1. Home
  2. About
  3. Security


On This Page:

How we protect your security How you can protect your security 2-step verification Enabling alerts

How we protect your security

Our precautions

We take many precautions to protect our online banking environment and ensure your information is safe. Our online services offer you the best security currently available in a commercial environment so that your personal and financial information is protected while in transit between your computer and our server. This is done through the use of industry standard security techniques such as encryption. Learn more about CWB Group's approach to cyber security here.

Encryption ensures that information can’t be read or changed in transit by scrambling the data using a complex mathematical formula. Some browsers can create a more secure channel than others, owing to the 'strength' of their encryption. We use only the strongest channel available - referred to as 128-bit SSL (Secure Socket Layer). If you have a browser that only supports 'weaker' encryption such as 40-bit or 56-bit SSL, you will need to upgrade your browser before using our site. The longer and more complex the 'key' is, the stronger the encryption. The numbers refer to the length of the key. According to Internet security specialists, 128-bit encryption is trillions of times stronger than 40-bit encryption.

We also make sure that only individuals who provide an authentic password can access your account information. To help protect your information, your online banking session will end automatically if there has been no activity for 20 minutes.

Access to our databases is strictly managed and systems are in place to ensure security is not breached, including the physical security of our computer hardware and communications.

For more information on the specific policies and practices that we use to safeguard your personal and financial information, please click here to view our privacy statement.

How you can protect your security

Protecting your password

You know that your role in making sure your home and possessions are safe is important. Your role in making sure your personal information is protected is just as important.

In order for us to ensure that you are the only one accessing your accounts, we need a unique way of knowing that it's you. Your password helps us make sure that you are the only one who can access your accounts.

It is your responsibility to ensure that your password for your online banking is protected. Follow the security practices below to keep your password protected.


  • Select a password that is greater than 12 characters in length, up to a maximum of 30 characters. Your password must contain one uppercase, one lowercase, one number and one special character (!@#$%*).                    
  • Select a password that is easy for you to remember but difficult for others to guess.
  • Do not select a part of your PIN (your ATM 'key') or another password.
  • Keep your password confidential and do not share it with anyone.
  • Do not write your password down or store it in a file on your computer.
  • Never disclose your password in a voicemail, email or over the telephone.
  • Ensure no one observes you typing in your password.
  • Change your password on a regular basis. We suggest every 90-120 days. Changing your password is easy and convenient. Simply log on to your online banking and select 'My Profile' and follow the directions provided.
  • Operating systems (Android, iOS, etc,) offer Password Managers to help you generate and keep track of complex passwords. A password manager is an application that is used to create, store and manage passwords for your various online accounts. It generates a complex password, then stores the password in an encrypted format and only provides secure access to all the passwords by using a master password. We recommend the use of a Password Manager to help you create and remember your complex passwords while keeping them safe. 
Protecting your computer

We make sure you have a secure channel to communicate with us through online banking. Once the information has reached your computer, it's up to you to protect it.

To protect your information, you should:

  • Never leave your computer unattended while logged into your online banking.
  • Always exit the site using the logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser.
  • Prevent the browser from caching (storing) the pages that you view by using the Enhanced Security feature located on the login screen. If you have to access the online banking section of the website from a shared computer, such as at a friend's house or through a publicly-accessible computer, such as at a library or airport make sure you use this feature.
  • Secure or erase files stored on your computer by your browser so others can’t read them. Most browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. These files remain there until erased. They can be erased using standard computer utilities or by using your browser feature to 'empty' the cache.
  • Disable automatic password-save features in the browsers and software you use to access the Internet.'
  • Install and use a quality anti-virus program. As new viruses are created every day, be sure to update your anti-virus program often. We recommend you update anti-virus definitions weekly or have them set to automatically check for updates each time you use your computer. Scan all download files, programs, disks and attachments and only accept files and programs from a trusted source.
  • Install and use a personal firewall on your computer to ensure others can’t access your computer through the Internet.
  • Install new security patches as soon as your operating system and Internet browser manufacturers make them available.
  • Install an anti-spyware program and check your computer regularly.
Using a public computer

Be extremely careful with your online banking when using a public computer. Use the tips above to protect your information. Keep in mind that even popular programs, like search engines, can pose a security risk on a public computer. Certain desktop programs, like Google Desktop, cache items that you have viewed so you - or potentially, an unwelcome third party - can easily search and find those pages later again.

