Online Security

​Staying Safe Online

Online Banking makes managing your finances easy and convenient.  However, there are measures you should take, and best practices you should follow, whenever you go online to access your accounts.  Because your online security is our priority, we have compiled suggestions and tips for safe browsing to help you avoid falling victim to Internet threats.

Security Guarantee

Our Online Banking system is safeguarded with the best security available in a commercial environment, ensuring that your information is protected while data is transmitted between your computer and our banking server.


Internet encryption protects your information while it is in transit between your computer and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled.  Our online banking website uses a 128-bit SSL, encrypting both request and response transactions, through a secure connection.  To establish a secure connection, verify that the prefix of our website address in your browser reads 'https' (and not simply 'http').  All the browsers we support meet this requirement.  If yours doesn't, please download the appropriate encryption support from your browser's supplier.

Controlled Access to Your Accounts

Your accounts can only be accessed by providing the correct login credentials and Personal Access Code (PAC), which only you know.  Our employees never know these details and will never ask you to provide them with this information.

Enhanced Security Login Process

The first time you log in to your online banking account, you will be asked to choose from a list of security questions and answers. Be sure to pick questions with answers that are not easy to guess. Use ones that only you know.  If you have a joint account, the questions and answers for both users must coincide.  You can register your home or personal computer so that you will not have to answer a security question every time you log in.  However, when you log in to your account from another machine, or periodically, we will ask one of the security questions to confirm your identity.

For security reasons, we track the number of login attempts used to access your online banking.  After a number of incorrect attempts to provide the correct PAC or answers to security questions, your online access will be immediately disabled.  To regain access, please call our Member Experience Representatives.

Safe Browsing

When visiting a branch, you can feel confident that your money is safe and secure, with the premises adorned by vaults, locked doors, security and surveillance.  We are keeping you just as safe when you bank with us online.  However, once your information reaches your computer, you have a responsibility to protect it.

Personal Access Code (PAC)

Online credentials can be numerous as they are needed for email accounts, social networking sites, online newspapers and shopping websites.  That's a lot of usernames and passwords – and it can be tempting to use the same combination for everything.  But this makes it far too easy for hackers because once they have one password, they can access all your sites.  Login credentials are the keys to your accounts so don't leave those keys around for anyone to find. For online banking, the key is your Personal Access Code (PAC).  We recommend you:

  • Choose a PAC that is easy for you to remember but difficult for others to guess.  Avoid using keyboard strings (qwerty), repetitive letters or numbers, dates, common words (e.g., password, winter, etc.), personal information (e.g., name, date of birth, phone number, city names, etc).
  • Your PAC must be between 8 to 30 alphanumeric characters and must use at least 1 uppercase, 1 lowercase, and 1 numeric digit. You have the option to use these special characters in your PAC: ! @ # $ ( ) - \ / | ? , . : 'Choose a PAC that is difficult for others to guess. 
  • Be smart and don't save a list of your credentials on your PC.  If you have to write them down, keep these details locked away somewhere only you can access or consider using password-management software, which secures and encrypts usernames and passwords and allows you to use a single master password.
  • Do not share your PAC with anyone, especially online.  Employees of our financial institution will never call, email, write or ask you to provide your online banking credentials.  Ever.
  • Don't authorize browsers to memorize your credentials.  Saving these on your computer allows anyone using your PC to gain access to your login-protected sites.
  • Consider changing your PAC every 90 days for optimum security.
  • Make sure your PAC is not the same as other online passwords you may have.
  • Make sure no one observes you typing in your PAC.

Personal Details

When you move, it is important to notify us of your change of address.  If your mailing information isn't up-to-date, statements or letters that contain personal information will continue to be sent to your former address.


You may prefer to eliminate paper statements altogether, avoiding any possibility of mail theft.  Eliminate paper documents, go electronic and be secure while doing it.  Our e-Statements are a digital archive of your monthly banking activity than can be downloaded as a PDF from our secure online banking site.


Our e-Documents allow you quick and convenient online access to your financial documents: anytime, anywhere.  Open the documents as PDFs and print your T5s, mortgage receipts or transaction receipts only as needed, while creating a safe and secure digital archive.

Logging In and Out

When you are finished with your banking session, always log out by clicking the "Log Out" button, as opposed to simply closing the browser window.  To help protect your information, your online banking session will end automatically if there has been no activity for 20 minutes or if your visit lasts longer than 60 minutes.  If your session has timed out, no further transactions can be made until you log in again.  This time-out feature helps protect your accounts from unauthorized access if your PC is left unattended or if you have forgotten to log out.

Clearing Cookies and Cache

When you spend time on the Internet, your browser stores information, such as the websites you visit, the images and files you view, and your personal information, including passwords and login details.  This data is held on your computer's hard drive and is known as 'cache.'  Even though you may have logged out and closed your browser, this information may remain accessible.  You can protect your data by clearing your browsing history regularly. 

Private Browsing

Some web browsers have a feature that allows you to browse the Internet without the browser storing information, such as the sites you visit, the images you see and videos you watch.  This feature is sometimes used by people who share the same computer.  Private browsing is a temporary option and must be selected in order for it to be activated.  Private browsing, however, does not give you immunity to spyware or make you anonymous.  It is still possible for your Internet service provider, employer or the websites you visit to track your online activity.

