Your online security
Farm Credit Canada (FCC) is committed to keeping your information safe. FCC Online Services uses 256 bit encryption. The browser supported by FCC Online Services is Microsoft® Internet Explorer 11.0. If you need to change your browser, follow these links to the Microsoft® sites.
FCC has multiple layers of security to provide you with secure access to your information, including but not limited to:
- the establishment of a secure connection between your computer / device and FCC systems
- utilizing anti-virus protection and continuously updating our software to maintain the latest signatures to detect and prevent viruses from entering into our computer systems
- utilizing security systems to block unauthorized access to our information servers
- utilizing security monitoring of suspicious traffic
FCC will continue to monitor security issues, updating and improving security when it is reasonable and practical to do so.
For your protection, we require that you “login” to secure areas of our website, FCC Online Services, and/or an FCC Mobile App using your username and password or, where applicable, biometric identifier, such as (but not limited to) a fingerprint scan. Your password should be kept secret at all times because it is used to help verify your identity before you are permitted access to your accounts and information.
You may be required or permitted to set or change your password from time to time. Certain password selection rules will be automatically enforced at the time of selection. Please refer to Section 12 of FCC’s Electronic Access Agreement for additional measures and practices that should be undertaken when creating a password.
If you are unable to provide the correct password or, where applicable, biometric identifier, you will not be granted access. If you or someone enters your username or password incorrectly three times, your account will be locked. To unlock your account, call the FCC Customer Service Centre at 1-888-332-3301.
Secure login using your computer
When you login successfully to secure areas of our website, your web browser will establish secure connection between your computer and our web servers. This will allow you to communicate with us privately and to conduct online transactions safely. To make sure your browser has established a secure connection, look for a padlock security symbol or check the address bar of your browser. If the address starts with “https://” the session is secured.
To further protect against unauthorized access to your accounts, our systems are designed to automatically terminate a secure session if extended inactivity is detected. If your session terminates, you will have to login again to continue your activities.
Online Services Login Activity
For enhanced security purposes, you can see your recent login activity, including the date, time and location that your Online Services account was accessed. To check Recent Activity, login to Online Services, go to Profile Settings and click Account Security.
You may see activity from a location you don't recognize as it is based on your IP address. It is approximate to your actual location but can vary if you are accessing your account on a mobile network. Your location may also appear blank as some ISPs and web hosting services don't specify location information. If the location listed is not nearby or you do not recognize the date and time of the login, and you suspect suspicious activity, change your FCC password and call the FCC Customer Service Centre at 1-888-332-3301.
Keeping your computer safe
Whenever you use your personal computer and the Internet, there is a potential risk of contracting a computer virus or other type of malware. Malware can, for example, modify programs, delete files, erase the content of hard drives, capture keystrokes or install ransomware without your knowledge or consent. The potential consequences of any of these threats could include damage to your personal computer, access to your secret information and the inability to use an FCC website.
Always ensure to educate yourself about online safety best practices and cyber security social engineering methods of attacks (for example, e-mail spoofing and phishing).
Internet software or electronic transmission errors may produce inaccurate or incomplete copies of the content of the FCC website when downloaded and displayed on any computer.
FCC does not assume any liability or responsibility whatsoever for computer viruses or other destructive programs received during the electronic transmission of such content of the FCC website or any sites accessed through links provided therein.
You are responsible for the security associated with your computer. Install a personal firewall system to help protect your computer from intruders. Personal firewalls protect your computer from hostile intrusion from the Internet.
It is also strongly recommended that you use virus protection software on your computer. Any unprotected e-mail communication over the Internet is, as with communication via any other medium (cellular phones, post office mail, etc.), subject to possible interception or loss, and is also subject to possible alteration.
It is important to note that the Internet is not a secure method of communication and that FCC cannot guarantee the privacy or security of customer information submitted to the FCC website or by e-mail over the Internet.
Cyber social engineering attacks
Social engineering is the art of human hacking and requires contact and trust to be successful. It is psychological manipulation of people into performing actions or divulging confidential information. It is a type of confidence trick for the purpose of information gathering, fraud, system access or identify theft. Attackers will attempt to trick you into installing malware or divulging confidential information through file attachments, email links or malicious websites.
Spoofing and phishing
Spoofing or phishing (pronounced “fishing”) is used to fool you into revealing personal information such as login credentials, credit card numbers, or banking information. E-mail spoofing or phishing is a scam where a person sends out legitimate-looking e-mails that appear to come from a legitimate individual or company in an effort to “phish” for personal and financial information from the e-mail recipient. Phishing e-mails may also contain suspicious files, links to suspicious websites or demands for private information.
Be wary of these spoofing or phishing e-mails. If you receive one of these e-mails, delete it immediately and do not respond or act on it.
Always remember, FCC will never send customers an e-mail asking for personal information, account IDs or passwords.
