Online, Mobile and Social Media Security

Learn how we protect you and how you can protect the privacy and security of your online information.

Your online privacy and security is extremely important to us.


This Online, Mobile and Social Media Security statement supplements, and should be read along with, Apple Bank for Savings’ (“Apple Bank”) general  Privacy Notice, which still applies and continues in full force.

Apple Bank’s commitment to privacy and security extends to the use of Online Banking by consumers and businesses. And because the Internet poses unique risks relating to privacy and the safeguarding of your personal and confidential information, we have put extra measures in place and provide this additional statement to assist you in protecting your privacy and security, while seeking to provide a satisfactory online banking experience.

Beyond outlining certain steps you should take (see Online Security, below) to protect the privacy and security of your online banking information when using the Apple Bank website or related sites (the “Site”), this statement also outlines how Apple Bank and/or its servicing or sub-servicing vendors or representatives may collect information coming from or provided by you, whether you are browsing the Site or are using an Online Banking service, such as Bill Payment, A2A External Funds Transfer Service, PayAnyone Service, Mobile Remote Deposit Capture Service, Text Banking Service, or View Mortgage Loan Info.

This statement is effective as of June 2017. The most recent version will be posted to the website. Please review periodically.

Online Privacy

  1. Browsing Our Site
    If you are merely browsing our Site to determine which products and services might be right for you and, for instance, you view web pages, use one or more of our Life Insurance or Investment Calculators, testing “what if” scenarios, etc., Apple Bank will not collect, capture or retain any personally identifiable information. You may browse the Site anonymously and do not need to provide us with any personal information.
  2. Providing Personal Information
    However, if you do provide personal information to us when using the Site, that information may be used by Apple Bank and its servicing and sub-servicing vendors to complete or respond to your inquiry, request, application or account transaction. For further details about how we use your personal information, and how you might limit some sharing of information, please see our Privacy Notice.
  3. Using Online Banking Services
    To register for, enroll in and use an Online Banking service (e.g., Bill Payment, A2A External Funds Transfer Service, PayAnyone Service, Mobile Remote Deposit Capture Service, Text Banking Service, View Mortgage Loan Info, etc.), you must submit personal information, such as your email address, account number, SSN and date of birth. Generally, doing so will allow you to correspond with Apple Bank, review your accounts, etc.
  4. About Cookies
    Cookies are small pieces of information stored on a web browser by a web server, permitting the system to recognize a user’s actions during a session. Among other things, they may be used to identify a computer or mobile device on which you have enabled enhanced online security features. However, cookies cannot be used to capture data (e.g., your identity, email address, account number or other sensitive or personally identifiable information, etc.).

    Use of the Online Banking service requires that cookies be enabled on your web browser. This requirement is aimed to achieve optimal performance, security and reliability when you use our Online Banking services (e.g., Bill Payment, View Mortgage Loan Info). If you set your web browser to reject cookies, you will not be able to do any Online Banking with Apple Bank.
  5. Pop-Up Windows
    When using the Site, we recommend that you enable the use of pop-up windows to ensure that you are made aware of important information. Please note that Apple Bank does not use pop-up windows for third party advertising.
  6. Online Tracking
    Neither Apple Bank nor any of its servicing or sub-servicing vendors will use cookies or other means to track your online activity when using the Site for any purpose other than: (A) to perform or complete activity or transactions you initiate or request, and (B) to improve Site performance.
  7. Online Marketing
    With the exception of Guaranteed Rate, Inc., Apple Bank does not employ any third party marketing or advertising on the Site. Otherwise, only Apple Bank and its joint marketing partners market Apple Bank or joint marketing sponsored products and services on the Site.

    As noted herein, when you click on any link to a third party website, including the websites of Apple Bank’s joint marketing partners, you will be subject to the content, offerings, terms and conditions, disclosures, and privacy, security and accessibility policies of those parties’ websites. Apple Bank is not responsible for them.

    You have certain rights to opt-out from information sharing practices. To learn more, read our Privacy Notice.

    Apple may periodically engage in marketing solicitations to its customers via email messaging.
  8. Children’s Online Privacy Act
    The Children’s Online Privacy Protection Act (“COPPA”) is intended to protect children under the age of 13 from online collection of personal information. For more information, see the Federal Trade Commission’s website regarding  COPPA and Protecting Kids’ Privacy. Users of the Site must be at least 18 years of age. The Site is not directed to anyone under the age of majority (i.e., 18 years of age). Apple Bank does not knowingly collect any personal information from any person protected under COPPA.
  9. Third Party Websites
    Apple Bank is not responsible for the information collection and use practices, privacy policies or security measures that exist and apply when you visit or are transferred to a third party website. When viewing a third party site by clicking on a link appearing in Apple Bank’s Site, a dialog box will pop up to advise you that, upon leaving the Site, you will be viewing a website controlled and administered by that third party (and not by Apple Bank). When you click “Continue”, you will become subject to each such party’s site content, offerings, terms and conditions, disclosures and privacy, security and accessibility policies.
  10. Email
    In general, using e-mail forms on the Site (or sending e-mail over the Internet) is not secure. You should not send any confidential, sensitive or private information (e.g., Social Security Numbers, account numbers, account information, User IDs, Passwords, Personal Image or Name, etc.) using the non-secure email forms or via any general e-mail messaging system (including the e-mail links that appear).

