Online Security

At Broadway Bank, protecting your personal information and ensuring your online account data is secure is top priority.  We are committed to helping you recognize fraud and sharing information about ways you can remain protected against online threats. 

REMEMBER:  Broadway Bank will NEVER ask you to provide, verify or update personal account or login information by email or an unsecure website.  This includes account numbers, user IDs, passwords or debit card information.  If you are asked to provide this information via email or unsecured website, please contact the Online Banking Department at 210-283-6500, or toll-free at 800-531-7650, during normal business hours.

Attack Methods of Online Fraud and Identity Theft

Below are some of the most common types of threats experienced by online users every day.

Identity Theft – Fraud that involves a criminal stealing another's personal information in order to steal money, open new credit or debit cards, and commit other crimes using the stolen identity.

Key Logging – Keystroke logging or Key logging is a special type of virus that can capture keystrokes such as login IDs, passwords and security answers. Key logging viruses are typically downloaded via a fraudulent email containing an attachment.

Man in the Middle Attack – The phrase "Man-in-the-Middle Attack" is used to describe a computer attack during which the cyber criminal funnels communication between a consumer and a legitimate organization through a fake Web site.  In these attacks, neither the customer nor the financial institution is aware that the communication is being illegally monitored. The criminal is, in effect, in the middle of a transaction between the customer and his or her bank.

Pharming – A scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.

Phishing – A fraudulent process of attempting to acquire private information such as usernames, passwords and account numbers by impersonating a trustworthy entity and sending out mass email communications. Emails typically contain an urgent message requesting recipients to click a link within the email.  This will direct them to a fake website where they are prompted to enter personal information in order to verify credentials, activate an account or respond to a possible breach in the recipient's security.

Spoofing – Spoofing is a technique used by computer hackers to gain unauthorized access to your computers by sending a message with an IP address saying it is coming from a trusted source.

Here Are Some Ways You Can Protect Yourself Online

Use Anti-Virus and
Anti-Spyware software

  • Programs such as Norton, McAfee, and AVG can strengthen your computer’s security by scanning and removing viruses and spyware, which can damage your computer or lead to your confidential information being compromised.
  • These programs can be downloaded online or purchased from office supply or electronics stores.  You can also check with your Internet service provider who may offer free programs to protect you from viruses, worms and spyware.
  • Make sure your anti-virus and anti-spyware software is updated regularly.  If the license expires, you may not be covered against threats. 
  • Run frequent scans to ensure that any potential threats can be addressed as quickly as possible.

NOTE:  Broadway Bank does not provide anti-virus or anti-spyware software.

User IDs and Passwords

  • Never share your login credentials (IDs or Passwords) with anyone.
  • Create complex passwords – If possible, use a combination of upper/lower case letters, as well as numbers and special characters (Ex: @!#$&).
  • Change your passwords frequently.
  • Avoid using words that would be easy for others to guess.
  • Never write down your password.

Beware of fraudulent websites and emails

  • Avoid clicking on links in unsolicited emails.  These links can be used to lure you to copycat websites that are made to look legitimate, but are created to fraudulently obtain your personal information, such as your login credentials, social security number, name, credit card number(s), address, etc.
  • If you are uncertain or suspicious about the legitimacy of a website, look for the security report symbol ( ) and click on it for details about the website.  This symbol also indicates that the website uses a secure connection where encrypted exchange of information is used.
  • True secure websites will have a web address which begins with “https”.
  • If you do receive an email that appears to have been sent to you by us but are uncertain, please feel free to contact us so that we can verify its authenticity.
Protect your personal information
  • Never send confidential information (such as your account number, social security number, etc.) in an email.  Email messages are not heavily encrypted, which means that they can be compromised.
  • Review your account activity often.  Frequent review of your accounts will make it easier for you to quickly identify suspicious activity.  If you do identify any suspicious activity, please contact Broadway’s Customer Service Department at 210-283-6500, or toll-free at 800-531-7650, Monday through Friday, 8am – 6pm, and Saturday, 9am – 1pm.
  • Do not leave your computer unattended while using Online Banking.


Security Features in Broadway Bank’s Online Banking:

Automatic Session Timeout – If you leave your computer unattended while using Online Banking, the system will automatically terminate the session after a short period of inactivity. 

