Security, Privacy, and Fraud Prevention

Revised – December 2016

Welcome. These Terms of Use apply to you when you choose to access and use our website. Please read them carefully before using the site.

Acceptance of Terms

City First Bank and its affiliates (collectively, "City First Bank ," "we," "us," or "our") welcome you to our website. This website (the "Site") has been established for the sole purpose of conveying information about City First Bank 's products and services and to allow communications between City First Bank and its customers. These Terms of Use ("Terms") govern your use of this website and any other City First Bank website, including, but not limited to, City First Bank mobile applications, City First Bank client interface sites, any content, functionality, and services offered on or through this website, or any other City First Bank website that links to the Terms (collectively, the "Site"), except as otherwise provided herein. Please review these Terms carefully. By using the Site, or by clicking to accept or agree to the Terms when this option is made available to you, you agree to be bound and abide by the Terms. If you do not agree to be legally bound by the Terms, do not use the Site.

This Site is offered and available to users who are:

  • At least 18 years old, and
  • A legal resident of the United States.

If you do not satisfy the above requirements, please do not use the Site or access Content from the Site.

Unauthorized use of the Sites, including, but not limited to, unauthorized entry into City First Bank ’s systems, or misuse of any information posted on a Site is strictly prohibited. City First Bank makes no representation that the products and services described on the Site are available in all countries. Your eligibility for particular products and services is subject to final determination by City First Bank .

Changes to the terms

City First Bank reserves the right to change these Terms from time to time. We will notify you of any changes by posting the revised Terms on the Site. You should also periodically check the effective date at the top of this Web page to be sure that you are viewing the most recent version of the Terms and the important information that it includes. All changes to the Terms shall be effective upon posting. Your continued use of the Site after any changes to these Terms constitutes your agreement to be bound by any such changes. City First Bank may terminate, suspend, change, or restrict access to all or any part of the Site without notice or liability.

Intellectual property

The Site contains material, such as software, text, graphics, images, sound recordings, audiovisual works, desktop, mobile, or other applications for download, and other material provided by or on behalf of City First Bank (collectively, "Content"). The Content may be owned by us or by third parties. The Content is protected under both United States and foreign laws. Unauthorized use of the Content may violate copyright, trademark, and other laws. You have no rights in or to the Content, and you agree that you will not use the Content except as permitted under these Terms. No other use is permitted without prior written consent from us. You must not remove or alter copyright or other proprietary notices contained in the original Content, and if City First Bank allows you to sell, transfer, assign, license, sublicense, or modify the Content or reproduce, display, publicly perform, make a derivative version of, or distribute the Content, you must include those proprietary notices without alteration. You may not sell, transfer, assign, license, sublicense, or modify the Content or reproduce, display, publicly perform, make a derivative version of, distribute, or otherwise use the Content in any way for any public or commercial purpose without the express written permission of City First Bank . The use or posting of the Content on any other website, public or private electronic retrieval system, or in a networked computer environment for any purpose is expressly prohibited.


City First Bank makes no claims concerning whether the Content may be downloaded or is appropriate for use outside of the United States. If you access the Site from outside of the United States, you are solely responsible for ensuring compliance with the laws of your specific jurisdiction.


If you violate any part of these restrictions, your permission to access and/or use the Content and Site automatically terminates and you must immediately destroy any copies you have made of the Content.


The trademarks, service marks, and logos of City First Bank , Broadway Financial Corporation, Broadway Service Corporation (the "City First Bank Trademarks") used and displayed on the Site are registered and unregistered trademarks or service marks of Broadway Financial Corporation, or City First Bank , f.s.b., or its affiliate. Other company product and service names located on the Site may be trademarks or service marks owned by others (the "Third-Party Trademarks" and, collectively with City First Bank Trademarks, the "Trademarks"). Nothing on the Site should be construed as granting, by implication, estoppel, or otherwise, any license or right to use the Trademarks, without our prior written permission specific for each such use. Use of the Trademarks as part of a link to or from any site is prohibited unless establishment of such a link is approved in advance by us in writing. All goodwill generated from the use of City First Bank Trademarks inures to City First Bank 's benefit.


