|
A TRUE COPY
<br /> CERTIFICATION 10fid LAST PAGE
<br /> J.R. SMITH, CLERK
<br /> 6. Access Devices;Security Procedures. well as with certain administrative functionality,and/or for
<br /> the creation of ACH and wire templates. Physical security
<br /> 6.1 Upon successful enrollment, Customer of each Token is Customer's sole responsibility. With the
<br /> can access the Services from Bank's designated website by Token, each Authorized User will receive a PIN number
<br /> using Customer's Computer or, as may be permitted by that the Authorized User must keep in a secure place.When
<br /> Bank from time to time in its sole discretion and in an Authorized User (or Administrator) leaves Customer's
<br /> accordance with Bank's terms and conditions for such employ,his or her Login ID must be deleted by Customer
<br /> access,using mobile or other Internet-enabled system(s)or (or by Bank upon Customer's request)and,if a Token had
<br /> device(s), along with the Services' security procedures as been issued to such Authorized User (or Administrator),
<br /> described from time to time. A company ID assigned to Bank must be promptly notified so that Bank may
<br /> Customer by Bank, a unique Login ID and an individual deactivate such Authorized User's (or Administrator's)
<br /> password will be used for log-in by Customer's Token. Any additional Authorized User requiring a Token
<br /> Administrator(s) and Authorized User(s). The must be authorized, in writing by Customer to Bank, for
<br /> Administrator(s) and Authorized User(s) must change his Token creation or re-creation and deployment. If
<br /> or her individual password from time to time for security applicable,fees may be assessed for additional Tokens.
<br /> purposes,as prompted by the Bank Internet System or more
<br /> frequently (subject to the additional security procedures 6.4 Customer further acknowledges and
<br /> described below). agrees that all wire transfers and ACH transactions initiated
<br /> through the Services require"dual control"or separation of
<br /> 6.2 Customer acknowledges that the duties.With this additional security feature,one Authorized
<br /> Administrator(s) will, and Customer authorizes the User will create, edit, cancel, delete and restore ACH
<br /> Administrator(s) to, select other Administrators and batches or wire transfer orders under his/her unique Login
<br /> Authorized Users by issuing to any person a unique Login ID, password and Token; a second different Authorized
<br /> ID and password (subject to the additional security User with his/her own unique Login ID, password and
<br /> procedures described below). Customer further Token will be required to approve, release or delete ACH
<br /> acknowledges that the Administrator(s)may,and Customer batches or wire transfer orders.
<br /> authorizes the Administrator(s) to, change or de-activate
<br /> the unique Login ID and/or password from time to time and 6.5 Customer accepts as its sole
<br /> in his or her sole discretion (subject to the additional responsibility the selection, use, protection and
<br /> security procedures described below). maintenance of confidentiality of,and access to,the Access
<br /> Devices. Customer agrees to take reasonable precautions
<br /> 6.3 Customer acknowledges that, in to safeguard the Access Devices and keep them
<br /> addition to the above individual passwords, access to the confidential. Customer agrees not to reveal the Access
<br /> Services includes,as part of the Access Devices,additional Devices to any unauthorized person. Customer further
<br /> security procedures,including as described below: agrees to notify Treasury Management Services Support
<br /> immediately at 1-866-475-7262 if Customer believes that
<br /> 6.3.1 Additional security the confidentiality of the Access Devices has been
<br /> procedures include a risk-based authentication security compromised in any manner.
<br /> procedure for Customer, including Customer's
<br /> Administrator and Authorized Users. This additional 6.6 The Access Devices identify and
<br /> security procedure involves an additional credential for authenticate Customer (including the Administrator and
<br /> each user that is in addition to Login IDs and individual Authorized Users)to Bank when Customer accesses or uses
<br /> password security (hereinafter "Enhanced Authentication the Services. Customer authorizes Bank to rely on the
<br /> Security," and/or "Enhanced Log-in Security'). With Access Devices to identify Customer when Customer
<br /> Enhanced Authentication Security, additional information accesses or uses any of the Services, and as signature
<br /> regarding each Authorized User's Computer and method of authorization for any Payment,transfer or other use of the
<br /> website access will be collected and validated Services. Customer acknowledges and agrees that Bank is
<br /> automatically with the set-up process. An electronic access authorized to act on any and all communications or
<br /> identity will be created for each Authorized User by instructions received using the Access Devices,where such
<br /> combining a number of key identification points,such as IP communications were provided to Bank in accordance with
<br /> address,Internet service provider,PC and browser settings, the security procedures and other terms as set forth in the
<br /> time of day and geographic location. These access Cash Management Master Agreement, regardless of
<br /> identities are used by Bank to authenticate Authorized whether the communications or instructions are authorized.
<br /> Users. Further authentication may occur automatically due Bank owns the Access Devices, and Customer may not
<br /> to the detection of unusual source occurrences in relation to transfer them to any other person or entity.
<br /> that access identity.
<br /> 6.3.2 An additional security 6.7 Customer acknowledges and agrees
<br /> procedure incorporates use of a physical security device or that the Access Devices and other security procedures
<br /> token("Token")for,by way of example only,initial log-in applicable to Customer's use of the Services and set forth
<br /> and/or certain transactional or administrative functionality. in this Appendix,as well as such security best practices as
<br /> A Token may be issued to any Authorized User(s), for described by Bank from time to time and made available on
<br /> example, for use in initiating and/or approving ACH the Bank Internet System, are a commercially reasonable
<br /> transactions and wire transfers,to log in to the Services,as method for the purpose of verifying whether any Payment,
<br /> HCk 4816-8814-0154 v 1 18 of 58 1016
<br />
|