Internet Access: Security

important security advice for internet access customers

You may have recently heard about email scams targeting Internet access customers of some financial institutions. Scam emails that appear to be from a financial institution either:

• Request confirmation of your Internet access Customer ID and Access Code; or
• Direct you to an authentic looking, but fake website where a virus is secretly loaded onto your computer that records your keystrokes.

Most scam emails include false statements intended to create the impression that there is an immediate threat or risk to your account. In other cases the emails have promised a prize or other special benefit or tell you to install software from the email that checks and removes viruses.

Maxis Loans does not send out emails requesting personal or account information. If you receive a suspicious email, please phone our Internet Access team on 131 915.

If you have gone to our website and logged into Internet access, we may send you emails via the Secure Email Functionality about transactions on your account. However, even when using the Secure Email Functionality, Maxis Loans will never ask you for your account Access Code.

We expect you to be security-conscious and to take steps to protect your personal information when you are using Internet access.

protect your personal computer

We recommend that you:

• Ensure you have the latest anti-virus and firewall protection on your computer and that the software is updated regularly to ensure your protection is current;
• Download and install the most up to date security patches from your software vendors;
• Do not click on links or open email attachments from unknown sources; and
• Scan your PC with your anti-virus software at regular intervals.

A couple of websites where you can find more information about anti-virus tools and firewalls are Symantec and Trend Micro.

protect your security

Follow these tips below to maximise the security of your personal information when using Internet Access:

• Select an Access Code that is easily memorised, but which is difficult for others to guess;
• Change your Access Code regularly, we recommend every 30 days;
• Never divulge your Access Code to anyone (we will never ask you for this);
• Do not logon to Internet access on unfamiliar computers (eg at an Internet cafe), as they may not be protected with the latest anti-virus software;
• Always connect to Maxis Loans by typing the address http://www.maxisloans.com.au in the address bar rather than following links. This URL could be saved into your browser favourites;
• Check your last sign-in date and time (appears in red in the centre bottom third of the screen) whenever you sign into Internet access to make sure it is correct;
• Confirm that your data is encrypted by ensuring a symbol of a lock appears in the bottom right hand corner of the browser;
• Never leave your computer unattended whilst logged into Internet access;
• Always select Log Off from the Internet access menu when you complete your session;
• Close your Internet browser after signing out at the end of each Internet access session; and
• Always check your statements for any transactions that look suspicious. Report any suspicious transactions immediately to the Maxis Loans National Call Centre on 131 915, Mon to Fri 8am-6pm Melbourne Time.

What Does Maxis Loans Do for You

At Maxis Loans we understand the need to provide a secure and safe environment for our customers to transact and communicate over the Internet.

To protect your information, Maxis Loans has the following three levels of security:

authentication

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of digital certificates. A digital certificate is an electronic identifier that establishes a computer's credentials when doing business or other transactions on the Internet. When a customer logs on to the Maxis Loans website, he or she may be asked to accept the Maxis Loans digital certificate that allows a customer to verify the site connected to is indeed Maxis Loans.

encryption

To ensure all communication between a customer and Maxis Loans is secure, we employ an industry approved 128-bit cryptographic algorithm (triple DES). You will notice when you click on the 'log in' option on our home page, a new browser window opens. This new window is encrypted with Secure Socket Layer (SSL) technology to provide you with a secure channel through which you may transact and communicate.

browser requirements

All pages on Maxis Loans Internet Access are encrypted using 128-bit SSL encryption. In order to utilise these secure technologies, it is essential your Internet browser supports 128-bit encryption. The minimum browser requirements to access Maxis Loans Internet Access are as follows:

Platform	Internet Explorer	Netscape
Windows	5.0 and above	4.5 and above
Mac	5.0 and above	6.0 and above

application level security

Application level security is implemented with the use of a Customer ID and Access Code unique to each customer. Using the unique Customer ID and Access Code, a Maxis Loans customer is identified to the system and thus only details specific to each customer are displayed.

The customer's Access Code is strictly confidential. No employees of Maxis Loans have access to the customer's Access Code.

Maxis Loans regularly reviews developments in security and encryption technologies. Despite our security technologies, no data transmission over the Internet can be guaranteed as completely secure. We expect you to be security-conscious and to take steps to protect your security.