Elements of the Site are protected by trade dress, trademark, unfair competition, and other state and federal laws and may not be copied or imitated in whole or in part, by any means, including but not limited to the use of framing or mirrors. None of the Content for the Site may be retransmitted without our express, written consent for each and every instance.

Use of Personal Information

City First Bank 's practices and policies with respect to the collection, use and sharing of nonpublic personal information collected from or about you when you visit the Site is governed by the City First Bank Online Financial Privacy Policy ("City First Bank 's Privacy Policy"), which is hereby incorporated in its entirety and available at this website here .

Service access

While we endeavor to ensure that the Site is normally available, we shall not be liable if for any reason the Site is unavailable at any time or for any period. Access to the Site may be suspended temporarily and without notice in the case of system failure, legal requirements, maintenance, or repair, or for reasons beyond our control.


The Site may contain links to third-party websites ("External Sites"). These links are provided solely as a convenience to you and not as an endorsement by us of the content and/or services on such External Sites, which are provided by third parties. You should contact the site administrator or webmaster for those External Sites if you have any concerns regarding such links or any content and/or services located on such External Sites. We are not responsible for the content and/or services provided via any linked External Sites and do not make any representations regarding the content or accuracy of materials on such External Sites. You should take precautions when downloading files from all websites to protect your computer from viruses and other destructive programs. External Sites may have a privacy policy different from City First Bank 's Privacy Policy, and the External Site may provide less security than the Site. If you decide to access linked External Sites, you do so at your own risk.

Your conduct

In using this Site, you agree:

  • to use the Site and the Content only for lawful purposes,
  • not to disrupt or interfere with the security of, or otherwise abuse, the Site, or any services, system resources, accounts, servers, or networks connected to or accessible through the Site or affiliated or linked websites;
  • not to disrupt or interfere with any other user's enjoyment of the Site or affiliated or linked Sites;
  • not to upload, post or otherwise transmit through or on the Site any virus, worm, Trojan horse, malware, program, code, or other harmful, disruptive, or destructive files;
  • not to use a robot, spider, script, or any other means to extract, download, index, mine, scrape, or circumvent the operation or intended use of the Site;
  • not to use the Site to submit or share any offensive, indecent, hateful, racist, sexist, pornographic, or otherwise inappropriate material;
  • not to violate the privacy or infringe upon the intellectual property or other proprietary rights of third parties;
  • not to use the Site to make unsolicited offers, requests or advertisements, or to send spam;
  • not to use or attempt to use or access another person's product, account or personal information, or create or use a false identity on the Site; and
  • not to attempt to obtain unauthorized access to the Site or portions of the Site that are restricted from general access.

You are prohibited from any use of the Site or Content that would give rise to liability to City First Bank or otherwise violate any applicable local, state, national, or international law or regulation.

Site monitoring

City First Bank has no obligation to monitor the Site; however, you acknowledge and agree that City First Bank has the right to view, monitor, and/or record the Site and Site activity electronically or otherwise, without notice to or permission from you. Any information obtained by monitoring, reviewing, or recording is subject to review by law enforcement organizations in connection with investigation or prosecution of possible illegal activity on the Site. City First Bank may also comply with all court orders as well as all law enforcement and regulatory inquiries involving requests for such information.

City First Bank may, in its sole and absolute discretion, (i) delete and/or take down any material from the Site; (ii) disclose any information as necessary or appropriate to satisfy any law, regulation, or other governmental request; (iii) operate the Site; and (iv) take any steps that it deems necessary or appropriate to protect itself and/or users of the Site.