Login ID/Password – You can change your Login ID and/or password at any time if you feel that they have been compromised, or if you periodically change your Login ID and password as recommended.

Security Alerts – Choose from multiple security alerts to notify you when changes are made to your security preferences.  Some examples of security alerts available include notifications of when a password is changed, when the ‘forgot password’ feature is attempted, and many others.  You can also designate how you would like to be notified; email, phone call or text message. 

Layered Security – Broadway Bank uses a complete set of security tools, including encryption, firewalls, trusted operating systems, and a two-way authentication process. We make every effort, using multiple layers of security and passwords, to ensure your online transactions and confidential information are secure.

Authentication Codes (Secure Access Codes) – Our Multi-Factor Authentication (MFA) feature delivers a code to you via email, text message or phone call which must be entered during the authentication process to access your account information.  The combination of a required Login ID and password, in addition to your MFA code, enhances the system’s security.

eStatements – Sign up for free online eStatements to avoid receiving paper statements and various notices and documents which sit in your unsecure mailbox and could be compromised. 

Phishing Phrase – Create a personalized phishing phrase that you will see every time you access the Online Banking login page from a designated computer.  When you see your phrase, you will know that you are on our secure website.

Contact Us

If you suspect that your online banking information has been compromised, please contact us for assistance. 

During normal business hours, you can call 210-283-6500 or toll-free at 800-531-7650 and ask to speak with a representative in the Online Banking Department. 

After business hours, please call 210-283-5740 to leave a message with your name and contact number.  We will return your call as quickly as possible.  We will take quick action to protect your personal account information and your money.

Your Protections Under Regulation E

Banks follow specific rules for electronic transactions, issued by the Federal Reserve Board.
Known as Regulation E, the rules cover all kinds of situations revolving around transfers made electronically.  Under the consumer protections provided under Reg. E, you can recover internet banking losses according to how soon you detect and report them.

Refer to the Account Terms and Conditions for detailed information.

Glossary of Terms

Anti-virus Software – Software that protects computers from viruses and other malicious software/code, including those that can destroy data, steal private information, and affect computer performance.

Browser – The program that serves as your front end to the on the Internet.
Microsoft Internet Explorer, Microsoft Edge, Chrome, Safari and Mozilla Firefox are some of the most popular browsers. When a site says, for example, "best viewed by Internet Explorer," it means that the pages were programmed to provide optimum features and navigation with that particular browser.  Using other browsers may ignore some of the page's features until a subsequent release supports them.

Cookies – In computing, a cookie is a small text file stored on a user's computer by a web browser. Cookies can consist of information such as user preferences, shopping cart contents, identifiers for server-based sessions, or other data used by websites.

Encryption – The scrambling of data into a secret code that can be read only by software that is capable of decoding the information.

Firewall – A technological barrier which prevents unauthorized Internet users from accessing private computers or networks.  Software and/or hardware are used to examine messages and block those that do not meet a specified set of security criteria.  Firewalls are widely used to give users access to the Internet in a secure fashion, as well as to separate a company's public Web server from its internal network.

Router – A device that forwards data packets (basic units of communication over a digital network) from one local area network (LAN) or wide area network (WAN) to another.
Based on routing tables and routing protocols, routers read the network address in each transmitted frame and make a decision on how to send it based on the most expedient route (traffic load, line costs, speed, bad lines, etc.).

SSL/ Secure Sockets Layer – The leading security protocol on the Internet.
When an SSL session is started, the browser sends its public key to the server so that the server can securely send a secret key to the browser. The browser and server exchange data via secret key encryption during that session. Developed by Netscape, SSL has been merged with other protocols and authentication methods by the Internet Engineering Task Force (IETF) into a new protocol known as Transport Layer Security (TLS).

Other Helpful Contact Information and Fraud Prevention Sites



National Cyber Security Alliance

Federal Trade Commission

Credit Bureaus

  • Equifax:  1-800-525-6285
  • Experian (formerly TRW):  1-888-397-3742
  • Trans Union:  1-800-680-7289

Social Security Administration (fraud line)


Click Here to Learn More About Fraud Prevention
and Identity Theft from Broadway Bank