Security

Fraud and Security Center

Committed to your financial security

We are committed to proactively providing security enhancements for your accounts to better protect you from identity theft and fraudulent account activity. These provide safeguards for your accounts and help us notify you if suspicious activity is detected. 

Recent Security Enhancements

To help aide in protecting your accounts, we recommend updating your password every few months, which can be done easily inside the My Settings menu in Online Banking or within the Mobile App. After changing your password, we’ll also prompt you to update your thumbprint or face ID the next time you visit your 1st Source Mobile App, just to make sure we are always up to date with the latest login security settings.

  • Between 8 and 32 characters 
  • Minimum 1 of each:  
    • Uppercase letter
    • Lowercase letter 
    • Number 
    • Special character 
  • Passwords will expire every 180 days 
  • The 2 previous passwords are not allowed to be reused 
  • 1st Source employs multi-factor authentication to keep your confidential information safe, and it complies with the latest regulatory guidelines. If you are logging in with your username and password for the first time, we will send a one-time passcode via voice call or text message.
  • This security process provides a safe and easy-to-use means of reducing your risk of credential exposure by using multiple sources to confirm that it's really you logging into your account.
Clients now have the option to utilize an authenticator app such as Google Authenticator or Microsoft Authenticator as a secondary account authentication mechanism. Authenticator apps provide a more secure method of providing one-time passcodes to customers due to its reliance on the customer and time to generate its unique codes. This option can be used in place of a phone call or an emailed one-time password to authenticate the account.
 
multi-factor authentication
 

In today’s rapidly-evolving technological world, cybersecurity is essential. At 1st Source Bank, we are vigilant about security and have safeguards in place to protect our clients' information.

Enhanced Security Login

  • Security Notifications
    • 1st Source employs multi-factor authentication to keep your confidential information safe, and it complies with the latest regulatory guidelines. If you are logging in with your username and password for the first time, we will send a one-time passcode via voice call or text message.
    • This security process provides a safe and easy-to-use means of reducing your risk of credential exposure by using multiple sources to confirm that it's really you logging into your account.
  • Fingerprint Login and Face Recognition is enabled on compatible devices. It's completely unique to you and offers another level of security.
    • Your biometric information is encrypted on your device and not shared with 1st Source.
  • We use 128-bit encryption technology to protect your credentials and personal information.
  • No personal account data is stored or cached on your device or browser.
  • Session Timeout – your Online Banking session automatically times out due to inactivity or if you forget to log out.
  • We monitor your Online/Mobile Banking profile from time to time to help us detect suspicious activity as early as possible.
    • We might call you if we notice a change in your online activity, but we’ll never ask you for personal information over the phone, such as your Social Security Number, PIN or password.
      • If we are unable to reach you, we may place a temporary hold on your Online Banking until we are able to verify it’s you and not someone else using your account. If you are unable to access your Online Banking, contact Customer Service at (574) 235-2000 to confirm your account activity.

Authenticator app support (coming March 22)

Clients will soon have the option to utilize an authenticator app such as Google Authenticator or Microsoft Authenticator as a secondary account authentication mechanism. Authenticator apps provide a more secure method of providing one-time passcodes to customers due to its reliance on the customer and time to generate its unique codes. This option can be used in place of a phone call or an emailed one-time password to authenticate the account.
 
multi-factor authentication
 

MasterCard®Protection

With MasterCard Zero Liability Protection, you can use your card anywhere – on the phone, online and in stores – with confidence, knowing you’re protected. Your MasterCard comes with zero liability, so you’re not liable for unauthorized purchases.*

Your debit card also includes an extra benefit: MasterCard® Identity Theft Resolution Services. If you think your identity has been compromised, MasterCard® will provide certified resolution specialists to help you. They’re available 24/7.**

CardValet® - Your Debit Card on Your Terms

With CardValet®, you can save time and rest easy by controlling the debit card in your wallet with the phone in your pocket! An app for smartphones, it can help you to avoid fraud, stick to your budget, control where your 1st Source Resource Plus® Debit Card is used and more.