Submissions to the site

Although we encourage you to communicate with us via the Site, we do not want you to, and you should not, communicate to us any content, remarks, feedback, questions, comments, suggestions, discussions, ideas, graphics, or other submissions (collectively, "Submissions") that contain confidential or proprietary information. With respect to Submissions, you agree that: (a) it shall not be considered confidential or proprietary and you shall have no right of confidentiality, and City First Bank shall have no obligation to protect your Submissions from disclosure; (b) you own or control all rights or have obtained all necessary permissions in and to the Submission; (c) the Submission does and will comply with the Terms, specifically the terms set forth in the "Your Conduct" section of these Terms; (d) you grant City First Bank an unrestricted right to reproduce, copy, incorporate, or otherwise use, disclose, and distribute your Submissions (and any ideas, concepts, know-how, or techniques contained in your Submissions) to others and for City First Bank 's commercial or non-commercial purposes, including but not limited to, the development, production, and marketing of our products and services, without notice or compensation to you; and (e) City First Bank shall be free to use, but is under no obligation to use, your Submissions. Nothing herein contained shall be construed as limiting City First Bank 's responsibilities and obligations under City First Bank 's Privacy Policy.

Warranty disclaimer



Limitation of liability



You agree to defend, indemnify, and hold harmless the City First Bank Parties from and against any and all claims, losses, expenses, or demands or liabilities, including attorneys' fees and costs, incurred by the City First Bank Parties in connection with any claim by a third party (including any intellectual property claim) arising out of (i) materials and content you submit, post to or transmit through the Site, or (ii) your use or misuse of the Site or content in violation of the Terms or in violation of any applicable law. You further agree that you will cooperate as reasonably required in the defense of any such claims. The City First Bank Parties reserve the right to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, and you shall not in any event settle any such claim or matter without the written consent of City First Bank . You hereby agree to cooperate with any reasonable requests from City First Bank to assist in its defense of such claim or matter. You further agree to indemnify and hold harmless the City First Bank Parties from any claim arising from a third party's use of information or materials of any kind that you post in a public area of the Site.


These Terms, as amended from time to time by City First Bank , are effective until terminated by City First Bank at any time without notice. City First Bank may suspend, restrict, and/or terminate your access and use of the Site at any time, with or without cause, in City First Bank ’s absolute discretion and without notice. The following paragraphs of these Terms shall survive termination of your use or access to the Site: paragraphs concerning Indemnification, Disclaimer of Warranties, Limitations of Liability, applicable law and dispute resolution, and any other provision that by its terms survives termination of your use or access to the Site.

Digital Millennium Copyright Act ("DMCA")

City First Bank respects the intellectual property rights of others and attempts to comply with all relevant laws. We will review all claims of copyright infringement received and remove Content deemed to have been posted or distributed in violation of any such laws. If you believe that your work has been copied on the Site in a way that constitutes copyright infringement, please send DMCA notifications in accordance with the requirements of the Act to:

The Website Owner

City First Bank

5055 Wilshire Blvd. Suite 500

Los Angeles, CA 90036

DMCA notifications should include (i) a description of the copyrighted work that has been infringed and the specific location on the Site where such work is located; (ii) a description of the location of the original or an authorized copy of the copyrighted work; (iii) your address, telephone number, and email address; (iv) a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent or the law; (v) a statement by you, made under penalty of perjury, that the information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf; and (vi) an electronic or physical signature of the owner of the copyright or the person authorized to act on behalf of the owner of the copyright interest.

Governing Law and Venue

These Terms and all other aspects of your use of the Site shall be governed by and construed in accordance with all applicable Federal laws of the United States of America and the laws of the State of California to the extent not preempted by federal law and without regard to its conflict of law rules. All claims and disputes arising out of these Terms, and applicable federal law or your use of the Site, other than actions for specific performance or injunctive relief brought by City First Bank , shall be exclusively brought in the federal, state, or local courts located in Los Angeles County, California, and, with regard to such claims and disputes, you hereby irrevocably (i) submit to the exercise of personal jurisdiction over you by those courts, and (ii) waive any jurisdictional, venue, or inconvenient forum objections to such courts.