Monitoring Your Accounts

Frequently reviewing your paper and/or electronic account statements and registering for our Direct Alerts system ensures that you spot any incorrect or fraudulent transactions as soon as they occur.  If your card has been skimmed (when the card's magnetic stripe and PIN are fraudulently copied by embedded devices at ATMs or point-of-sale devices) or unauthorized transactions have been made, you will want to catch this as soon as possible.  Everytime you receive an account statement verify you made all the transactions.


Receive, manage and pay your bills through Canada Post's free online service.  To sign up, create an account and scroll through the list of partners to find which bills you can receive with epost.  More than 100 organizations are supported as "Mailers," including telecommunications and credit card companies and government agencies.  You can also store your bills and statements securely on epost for up to seven years.

Identify and Prevent Scams

While pickpockets can only target a few people each day, Internet fraudsters cast their nets much wider, using the anonymity and reach of mass emails and fake websites.  You can protect yourself from these situations by knowing how to identify and avoid these scams.

We take attempts to defraud our members very seriously.  If you receive correspondence that you think may not be from Unity Credit, please report it to us by Telephone or our Contact Us form.

Quick tips to avoid scams:

  • Never use a link provided in an email or text to access your Online Banking (because we don't send those, scammers do!).
  • Do not open emails, texts or attachments from unknown sources.
  • Scan your emails using anti-virus software.
  • Read before you click!  It is important to understand that electronic messaging is not a secure form of communication. Unity Credit Union will never send you an unsolicited email or text message that asks you to provide sensitive personal information like your social security number, bank account number, and credit card information, ID questions like your mother's maiden name or your password.

Understand Phishing and Smishing


A common way for Internet scammers to obtain your personal information is through a method called phishing.  Usernames, passwords, banking information and credit card details are phished through email or instant messaging.  Phishing works by sending communications, which appear to be from your financial institution, but they are not.  You are asked, supposedly by your financial institution, to log in to your online banking to verify account information.  Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – and you'll be asked to enter your credentials.


Smishing is similar to phishing in that it is a fraudulent attempt to obtain sensitive information.  Smishing is done using text messages purporting to be from reputable companies.

Phishing or smishing messages may include:

  • Warnings about account closures
  • Requests to update your information
  • Offers to register for a new service
  • Offers for pre-approved credit cards
  • Free virus-protection programs

Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information.  Phishing and smishing scams seek personal details, such as your address, social security number or mother's maiden name.  The details obtained will then be used for identity theft.

Scam emails or text messages purporting to be from your credit card company or financial institution often have some telling signs, including:

  • Poor spelling or grammar
  • Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
  • Notices that you've won a prize and are required to pay a fee in order to claim it

Never provide personal details or any account details in an email or text message.  Electronic messaging is not a secure form of communication.b If you receive a message that you are unsure about, please contact us.

Understand Pharming

Another way for hackers to get their hands on your personals details is by pharming them.  Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and redirects you to fake websites.  The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser.  With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not.  Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

Watch for Malicious Software

**Be sure to install anti-virus software on your computer to protect your information, money and privacy.  Such software detects viruses and cleans your computer so that harmful viruses do not spread.  Set up your anti-virus to run frequent scans and update the software as soon as it is required.  Ensure you have real-time scanning of every email and every file you download.**


Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus.  They can steal your personal information, take over your PC and use your computer to attack other people's computers.  Your PC can become infected through email attachments, downloading infected content or visiting harmful websites.


Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain Internet sites.  Secretly, it gathers information about you and your browsing habits.  This information can be trivial or it can include passwords and personal data that you wouldn't want criminals to get their hands on.  It can also interfere with user controls and disable legitimate anti-virus programs.

The best way to protect your computer against spyware is smart browsing.  Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources.  Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.


One of the most common viruses to watch out for is known as scareware.  These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer.  Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses.  Scareware is a scam that tries to trick you into paying money in exchange for nothing.

You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer.  You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appears.

Keep Your Devices Safe

It's a good idea to protect and maintain the devices you use to do your banking.  This can involve upgrading the software and other practices as outlined here.

Protecting Your Computer

Your computer's operating system needs to be up-to-date in order to defend itself from viruses and malicious software (malware).  If one part of your operating system develops a virus, it leaves holes in your computer's security defenses and compromises the safety of the information contained in your computer.

Keeping your software up-to-date is one of the most important ways of staying safe online because it is much harder for viruses to infect an updated operating system and software.  Hackers are targeting operating systems with new viruses all the time and software companies combat these efforts with security patches.  You should always download the latest security patch as soon as it becomes available.

Your operating system lets you know when updates are available by notifying you there are new security features to download.  You can also upgrade your operating system to the latest version available from the manufacturer; however, you should ensure your computer has sufficient hardware capacity to support an upgrade.

Back Up Your Data

To fully eliminate a virus that has infected your machine, the re-installation of your operating system may be required.  Protect yourself against the permanent loss of important data by frequently backing up your files on an external hard drive so you'll have the data should you ever have a problem with your operating system.

