Northern Trust Private Passport® requires that you use an SSL (Secure Sockets Layer) compliant browser. SSL is a protocol that allows your personal computer to establish a secure connection to our Internet servers. We require 128-bit SSL encryption. SSL uses encryption techniques that turn all information transmitted into a series of unrecognizable characters as the information travels through the Internet. Our servers turn these characters into recognizable information after the secure connection has been made. SSL also utilizes the additional protection of digitally signed certificates that assure you are communicating with Northern Trust.
Northern Trust Private Passport® utilizes cookies. Cookies are small pieces of information that are sent from Northern Trust Private Passport® to your browser. The cookie stores information used to safeguard your session and assist with your navigation through Northern Trust Private Passport®. You must set your browser to allow cookies to use Northern Trust Private Passport. Private Passport uses session cookies rather than persistent cookies. Session cookies are not saved at the end of a Private Passport® session and do not store personal information that other programs can access.
Establishing a Session with the Server
When you log in to Private Passport from any NorthernTrust.com Web page or the Private Passport sign-on page, your User ID and password are transmitted to us in 128-bit encrypted form. This occurs even though information on the NorthernTrust.com Web pages is sent to you in an unencrypted form prior to your logging into Private Passport.
The first time you sign on to Northern Trust Private Passport®, you are required to change the initial password provided to you during enrollment. Your User ID and password must both be at least six characters in length, however, we recommend using at least eight characters. You must have at least one numeric character in your User ID and password. We also recommend that you change your password often, with an interval of no more than 30 days between password changes. As additional security precautions, after 15 minutes of inactivity you are required to re-enter your password and a limit is placed on the number of invalid sign on attempts. Three consecutive logon failures will result in suspension of your User ID requiring you to contact the Northern Trust Private Passport® Help Center for assistance.
After you have entered your User ID and Password, we will authenticate your signon information and pass your request to the Northern Trust Private Passport® server. This server is protected by firewall technology. The firewall allows only approved client requests to access the server and protects the server against intrusion. Both the firewall and the server are in physically protected locations. All activity on both platforms is logged and monitored to ensure that no attempts have been made to breach security.
After your request is processed by the Northern Trust Private Passport® server, the information is encrypted and returned via the Internet to your personal computer.
Enhanced Security Frequently Asked Questions
How does Private Passport's enhanced security work?
At random intervals all Private Passport® clients will be required to select and answer a series of personal challenge questions, which we may use at a future date. You may be asked these questions to help authenticate your identity. We will ask challenge questions if you access Private Passport using a different computer than usual or if the computer you usually use has significantly changed (such as changing to a new operating system or using a different browser).
Why do I need this level of online security?
Northern Trust is continually seeking ways to help improve the security of our online services. As consumer activity over the Internet continues to increase, so have concerns over online account security. The prevalence of phishing, pharming, spoofing, malware, and other identity theft/fraud activities have all been motivating factors in our online security efforts.
How is the new logon process more secure?
Previously, clients could access their accounts information online by providing a User ID and Password. We have now improved security by occasionally requiring you to answer personal challenge questions to avoid having account access temporarily suspended.
How does Private Passport's enhanced security protect me from “phishing” attacks?
If you mistakenly provide a third party with your ID and password, our security application is designed to deny access to the third party. For example, when a fraudster attempts to access your account, our security application will most likely not associate that individual's login pattern of behavior or computer equipment with your User ID - and your challenge questions will be asked. Given that the fraudster should not be able to answer the questions, access will be denied.
Why do I need to answer security challenge questions?
The challenge questions and your responses will allow us to provide an incremental layer of online security. If you access your account in a materially different way than previous logins, we may present challenge questions that must be answered to gain access to your account. Additionally these questions may be used to authenticate your identity when calling into our Help Center.
Why am I being asked challenge questions when I log on from my personal computer?
If you make changes to your personal computer by switching the browser you use or change the operating system of your computer, we may present questions to identify you.
The following tips will enhance your secure usage of Northern Trust Private Passport®:
- Always keep your User ID and Password confidential. Private Passport® requires the use of alpha numeric User IDs and passwords. We strongly recommend that you do not create a User ID and/or Password that contains easily identifiable groups of characters such as an account number or name preceded or followed by just one alpha/numeric character.
- Never leave your computer unattended while using Northern Trust Private Passport®.
- Always properly exit the system by clicking on the "Sign Off" button located on each page upon completing use of Northern Trust Private Passport ®.
- Close your browser when you are finished using Northern Trust Private Passport® so that others cannot see your account information.
- Always use virus protection software and update it regularly. Do not allow a virus to remain on your computer while accessing Northern Trust Private Passport®.
We look forward to continuing to serve your financial services needs now and in the future.
|Click here to email this page|