Failure by City First Bank to enforce any provision(s) of these Terms shall not be construed as a waiver thereof. Any cause of action you may have with respect to the Site, the Content, and/or these Terms must be commenced within one (1) year after the claim or cause of action arose, or be barred. If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions shall be enforced to the fullest extent possible, and the remaining provisions of the Terms shall remain in full force and effect. These Terms will be binding on, inure to the benefit of, and be enforceable against the parties and their respective successors and assigns. Neither the course of conduct between parties nor trade practice shall act to modify any provision of these Terms. All rights not expressly granted herein are hereby reserved.

Contact us

If you have questions regarding the Terms or the practices of City First Bank , please contact us here.


Revised April 2021

Privacy Disclosure

Protecting Your Online Financial Privacy

City First Bank values your privacy. This Online Security and Privacy Policy pertains to your use of websites owned or operated by City First Bank, including any mobile applications (“Website” or “Websites”). If we make any changes to this policy we will post the updated version to this website and identify the effective date of the revised policy. We will protect the privacy of your personal and financial information. To safeguard your nonpublic personal information, we maintain physical, electronic and procedural safeguards that comply with federal regulations. We update and test our technology regularly to ensure we maintain commercially-acceptable standards in securing your financial privacy.

Collection of Information

When you visit our Websites, we may collect personally identifiable information about you, including but not limited to your name, your home or physical address, a social security number, your email address, a telephone number, other identifiers that enable physical or electronic contact with you, and/or information concerning you that our Websites collect, which we may maintain in personally identifiable form in combination with any of the preceding information for tracking or marketing purposes. For more information about this, see the section entitled “Cookies.”

Third parties who assist in the operation of our Websites or who serve our ad banners to sites on which we have paid to advertise may collect such information from you for such purposes as fulfilling your online requests, processing your transactions or to gather anonymous user data, such as how many people clicked through a particular ad.

We have designed our systems to ensure that your Personal Identification Number (PIN), password and other access codes remain private and confidential. To further ensure your privacy, please do not share your PIN, password or other access codes with anyone other than joint account holders.

Sharing of Information

We may share this information with our affiliates and third parties for our, or our affiliates’, everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus; and for marketing our or our affiliates’ products or products offered jointly with another financial company, subject to choices you may make to limit this sharing, as specified in our Privacy Policy.

Changing or Updating Information

Customers who have established online accounts in order to view information and/or conduct transactions related to products or services offered by City First Bank may be able to review and update their personally identifiable information financial information after securely logging in to our Website.

“Do Not Track” Signals

Our Websites do not accept web browser “Do Not Track” signals or similar mechanisms that may provide you the ability to exercise choice regarding the collection of personally identifiable information about your online activities over time and across third-party websites or online services we may use.

Retention of Information

The length of time we retain information varies depending on the product, service and/or the nature of the information. This period may extend beyond the end of your relationship with us.


To provide better service and more effective Websites, we use “cookies” as part of our interaction with your browsers. A “cookie” is a small text file placed on your hard drive by our web server. Our cookies cannot retrieve any other data from your hard drive, pass on computer viruses, or capture your e-mail address. Cookies are commonly used on websites and do not harm your system.

We use cookies on parts of our Websites where you need to register, such as online banking, or where you are able to customize the information you see. Recording a cookie at such points makes your online experience easier and more personalized.

We may also use cookies to record information regarding:

  • Visitors’ preferences
  • User sessions on our Websites
  • Which web pages users visit on our website
  • Past activity on Websites in order to provide better service when visitors return, such as:
  • To alert to new areas that we think might be of interest to them when they return to our Website;
  • To ensure that visitors are not repeatedly sent the same banner ads; and/or
  • To customize web page content based on visitors’ browser type or other information.

Our cookies do not collect personally-identifiable information, and we do not combine information collected through cookies with other personal information to determine your identity or e-mail address. We may combine personal information with cookies for other purposes, such as tracking or marketing preferences. By configuring your preferences or options in your browser, you determine if and how a cookie will be accepted. However, if you configure your web browser so that cookies are turned off, our website may not be able to process your transaction. If this happens, please turn your cookies back on and log onto our site again.

