OPENonline Security Statement

OPENonline is committed to protecting consumers from fraud and unauthorized use of sensitive and personal information. Data security has been, and continues to be a priority at OPENonline. The OPENonline system consists of a browser-based client interface that provides secured access to data that is kept behind a firewall. We use an authentication model to verify each User's identity. This is an established style of authentication in which the Web browser presents a dialog window requesting the User to enter a User ID and Password, each time they request access to OPENonline.

After the User provides their User ID and Password, the security service validates them with the User Registry, which is a database of known OPENonline users. If the user-provided information is valid, the security system considers them to be authenticated. If the user-provided information is invalid, they are not permitted access to OPENonline. After the User has been validated, we then use a second authorization process to determine which OPENonline services the User is permitted to access.

Each User is required to select their Permissible Purpose prior to accessing OPENonline services. The Permissible Purpose information along with their session activity is archived and available for retrieval by authorized OPENonline personnel. OPENonline User ID and Passwords provide our clients with access to important and sensitive consumer information. Once User IDs and Passwords are issued to our clients, it is their responsibility to safeguard and protect them from misuse. We require each client's Account Administrator to notify us when an individual user leaves their company or is no longer authorized to use OPENonline.

As always, we are available to help you determine who has an active User ID, or perform an audit on User ID numbers assigned to your company. For questions on authorized users or to perform a User ID audit, call the Compliance Department at 800-366-0106 or email at compliance@openonline.com.