December 29, 2020

Top 3 Security Risks for Credit Unions that Text

Eltropy Blog

3 Security Risks for Text Messaging

Security is paramount when communicating sensitive information with credit union members. As Enterprise Text Messaging continues to gain traction—research has found that the majority of professionals are already using SMS for business purposes (often from personal devices)—yet information security and privacy concerns are top of mind. Despite these concerns many would agree that SMS response rates are reportedly significantly higher than the rates from traditional outreach efforts of phone calls and emails.

Credit Unions have found Text Messaging to be increasingly popular among their members, so ensuring that sensitive personal information, such as account details, loan information, social security numbers and secure document exchange do not fall into the wrong hands is critical. Incorporating security into an Enterprise platform still preferred by members can be a significant IT challenge.

Here are the top three risks to be aware of when implementing an Enterprise Text Messaging solution.

3. The Trouble with MMS

Multimedia messaging, MMS, is Text Messaging that includes a picture or video. MMS technology is popular because it supports video clips up to 40 seconds in length, ringtones, audio clips, contact cards, and more. However, it is inherently insecure. 

The trouble occurs when an attacker sends a malicious video message, one in which the attachment is infected with a virus. If the attachment is opened upon receipt, the receiver’s phone is infected. Often, as in the case of the Commwarrior virus, an MMS is then autonomously sent with an infected attachment to all the contacts in the recipient’s address book.

Eltropy’s ability to share files securely is one of its greatest (and most unique) values, according to its credit union customers. 

2. Mobile Phones have Security Challenges, too

Because mobile phones are pocket-size versions of computers, it can be difficult to remember they can be vulnerable to attack. Fraudsters are increasingly creative in their lures; for example, attackers may masquerade as a legitimate banking app, duping users into installing it, so that they can then steal their credentials.

In addition, the backbone of the global telephone system can be compromised to intercept calls, text messages, and disrupt mobile communications. Such attacks can impact the financial arena; for example, a few years ago, attackers used that communication backbone — telephony protocols known as SS7 — to redirect text messages the banks used to send one-time passwords. Criminals used the passwords to siphon money from victims’ accounts.

Eltropy’s customers often cite the level of security offered as a top reason for selecting the vendor. Time and again, Credit Unions mention the ability to share files securely as a unique feature that Eltropy alone provides.

“We know a significant portion of our members prefer to communicate [with Text Messaging], but standard SMS does not provide the level of security we require for handling member information,” said James Yates, president of First Education Federal Credit Union. Ultimately, the Credit Union selected Eltropy after determining the solution met its rigorous security standards.

1. Know the Regulations

Understanding and operating under the TCPA (Telephone Consumer Protection Act) and CFPB (Consumer Finance Protection Bureau) regulations are imperative to minimizing credit union risk. The TCPA was created to stop unwanted telemarketing phone calls to consumers and today also applies to text messages and pre-recorded calls. The law prohibits contact with consumers unless the company has “prior express consent” to contact the consumer.

The CFPB was created in 2008 as a new regulatory enforcer to be a watchdog for consumers. It focuses on enforcing laws against “unfair, abusive, deceptive or predatory acts” committed by financial services companies.

Eltropy’s solution offers compliance and security by providing text messaging compliant with FCC/TCPA regulations by offering “clear and conspicuous disclosure” as well as secure information sharing.

“Eltropy was an obvious partner due to its focus on service, innovation, commitment to security, and strong industry record,” said Stacie Wyss-Schoenbornm, CEO of Central Willamette Credit Union (CWCU). “Since signing with Eltropy, CWCU has experienced top-notch treatment. The level of service and communication with the Eltropy team has been beyond what we could have hoped for.“

Text Messaging can play a vital role in enhancing communication between Credit Unions and their members. It also provides a convenience for members and is a member-facing technology. Partnering with an industry leader ensures a well-trained, dedicated team at CUs’ disposal to make the most out of the platform. 

Share this Article
Share on facebook
Share on twitter
Share on linkedin
Share on email

Subscribe for E-Newsletter!

Interesting & Insightful Articles, Interviews, Press Updates & more, Once every month, straight to your inbox. No spam! 

Brittany Farb Gruber

Questions about the Blog?

Learn what our customers think about us

Hit ‘Esc’ or Click Below the Section to Close this Menu

Thank You for Subscribing!

On the last Monday of every month, we will deliver a roundup of highlights that include new partnerships, product updates, social media highlights and more.

It’s an exciting time for us at Eltropy and we are honored to have you aboard!


All set!


Add the the event to your google calendar to not miss the event! Looking forward to seeing you on 

Tuesday, March 30th at 1 pm CST

Hit 'Esc' or click elsewhere on screen to close this window