Web Beacons

A web beacon is a graphic image (such as pixel tag or clear GIF) that is placed on a web page or in an e-mail message to monitor user activity (such as whether the web page or e-mail message is read or clicked). They are often invisible and may be very small in size. They are also used on many web pages for alignment purposes. We sometime use web beacons to provide an independent accounting of how many people visit our websites or to gather statistics about web browser usage on our Websites. Some of our web pages and HTML-formatted e-mail newsletters use web beacons in conjunction with cookies. It is difficult for you to limit the use of web beacons because there is no easy way to distinguish their use from alignment and other purposes. They may be loaded from a different web server than the rest of the page.

Protecting Children’s Privacy Online

The safety of children online is very important to us. We do not knowingly collect Personal Information from children under the age of 13 online. If we become aware that we have inadvertently received Personal Information online from a user under the age of 13, we will attempt to delete the information as soon as possible. Because we do not knowingly collect Personal Information from children under the age of 13 online, we also do not knowingly distribute such information to third parties.


Access to our systems containing Non-Personal Information or Personal Information is only provided to those employees and agents whom we determine need it for the purpose of providing products or services to you. We maintain physical, electronic and procedural safeguards that comply with applicable federal and state standards to protect your information. We use industry-standard security measures to protect your information so that it is not made available to unauthorized parties, including using Secure Socket Layer (SSL) technology for encryption and transmittal of information (including your Personal Information) on or through our Websites. However, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, we cannot and do not guarantee or warrant the security of any information you transmit on or through our Websites and you do so at your own risk.

Third-Party Advertisement

When browsing the Internet, you may see a banner ad for a City First Bank product or service. These ads may appear on non-City First Bank websites. We may use third-party advertising servicing companies to serve our ad banners to sites on which we have paid to advertise. If you click on one of our ads, you will be directed to the City First Bank Website offering that particular product or service. Sometimes, these ads may contain web beacons or cookies to gather anonymous user data, such as how many people clicked through a particular ad. Our policy does not cover any use of information that a third-party advertising servicing company may collect from you. The companies that distribute our ads are prohibited by contract from using information other than for agreed-upon purposes, which is to help us market our products and services and to measure response rates.

Links to Third-Party Websites

We are not responsible for the information collection practices of the non-City First Bank links available on our Websites. We cannot guarantee how these third parties use cookies or whether they place on your computer cookies that may identify you personally. We urge you to review the privacy policies of each of the linked websites you visit before you provide them with any information.


Your password, as well as all information relating to your accounts and your enrollment, are scrambled using some of the strongest forms of encryption commercially available for us over the World Wide Web.

How does encryption work?

Everything that travels through the internet during your online banking session, from your password to online bill pay, becomes a string of unrecognizable numbers (also known as algorithms) before entering the internet. Both City First Bank’s computers and the browser you use to surf the Web understand the mathematical formulas, called algorithms, which turn your banking session into numeric code, and then back again into meaningful information.

The algorithms serve as locks on the doors of your account information. While City First Bank and your computer can easily translate this code back to meaningful language, this process is nearly impossible to decipher by unauthorized intruders. These complex algorithms are randomized in such a way that billions of attempts would need to be conducted to crack a single formula. Each time you begin an online banking session, your computer and City First Bank’s systems agree on a random number that serves as the key for the rest of the session. Your browser’s encryption settings will most likely determine the algorithm.

City First Bank ensures that all City First Bank online banking sessions via the internet are encrypted. If for any reason your secure session ends, your Online Banking session terminates.

For maximum protection, City First Bank encourages you to use browsers offering 256-bit encryption. This is also known as high or strong encryption. It means there are 2 to the 256th power possible keys that could fit into the lock that holds your account information. In other words, a hacker attempting to get to your account information would need to use a computer with exponentially more processing power than for 40-bit or 56-bit encryption to find the correct key.

All browsers provide detailed information on encryption and other forms of security. Consult your browser’s security options for more information.

How do I know if my banking session is encrypted?