If you receive a suspicious e-mail that appears to have been sent by Farm Credit Canada, please contact our Customer Service Centre at 1-888-332-3301.
Tips for e-mail safety
- Do not provide confidential personal or banking information to anyone in an e-mail
- Avoid filling out forms in e-mail messages that ask for personal financial information
- You should only communicate information such as credit card numbers or account information via a secure website or secure file sharing
- Be suspicious of e-mail attachments from unknown sources. If you do not know or recognize the sender of the
e-mail, do not open the attachment.
- Be suspicious of unsolicited e-mails that have a sense of urgency and warn that your accounts will be closed or your access limited if you don’t reply
- Do not set your e-mail program to “auto-run” attachments. Always check that e-mails you have received do not contain viruses by running your anti-virus software when the e-mail attachment is received.
- Don’t use links in an e-mail to get to any web page if you suspect the e-mail might not be authentic
- If you do have a relationship with the company mentioned in a suspicious e-mail, phone the company or log onto the website directly by typing in the web address in your browser
Security in FCC Mobile Apps
FCC has also implemented reasonable safeguards with respect to the security of an FCC Mobile App which are designed to protect an FCC Mobile App and the information available in the app from theft, unauthorized use, error or loss. These safeguards include, but are not limited to FCC Mobile Apps being encrypted and FCC having taken reasonable steps to ensure secure data transfers back to / between its servers.
Mobile device security
You are responsible for the general security associated with personal devices that may be used to access an FCC Mobile App or FCC Online Services. We recommend that you take additional measures to protect the security of your devices, including:
- All devices used to access an FCC Mobile App or FCC Online Services should be protected by mobile encryption. Encryption prevents unauthorized users from being able to access the data on the device.
- Ensure that an FCC Mobile App and/or FCC Online Services are only accessed from a secure device, as the security of an FCC Mobile App and FCC Online Services relies on the underlying device's security. Jailbroken devices (namely, a device whose security restrictions imposed by a vendor have been removed, allowing for the user to notably install software from external, uncontrolled sources other than the application store) or rooted devices (namely, a device running an Android mobile operating system through which privileged control / root access over various subsystems has been provided) should not be used to access or use an FCC Mobile App or FCC Online Services.
- Protect the physical device used to access an FCC Mobile App and/or FCC Online Services by using a long, complex password (in accordance with the password rules outlined above and in Section 12 of FCC’s Electronic Access Agreement). You should not leave your mobile device unattended while logged into an FCC Mobile App and/or FCC Online Services and you should log off immediately at the completion of each access.
- If an FCC Mobile App and/or FCC Online Services are being accessed through a Wi-Fi hotspot, ensure that only secure Wi-Fi connections are used. Most public Wi-Fi hotspots do not encrypt the information being sent and are not secure.
- Ensure that your device has up-to-date virus protection and update any applications installed on the device and the device's operating system when new versions are available, as updates may include security patches.
- Ensure you have the ability to remotely locate a lost or stolen device and, when necessary, the ability to remotely wipe all relevant data from a lost or stolen device.
- Ensure that all personal information and any FCC Mobiles apps stored on your device are deleted before you sell, give away or dispose of your mobile device or SIM card.
Lost or stolen mobile device
If your mobile device was used to access FCC Online Services or contains an FCC Mobile App and it has been lost or stolen, immediately change your FCC password via FCC Online Services and/or and call the FCC Customer Service Centre at 1-888-332-3301.
Protect your identity
Identify theft is one of the fastest-growing crimes in Canada and can happen to you at anytime. Identity theft occurs when somebody steals your name and other personal information for fraudulent purposes.
How does identity theft happen?
Identity thieves steal key pieces of your personal information and use it to impersonate you and commit crimes in your name. In addition to names, addresses and phone numbers, these thieves look for social insurance numbers, driver’s licence numbers, credit card and banking information, bank cards, calling cards, birth certificates and passports. Thieves may physically steal important documents, or they may find out your personal information in other ways, without your knowledge. Once they steal the information, they may use stolen identities to go on spending sprees, open new bank accounts, divert mail, or apply for loans, credit cards and social benefits.
Identity theft – tips to protect yourself
- Find out how your personal information will be used before sharing it
- Follow up with creditors if your bills do not arrive on time
- Monitor your credit card statements and bank accounts, and report any unusual transactions as soon as possible
- Shred documents that contain personal information
- Select personal identification numbers (PIN) or passwords for your credit cards, bank and phone accounts
- Carry only the identification that you need
- Put other identification (SIN, birth certificate, passport) in a secure and safe place
- Your SIN should only be used for employment and tax reporting purposes
- Guard your mail. Promptly remove mail from your mailbox after delivery.
- Credit report companies allow free access to your credit report one time each year. Your credit report may reflect whether someone has applied for credit in your name, so it’s a good idea to check.
Last reviewed: April 16, 2019