If you are planning to use a program like Google Desktop when using a public computer, the Enhanced Security feature located on the login screen will not stop these types of programs from caching the pages you view. Make sure you adjust the search program preferences so it doesn’t store secure pages you wish to view. If you forgot to adjust the preferences before banking online, you can remove the stored items via the Google Desktop results page by clicking on the Remove items link.

The website uses a small piece of data called a "cookie" to better serve our visitors and clients. Cookies are created by the web server and are sent to the web browser. Only the web server that created the cookie can retrieve the information contained in the cookie. There are two types of cookies, "session cookies" and "persistent cookies".

A session cookie is a temporary storage of information between the web server and web browser. No information is written or stored on a user computer. The session cookie provides us with information that enables us to ensure that each request for information really came from you and that we deliver the information only to you. The cookie also lets us know when to timeout your connection automatically if there has been no activity for an extended period of time. We use session cookies for our Internet banking service.

A persistent cookie is a small text file containing non-confidential information used by the web server and web browser, and is stored on the user's computer. The information is used to store your preferences when visiting the website in order to better serve you when you return to the Website. No contact information is stored in a persistent cookie.

Web browsers are currently unable to distinguish between "session" and "persistent" cookies. If you set your web browser to prevent cookies, you will be unable to use the website.

To ensure a safe and secure Internet session, only visit reputable sites. If you visit any questionable websites beforehand, we recommend you close your browser and restart it before proceeding to use our online banking services.

What are cookies?

A cookie is a small information token that sits on your computer. As you are using the Motive site, cookies are passed back and forth between our server and your browser. While cookies can be used for a variety of reasons, we only use cookies if they benefit our clients.

Specifically, we use two kinds of cookies—session cookies and persistent cookies. A session cookie exists only for the length of your browsing session and is deleted when you close your browser. A persistent cookie is a cookie that stays on your computer after you close your browser. A persistent cookie may or may not expire on a given date.

We use a session cookie to maintain the integrity of your Internet banking session. With each page that you visit, the cookie is passed back and forth between our server and your browser. We use the cookie to distinguish your session from the many others that may be happening at the same time. Our session cookies never store any personal information, such as your name, or date of birth, or financial information, such as your accounts and balances.

Most recent browser versions allow the user to set some level of control over which cookies are accepted and how your browser uses them. Many browsers will allow you to accept cookies from only known, reliable sites that you select such as the Motive site. If you are concerned about cookies, we encourage you to upgrade your browser to a recent version and review the Help section of your browser to learn more about its specific control features.

What if the webpage or email communication looks fraudulent?

If you are on a web page or receive an email that you think may be fraudulent, do not enter your password, shut down your computer immediately, restart, type www.motivefinancial.com directly into your browser and try again. Forward the web page and/or email to [email protected].

2-step verification

What is 2-Step Verification?
2-step verification is a security measure requiring you to verify your identity in two ways when you login to your online banking account. The first way is your complex password. The second way is a one-time secure access code that will be sent to you, every time you sign in,  via SMS (text)/email or a computer generated voice messaging service. Using 2-Step Verification significantly reduces your risk of being victim of a cyber-attack. 
Why do I need to have 2-step verification on my onlinebank account?

2-step verification was developed in response to increased incidents of online bank fraud experienced by all financial institutions. By adding these new security features, it will be more difficult for someone to steal your account information through a process called phishing.