You can determine if encryption is being used on a given web page by looking for a padlock icon. This is one example:

Padlock icons vary in design and color. Generally, padlock icons are displayed on the address bar, menu bar, status bar, tab or other areas of your browser, depending on the device used (desktop or laptop, tablet or smart phone) and the type of browser used (e.g. Internet Explorer, Safari, Google Chrome, etc.).

Online and Mobile Banking Security

How to recognize fraud

Understanding the different ways in which fraudsters attempt to victimize people via cyber threats will help you avoid becoming a victim. Stay informed on the latest fraud threats by reading below:


Phishing is a cyber threat by which fraudsters send messages to lure personal information (credit card numbers, bank account information, Social Security numbers, passwords, or other sensitive information) from unsuspecting victims. Phishing may occur through fraudulent emails, fake websites, text messages, or direct phone calls claiming to be a financial institution, or another company you have a customer relationship with, asking you for your personal information. Also, Smishing or SMS phishing, where fraudsters attempt to contact you via text messages, is becoming increasingly common.

At no time will you ever receive a call or email from the bank asking you for your login credentials. If you receive a suspicious message asking you to provide your authentication credentials you should decline to do so and call us at 1-888-988-2265 and forward any emails as an attachment to

For more information about phishing visit OnGuard Online.


Malware, short for "malicious software," includes viruses and spyware, a type of malware, which can be installed on your computer, phone, or mobile device without your consent. Malware can be used to steal personal information, send spam, and commit fraud. It can download itself during your Online Banking session in an attempt to steal your sensitive data. As mobile devices have become more frequent targets of malware, there are now anti-malware programs available specifically for cell phones and other mobile devices.

For more information about malware visit OnGuard Online.

Identity Theft

Identity theft occurs when someone uses your personally identifying information, such as your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. If you suspect that someone has used your information to open accounts with or conduct business at City First Bank without your knowledge or authorization, please call 1-888-988-2265.

The Federal Trade Commission has online guidance about the steps consumers can take to protect themselves against identity theft.
For more information about identity theft, you can also visit the Federal Trade Commission Consumer Information website on Identity Theft.

Online and Mobile Banking Security Steps

Step 1: Protect Your Computers, Cell Phone and other Mobile Devices

  • Install and set your anti-virus and anti-malware software to update automatically.
  • Make sure to keep your web browser software up-to-date by installing the most recent version.
  • Keep the operating system for your computer or mobile device up-to-date.
  • If you use your computer, cell phone or mobile devices to conduct mobile banking, and your device is lost or stolen, contact your financial institution and service provider immediately.
  • Never leave your computer, cell phone, or other mobile devices logged on and/or unattended in public.
  • Password protect and lock your computers, cell phone or other mobile devices when not in use.
  • Do not store financial or personal information on your computers, cell phone, or mobile device.
  • Only download applications from reputable sources. Be suspicious when installing applications that require you to provide information that has nothing to do with the application’s purpose.
  • If you believe your mobile device is infected with malware, contact your service provider.

Step 2: Keep Your Information Secure

  • If you have any doubts about the authenticity of an email, which appears to be from City First Bank or involves a City First Bank account, attach any suspicious emails you may receive to a new email and send them to . Then, be sure to delete the suspicious emails from your mailbox.
  • Do not click on links or attachments if an email seems suspicious, especially if they tell you the problem is urgent.
  • Do not give out personal information. Check a website's privacy policy before you give them your email address.
  • Always use secure passwords. A secure password consists of upper and lower case letters and numbers, and should not contain dictionary words, names, or birthdates. Customers should also avoid using the same password for multiple sites and may want to consider using password vault software to securely manage passwords.
  • Never share your password with anyone.
  • Do not include personal or sensitive data in, or in response to, an email.
  • Monitor your account activity closely and watch for unusual activity. You can use City First Bank Online Banking to monitor account balances and activity 24/7.
  • When you finish your online and/or mobile banking sessions, be sure to log out.

