Here you will find information about how we protect all of the online services that can be found on BBT.com, including online banking.
BBT.com provides information about and access to financial services offered by the BB&T Corporation family of companies. BBT.com is managed by Branch Banking and Trust Co., a subsidiary of BB&T Corporation. This page explains our online security practices when you visit the BBT.com website. Unless otherwise specified, this policy does not apply to any other website of any other BB&T company, or to any other website even if such websites are accessible through BBT.com. This policy may be modified at any time by changing the notice on this page.
BB&T is committed to protecting the security of our clients' personal information, including when it is transmitted online. Therefore, BB&T OnLine Banking and our other online services utilize advanced Internet security technology to protect your personal financial information against unauthorized access. BB&T will never request personal information via e-mail or pop-up windows. Even with the robust security system in place at BB&T, there are additional steps you can take to further protect your financial and personal information.
To access certain online services, you may have been assigned a unique user ID and password that is for your use only. Your user ID and password are designed to protect you by confirming your identity to our computer network systems. As an additional layer of protection, BB&T utilizes other tools to properly authenticate you to BB&T OnLine®
. To prevent unauthorized access to your accounts, it is very important to keep your user ID and password confidential.
Here are some steps you can take to protect the confidentiality of your user ID and password:
- Use a unique password for each online account or application.
- Do not post your password on your computer monitor, the bottom of your keyboard, under your mouse pad, or any other place near your computer system.
- Change your password periodically (i.e., monthly or quarterly).
- Change your password immediately if it becomes known, or you suspect it is known, by anyone else.
- Never give your password to anyone over the phone, regardless of the circumstances.
- Store a written record of your passwords in a secure location.
When creating a strong password, your objective is to make it as difficult as possible for anyone to make an educated guess about what you have selected. However, it should be developed in a manner that makes it simple for you to remember without having to write it down.
Words to avoid when creating passwords:
- Do not use your (or any family member's) name, nickname, or initials in any form (forwards or backwards spelling).
- Do not use your user ID in any form.
- Do not use other information that can be easily obtained about you. This includes birth dates, telephone numbers, license plate numbers, Social Security numbers, street addresses, or the brand of automobile you drive, etc.
- Do not use all the same character (i.e., 333333) or consecutive keys on a keyboard (i.e., ASDFGH).
- Do not use words that would appear in a dictionary (English or other), as they can be easily compromised by password cracking programs that use electronic dictionaries.
Tips for choosing good passwords:
- Develop a method of creating passwords that makes it easier for you to remember. You want to avoid writing it down.
- You can use a line in a favorite song, poem or movie and select the first letter of each word to create your password. Also include at least one number. For example, "The early bird catches the worm" becomes the password 1TEBCTW.
- Use two short words and connect them with a number. For example, WIN7ONE.
- Use a word that you can easily remember, but remove the vowels and replace them with numbers. For example, "summer" becomes the password S2MM3R.
In order to prevent someone from gaining unauthorized access to your financial information, you should always log off the system after you have completed your business. As an added level of protection, BB&T online banking has a timeout feature that automatically terminates your session after an extended period of inactivity.
For additional protection, access to the BB&T system will be denied or locked after three unsuccessful logon attempts.
When you choose to apply for BB&T products using an online application, you will be required to provide personal information that is necessary to process your request. To ensure that your information remains confidential, it is sent to BB&T in a "secure session" utilizing Secure Socket Layer (SSL) technology. SSL is a security protocol for transmitting information via the Internet. Many web browsers support SSL, and many web sites use SSL to securely obtain confidential user information, such as credit card numbers. SSL technology scrambles or "encrypts" information as it moves between your computer's browser and BB&T computer systems.
Encryption is the process by which information is transformed or coded into a form that is unreadable to anyone except those whom possess the decryption key. This process prohibits unauthorized individuals from intercepting and viewing the information and is also referred to as a "secure session".
You can tell your online session with BB&T is secure through the following:
- An unbroken key or a locked padlock icon will appear at the bottom of your browser window.
- The website address will change from "http" to "https" at the top of your browser window.
- You will be required to utilize a user ID and password to gain access to the site.
Whenever possible, BB&T uses the strongest browser encryption technology available. Because this encryption technology is so strong, the U.S. government will generally not permit the export of browsers supporting this technology. Therefore, some BB&T online financial services may not be available outside of the United States and Canada.
Firewalls and activity logs are additional security mechanisms that BB&T utilizes to protect your account and online application information. A firewall acts as a barrier between the Internet and the BB&T internal network system, permitting only specific traffic to pass in and out. To further ensure that only authorized users have access to our systems, BB&T conducts regular reviews of activity logs.
Email transmitted across the Internet is normally not protected and may be intercepted and viewed by others. Therefore, you should refrain from sending any confidential or private information via unsecured email to BB&T. We will not ask you to send confidential information to us via email, such as your logon ID, password, account numbers or Social Security number. You should use BB&T SecureMessage or the BB&T Contact Us form for secure communication. Occasionally, we will retain the content of your email and our replies to confirm proper responses to your questions/requests, to comply with legal and regulatory requirements, and to ensure the consistent delivery of our "World Standard" client service.
BB&T utilizes the most up-to-date technology to protect our internal systems and your personal financial information from computer viruses. Malicious viruses can sometimes be used, however, to gain access to your personal computer. For protection of your personal system, BB&T recommends you implement the following measures:
- Purchase and install antivirus software such as McAfee's VirusScan or Symantec's Norton AntiVirus to detect and eliminate potential viruses on your computer. For more information on virus detection software, visit McAfee Security or Symantec.
- Consider purchasing antivirus software that automatically scans for virus updates whenever you go online. If your software does not have this feature, update your antivirus software at least weekly by contacting your antivirus vendor to obtain the most current antivirus signature files.
- Do not open email attachments or downloaded files without first saving them to your hard disk (C: drive). Your antivirus software should be configured to scan each file when it is saved and when it is opened.
- Never open email attachments from individuals you do not know. Simply delete the messages altogether.
- Use caution with email attachments, even if you know the sender. If you were not expecting the message or if you have any suspicions, contact the sender and confirm that they indeed sent the message.