It's easy too – simply download the CardValet app for free on Apple® or Android devices, enter your card information and you're set up for control of your card.

* As a cardholder, you will not be held responsible for unauthorized transactions if: you have used reasonable care in protecting your card from loss or theft; and you have reported the card as lost or stolen to 1st Source Bank within two business days of discovery. For terms, conditions and exclusions see the Customer Liability section of the 1st Source Agreement for Deposit and visit MasterCard’s website: www.mastercard.us/zero-liability.html. Read the MasterCard® Guide to Benefits.

** MasterCard® Theft Resolution Services will assist you if you think your identity has been compromised – with 24/7 access to certified resolution specialists who can help you with credit bureau notification, canceling all of the lost or stolen cards in your wallet and more. Call 1-800-MC-ASSIST (1-800-622-7747).

A free detection service designed to combat debit card fraud

Fraud Monitor identifies uncharacteristic debit account purchases and activity on all 1st Source Resource Plus® debit cards. If activity on your card appears suspicious, Fraud Monitor will call or text you at the primary telephone number you have on record with 1st Source to determine if you have authorized the transaction. You can respond by touch-tone keypad, or call a toll-free number for more information on the call or by responding appropriately to the instructions in the text message.

What will Fraud Monitor do?

If a transaction on your card is not typical, this is what you can expect:

  • An automated call or text will ask you to verify recent transaction activity on your card.
  • You can validate charges via your touch-tone keypad or by responding to the text.
  • If the transaction is not yours, Fraud Monitor will help stop further fraud.
  • You will also be provided a toll-free number to call should you have additional questions or wish to speak to a fraud analyst.
  • If you are called and you are not available, a message will be left for you to call Fraud Monitor.
  • If extreme risk is detected, a restriction may be placed on the use of your card until transactions are verified.

What will Fraud Monitor not do?

Neither Fraud Monitor, nor 1st Source will request your account number, debit card number, password or PIN. However, if you call Fraud Monitor, we will need a way to confirm your identity. If we call you, our automated service will ask for the ZIP code on record with your account. If you call us, we may ask for the last four digits of your Social Security number or your address before we can move on to verify your transactions.

What do you need to do?

  • Please keep us informed of your correct phone numbers (home, work, and cell) and address at all times. Let us know which number should be used as your primary phone number.
  • Notify us if your debit card or cell phone has been lost or stolen (see number below).
  • If you are planning to travel outside of the United States, alert your local 1st Source banking center, to ensure that your debit card transactions are approved.

Our goal, quite simply, is to protect your account at 1st Source and minimize your exposure to risk and the impact of any fraud. 

If you have a lost or stolen Resource® or Resource Plus® Card to report during regular business hours, please call (574) 235-2000. During non-business hours, if you are in the United States, please call (833) 414-0544. International callers should call collect, (973) 682-2652.

To help you feel more secure about the safety of your personal information, 1st Source has partnered with Deluxe® to offer an identity theft protection plan. You know Deluxe; you've used the checks they produce for years.

What is identity theft?

Identity theft affects millions of consumers every year. It occurs when someone uses your financial or personal information without permission to open new accounts, take control of existing ones or make purchases with your identity.

1st Source Identity Theft Protection powered by Deluxe offers three customized packages to fit your needs.
  • ID Protect - Includes proactive Internet monitoring of up to 14 personal identity points to ensure that your information is not exchanged online. Also includes identity restoration to help you recover your identity in the event that it is compromised.
  • ID Protect Plus - Combines all of the features of ID Protect, along with the monitoring of one credit bureau to alert you to any changes in your credit report.
  • ID Protect Platinum - Includes ID Protect and the monitoring of all three credit bureaus to alert you to changes in your credit report. Also includes public record monitoring and emergency card assistance in case any of your cards are ever lost or stolen.

Additionally, Deluxe® offers each of their services a la carte so you can pick which services are right for you.