Phishing is the creation of e-mails and websites that replicate existing, genuine websites and businesses. These sites try to lead you to believe that the requests for information are coming from a legitimate source, and scam you into providing personal, confidential information that can be used to commit other crimes.

Please remember that we will never contact you to confirm any of your existing passwords, account numbers, verification codes or personal information via phone or email.

How do I set-up 2-Step Verification for the first time? 

Before you begin

  •  Grab mobile device

Step 1

  • If you prefer to receive your verification code via text,
    enter your 10-digital mobile phone number.
  • Then, select “send code.”
  • Or, if you prefer to receive your verification code via email,
    enter your email.
  • Then, select “send code.”

Step 2

  • Enter the verification code within 10 minutes of receiving it, or else it will no longer by valid.
  • Then, select “Continue.”

Step 3: You're finished!

  • Select “Continue” to access online banking.
  • Your 2-Step Verification is set up.
How long does it take to receive the verification code? 

In most cases the verification code should be sent immediately, but please wait for 10 minutes until concluding it is not coming and contacting us for help. 

How long before a verification code expires and is no longer valid?

The verification code is valid for 10 minutes from the time is it issued. If you submit it after than time, you will receive an error message. To correct this, simply generate a new one. 

Will 2-Step verification affect my configurations orsettings? 

Yes, on the mobile app you will be prompted to set-up the following again:

  • Touch ID
  • QuickView
  • Remember Me


Travelling with 2-Step Verification

If you are a frequent traveler, we recommend using email to receive your one-time secure access code which you can access via wi-fi to avoid out-of-country text charges or using data. 

How to change your 2-Step Verification Information

Yes. You can register as many computers as you require. Remember that to best protect yourself, only register a computer where you are the sole user (i.e. home computer). Don’t register computers that are shared, like computers in libraries or shared work computers.

How do I change my 2-Step Verification Information after initial set-up?

Step 1

  • Select Profile and Preferences from the menu

Step 2

  • Select Change 2-Step Verification Information

Step 3

  • Select the pencil icon. 
  • Edit your phone number or email address.
  • Select “Continue”

Step 4

  • Receive your verification code via SMS/Text or Email
  • Select “Continue” 

Enabling alerts

Why are alerts important?

Enabling alerts on your account is an added layer of security protecting you from online criminals who are trying to access your account and withdraw money from it as quickly as possible. By setting up alerts, you will have transparency into activity happening in your accounts, so you will know if someone tries to login or transfer funds who isn’t you. 

What are alerts?
Alerts will trigger an email or a text to be sent to you every time there is activity in your account that could be   fraudulent. If you did not complete the action being described in the email, you’ll know a criminal is trying or has accessed your account. 
How do I set-up alerts?

Step 1

  • In the left-hand menu, select “Messages and Alerts.” 
  • Then, select “Manager Alerts.” 

Step 2

  • Under Security Alerts, click “Add” for the alerts you wish to enable. 
    Your choices are:
    New Payee Added
    Password Changed
    Online Banking Account Locked Out – incorrect password
    Online Banking Account Locked Out – incorrect response to Login  Verification
    We recommend adding all four. 

Step 3

  • Under “Create Alert,” perform the following selections: 
  • If you do not have an email associated with your online banking, select “Add new email” and enter your email address. Then press “Save.” 
  • Then, check the box “By email.”
  • If you would prefer to receive your alerts via text, select “Add new mobile phone” and enter your cell phone number.
  • Then press “Save.” 
  • Then, check the box “By text.”

Step 4

  • Repeat step 3 for each of the alerts you would like enabled. 
  • When complete, select “Submit” for each of the alerts. 
What do I do if I receive an alert for banking activity I have not performed?
If you suspect a criminal has accessed your account, immediately phone us at 1-877-441-2249 between 7 a.m. and 5 p.m. MDT for assistance. We will immediately secure your account, coordinate an investigation into the fraudulent activity and ensure any funds lost are replaced.