A new look is coming soon. We are improving our website with a more modern look and feel.

Expect total security

Key ways that MicroBilt helps to safeguard your personal information online

  • 256-Bit Data Encryption — When you access your accounts and perform transactions on MicroBilt Systems, your information is protected by bank-grade 256-bit encryption using the latest TLS 1.3 protocol.
  • Additional Authentication — When you perform online transactions, such as changing your password, MicroBilt will sometimes ask you additional security questions to verify your identity.
  • 2FA Authentication – In the coming months, MicroBilt will be deploying two form factor authentication across multiple platforms, this will require you to enter a 6 digit numeric code in addition to your username and password.
  • MFA Authentication – In 2023, MicroBilt will be testing and selectively onboarding customers with MFA authentication. This additional level of security will be required for certain account types and high risk login patterns.
  • Date/Time Stamp — Every time you sign on to a MicroBilt system, we display the date, time, and IP address of your last visit. If you didn't sign on then, you'll know if there has been unauthorized account access.
  • Extended Validation (EV) SSL Certificate — The green address bar on MicroBilt sites is a security feature supported by newer browsers that allow you to visually validate that the site you are transacting with — such as credit https://creditcommander.microbilt.com and https://www.microbiltconnect.com — have undergone extensive outside security audits and penetration testing.
  • Secure Firewalls — The computer systems that run MicroBilt systems are protected by numerous network and application firewalls to help prevent unauthorized access to our network, and MicroBilt monitors these firewalls to prevent security breaches.
  • Session Timeouts — If you’re signed on and not using MicroBilt systems for several minutes, your session will "time out." To resume your activity, you’ll need to re-enter your User ID and Password.
  • Site Security Our sites use Secure Socket Layer (SSL) and Transport Layer Security (TLS 1.2 & TLS 1.3) to offer 2048-bit secure links between your browser and MicroBilt. We also employ HSTS (Strict Transport Security) and CAA (DNS Certification Authority Authorization) to protect our Global Digital certificates that are signed by DigiCert and assures that you’re communicating with MicroBilt and not a copycat site.
  • Transactional Security Not only is all communication between you and MicroBilt encrypted, but it’s also encrypted between MicroBilt and our business partners. This is one more way we’re doing everything we can to protect your information.
  • 3rd Party Audits MicroBilt completes several 3rd party independent audits each year to ensure our network, systems, data, and business processes are secure. In addition, MicroBilt conducts constant external vulnerability testing and annual penetration testing. Together these audits and business processes provide our customers and partners the most secure environment possible.
digicert
ei3pa
aicpa-soc1
aicpa-soc2
fcra

Customer Security FAQ



Can I Proactively Monitor Account Access?
Account access can be monitored real-time with Security Alerts. Unauthorized access from unknown IP addresses, failed password attempts and invalid time restrictions are just some of the items reported.

Can I Restrict Access to a Specified Computer or Multiple Computers?
Yes, you can restrict access to a specific computer with an IP address. IP address ranges can also be employed to limit access to a group of computers.

Can I Restrict Access to Certain Hours or on Specific Days?
Yes, access can be determined by hours and days of the week. Time restrictions can apply to a single user or group of users.

Is it Possible to Set Up Multiple Users?
Setting up multiple users is not only supported but also encouraged. With multiple users, access can be tracked and audited.

I Only Want Users to be Able to Access Certain Reports. Is This Possible?
Yes, with access codes, reports can be blocked or granted for users or groups.

Is it Possible to Only Allow Users to Enter Applications and Not View Reports?
Yes, flagging permissions in setup can prevent or allow desired actions.

Do Passwords Expire?
Passwords do expire. The default setting is every 90 days with options for 15,30,60 and 90 day expiration periods. This feature is mandatory.

Can Users be Locked Out After So Many Failed Login Attempts?
Yes, within Administrator options you can specify users to be locked out after a certain number of failed attempts. Users will become disabled until the administrator or supervisor re-enables the user.

Can I Monitor Account Activity?
Using innovative application filtering, reports can be monitored real-time for specific users, groups, dates, or report types.

Are My Subscriber Codes Secure?
All credit related data is shielded on additional data specific servers not accessible via the internet. This means critical data is not exposed on the internet.

Are Unsuccessful Login Attempts Tracked and Logged?
All unsuccessful login attempts are logged and monitored.

What Internal Procedures are In Place?
Facilities monitored 24/7 with closed circuit systems. All building access activity logged and secured. Web farms, where data is stored, are only accessible to key employees. Extensive Background Checks are performed on all new employees.

Questions about our security. Contact us.

Contact Us