I'd like to learn more about Identity Protection powered by Deluxe®.

Identity Theft Protection powered by Deluxe® is serviced by EZShieldSM, Inc. Additional identity theft protection products may be offered when enrolling for Identity Protection at an additional cost.

Protect your identity

  • 1st Source will NEVER request that you reveal or confirm your password, PIN, CVV code, or account information via call, email, an email link or text message.
  • Never share user IDs, passwords, PINs, etc. with anyone.
  • A true business of any type will never request direct access (username and password) to your Online Banking for any reason such as sending funds or verification
  • Keep sensitive data out of your email and text messages, the communication is not secure and could be intercepted by hackers.
    • Never send any personal information (account numbers, social security numbers, passwords, etc) via text message or email.
  • Don’t allow your browser to save your username or password, even though it may be convenient. This allows anyone who uses your computer to log into your account.

Username and Password Best Practices 

A well-chosen username and password should be easy to remember for you, but hard to guess for others. A username or password that must be written down is not strong, no matter how many secure principles are applied. 
  • Never share your username or password with anyone.
  • Make your username and password complex
  • Create a unique username
      • DO NOT USE:
    • Your name, combination of your first initial with last name
    • Your email or even part of your email
    • Common phrase or words (Christmas, Momof3, Banking1)
    • The same username as you use for other websites
  • A Secure Password:  
    • Can be easily remembered as an acronym
      • EXAMPLE: Mpis4y2! 
      • My password is secure 4 you 2! Adding another character increases the time required to crack the password almost 100 times. 
    • Is not a word in the dictionary 
    • Cannot be easily guessed 
  • Update your passwords regularly.
  • Do not use the same login or password on any other website or software.

New Password Requirements: 

  • Between 8 and 32 characters 
  • Minimum 1 of each:  
    • Uppercase letter
    • Lowercase letter 
    • Number 
    • Special character 
  • Passwords will expire every 180 days 
  • The 2 previous passwords are not allowed to be reused 
  • Protect your device with a password or passcode when it is not in use.
    • Use the security options available on your device (password, biometric, PIN)
  • Keep your device software up to date
    • The best defense against viruses and malware is to update to the latest security software, web browser, and operating systems
    • Sign up for automatic updates
  • Protect your devices with antivirus software.
  • Do not open any messages from an unknown sender, and do not click on unfamiliar links that may be sent via text message, popup, or email.
  • Do not connect to public or unknown wireless networks, there's a higher risk of your device being compromised.
    • If you do use an unsecured public access point, practice good Internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards.
    • Your personal hotspot is often a safer alternative to free Wi-Fi.
    • Only use sites that begin with “https://” when online shopping or banking
  • Monitor your accounts on a regular basis and report any suspicious activity to 1st Source.
  • Sign up for e-Statements, notification of your statements emailed but the email does not contain any sensitive information.
  • Set up Alerts and Notifications to remind you to check your transactions regularly.

Protect yourself from skimming at payment terminals & ATMs.  

What is Skimming?
Skimming is an illegal activity that involves the installation of a device, usually undetectable by card users, that secretly records bank account data when the user inserts a debit or credit card into the card reader. Criminals can then encode the data onto a blank card and use it to loot the customer's bank account.

How to spot card skimmers.

There are different kinds of skimmers. It is often an inconspicuous device that's smaller than a deck of cards. Sometimes tiny cameras are used to observe people as they put in their PIN. Other times, a very thin, basically duplicate keypad will be placed over the keypad.
 
Skimmers can be installed on a payment terminal such as a gas pump, ATM or it could even be a hand-held unit used by a corrupt employee at a restaurant, store or other merchant.

Identifying Signs of a Skimmer

skimmer
1. Examine the card reader for signs of tampering.
  • Glue marks around the reader
  • Tape sticking out from under the reader
  • Reader is skewed or hanging off to the side
  • Loose piece of plastic or equipment sticking out from reader 
 
hidden camera
2. Look around for a hidden camera.

