Whitehat Security

FDIC Your account is insured by the Federal Deposit Insurance Company (FDIC). The FDIC guarantees the safety of all deposits of its member banks. Click here to learn more about the FDIC and how FDIC insurance covers an individual account holder for up to the maximum amount allowed by law.

Zero Liability Protection
MasterCard® Zero Liability provides protection from unauthorized purchases in the event your card is lost or stolen. Learn more about the conditions associated with MasterCard Zero Liability policy.

EnFact Fraud Prevention
EnFact is a sophisticated software program that helps protect your debit card from fraudulent transactions. This is achieved through a neural network set up through our debit card processor. EnFact flags potentially suspicious transactions or patterns on your account and reports them to Higher One for investigation. If you receive a call from us, we will simply ask you a few simple questions to verify whether the activity is fraudulent.

TRUSTe online privacy certification Higher One uses the TRUSTe web Privacy Seal Program. TRUSTe is an independent organization whose mission is to build user’s trust and confidence in the Internet by promoting the use of fair information practices. Higher One has disclosed its information practices and had its privacy practices reviewed for compliance by TRUSTe.

Secure Account Set-Up
When you log on to create an account, we ask you to create a username and password. Your password is encrypted and will remain a secret as long as you do not disclose it. For additional security on your account, you have the option of taking advantage of Higher One’s Security PassCode feature. The Security PassCode feature ensures that an additional personalized verification step is taken when you contact Higher One.

Secure Account Log-In
To securely log on to your account, you are asked to provide your username and password. Once logged into Higher One’s website, all communications between your web browser and Higher One’s servers are protected with the highest level of encryption available on your browser, with a minimum of 128-bit SSL encryption. View the list of Higher One supported browsers. If you suspect fraud, please contact us immediately at the toll free number listed on the back of your card.

Timed Log-Off
Higher One’s system will automatically log you off from your account after 20 minutes. This reduces the risk of others accessing your information from your unattended computer.

Higher One’s computer systems are protected 24 hours a day by powerful, state-of-the-art firewall systems that block unauthorized entry. The intrusion detection system is monitored by security professionals 24/7. In order to gain access to authorized information, the web browser you are using must know the proper protocol, or language, and even then only select information is available.

From the moment account information leaves your computer to the time it enters Higher One’s system, all online access is encrypted. Higher One employs some of the strongest forms of encryption commercially available for use on the web today. During any transaction, our 128-bit encryption turns your information into a coded sequence with billions of possible variations, making it nearly impossible for unwanted intruders to decipher. Additionally, sensitive customer data is encrypted in our database. Higher One’s computers possess the proper formulas to turn this code back into meaningful information and complete your transaction. Look for a “closed lock” icon in your browser to confirm if encryption is being used on any web page you are viewing. Any web address beginning with “https://...” indicates the page you are viewing uses encryption. The “s” stands for “secured.”

Systems Monitoring
Higher One systems are constantly monitored to detect any attempted intrusions. The intrusion detection system runs 24/7/365 and all alerts are monitored by security professionals at the hosting provider. Regular vulnerability scans are conducted to ensure that all of the protections are in place and functioning correctly. Higher One will continue to do what we believe is necessary to protect both you and Higher One.

Information Security Program
Higher One maintains a comprehensive information security program of policies, procedures and technology that is designed to safeguard customer data and comply with banking regulations.

Website Security
Cenzic is the trusted provider of software, managed service, and cloud security products that help organizations secure their websites against hacker attacks. Cenzic focuses on Web application security, automating the process of identifying security defects at the Web application level where more than 75% of attacks occur, helps customers in remediating those defects, manages risk and get compliance with regulations such as PCI. Cenzic is unique in the industry as its products are built on a non-signature-based patented technology. Cenzic solutions secure websites of numerous Fortune 1000 companies including all major security companies, leading government agencies and universities.

Physical Security
Higher One is hosted out of PCI certified data center with 24/7 guards, cameras and multiple layers of physical security.

Higher One’s information security is annually audited by a 3rd party assessor.

Learn more about keeping your information sucure