Step 3: Practice Safe Web Browsing

  • Only allow pop-ups from sites that you authorize.
  • Do not give out personal information to blogs, forums and other social networking sites.
  • Only make online purchases using secure sites that encrypt your information. To determine if a site encrypts your information look for the locked padlock icon in the browser and "https:" in the address line.
  • Never access a website from a link in a suspicious email.
  • Access online banking sites by typing the address directly into the browser’s address bar.
  • Be cautious of clickable advertisements, pop-up windows, or fake dialogue boxes with urgent messages. They are often tactics that fraudsters use to try and access your personal information.
  • Phishing attempts and unsolicited requests don’t just happen via email. They can also arrive via social media.
  • Be careful about what you post personally and professionally – too much information can help scammers reach their goals.

ATM and Card Security

ATM and Card Protection Tips

  • Be cautious and always pay attention to your surroundings when using your credit, debit, or ATM card at an ATM or any device in which you swipe your card to make a payment (commonly referred to as Point of Sale device).
  • When entering in your PIN, hide it from view so others nearby cannot see it.
  • Do not use an ATM or Point of Sale (POS) device if you notice suspicious individuals or possible tampering of the machine or device, including scratches, marks and adhesive or tape residues.
  • Report any suspicious or fraudulent activity immediately to the owner of the ATM or POS device or local law enforcement.
  • Be suspicious if a store employee takes your card out of your sight in order to process your transaction, or asks you to swipe your card through more than one machine.
  • Monitor your account or credit card statements for unusual or unauthorized transactions.

What is Card Skimming?

Card skimming is the illegal copying of information from the magnetic strip of a credit, debit, or ATM card. Skimming devices can be placed on or near an ATM or POS device and can be difficult to spot. Following are some pointers on recognizing if skimming is taking place:

  • The devices used are smaller than a deck of cards and are often fastened in close proximity to or over the top of an ATM’s factory-installed card reader or POS device.
  • Inspect the front of the ATM or POS device for unusual or non-standard appearance. Scratches, marks, and adhesive or tape residues could be indicators of tampering. Pay particular attention to all of the touch and action points. (e.g. keypad, customer card entry slot, lighting diffusers)
  • Inspect all customer-facing areas of the ATM or POS device. Look at the card reader entry point, the regions immediately above the consumer display, and the keyboard area for anything unusual.
  • If applicable, inspect the vestibule door reader as well and report any signs of tampering or abnormality.

Personal and Account Security

What is identity theft?

Identity theft occurs when someone uses your personally identifying information, such as your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. The Federal Trade Commission (FTC) has online guidance about the steps consumers can take to protect themselves against identity theft.

For more information about identity theft, visit the FTC website.

Personal and Account Protection Tips:

  • Do not use your Social Security number (SSN), in full or in part, for a password or PIN.
  • Review your credit reports frequently to ensure the information is up to date and accurate. Work with the credit reporting agencies to have any inaccurate information removed.
  • Store your Social Security card, other identification cards, checks and accounts statements in a safe and secure location.
  • Carry your Social Security Card, passport or birth certificate with you only when absolutely needed.
  • Do not share your personal or financial information over the phone or in person unless the information is absolutely necessary and you can confirm that the individual and company are legitimate.
  • Frequently monitor your financial accounts and report any suspected fraudulent transaction immediately.
  • Retrieve and review your mail promptly.
  • Shred financial documents no longer needed, pre-approved credit offers, receipts, and other documents that may contain financial and personal information.

Social Engineering

Criminals are using new schemes that incorporate old techniques to try to trick people to provide personal information or account details. These social engineering attempts include use of sophisticated email and text messages appearing to be from legitimate sources and phone calls appearing to be from authentic individuals or service providers, etc. Carefully scrutinize any requests to divulge personal or account details. Understand your surroundings and be wary of those watching and listening. If you can’t verify a request or confirm it as authentic, take the utmost caution in releasing any information.