Small cameras are often attached to the ATM to get your PIN number after you enter your card. Cameras may be hidden above the PIN pad, above the display screen, or in nearby structures, like a rack or shelf.

  • If you see a small pinhole drilled into the ATM, be careful, as it could be a small camera.
  • If you see something like a pack of cigarettes, book, deck of cards, or mug sitting on or near the ATM, move it aside to see if it is hiding a camera.
  • Legitimate cameras installed by the bank are usually very noticeable. They may be large, and there may be a sign indicating where they are. Card skimmer cameras are usually very small or hidden.
 
top of atm
3. Check the top of the ATM for unusual plastic pieces.

These are usually shaped as a rectangular bar. It will usually be glued or taped onto the ATM itself. This bar may contain a camera and other equipment to get your card info.

  • Look for a small pinhole in the bar. If you see one, it likely contains a small camera.
  • If it is attached to the light, be especially wary. Normally, there should nothing covering the ATM's light.
  • If you're uncertain about a piece of equipment on the ATM, try wiggling it with your hand. If it budges or moves, it is likely a skimmer.

Useful tips to avoid card skimmers and guard against fraud:

  1. Keep an eye out. – Be aware of your surroundings and people nearby.
  2. Check for tampering. – When you approach an ATM or a merchant's card reader, check for some obvious signs of tampering at the top of the machine, near speakers, the side of the screen, the card reader itself, and the keyboard. Note if things look different, such as a dissimilar color or material, graphics that aren't aligned correctly. If something doesn't look right stop your transaction and inform the merchant and 1st Source.
  3. Be ready. Have your card ready for your transaction when you approach the card reader or ATM.
  4. Memorize your PIN. – never write it down or store it with your card.
  5. Cover those keys. – when you are typing in your PIN cover your hand.
  6. Wiggle Everything. – Even if you can't see any visual differences, push at everything. Terminals are solidly constructed and generally don't have any jiggling or loose parts.
  7. Watch out for weekends. – Criminals typically install skimmers on Saturdays or Sundays, and then remove them before locations reopen on Monday.
  8. Use the chip. – Whenever possible, don't use your card's magnetic stripe to perform the transaction. When you use your chip card your personal information is never transmitted.
  9. Use your phone and Mobile Wallet. Consider using Apple Pay, Samsung Pay, or Android Pay. These services tokenize your card information, so your personal information is never exposed. If a criminal somehow intercepts the information, he'll only get a useless virtual credit card number.
  10. Pay attention to your cell. Keep your phone handy so 1st Source can reach you. Keep your phone numbers and email address up-to-date with the bank. Responding quickly can mean stopping attacks before they can affect you.
 
Remember: If something doesn't feel right regarding an ATM or a merchant's card reader, don't use it.
 
Monitor your account daily through Online or Mobile Banking and report suspicious transactions to 1st Source. Rest assured, customers of 1st Source Bank are protected from financial loss from skimming fraud.
 
There are other safeguards.  
  • With Fraud Monitor, we analyze your debit and ATM card transactions 24 hours a day — if a suspicious transaction is found, then one of our fraud analysts will contact you to confirm the transaction and prevent loss. 
  • We monitor both local and international fraud trends to make sure we are aware of the latest scamming developments. 
At 1st Source Bank we take your financial security very seriously, and in today’s digital world that means keeping your financial data online safe from fraud and scams. While these videos are not able to cover every type of scam that is out there, they are intended to help you become more aware so that you can spot fraud and protect yourself.
Phishing Attacks
phishing iconEver click on a link or open an attachment in an email, even though you’re not quite sure who it’s from?
Cyber criminals have skillfully figured out how to create emails that look like they’re coming from legitimate sources, including banks, government agencies, and other services and businesses. Get savvy in recognizing these frauds since often they not only collect your personal and financial information, but also infect your device with malware and viruses.
  