Install Anti-virus Software

Install anti-virus software on your computer to protect your information, money and privacy.  Such software detects viruses and cleans your computer so that harmful viruses do not spread.  Set up your anti-virus to run frequent scans and update the software as soon as it is required.  Ensure you have real-time scanning of every email and every file you download.

Use Firewalls

A firewall protects your computer and home network from harmful websites and hackers.  It sits between your computer and the Internet, scanning information that is being transmitted.  It allows for safe browsing, while blocking unauthorized intrusions.  Even though you may think you have no information of value on your computer, firewalls also stop your computer from being used by hackers to send malicious software to other computers.

Most computers come with a firewall as part of the standard operating system.  However, you can get the maximum protection for your computer by installing additional firewalls and ensuring they are kept up to date.

Protecting Your Smartphone

Browsing the web has never been easier – it's all at your fingertips.  Smartphones let you surf, shop or bank wherever you are.  Make sure your information stays secure while you're on the move by following these smartphone-safe browsing tips:

  1. Activate your phone's password feature, which locks the screen and prevents anyone but you from accessing your phone.  Set up the password feature on your phone with a code that only you know.
  2. Don't connect to unknown networks through Wi-Fi hotspots to make financial transactions.
  3. Beware of smishing – that's phishing on phones through text messages.  Never download media or images, or click on text-message links that come from unrecognizable people or phone numbers.  Never provide personal details or any account details using any form of electronic messaging because this is not a secure form of communication.  If you are unsure, please contact us.
  4. Download apps exclusively from the official source for your smartphone's platform, such as the Apple App Store or Google Play Store.
  5. Install anti-virus software for your smartphone when available and update it frequently.
  6. Install location finding applications, which work with your phone's built-in GPS.  These applications allow you to locate and/or remotely erase (or "wipe") data in your phone if it is lost or stolen.
  7. Update your smartphone's operating system as soon as newer versions are available.

Direct Alerts

    Protect yourself from fraud with Direct Alerts

    Sign up for free Direct Alerts to receive email or text message security alerts when activity occurs in your Online Banking. 

    You can receive notifications for the following Direct Alerts:

    • Personal Access Code (PAC) changed
    • Interac e-Transfer® recipient added
    • Online Banking account locked out
    • New Online Banking login 
    • New payee added
    How to Sign Up for Direct Alerts on your smartphone:
    1. Login to the Unity Credit Union Mobile App.
    2. Click the 'Alerts' icon (swipe left to second screen to find this icon).
    3. Tap on the 'Manage' tab.
    4. Tap on the specific Alert you want to set up.
    5. Choose whether you want to be notified by email or text.
    6. Click 'Save'.
    7. Click 'Save' again to activate the Alert.
    8. Follow these steps to set up all Alerts.
    How to Sign Up for Direct Alerts on your computer:
    1. Sign in to Online Banking on your computer. 
    2. Navigate to the 'Message and Alerts' tab.
    3. Click on 'Manage Alerts'.
    4. Click on the Alert you want to acitvate.
    5. Click 'Add'.
    6. Choose whether you want to be notified by email or text.
    7. Click 'Save'.
    8. Click 'Save' again to activate the Alert.
    9. Follow these steps to set up all Alerts.


    The Autodeposit feature allows the money you have been sent (via Interac e-Transfer®) to be automatically deposited directly into your bank account, without having to login to Online Banking or answer security questions.  

    How to sign up using Online Banking:
    1. Login to your Unity Credit Union Union Online Banking.
    2. Select ‘Transfers’ from the side menu.
    3. Select ‘Send INTERAC e-Transfer®’ from the side menu.
    4. Select ‘Autodeposit’ from the top menu.
    5. Select the email address and account you want the money deposited into.
    6. Confirm your email address: You will receive an email from Unity Credit Union Limited  - Click the 'complete registration button.
    How to sign up using the Unity Credit Union Mobile App:
    1. Login using your fingerprint, Face ID, or PAC.
    2. Select ‘INTERAC e-Transfer’ from the menu.
    3. Select 'Settings' in the top right.
    4. Select ‘Autodeposit’ from the list.
    5. Add your email, and follow the on-screen instructions.
    6. Confirm your email address: You will receive an email from Unity Credit Union Limited  - Click the 'complete registration' button.


    Manage your MEMBER CARD® debit card when you are travelling, or when you suspect that your your card is being used fraudulently.  With Lock’N’Block®, you can lock your MEMBER CARD® debit card or block your your card for ATM Transactions, purchases, and international transactions. 

    How to set up Lock’N’Block®:
    1. Log into your Unity Credit Union Online Banking. 
    2. Click on 'Account Services'.
    3. Choose Lock’N’Block®. 
    4. Select the MEMBER CARD® debit card you want to lock or block by clicking the 'Edit' button next to it. 
    5. Now select the action you want to perform. You can choose to Block Debit Card, Block ATM transactions, Block purchases and refunds or Block international transactions. 
    6. Click 'Save Changes'.
    This website uses cookies to improve your user experience. By continuing to browse the site you are agreeing to our use of cookies.