How does Northern Trust maintain my security and privacy?

Your Computer

Wealth Passport requires an SSL (Secure Sockets Layer) compliant browser and 128-bit SSL encryption. SSL is a protocol that allows a personal computer to establish a secure connection to an Internet server and applies encryption techniques that convert transmitted data into a series of unrecognizable characters as the information travels through the Internet. Northern Trust’s servers turn these characters into recognizable information after the secure connection has been made. SSL also applies the additional protection of digitally signed certificates to further protect data transmission with Northern Trust.

Wealth Passport uses cookies, which are small pieces of information sent from Wealth Passport to the user’s browser. The cookie stores information to safeguard sessions and assist with navigation. Browser settings must allow for cookies when using Wealth Passport. In addition, Wealth Passport uses session cookies, rather than persistent cookies, that are not saved at the end of a Wealth Passport session and do not store personal information that other programs can access.

Establishing a Session with a Server

Wealth Passport users are required to change the password provided at enrollment with the first logon. Password rules include the following.

The password must be at least eight (8) characters in length.
Passwords must contain alpha-numeric combinations. At least one alpha character and one number character.
Passwords must contain at least one upper case alpha character.
Passwords are required to have at least one special character from the following list (for example: #,$,!,@)
Passwords are not limited to a specific length.
Passwords will be forced to change after 30 days.
The previous 12 passwords can not be re-used.

As an additional security precaution, after 15 minutes of inactivity users are required to re-enter their password, with the number of invalid login attempts limited to three. Three consecutive failures will result in suspension of the user ID. Users may call the Northern Trust Passport® Help Center, 1-888-635-5350 (outside the United States, 1-312-557-5900), for assistance.

Token Login

Certain applications within Wealth Passport require a secondary level of authentication, known as a “token login.” Users can provide this information at login by clicking on Token Login from any northerntrust.com Web page and entering user ID, password and PIN+token. If the user does not enter this at login, it will be required when accessing an application that requires a secondary level of authentication.

Server Security

The Wealth Passport server is protected by firewall technology that allows only approved client requests to access the server and protects against intrusion. Both the firewall and the server are in physically protected locations, with all activity on both platforms logged and monitored for any attempted security breach.

Requests processed by the Wealth Passport server are encrypted and returned via the Internet to a personal computer.