"You've Won" Scams
trophy iconWinning isn’t always what it’s cracked up to be.
If you receive an email stating you’ve won a prize, the lottery, or a sweepstakes, be instantly on your guard if you are asked to pay a fee or tax for the prize, or if there’s a request for your credit card or bank account information. Here, you can win by not falling for this scam.
  
Tech Support Scams
tech support icon If it ain’t broke, don’t fix it.
If someone claiming to be with a technology company contacts you and wants to diagnose a computer problem you didn’t know you had, or provide tech support you have not requested, stop! If you receive an unexpected pop-up or spam email about an urgent problem with your computer, stop! Scammers are likely using a nonexistent problem to obtain remote access to your computer or banking information.
  
Imposter Scams
imposter iconYou know you’re a good person when your first instinct is to help when you receive an email or call from a government official, family member, or friend asking you to wire money.
You know you’re a smart person when you don’t immediately fall for it and verify whether the situation is real or not. Criminals have become experts at impersonating those closest to you by exploiting your personal information available online.
  
  
Healthcare Scams
medical iconKeep your stress levels low and be wary of calls, emails, or letters that promise big savings in your health insurance.
Cyber criminals will usually request your Medicare or health insurance information, social security number, or financial information. Not falling for these scams will give you a skeptical—but healthy—outlook on cyberspace.
  
Identity Theft
identity theft iconVictims of identity theft often feel violated—rightly so, since this crime involves someone using your personal information to obtain money or credit. Signs that you may be a victim of identity theft:
  • bills for products or services you never purchased;
  • unauthorized withdrawals from your bank;
  • unauthorized charges on your credit card statements;
  • unauthorized charges on your credit card or new accounts in your name—which you never opened;
  • noticing a decrease in the amount of mail or bills you receive; or
  • a decrease in the amount of mail or bills you receive, or being rejected, or denied, for a credit application.
Don’t ignore any of these suspicious signals; report them immediately. The longer you wait, the more time-consuming, costly, and exhausting it can be to rectify the situation. 

Resources Available to You

If you discover that you have become a victim of cybercrime, immediately notify authorities to file a complaint. Keep and record all evidence of the incident and its suspected source. The list below outlines the government organizations that you can file a complaint with if you are a victim of cybercrime.

  • FTC.gov: The FTC’s free, one-stop resource, www.IdentityTheft.gov can help you report and recover from identity theft. Report fraud to the FTC at ftc.gov/OnGuardOnline or here.
  • US-CERT.gov: Report computer or network vulnerabilities to US-CERT via the hotline: 1-888-282-0870 or www.us-cert.gov. Forward phishing emails or websites to US-CERT here.
  • IC3.gov: If you are a victim of online crime, file a complaint with the Internet Crime Complaint Center (IC3) at http://www.IC3.gov.
  • SSA.gov: If you believe someone is using your SSN, contact the Social Security Administration’s fraud hotline at 1-800-269-0271.
  • The Consumer Financial Protection Bureau is committed to providing consumers with up-to-date information and resources to protect and manage their finances. consumerfinance.gov.

Be On The Lookout For Coronavirus-Related Scams

 

Scammers are already swooping in to take advantage of people’s COVID-19 Coronavirus fears. Experts are warning people to be cautious of scammers who are trying to infect your devices with malware, get personal information from you, or who are trying to get you to send them money for worthless or non-existent products. There have even been reports of crooks threatening people over late or missed payments.

According to the Federal Trade Commission and other experts, here are some of the scams to watch out for:

  • Be wary of emails claiming to be from Centers for Disease Control or other health agencies claiming to contain updates about the coronavirus. Do not to click on any links or download any attachments unless you are absolutely sure of the source. Clicking on links or downloading attachments could install malware on your computer or take you to counterfeit sites where you might be asked to provide vital personal information.
  • Some scammers claim to be selling products that can prevent the disease or, treat. Don’t believe the claims. The FTC says there are currently no “vaccines, pills, potions, lotions, lozenges or other prescription or over-the-counter products available to treat or cure Coronavirus … online or in stores.” Don’t fall for these claims and don’t send any money. You’ll either be mailed a worthless product or receive nothing at all.
  • Some scammers are even posing as charities, hoping to rely on the kindness of others to steal your money.

