers and passwords. Your CMBDirect Corporate User ID and password are confidential and must never be shared with any outside person or company. In divulging your User ID or password to third parties, you not only compromise funds kept in your bank account but also contravene the terms of your Service Agreement and you will be fully liable for any unauthorized access to your accounts and all associated losses arising from these disclosures.

Find out more about spyware and deceptive software:

3. Protect Your Internet Connection:

There are additional vulnerabilities associated with having a computer directly connected to the Internet for an extended period of time. This applies to all users but it is extremely important for users with DSL or Wireless Broadband Internet access. These methods of connection do not require 'dialing' into the Internet and thus are sometimes described as 'always on' connections. Unfortunately, as long as the computer remains 'on' and connected to the Internet, malicious parties have a continuous window of opportunity for attacks on the user's computer.

If you use a DSL or Wireless Broadband connection for Internet access, you can limit this security risk by disconnecting from the Internet when your session is complete, or by turning off the DSL or wireless modem. However, if you want to continue to take advantage of the 'always on' feature of DSL and Wireless Broadband connections or if you run extended dial-up sessions on the Internet, we recommend the following security measures be taken:

  • Disable File Sharing on Your Personal Computer
    File sharing is a feature of Windows that allows other computers to access your computer, even from across the Internet. Microsoft has provided instructions on how to disable file sharing in Windows Help (Click Start, Help, then choose the 'Index' tab and type "file sharing, disabling").
  • Our recommendation is to disable file sharing. However, if you choose to retain this option for your particular environment, exercise due care and apply appropriate security measures.

  • Install a Personal Firewall
    Install and frequently update a proven firewall product, such as Personal Firewall Plus or Zone Alarm, which can be configured to prevent unauthorized access to your computer and keep it up-to-date.
  • Get Computer Security Updates
    Ensure that you are using a legally licensed operating system. You may be able to improve the security of your system by getting updates to help correct issues that may make your computer vulnerable to virus or worm attacks. As such, you should diligently apply security patches as they become available. Find out more:

If you have a wireless network, there are additional measures that should be taken to protect your Internet connection:

  • Use Encryption - Enable the highest level of encryption available for your router; newer wireless routers typically use Wi-Fi Protected Access (WPA), and older versions use Wired Equivalent Privacy (WEP). This will encrypt all data transferred between your computer and wireless router. In addition, devices without your encryption key cannot connect to your wireless router.

  • Change your Default Password - All wireless routers are given a default administrator password by their manufacturers, so make sure to change this password to prevent unauthorized access to your wireless router.

  • Change SSID (Service Set Identifier) - The SSID is the name of your wireless network. In order for a computer to connect to your wireless network, the SSID must be known. You should change the manufacturer's default SSID name to a unique name that will not be easily guessed, and has no direct connection to you or where you are located (e.g. don't use your last name or street address).

  • Switch off SSID Broadcasting - You can further secure your network by disabling SSID broadcasting, which will hide your network from outsiders. It would be very difficult for an outsider to access your network once you have changed your SSID and turned off broadcasting, as they would have to start guessing the name of your network to access it.
4. Use Supported Browsers:

Microsoft Internet Explorer, version 5.5, service pack 2 or later, or Netscape Navigator, version 6.2 or later are required in order to maximize security on CMBDirect Corporate, in addition to our already stringent environment. If you do not have one of these browsers, please upgrade to either of these versions or a higher version. Please note that failure to use one of the above-mentioned browsers when using CMBDirect Corporate, excludes Caribbean Mercantile Bank from any liability whatsoever.

Encryption is the process of protecting information as it moves from one computer to another so that it is unreadable to everyone except the receiver. The stronger the level of encryption used by your web browser, the more difficult it is for unauthorized parties to break the encryption and decipher the message in transit.

CMBDirect Corporate is fully tested before supporting new browser versions. When accessing CMBDirect Corporate, you are required to use one of our recommended browsers with 128-bit encryption.

While Caribbean Mercantile Bank believes these safe computing practices and included links provide reasonable but not absolute protection, the Bank makes no representation or warranty as to their intended use or fitness for the purpose. Any reference to a software provider is for convenience only and does not constitute an endorsement of that company's products. You must make your own decision with respect to their products.

Norton AntiVirus and Symantec are trademarks of Symantec Corporation
McAfee and McAfee VirsusScan are trademarks of Network Associates, Inc
Windows and Microsoft are trademarks of Microsoft Corporation.
Zone Alarm is a trademark of Zone Labs, Inc.