Unauthorized Transactions for Consumers

Notify us immediately if you believe your Card or Personal Identification Number (PIN), or both, has been lost, stolen or used to complete an Electronic Fund Transfer (EFT) without your permission. Examples of EFT transactions are: ATM withdrawals and transfers, POS purchases made with your debit or ATM card, online banking payments, and online transfers. These claims will be investigated and handled in accordance with our internal guidelines regarding reimbursement of fraudulent transactions. If you report the transaction in a timely manner, you will not be liable for any unauthorized transactions using your Debit Card, when used for Point of Sale transactions, if (i) you can demonstrate that you have exercised reasonable care in safeguarding your Card from the risk of loss or theft; (ii) you have not reported to us two or more incidents of unauthorized use within the prior 12-month period; and (iii) your account is in good standing. Business customers should refer to Business section for Unauthorized Transaction Instructions.

Business Protection Tips

  • Conduct a periodic risk assessment of all electronic banking activities and adjust accordingly. Risk assessments should include, at a minimum, occurrence of threats, actual incidents of fraud, changes in company staffing that affect user access and enhancements in security made by the financial institution.
  • Determine if information is confidential, private, unclassified, etc., and institute a means to identify which employees, or group of employees, have access to this information.
  • Determine which websites need to be made available to employees in order to conduct business activities. Consider blocking access to file sharing, social media and personal email sites.
  • Ascertain who needs access to your banking systems and services and make sure the removal of access to those services is part of your employee exit process.
  • Dedicate a computer to be used solely for all online banking activities. If that is not feasible, restrict the use of personal web browsing, emailing and social networking on any computer used for online banking activities.
  • Install and update your anti-virus and anti-malware software frequently. Most modern software has ability to update automatically.
  • Keep your computer’s operating system up-to-date.
  • Keep your web browser software up to date by installing the most recent version.
  • Install a firewall.
  • If you have any doubts about the authenticity of an email, attach any suspicious emails you may receive to a new email and send them to Then, be sure to delete the suspicious emails from your mailbox.
  • Do not open the email or click on links or attachments, especially if they tell you the problem is urgent.
  • Always use secure passwords. A secure password consists of upper and lower case letters, numbers and special characters.
  • Monitor your account activity closely and watch for unusual activity. You can use City First Bank Online Banking to monitor account balances, 24/7.
  • Consider disabling CD, DVD, and USB drives on all computers where these drives are not needed.
  • Consider using programs that scan emails for malicious content.
  • Do not allow your employees to download unauthorized software or programs.
  • Institute a system of dual controls for critical functions so that no single individual is solely authorized to take action without adequate checks and balances.

More business protection tips can be found at the Consumer Financial Protection Bureau (CFPB) and the National Cyber Security Alliance's Stay Safe Online Business Center.

How City First Bank Protects your Business

A fundamental element of safeguarding your confidential information is to provide protection against unauthorized access or use of this information. We maintain physical, electronic and procedural safeguards that comply with federal guidelines to guard your personal and financial information against unauthorized access or use. City First Bank will continue to enhance and maintain prudent security standards and procedures to protect against unauthorized access or use of your personal and financial information.

Security Features
Authentication and device identification at Online Banking login helps safeguard account information and transactions and enables the bank to verify the authenticity of your activity. This helps reduce risk because even if your password is compromised, a potential fraudster still requires additional pieces of information to access the system.

Auto Logoff
Our Online Banking system automatically logs you out after a period of inactivity.

Secure Socket Layer (SSL) Encryption
City First Bank utilizes Secure Socket Layer (SSL) encryption technology to protect your data and transmissions over the Internet. This technology encrypts, or scrambles, the information you provide so it's difficult for anyone other than City First Bank to read it. We use this technology whenever confidential information, such as your account number or social security number is requested. The SSL protocol continuously verifies the identity of each party during the session, encrypting messages to help ensure they remain private and unaltered.

Control Permissions
Control permissions exist within the Online Banking system where a User's access to payment or transfer activities can be restricted or require approval prior to completing.

Unauthorized Transactions 
While business customers are not entitled to the same regulatory protections as consumers, we will use all commercially reasonable means to help you resolve the matter. You should notify the bank as soon as possible if you discover an unauthorized EFT (ATM withdrawals and transfers, POS purchases made with your debit, or ATM card, online banking payments, and online transfers) on your business account.