Privacy & Security
Protecting your financial identity is very crucial. Together with Redstone Federal Credit Union®, you can take steps to prevent and detect identity theft and fraud. The most important step toward protecting yourself is to never give out account information to anyone who comes asking for it. RFCU® does not call, text, or send emails asking for account information. Remember—we already have it!
Phone Calls about Suspicious Card Transactions
As a result of suspicious or out-of-the ordinary card transaction(s) on your Redstone Federal Credit Union credit or debit card(s), you may occasionally receive a call from a Redstone Federal Credit Union employee or third party representing Redstone Federal Credit Union that will be calling to validate the transaction(s) as legitimate.
Be aware that the persons making these calls will never ask for your account number, card number or social security number as we already have that information. You should never give this information to anyone calling you.
If you are ever suspicious of a call from Redstone Federal Credit Union or a party representing Redstone Federal Credit Union, disconnect the call and initiate a call to Redstone Federal Credit Union to validate.
To minimize chances of receiving these calls, please submit the "Travel Form for Cards" located inside Online Banking under the Additional Services tab prior to making domestic or international travel during which you will be using your Redstone Federal Credit Union card and ensure Redstone Federal Credit has your best contact information on file.
Online Security Vulnerabilities
When Redstone becomes aware of online security vulnerabilities that may impact you as a member, helpful information will be posted here with trusted advice on how to best protect yourself.
Debit and Credit Card Data Breaches
If you think you may have been impacted by an unauthorized debit or credit card data breach from a retailer or any other institution you do business with, there are a few simple things you can do to protect yourself. Keep an eye on your account through Online Banking or monthly statements to watch for any unusual activity. You can even set up alerts that will notify you if account balances or transaction amounts exceed certain thresholds you set, and fraud text alerts are available for your Redstone credit card. This service sends text alerts to your mobile phone allowing you to confirm or deny suspicious activity quickly and stop fraud fast. You can enroll through the Credit Card Info tab within Online Banking or the mobile app.
If you notice anything suspicious or unusual on your Redstone accounts, please notify Member Connect immediately for assistance by calling 800-234-1234. If desired, Redstone can close your debit or credit card and reissue a new one for you. You should also report fraud or identity theft to the Federal Trade Commission and local law enforcement.
If you suspect that your card has been breached, it is recommended that you change your PIN number as an added measure of security. To help protect your account information, consider periodically changing your PIN number quarterly or annually.
RFCU will never call you asking for your card number, PIN, or other card information in the case of a debit or credit card data breach. As always, if you ever question the legitimacy of a call from RFCU, please hang up and call 256-837-6110 or 1-800-234-1234.
Protect Your Identity
An excellent way to detect fraudulent activity is to keep a close eye on your accounts, such as by using RFCU’s Online Banking to watch your accounts on a daily basis. Restrict the usage of your debit card with the Debit Card Control settings inside the Redstone Mobile Banking app. You should also take advantage of your free annual credit report check, which gives an overview of your credit accounts from all financial institutions.
Free credit reports are available under Federal law at AnnualCreditReport.com.
To receive your free annual credit report, you can
There are several other precautions you can take to protect yourself against identity theft. These government websites provide precautions, tips, and advice on protecting yourself online, while on the telephone, or by mail.
If you want to purchase a product to help you better protect your identity, Redstone offers Equifax Credit Watch™ Gold. For $6.95 a month1, you get the following:
- Daily credit file monitoring and email alerts of key changes to your Equifax credit file
- Unlimited access to your Equifax Credit Report2
- Automatic Fraud Alerts3 encourage lenders to take extra steps to verify your identity before authorizing new or additional credit
- Up to $25,000 in Identity Theft Insurance4 to cover certain out-of-pocket expenses if your identity is compromised.
- Access to identity theft assistance should you become a victim of identity theft
- Online dispute resolution
Available for the stated price per month. While we hope you will enjoy your product, you may cancel at any time; however, we do not provide partial month refunds.
Sign up today
1We will require you to provide your payment information when you sign up. We will immediately charge your card $6.95 for monthly subscriptions and will charge the card that amount for each month you continue your subscription. You may cancel at any time by calling 866-243-8181, 8am - 3am EST; however, we do not provide partial month refunds.
2Under certain circumstances, access to your Equifax Credit Report may not be available as certain consumer credit files maintained by Equifax contain credit histories, multiple trade accounts, and/or an extraordinary number of inquiries of a nature that prevents or delays the delivery of your Equifax Credit Report. If a remedy for the failure is not available, the product subscription will be canceled and a full refund will be made.
3The Automatic Fraud Alert feature is made available to consumers by Equifax InformationServices LLC and fulfilled on its behalf by Equifax Consumer Services LLC.
4Identity theft insurance underwritten by subsidiaries or affiliates of American International Group, Inc. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions and exclusions of coverage. Coverage may not be available in all jurisdictions.
