How We Protect You

Our commitment to providing a secure online experience.

MCAG Security Commitment

Since the debut of mcaginc.com in 2004, MCAG has been committed to providing our customers with cutting-edge services and providing them with all the benefits that come with being an industry leader: convenience, robust service and a safe and secure environment for data management.

 

We currently use some of the most sophisticated commercially-available technologies to provide you with a powerful and multi-functional online experience that leads the way through attractive design, relevant information and ease of use with a high standard of online security. These services allow you to access your account information through an authentication process, which uses personal access codes and passwords.

We employ several measures, as described below, to provide these services in a secure manner. These measures allow us to properly authenticate your identity when you access our services and protect your information as it traverses the Internet between your PC and MCAG. Our security measures must rely on these access codes remaining confidential. We strongly recommend that you do not share these access codes and passwords with others.

Security Challenge Questions

Your online security is of the utmost importance to MCAG. As identity thieves grow more and more sophisticated, usernames and passwords are simply not enough to protect you anymore. That's why MCAG has another level of identity verification with Challenge Questions. You'll be required to select five secret challenge questions and answers that only you should know. If we have any reason to suspect that someone other than you is trying to log in with your username and password, we will prompt the user to answer one of your challenge questions. MCAG's Challenge Questions feature is an added layer of security that we use to further verify your identity and will help prevent unauthorized access to your accounts.

 

Remember: MCAG will never ask you to provide answers to security questions via email.

 

Security Alerts

MCAG will notify you via email to confirm any changes you make to your account. Notifications are sent automatically when we receive:

  • A mailing address or email address change

  • A phone number change

  • PIN or password change

 

Please pay careful attention to these alerts and notify us immediately if it was not YOU who initiated the change. In addition, you'll receive two Security Alerts that someone has tried to access your accounts and failed. That is why it's important to make sure you keep MCAG updated with your current email address. These Security Alerts cannot be deleted manually. This additional security measure prevents someone who has fraudulently accessed your accounts from deleting the alerts before you have a chance to see them. They will be automatically deleted from the system after 30 days.

128-bit SSL encryption

Encryption is the scrambling of information for transmission back and forth between two points. This technology allows for secure transmittal on the internet by encoding the data using a mathematical formula that scrambles the data. A key is then required to decode the transmitted data. SSL encrypts, or scrambles, your username and password before they leave your computer and then unscrambles them at the receiving end.

Extended Validation (EV) SSL Certificate

Watch for the green bar. When using MCAG's secure, SSL-encrypted system, you will see a green bar appear. You will also find the "s" at the end of "http" for secure.

Session Timeouts

To reduce the risk of unauthorized account access from an unattended computer, MCAG’s system will automatically log you off from the MCAG HUB after 20 minutes of inactivity. To resume your banking activity, you'll need to re-enter your user credentials.

Secure Firewalls

To protect your information and prevent security breaches, we use the latest firewall technologies, all of which are monitored 24x7. The firewalls provide a layer of protection between the Internet and MCAG’s internal network, designed to block and filter malicious traffic.

​​