SECURITY POLICY 
 
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a GeoTrust-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.   Secure Access and Verifying User Authenticity  - To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from GeoTrust or other trusted Certificate Authority issuer,   authenticates the user's identity and establishes a secure session with that visitor.   Secure Data Transfer  - Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by GeoTrust, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.   Router and Firewall - Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.   Using the above technologies, your Internet banking transactions are secure. 
 
Note: Commercial Savings Bank cannot guarantee the security of information traveling via email over the Internet.  For your safety, do not include non-public information in your email correspondence. 
 
What this means to you: when you open an account or are added as a signer to  an existing account, we will ask each person for their name, physical address, mailing address, date of birth, and other information that will allow us to identify them. We will ask to see each person's drivers license and other identifying documents and copy or record information. 
 
Visitors may elect to provide us with personal information via e-mail or online registration forms. The information is used internally, as appropriate, to handle the sender's request. It is not disseminated or sold to other organizations. 
 
Commercial Savings Bank may use cookies to collect this general information on all website and Portal Visitors. They also use cookies for security purposes in our Internet Banking service and for customization and personalization of the Portal. 
 
For more information or questions regarding this policy, contact the bank at: 
Commercial Savings Bank, P.O. Box 277, Carroll, IA, 51401, 712-792-4346 
 
 
 

FDIC
SECURITY POLICY | PRIVACY POLICY | PATRIOT ACT
DISCLAIMER: The bank is not responsible for and has no control over the subject matter, content, information, or graphics when viewing links attached to this bank’s site.

Optimized for MobileThis site is optimized for display on Handheld Devices. | Visit CSB Carroll Flash Site.