Those looking to misuse your account information will often disguise themselves as Redstone Federal Credit Union, or any other financial institution, and then ask you to “verify” your account information by sending them confidential information. These “social engineers” also search dumpsters for valuable information, memorize access codes by looking over someone’s shoulder (shoulder surfing), or take advantage of people’s natural inclination to choose passwords that are meaningful to them but can be easily guessed. Some examples of social engineering techniques include the following:
Phishing – Phishing uses e-mails that appear to originate from a trusted source (such as a financial institution) to trick users into entering confidential information on a fake web page.
Vishing – This technique uses an interactive voice response (IVR) system to recreate a legitimate-sounding copy of a financial institution’s IVR system. The victim is prompted to “verify” various financial information. More advanced systems transfer the victim to the attacker, posing as a customer service agent, for further questioning.
Smishing – The victim receives a text message telling them to call a toll-free number, which is answered by a bogus interactive voice-response system that tries to fool the victim into providing his or her account number and password.
Baiting – An attacker will leave a software-infected computer disk or USB flash drive in a location such as a bathroom, elevator, or parking lot. The attacker gives it a legitimate looking label and name, and then simply waits for the victim to use the device. Baiting can also take the form of an App for your mobile phone. These Apps are designed to look and feel legitimate.
Business and Commercial Accounts
Unfortunately, even businesses are not immune to identity theft and fraud. In fact, some online business account transactions may incur a higher level of risk when it comes to fraud than a consumer account transaction. To help protect your business against identity theft and fraud, RFCU strongly encourages you to conduct periodic risk assessments and evaluations of your controls to detect weaknesses or inadequacies.
Many companies keep sensitive personal information about customers or employees in their files. Having a sound security plan in place can help you meet your legal requirements to protect sensitive information. The Federal Trade Commission provides helpful guidelines to take into consideration when conducting your risk assessments and controls evaluation. This booklet by the FTC also provides information on how a business can protect information, as does this document from the Bureau of Consumer Protection Business Center.
Always bear in mind that security does not stop or start with the technology alone. The majority of security issues can be prevented by simply using common sense.
- If you get an email, phone call, or text alert about an account, don’t respond before you verify that it’s legitimate. It is best to verify by initiating a call to Redstone Federal Credit Union at 800-234-1234 before responding to any communication.
- Use strong passwords that are hard to guess, and never share them with anyone. Our recommendation includes the following:
- Use at least one number in your password
- Use at least one CAPITAL letter in your password
- Use at least one symbol or special character in your password
- It is recommended that your passwords be a minimum of 12 characters in length. For highly confidential sites or information, we recommend 15 characters.
- Many of the precautions taken to protect mobile devices are the same as those for desktop computers. Devices should be password protected, and programs should only be downloaded and installed from trusted sources.
Members’ Rights and Liabilities
There are several federal regulations which may protect victims who incur unauthorized or fraudulent transactions on their accounts. The victim’s rights and liabilities for the fraudulent or unauthorized transaction depends on the type of transaction, the amount of time it took to notify the Credit Union of the fraudulent transaction, and whether the victim was a consumer or a business.
For a consumer, certain protections are provided under Regulations E and Z for fraudulent or unauthorized transactions. The protections are dependent on numerous factors, including the type of transaction.
Some of the types of transactions that are covered by Regulation E include the following:
- Point-of-sale (POS) transfers;
- Automated teller machine (ATM) transfers;
- Direct deposits or withdrawals of funds;
- Transfers initiated by telephone;
- Transactions where a check, draft, or similar paper instrument is used as a source of information to initiate a one-time electronic fund transfer from a consumer’s account; and
- Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal.
Likewise, there are other transactions which are not covered by Regulation E and are not given the same protection as the transactions listed above. Transactions that are not covered by Regulation E include the following:
- Check guarantees or authorizations;
- Wire or other similar transfers;
- Securities and commodities transfers;
- Automatic transfers by the Credit Union resulting from an agreement between the member and the Credit Union in which the Credit Union initiates individual transfers without a specific request from the member; and
- Telephone-initiated transfers including any transfer of funds initiated by a telephone communication between the member and the Credit Union that does not take place under a telephone bill-payment or any other written plan in which periodic or recurring transfers are contemplated.
Below is a list of some of the protections consumers may have under these two federal regulations. Additional protections may also be provided by Visa® and they are included below as well.
Unfortunately, business accounts are not provided the same protections as consumer accounts under Regulations E and Z. Rest assured, however, that the Credit Union will still investigate any fraudulent or unauthorized business transaction thoroughly and in a timely manner. While business accounts may not have the same protections under Regulations E and Z, Visa and CheckFree Services Corporation may still offer some protections to these accounts. Protections offered for business accounts for fraudulent or unauthorized transactions are listed below:
Learn more about privacy and security for businesses. View the video now!