To guard against these scams, experts say to:

  • Delete unsolicited email and to not click on links in them or download files.
  • Don’t fall for online claims of remedies or vaccinations.
  • Don’t react to threats by making payments with gift cards or wires.
  • If you have any concern that an email or call could be legitimate, type in a company’s official website address or call an official number listed on a bill, statement or payment card. Tell them why you are contacting them.
  • Get information only from trusted sites, such as the Centers for Disease Control at cdc.gov, the World Health Organization at who.int or from trusted news sources.

In today’s rapidly-evolving technological world, cybersecurity is essential. At 1st Source Bank, we are vigilant about security and have safeguards in place to protect our clients' information.

If you have questions or concerns, please contact our Customer Service Center, or visit your nearest Banking Center.

Customer Service Center

(574) 235-2000 or 800-513-2360 
Available Monday - Friday 8:00 a.m. to 8:00 p.m. ET, and Saturday 9:00 a.m. to 1:00 p.m. ET

 

Resource Plus® Debit Card, ATM, or Checking Fraud includes

  • Suspicious or fraudulent debit card purchases or ATM withdrawals
  • Lost or stolen debit card, ATM card, or checks
  • Lost or stolen account numbers
For Personal Accounts call: 1-800-513-2360
For Business Accounts call: 1-800-399-5592

Lost or Stolen Resource Plus® Card:

  • During Business Hours contact Customer Service
    • Non-business hours call (833) 414-0544
    • International callers can call collect (973) 682-2652.

Lost or Stolen Checks

  • Contact Customer Service and
  • File a Fraud Report here

Lost or stolen Credit Cards

  • Call 24-hour Cardmember Service at 800-558-3424.
    • International callers should call collect (701) 461-1556
  • To reach Cardmember Service via email, log in to your account and click on Messages.

If you are contacted by someone claiming to be from 1st Source and they request any personal account information, do not provide or confirm any account information.

Hang up or delete the message and report the information to 1st Source at 574-235-2000, or email 1stsource@1ststouce.com.

1st Source will NEVER request that you reveal or confirm your personal or account information via email, an email link or text message.

1st Source will NEVER ask that you provide your password, PIN number, 3-digit code from your Resource Plus Card, or a verification code for any reason.

Report the activity

  • File a complaint with the Federal Trade Commission (FTC).  Sharing your identity theft complaint with the FTC will help law enforcement officials track down identity thieves and stop them.
  • Contact 1st Source to report the situation. If you have accounts at another financial institution, we recommend that you alert them as well.
  • File a local police report. Call or visit the local police or police in the community where the identity theft took place and file a report. Have a copy of your FTC ID Theft complaint form available to give them. Obtain a copy of the police report and the police report number.

Monitor your account regularly

  • You agree to promptly review your account information and any accompanying items and notify the Bank of any dispute or discrepancy, including unauthorized transfers, electronic funds transfers, withdrawals or other transactions, transactions involving substitute checks, unauthorized or forged signatures or endorsements, alterations or other irregularities.
  • Set up Alerts and Notifications on your account for updates on transactions.

Close your accounts

  • Close any accounts that you know - or even think – might have been tampered with or opened fraudulently.
  • You may need to open new accounts and a new Resource Plus® Card
    • If you have automatic payments set up, update them with your new account information.

Update Credentials

  • Update passwords you use to access Online Banking, email, and other sites that have access to personal information.

Credit Report

  • Check your credit report.
  • Place a fraud alert on your credit report by contacting one of the consumer reporting companies
    • Equifax: 800-525-6285; www.equifax.com
    • Experian: 800-397-3742; www.experian.com
    • TransUnion: 800-680-7289; www.transunion.com
  • Review the Prevention and 1st Source Protection section for more