    If you want to send such information, you must do so ONLY after logging in to Online Banking, using Apple Bank’s secure, encrypted Message Center, with Secure Socket Layer (SSL). Upon login, please click on the Account Services tab or the Messages button to send a secure message.

    Please do not respond to any email message asking for personal or confidential information, even if the message looks like it came from Apple Bank. Apple Bank will NOT ask for such information via email messages. Any such message could be a Phishing attempt.

Online Security

In addition to the network related measures the Bank takes to secure your personal and confidential information while you or your business are using Apple Bank’s Online Banking services (e.g., use of 128-bit encryption, firewalls, etc.), there are steps that you can and should take when using the Site and conducting any business through the Online Banking and all Services available thereunder.

When used with your User ID, your Password acts as an Electronic Signature and as your legal signature. You are solely responsible for keeping your User ID, Password and other account and personal information (i.e., Login Credentials) strictly confidential. Although systems safeguards are in place, you, alone, are personally responsible for ensuring your own security when online.

Unauthorized Logins

Upon any Login to the Services by anyone using your User ID, Password, Login Credential or any other authentication control, the Bank may rely and act upon any instructions received under such circumstances.  In the event of unauthorized use of your information, as described above, you will be liable for resulting losses, unless, following prompt notice of theft, loss or a possible breach of any of your Login Credentials, the Bank acts with gross negligence or willful misconduct in handling your request to block further use of the Services.


Enhanced Login

Enhanced Login is a security feature that you enable by clicking “Register Device”, which deploys “cookies” to remember a specific Computer(s) and/or Mobile Device(s), recognizing their presence or absence when a Login is attempted.  The process may also involve accessing detailed information including phone numbers, Computer and Mobile Device identification data and network identifiers. 

Computers or Mobile Devices that are not registered will be identified and shall require an additional layer of security, i.e., through the delivery of a Secure Access Code (see below). The Enhanced Login feature can improve your security and further protect you against potential fraud and identity theft.  

The Bank recommends that, at a minimum, you regularly change your Password, and create a unique User ID and Password combination.  Depending on the nature or magnitude of risk posed by one of more of the Services, the OB Services platform may employ additional MFA security techniques, including the use of challenge questions or Secure Access Codes (“SACs”) [Defined at Section XVII, see also, Access Security, below].


To help protect yourself against fraud, you should follow these guidelines:

  • Before every Login on any Computer or Mobile Device verify the accuracy of your Last Login date and time to ensure that you are accessing Apple Bank’s website (and not some fraudulent site).
  • When using a Mobile Device also exercise special caution and be on high alert to your surroundings, nearby persons and devices.
  • Install and activate anti-virus, anti-spyware and anti-malware programs on your Computer or Mobile Device.
  • Review and reconcile your Accounts on a regular, timely basis.
  • Do not allow anyone to learn, access or view ANY of your bank, brokerage or other financial account data, information, statements or online capabilities, from ANY FI.
  • Contact the Bank immediately if you receive unexpected correspondence from the Bank.
  • Do not respond to email messages asking for personal or confidential information, even if they look like they came from the Bank. The Bank will not ask for such information via email messages. Any such message may be a Phishing attempt.
  • Be on the alert to follow through if an expected “welcome letter” or other correspondence is not received.
  • Do not share your User ID with others.
  • Do not share your Password with others.
  • Do not share your personal information, Enhanced Login “security” questions or answers with others.
  • Do not share your Account information with others.
  • Do not walk away from a Computer or a Mobile Device when you are logged in to any service (e.g. OB, Bill Payment, A2A external funds transfer, Mobile Banking, mRDC, Text Banking, PayAnyone, viewing mortgage information, making inquiries or other OB Services, etc.
  • Always exit and log off the system when finished.
  • Change your Password periodically.
  • Immediately change your Password if you have any reason to believe it has become known or available to others not authorized to access your Account(s) or Payment Account.
  • Never leave your Account information, User ID or Password within range of others.
  • Do not send confidential Account information (e.g. social security number or taxpayer identification number, account number, User ID, Password, “security” questions or answers, etc.) in any public, non-secure or general e-mail system.
  • Review the terms and conditions of your agreement(s) with Q2, FIS Global, PNC Bank, MX, Ensenta, Acculynk, IDology and/or any subsidiary, affiliate or third-party processing agent (collectively, “Third-Party Providers”) to assure compliance with their procedures and/or requirements.
  • Review the terms and conditions of all of Addenda to this Agreement for related Services to assure compliance with their procedures.

If you believe your Password or any other Login Credential has been lost or stolen, or if you suspect any fraudulent activity on your Account, call the Bank AT ONCE at (914) 902-APPLe (2775).  Our TDD phone number is 800-824-0710.  Telephoning us is the best way to minimize your losses and liability. 

Change your Password IMMEDIATELY if you have any reason to believe it has become known or available to persons without authority to access your Accounts or Payment Account.