Security Center

At Biddeford Savings, we understand that there is nothing more important than your privacy and security while using our website and Online Banking services. We are committed to taking every precaution to protect and safeguard your privacy.

Online fraud occurs when someone poses as a legitimate company in an email, pop-up message, or on a website designed to get you to enter sensitive personal data. Your data can then be used to conduct transactions on your existing accounts without your consent. This type of fraud is called “phishing” or “spoofing”.

Always keep in mind that Biddeford Savings will never require you to send personal information, including username, password, or other online banking credentials, to us via email or pop-up windows. Any unsolicited request for Biddeford Savings account information you receive through emails, websites, or pop-up windows should be considered fraudulent and reported to us immediately.

All Online Banking transactions, such as transfers of funds between Biddeford Savings accounts and third-party bill payments, are conducted in a secure (encrypted) environment to protect your privacy.

Protect Your Security

While the Internet has provided significant advances in technology that allow ease and convenience for transacting business, it can also provide an entryway to your personal information if you don’t take the necessary steps to ensure safe and secure online experiences. These tips will help you protect yourself and your information online.

  • NEVER provide any personal information to an inquiry that is originated by someone else. Do not respond to email inquiries even if they appear to be from a legitimate source. No financial institution, business, or government agency will request you to confirm personal information. They already have the information if you have conducted business with them before. Do not provide social security numbers, account numbers, credit card numbers, passwords, usernames, etc.
  • Memorize all your passwords. Don’t use passwords that can be guessed easily, such as children’s names, social security number, or date of birth. Use a mix of upper and lowercase letters and symbols when creating a password. Change your password periodically.
  • Safeguard your social security number. When a Social Security number is requested to sign up for a service, confirm that it is needed rather than some other identifier. Don’t write your social security number on your checks.
  • Shred financial or personal documents before discarding. Most fraud and identity theft incidences happen as a result of mail and garbage theft.
  • Utilize paperless options and limit your receipt of paper statements by managing your accounts online. Checking your balances online can help you regularly monitor your account activity and more quickly detect any fraudulent transactions.
  • Receive and pay bills online with Bill Pay. The fewer personal documents sent through the mail, the less chance there is for possible fraud.
  • Always use a secure Web site when submitting credit card or other personal information in transactions that you initiate. Make sure you have a firewall in place.
  • Monitor your bank, credit card, and other accounts regularly to ensure that all transactions are legitimate.
  • Be suspicious of any email notifications requiring you to act immediately to prevent an account from being closed or voided.
  • Don’t click on links in suspicious emails.
  • Contact Biddeford Savings if you become suspicious of any email alleging to come from the bank.

Commercial and Small Business Owners

These recommendations also apply to commercial and small business online banking customers. Business customers need to perform a risk assessment and evaluation of their online banking controls periodically. These additional steps may also help you protect your online risks:

  • Consider implementing clear segregation of duties and responsibilities performed by personnel such that no single person can initiate, approve, execute and enter transactions into a system in a manner that would enable fraudulent actions to be perpetrated and concealed.
  • Update and install anti-virus and anti-spyware software to your computers regularly.
  • Make sure your firewall is on and that it is configured appropriately.
  • Copy all your important files stored on your computer onto an external hard drive or removable disk and store in a secure place.
  • Conduct employee background checks.
  • Put a policy and process in place to terminate computer access for employees leaving the company.

Online Banking Security

Biddeford Savings works hard to secure our Online Banking services, so our customers have the confidence that their information is protected. We are proud to deliver the highest level of security for our Online Banking customers.

Biddeford Savings uses multi-factor authentication to protect against fraudulent attacks such as phishing, spoofing, keylogging, and identity theft.

The first level of multi-factor authentication is your personal security questions. When you register for Online Banking, you are required to select challenge questions and answers that can later be used to verify your identity if a suspicious login is attempted.

The second level of multi-factor authentication is the device(s) you use to log in to Online Banking. If our system doesn’t recognize the device as “trusted”, you will automatically be presented with your challenge questions to confirm your identity.

Note: Only register personal computers and mobile devices that you frequently use and are not available for public use.

Security Statement

Our Online Banking solution brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features a Tru-Secure Certification for the server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

Secure Data Transfer:

Once the server session is established, the user and the server are in a secure environment. Because the server has been certified as a 128-bit secure server by Tru-Secure, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new user starts a server session.

Router and Firewall:

Requests must filter through a router and firewall before they are permitted to reach the server. A router (a piece of hardware) works in conjunction with the firewall (a piece of software) to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

Liability for Electronic Transfers

As a consumer, you are protected by federal law against loss due to fraudulent activity, provided you notify Biddeford Savings immediately if you notice suspicious transactions on your account. Suspicious transactions include all electronic transfers such as ATM and debit card activity, electronic checks, and Automated Clearing House (ACH) transactions. You should also notify us if your account information or any electronic device used to access your banking information is compromised, stolen, or lost.

Identity Theft

Identity theft occurs when someone uses your personally identifying information, such as your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.

Identity theft is one of the fastest-growing crimes in the United States.

The Federal Trade Commission has online guidance about the steps consumers can take to protect themselves against identity theft.

For more information about identity theft, visit the FTC website.

Fraud & Theft Contact Information

In the event you become aware of suspicious account activity or are victimized by the theft of any of your personal information, immediate action is mandatory to minimize the damage. File a crime report with your local Police department and request a copy. Contact Biddeford Savings Deposit Services Department at 207-284-5906 or toll-free at 1-866-767-8265 and all of your creditors by telephone immediately to report the situation. Follow up your call with a letter outlining the suspected fraud. 

If you have specific questions about account fraud, identity theft, or how we help protect your account information, please give us a call. We’re always here to help!

Additional Contact Information and Sources of Information

Credit Bureaus:

  • Equifax: To report fraud, call 1-800-525-6285
  • Experian: To report fraud, call 1-888-397-3742
  • Trans Union: To report fraud, call 1-800-680-7289

Social Security Administration

  • To report fraud, call 1-800-269-0271
  • To order a benefits statement, call 1-800-772-1213

Federal Trade Commission: To report Identity Theft, call 1-877-438-4338 

Online Security Resources: