How Chemical Bank Protects You

At Chemical Bank, our team of technical security specialists work to ensure that all financial transactions, data transmissions, and communications are completed in a secure online environment. Bank with the comfort of knowing you are fully protected all day, every day.

Downloadable Identity Theft Brochure

How We Protect You

To safeguard all financial and personal information, Chemical Bank:

  • Uses multi-factor authentication where possible

  • Uses encrypted pages for password sign-on

  • Retains all account data in secure Bank systems

  • Protects email the Bank receives and guards against non-Bank employees seeing it

  • Uses systems of record that protect all financial and personal information and utilize leading security features

Learn more about online security for our personal and business banking below.

Consumer E-Banking Best Practices

User ID and Password Guidelines

  • Create a “strong” password with at least eight characters that includes a combination of mixed case letters, numbers, and special characters.
  • Change your password frequently.
  • Never share user name and password information with third-party providers.
  • Avoid using an automatic login feature that saves user names and passwords.

General Guidelines

  • Do not use public or other unsecured computers for logging into Consumer eBanking.
  • Check the last login date/time every time you log in.
  • If the system does not recognize your computer or location, you will be asked to provide additional information to log into Consumer eBanking. This may include Out-of-Band Authentication via phone or SMS text message or answering more sophisticated (Out-of-Wallet) challenge questions.
  • Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
  • View transfer history available by viewing account activity information.
  • Whenever possible, use Bill Pay instead of checks to limit account number exposure and to obtain better electronic record keeping.
  • Take advantage of and regularly view system alerts; examples include:
    • Balance alerts
    • Password change alerts
    • Transfer alerts
  • Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
  • Use the historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.
  • Never leave a computer unattended while using Consumer eBanking.
  • Never conduct banking transactions while multiple browsers are open on your computer.

Tips to Avoid Phishing, Spyware and Malware

  • Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as user names, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer.
  • Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e-mail.
  • If an e-mail claiming to be from your financial organization seems suspicious, check with your financial organization.
  • Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
  • Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
  • Ensure computers are patched regularly, particularly operating systems, browsers, and key applications.
  • Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers.
  • Check your settings and select, at least, a medium level of security for your browsers.
  • Clear the browser cache before starting any Consumer eBanking session to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's preferences menu.
  • Be advised that you will never be presented with a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching the URL and before entering login credentials.
  • Consumer eBanking does not use pop-up windows to display login messages or errors. They are displayed directly on the login screen.
  • Consumer eBanking never displays pop-up messages indicating that you cannot use your current browser.
  • Consumer eBanking error messages never include an amount of time to wait before trying to login again.
  • Be advised that repeatedly being asked to enter your user ID or password are signs of potentially harmful activity.

Tips for Wireless Network Management

Wireless networks can provide an unintended open door to your  network. Unless a valid business reason exists for wireless network use, it is recommended that all wireless networks be disabled. If a wireless network is to be used for legitimate business purposes, it is recommended that wireless networks be secured as follows:

  • Change the wireless network hardware (router/access point) administrative password from the factory default to a complex password. Save the password in a secure location as it will be needed to make future changes to the device.
  • Disable remote administration of the wireless network hardware (router/access point).
  • If possible, disable broadcasting the network SSID.
  • If your device offers WPA encryption, secure your wireless network by enabling WPA encryption of the wireless network. If your device does not support WPA encryption, enable WEP encryption.
  • If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware. Every computer network card is assigned a unique MAC address. MAC filtering will only allow computers with permitted MAC addresses access to the wireless network.

BUSINESS eBANKING BEST PRACTICES

General Guidelines

  • Do not use public or other unsecured computers for logging into Business eBanking.
  • Check the last login date/time every time you log in.
  • If the system does not recognize your computer or location, you will be asked to provide additional information to log into Business eBanking. This is called Out-of-Band Authentication via phone or SMS text.
  • Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
  • View transfer history available by viewing account activity information.
  • Whenever possible, use Bill Pay instead of checks to limit account number exposure and to obtain better electronic record keeping.
  • Take advantage of and regularly view system alerts; examples include:
    • Balance alerts
    • Password change alerts
    • Transfer alerts
    • ACH alerts
    • Wire alerts
  • Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
  • Use the historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.
  • Never leave a computer unattended while using Business eBanking.
  • Never conduct banking transactions while multiple browsers are open on your computer.
  • An FBI recommended best practice is to suggest that company users dedicate a PC solely for financial transactions (e.g., no web browsing, emails, or social media).

User ID and Password Guidelines

  • Create a “strong” password with at least eight characters that includes a combination of mixed case letters, numbers, and special characters.
  • Change your password frequently.
  • Never share user name and password information with third-party providers.
  • Avoid using an automatic login feature that saves user names and passwords.

Administrative Users

  • Prohibit the use of “shared” user names and passwords for Business eBanking.
  • Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
  • Dedicate and limit the number of computers used to complete online banking transactions; do not allow Internet browsing or e-mail exchange and ensure these computers are equipped with latest versions and patches of both anti-virus and anti-spyware software.
  • Delete online user IDs as part of the exit procedure when employees leave your company.
  • Assign dual system administrators for online cash management services.
  • Use multiple approvals for monetary transactions and require separate entry and approval users.
  • Establish transaction dollar limits for employees who initiate and approve online payments such as ACH batches, wire transfers, and account transfers.

Tips to Protect Online Payments and Account Data

  • Take advantage of transaction limits. Establish limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
  • When you have completed a transaction, ensure you log off to close the connection with the financial organization's computer.
  • Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies.
  • Reconcile by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis.

ACH (Automated Clearing House Batches)

  • Use pre-notification transactions to verify that account numbers within your ACH payments are correct.
  • Use limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
  • Review historical and audit reports regularly to confirm transaction activity.
  • Use available alerts for wire transfer activity

Wire Transfer

  • Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
  • Review historical and audit reports regularly to confirm transaction activity.
  • Use available alerts for wire transfer activity.

Account Transfer

  • Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
  • Review historical and audit reports regularly to confirm transaction activity.
  • Use available alerts for funds transfer activity.

Tips to Avoid Phishing, Spyware and Malware

  • Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as user names, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer.
  • Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e-mail.
  • If an e-mail claiming to be from your financial organization seems suspicious, check with your financial organization.
  • Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
  • Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
  • Ensure computers are patched regularly, particularly operating systems, browsers, and key applications.
  • Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers.
  • Check your settings and select, at least, a medium level of security for your browsers.
  • Clear the browser cache before starting any Business eBanking session to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's preferences menu.
  • Be advised that you will never be presented with a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching the URL and before entering login credentials.
  • Business eBanking does not use pop-up windows to display login messages or errors. They are displayed directly on the login screen.
  • Business eBanking never displays pop-up messages indicating that you cannot use your current browser.
  • Business eBanking error messages never include an amount of time to wait before trying to login again.
  • Be advised that repeatedly being asked to enter your password/token code are signs of potentially harmful activity.

Tips for Wireless Network Management

Wireless networks can provide an unintended open door to your business network. Unless a valid business reason exists for wireless network use, it is recommended that all wireless networks be disabled. If a wireless network is to be used for legitimate business purposes, it is recommended that wireless networks be secured as follows:

  • Change the wireless network hardware (router/access point) administrative password from the factory default to a complex password. Save the password in a secure location as it will be needed to make future changes to the device.
  • Disable remote administration of the wireless network hardware (router/access point).
  • If possible, disable broadcasting the network SSID.
  • If your device offers WPA encryption, secure your wireless network by enabling WPA encryption of the wireless network. If your device does not support WPA encryption, enable WEP encryption.
  • If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware. Every computer network card is assigned a unique MAC address. MAC filtering will only allow computers with permitted MAC addresses access to the wireless network.

We're also introducing SecurLock™ Communicate

Keeping you protected is important to us!  That’s why we’ve enhanced our current Fraud Center services. Now, with SecurLock™ Communicate, you can keep your finances secure with real-time two-way SMS texting between you and the fraud team for quicker fraud identification and prevention.  You can enjoy instant security, since you will be automatically enrolled.  

Step 1: Text Option-available 7:00 am EST to 10:00pm EST

If we suspect fraud, you will receive a alert from our fraud department.  If you receive a fraud alert text message, you can just respond whether the transaction was yours or not. 

If you do not wish to receive these text alerts, you can reply STOP to the text message and the Fraud Center team will pursue other avenues to reach you.

Step 2: Email Option- available 24/7

If we do not receive a response to the text(s), an email will be sent to confirm that the transaction is valid.

Step 3: Phone Option- available 8:00am EST to 9:00pm EST

If there is no response to the text or email, an automated voice call is generated and you will be asked to confirm the authorizations are valid or unrecognized. 

Once you respond the transaction is valid, the temporary block is removed within five to ten minutes so you are not inconvenienced by long wait times when calling to have a block removed.   

All cardholders will be automatically enrolled. To ensure that you have the full benefit of these new features, please contact the Customer Care Center at 1-800-867-9757, to ensure that we have your current cell phone and email address on file.

Chemical Bank will never send emails requesting customers to disclose or "verify" personal information about their accounts. If you receive a suspicious email, please send it to SecurityCenter@ChemicalBank.com. If you receive a suspicious phone call, or suspect that fraudulent activity is affecting your account, please contact our Customer Care Center at 1.800.867.9757.